Companies need to sharpen their processes and procedures to prevent crime losses as the pandemic provides new ways of working, experts say.
Business processes are changing so that the control environment itself is strained, says Christopher Arehart, Chicago-based senior vice president, product manager for criminal insurance, financial lines at Chubb North America.
For example, there is no longer an employee who previously sat outside the CFO's office and made the books. "They make it comfortable from their home but have the same access as they did before," he said.
Training employees to detect fake emails and regular testing and monitoring are basic steps companies can take to mitigate social engineering fraud, said Reid Eanes, Los Angeles-based senior vice president and chief financial officer at Lockton Cos. LLC.
Training employees to incorporate basic controls into their daily workflow, such as verifying written instructions via a telephone call, is critical, he said.
"The human-to-human relationship can mitigate a lot of risks around changing banking instructions, changing payroll instructions, requesting the transfer of emergency transactions," Eanes said. [1
"You have to start with the assumption that the party sending the email has been exposed to their email, and it happens every day because providers, providers have not enabled multifactor authentication," he said.
work environment, new technology can be used, such as verifying information in person via a video conference call, Arehart said.