Karen Rimmer, Head: Distribution at PSG Insure
South Africa’s turbulent economic climate has increased the exposure of local businesses to a number of significant risks. Among these are risks related specifically to fraud. The two most common of these risks involve fraudulent activities or theft committed by employees, and the significant threat of cybercrime. Protecting a business from the financial impact and reputational damage that often accompany these incidents requires company-wide and preventative measures as well as the appropriate level of insurance cover. Commenting on this topic is Karen Rimmer, Head of Distribution at PSG Insure.
Background checks and beyond
According to Rimmer, there are several precautions business owners can take to safeguard their operations against employee fraud. “Not only is this important from the perspective of internal risk management and mitigation, but it may also be part of the stipulations required by insurers for the terms of insurance policies to be upheld.”
Preventing employee fraud should begin from the very onset of the hiring process. At the very least, businesses should conduct criminal and background checks on all candidates. By contacting applicant references and conducting due diligence checks, businesses can also verify details relating to the employee’s past employment history, as well as their professional background and qualifications.
As Rimmer advises, “Implementing security measures to restrict access to sensitive information and financial data is another procedure that businesses can employ to limit the number of employees who are authorised to process important transactions and control cash flow.
It is also best practice in many industries for companies to allow for regular or annual audits conducted by an external firm, to ensure the integrity of the business’s financial processes. An anonymous platform for reporting instances of fraud or misconduct can also go a long way in building a company culture of collective transparency and responsibility.”
Businesses should also be proactive in planning for eventualities. For example, depending on the industry, having a public relations and crisis communication plan in place that can come into effect when certain problems arise, will ensure that businesses are prepared and can take immediate action to prevent long-term reputational damage should an incident of fraud arise.
Fidelity cover to fraud-proof your business
These internal risk management strategies can be bolstered by taking out the right kind of insurance. Fidelity cover, a section that can be added to a commercial policy, provides the best protection against employee fraud and theft. This kind of cover is specifically designed to safeguard businesses against losses stemming from employee dishonesty, any illicit financial gain, or loss of property.
Navigating the digital minefield
Apart from direct incidents of fraud and theft, businesses also need protection against the potentially devastating impact of cybercrime. According to the most recent data, cybercrime has grown by 191% over the past three years and the average claim cost has risen by 213%. This evidence points to the widespread damage that can be caused when a business’ database is hacked, sensitive data is stolen or a company is held to ransom.
Rimmer asserts that several strategies can be employed to safeguard against these kinds of risks. “One of these measures involves the implementation of a robust authentication system, fortified by the use of multi-factor authentication and the deployment of complex passwords. This initial line of defence can serve as a barrier against unauthorised access.
Businesses should also be vigilant in patching updates, addressing security vulnerabilities within their programs and products. Fortunately, the deployment of anti-virus solutions has become significantly more cost-effective. Many of these software-as-a-service offerings are armed with artificial intelligence and behavioural detection capabilities.”
Strategic protection against cybercrime
Cyber insurance cover then acts as an additional layer of protection. Comprehensive cyber insurance will cover any fallout resulting from a security breach. As Rimmer concludes, depending on the way in which the policy is structured, it can extend to first-party cover, providing financial protection for the business, as well as third-party cover. “The latter addresses the impact on the business’s client or customer base, including stakeholders and other individuals or organisations affected by the breach. In cases of fraud, employee dishonesty, theft and cybercrime, advisers play a crucial role in providing businesses with guidance on how to tailor their policies to suit their business model and budget.”