Temporary staffing agencies must take into account that companies are at a higher risk of eliciting fraudulent payments or malware when temporary employees are brought on board. Once inside the company, a fraudulent temporary worker may attempt to find out what the company’s payment protocols are and how they can be circumvented. They can attempt to gain valuable information about the culture and organization of the business; commonly using “social engineering” techniques, becoming friends with key people in and out of work hours; and identifying a member of staff—often in the accounts team—most likely to comply with fake requests to make payments or settle fake invoices.
It is imperative that temporary staffing agencies have a comprehensive insurance program that includes Crime Coverage in order to protect against financial losses from employee crime. Along with insurance coverage, agencies should also have an understanding of how to prevent and respond to temporary staffing crime and fraud.
Damage Limitation
When a company becomes aware of the issue, time is of the essence. Given the groundwork that the fraudsters have done in advance, they will be in a position to extract hefty sums of money very quickly once the second stage of the plan is put into effect. Delays in identifying the source of the fraud could be very expensive.
Temporary staffing agencies can inform clients that to counteract this or identify acts of fraud, it is essential to have an incident response plan in place. The key elements in the response require identifying and preserving evidence of the fraud (audit logs, server files, emails, and back-ups) to be subjected to forensic analysis techniques, and evaluating how the fraud was perpetrated and how it can be prevented from escalating or occurring again.
Depending on the legal jurisdiction in which it resides, data protection and privacy laws may impede the company’s efforts to access information held on personal devices, requiring legal advice—and perhaps court orders—to be obtained. Company procedures should also be in place to allow this to happen for an incident response case.
Companies also must determine whether the impersonated personnel is an innocent victim of the fraud or actually involved in the crime.
Prevention & Awareness
Prevention is always better than cure and there are a number of steps that can be taken, ensuring that they do not fall victim to this emerging kind of crime.
Proper background checks should be performed on all temporary staff before they join the organization and temporary employees are not given too much physical or virtual access to key parts of the company’s premises or systems. Allowing temporary staff to use their own devices on company networks is especially risky, along with the use of assets not properly locked down.
Key staff should be well aware of the risk of this kind of fraud and the patterns of behavior that may accompany it. Robust reporting mechanisms should be relayed to senior management which can bypass line management structures if need be and protect staff from repercussions if they make a report.
Security systems should be implemented to authenticate communications, identify and quarantine fake emails as they arrive. It is often the case that fake emails instruct the recipient to reply to a different email address, usually for “confidentiality” reasons. The company’s controls on payments should not be circumvented in any circumstances, regardless of who is making the request.
About World Wide Specialty Programs
For the last 50 years, World Wide Specialty Programs has dedicated itself to providing the optimal products and solutions for the staffing industry. As the only insurance firm to be an ASA commercial liability partner, we are committed to that partnership and committed to using our knowledge of the industry to provide staffing firms with the best possible coverage. For more information about Staffing Professional Liability Insurance or any other coverage, we have available to protect your staffing business, give us a call at (800) 245-9653 to speak with one of our representatives.