Call centre staff fraud ‘must be tackled’ as UK-wide losses reach £40m

By Raspberry Jim,

Call centre managers are being urged to be vigilant against employee fraud “before it is too late” as UK-wide business losses soar to £40 million.

Consultant Philip Williams from Blackfords LLP, which specialises in defending some of the country’s most complex fraud cases, said the issue is among one of the most pressing facing managers in over 6,200 call centres across the UK.

This warning comes as figures from ActionFraud show that businesses in industries across the UK reported £40 million in losses from this type of crime between 2016 and 2017. During this period over 800 reports were submitted to the police, figures show.

Employee fraud is defined as committing a fraud against the business an employee is working for, these could include payment fraud, procurement fraud, and exploiting assets and confidential information.

However, employers could tackle these internal threats by implementing effective audits, Mr Williams said. Figures from the national cyber crime and fraud prevention centre reveal that 47% of frauds were uncovered as a result of successfully applied internal controls.

He said: “The ability of a call centre to operate effectively is almost entirely reliant on the trust of the customers it is working for. Thousands of contact centre workers handle sensitive financial and personal data daily and it is paramount that this is sufficiently protected.

“As such, any breach of rules which expose these confidential details is a serious issue.

“Employee fraud could not just damage the business’s reputation, but impact it financially, from a regulatory perspective, and also have significant internal implications.

“On a more national level, it doesn’t just jeopardise the future of the individual business, but potentially the reputation of the entire industry.

“It is for this reason that call centre managers must implement thorough audit and regulations to ensure proper procedures are followed in relation to sensitive information, but also to identify and effectively tackle any instances of staff fraud immediately.”

Mr Williams, who has extensive experience in acting on some of the UK’s most high-profile fraud cases, has offered his top four tips on what call centre managers can do to safeguard themselves against employee fraud.


Background checks are key

When hiring an employee to handle confidential data and interact with the public in potentially challenging circumstances, trustworthiness and competency is essential.

As such, one of the most important tools for a prospective employer to utilise is the background check.

This enables a manager to assess the individual’s suitability for the role to ensure the most appropriate people are employed.

An effective background check can review an individual’s employment, criminal, and in some instances financial information to ascertain their suitability.

For employees who will be exposed to particularly sensitive or confidential information, it is advised that this be coupled with a reference, both personal and professional, along with a mock working scenario, which can demonstrate the worker’s capabilities and character.

A background check is a successful line of defence which allows you to safeguard your business against fraud and crime. Failing to undertake this could leave you and your staff and business vulnerable to reputational, regulatory, and financial damage.

Surprise audits

While routine audits of the business and its internal procedures can be effective at monitoring the call centre’s progress, a surprise audit has been shown to be the most successful method of identifying fraudulent staff behaviour.

According to research, the duration of employee fraud can be reduced by 50% by utilising spontaneous audits, while the median financial loss from this activity was also cut by 43.4%.

Spending time to audit procedures surrounding customer security could help to identify any potentially worrying internal data or trends.

Examining whether security checks were carried out in line with the company’s policies, or whether financial information was transmitted securely could serve to protect the call centre against fraudulent practices.

Not only will this help to eradicate any damaging behaviour, it will help to shape future policies and strengthen the business going forwards.


Thorough training

Staff could be left vulnerable to fraudulent third-party manipulation, or inadvertently compromise information, due to a lack of training.

Reinforcing and educating staff about what constitutes fraud at work, and implementing stringent anti-fraud policies, will help to eradicate potentially criminal activity at work. Fraud isn’t simply stealing money from an employer or customer, acts can include tampering with cheques or information, false representation for example in an application, wrongfully failing to disclose information – such as a criminal record or conviction, or disclosing confidential information.

Educating employees about the basics of identifying fraudulent behaviour could help to dramatically reduce fraud in the workplace. Signs of fraud could include living beyond their means, a disregard for internal procedures, medical issues, or gambling or financial concerns, reluctance to take holiday, or an unprofessionally close association with customers.


Site security is vital

Ensuring customers feel secure in sharing their confidential information safely to your website is key.

Most call centres will have a website where customers can visit and log into their personal account, which could contain private medical records, financial or personal information.

In order to contact a call centre support member, some customers may have to input passwords, email addresses, phone numbers, or usernames.

As such, customers must be reassured that the information they are inputting is being securely protected.

Call centres should ensure their site is protected by an SSL certificate, which not only ensures information is transmitted safely, but demonstrates confidence in the site’s authenticity.

An SSL certificate ensures that the sensitive information is transmitted across the internet in an encrypted format to ensure that only the intended recipient can read it securely.

This not only protects it against potential identity thieves and hackers, but also safeguards against employees who may have been manipulated into disclosing customers information to a third-party.