Inc-Article-Logo.gif5 Common Small Business Vulnerabilities and How to Avoid Them


While data theft and similar breaches at large companies get plenty of media attention, small business owners are actually the more likely targets of various forms of fraud. The Association of Certified Fraud Examiners reports that small businesses suffer 28 percent higher median fraud losses than larger businesses. To cite just one example, the median loss caused by a single case of occupational fraud (that is, fraud committed from the inside, by an employee) costs a victimized business $145,000. Therefore, the onus is on you to take steps to prevent both internal and external fraud.


Here’s a look at five of the most common types of fraud and how to prevent them:


  1. Payroll fraud. Payroll is ripe for abuse – hourly employees can inflate their hours or deceptively claim overtime; sales people can report false sales or orders; and bookkeepers can alter payroll records to receive additional pay. The solution? Audit timesheets and sales orders, install biometric time clocks, and institute separation of duties in the accounting department.

  2. Online Transaction Fraud. Credit cards have recently gained an extra measure of fraud protection due to the mandated addition of EMV chips, but online and mobile transactions remain prime targets for fraudsters. Online fraud exacts a heavy price, as retailers not only lose merchandise but also the costs involved to prepare and ship the goods. Fraudulent chargebacks—a scam whereby people receive items but deny having done so, gaining refunds and keeping the disputed merchandise—are on the rise. To cut down on online transaction fraud, employ customer authentication tools, validate suspicious orders, create a “blacklist” of fraudsters, employ a variety of delivery confirmation services offered by freight carriers, and use address verification services.

  3. Banking fraud. To combat cyber banking fraud, institute strict password protocols that include rules that mandate passwords be changed frequently, require two-person approval for fund transfers, educate employees about phishing scams, and consider dedicating a single computer for use only for financial transactions.

  4. Vendor fraud. Vendor relationships present multiple opportunities for fraud, both internal and external. Employees can set up shell companies where they direct phony vendor payments or simply create dummy invoices and put them through for payment. A variation involves hiring family members or friends to perform services and inflating the billing, then receiving a kickback. To prevent these scams, review invoices and match them to specific goods and services, institute rotation of duties in the accounting department, and conduct due diligence on vendors before instituting payment.

  5. Payments fraud. As the payments universe expands, fraud is growing along with it. Checks remain the largest target for fraud, followed by credit/debit cards and wire transfers. To deter check fraud, use positive pay to match checks presented for payments with a bank’s issued check files, reconcile daily, review checks routinely via reverse positive pay, and consider moving to electronic payment. For wire transfers, employ multiple means of communication to verify purchases, especially large wire transfers, and educate staff on email and phone scams. For a business credit card, implement safeguards including limiting the number of credit cards and authorized users and comparing charges with expenses reports.


Bank of America, N.A. engages with Inc. to provide informational materials for your discussion or review purposes only. Inc. is a registered trademark, used pursuant to license. The third parties within articles are used under license from Inc.. Consult your financial, legal and accounting advisors, as neither Bank of America, its affiliates, nor their employees provide legal, accounting and tax advice.


Bank of America, N.A. Member FDIC.


©2015 Bank of America Corporation

Similar Content