Risky Business: How Protected Are US Businesses Against Fraud?

Since the digital revolution and recent events that forced many companies to move online, the ways in which criminals can commit fraud against businesses have increased significantly, causing major financial consequences.

As our recent research on business fraud hotspots revealed, California is the state with the highest average loss per fraud report, at $2,525, followed by Wyoming and North Dakota.

Thankfully, there are many different ways for a business to protect itself from the financial impact of fraudulent activity, including using some of the most innovative solutions, like advanced fingerprinting and data enrichment. But what exactly are businesses doing to ensure they are protected against fraud? 

To find out, we’ve reached out to a number of business owners to see what (if any) measures they’ve put in place to help prevent fraudulent activity. 

Should Your Company Have Anti-Fraud Policies in Place?

anti-fraud policy

With technology advancements making it easier than ever for criminals to exploit defenses, anti-fraud policies are an essential part of any business looking to reinforce procedures designed to aid in the prevention, detection, and investigation of fraud.

However, shockingly, almost one in five (19%) of all business owners surveyed said they didn’t know if their company had an anti-fraud policy in place at all – and a further two-fifths (38%) of respondents said they didn’t have an anti-fraud policy. 

Just over four in 10 (43%) respondents said they did have an anti-fraud policy in place – less than half of all the business owners surveyed. 

What Should Your Fraud Policy Include? 

fraud policy suggestions

A good fraud policy should help raise awareness among staff – and sometimes even customers – that response plans have been put in place to deal with and minimize fraud. 

By defining actions that constitute fraud, all staff and third parties should be aware of what is and isn’t acceptable. 

However, our study showed that under a third (28%) of all business owners included a definition of actions that are fraudulent in their policies, with a further 17% also including an allocation of responsibilities for the management of fraud. 

The most common feature included in a company’s fraud policy was the notification that all instances of suspected fraud will be investigated and reported to the appropriate authorities, with over a third (35%) of businesses including the statement in their fraud policy. 

Almost a quarter (24%) of business owners surveyed said their fraud policy includes the procedures employees should follow if fraud is suspected, and a statement that all fraud offenders will be prosecuted and the police will be assisted in any investigation that is required.

Interestingly, just one in ten (10%) said their business fraud policy encourages employees to report any suspicion of fraud, and less than one in ten (8%) included the steps to be taken if fraudulent activity is discovered, as well as who is responsible for taking action. 

Almost two in five (38%) business owners said they didn’t have any of these key elements in their fraud policies. 

In reality, all of the above points should be included in a fraud policy, and should be communicated to all employees and staff members to show that the fight against fraud is enforced and supported at the most senior level, to help develop an anti-fraud culture. 

Should You Have Fraud Defenses in Place? 

fraud defenses

If your business operates online, you’ll need to have fraud defenses in place or risk facing severe losses to your revenue. 

However, the study showed that over two-fifths (41%) of respondents admitted they do not have any fraud defenses in place, while over a fifth (22%) didn’t know whether they have any fraud defenses in place. 

Only 12% of businesses owners surveyed said they have taken precautions to defend their business from fraud, and a further quarter (25%) said they have some fraud defenses in place. 

Should Your Business Run Regular Checks of Its Systems to Ensure They Are Secure?

regular security checks

According to our study, less than one in ten (8%) respondents said they run checks every day, while 17% run checks every week. Almost a third (32%) said they run regular checks of the company’s infrastructure to ensure it is secure every month. 

In truth, there is no one-size-fits-all when it comes to running high-risk checks. How a business does its checks can depend on what industry it is in, the demands of the business, and the number of systems in place. 

However, regular checks are recommended at least once every six months, and special checks should be conducted after a data breach, system update or data migration, and when there are changes to compliance laws.

Of the business owners surveyed, surprisingly, 14% said they’ve never run checks of their systems to ensure they’re secure. This can result in security weaknesses that criminals can take advantage of. 

Should You Train Employees on How to Detect, Prevent and Report Fraudulent Activity?

fraud training employees

Surprisingly, 32% of respondents said they do not train their employees on how to detect, prevent and report fraudulent activity. However, it is interesting to consider that 27% of business owners said they have only trained staff working in areas that might fall victim to fraud. 

While staff in areas that might be victims of fraud should be trained to a high level of fraud awareness, reporting and prevention, all employees should be trained on business fraud policies to ensure they understand the risk of fraud, how to identify when something isn’t right, and how to report any fraudulent activity.

This makes fraud awareness every single employee’s responsibility and helps to create the best line of fraud defense across a business. After all, though some departments might be more risk-prone, fraudsters can target almost every area of a company.

Worryingly, over a third (34%) of respondents said they didn’t know if they had trained staff on how to detect, prevent and report fraudulent activity.

Should You Have Insurance That Covers Fraudulent Activity to Ensure You Are Protected If Your Business Becomes a Victim of Fraud?

fraud insurance research

Perhaps surprisingly, almost a quarter (24%) of business owners said that they do have insurance that covers fraudulent activity. While there are many preventative measures a business can take to prevent fraud from happening, it is great to know you are protected if the worst does happen. 

On the other hand, a third (33%) of business owners said they didn’t have insurance that covers fraudulent activity. Such a business is at risk of being greatly impacted by successful fraud, even to the point of not being able to recover.

Over four in ten (43%) of respondents said they didn’t know if their insurance covered fraudulent activity.

If your organization has business insurance, it is crucial you check your policy to see what it is covered for. This will give any business owner peace of mind if anything, even non-fraud-related, should happen. 

Tamas Kadar, CEO and Co-Founder of SEON, commented:

“It is shocking to see how many business owners do not have an anti-fraud policy in place and even more concerning that business owners have failed to include key information in their fraud policies.

With more businesses moving online or working remotely in the current climate, the space in which fraudsters operate has grown significantly. It is more important than ever for businesses of all types and sizes to ensure their fraud defenses are up, running and implemented.

It is also paramount to educate each person in the business on fraud procedures because once employees are trained on business fraud policies, fraud awareness becomes every single employee’s responsibility and helps to create the best line of fraud defense across a business.”


A survey of 2,003 US business owners was carried out by Maru in December 2021.

Share article

Speak with a fraud fighter.

Click here

Author avatar
Gergo Varga

Gergo Varga is SEON’s Product Evangelist. With more than 10+ years of experience in the Hungarian and international risk management sphere, he has developed an astute knowledge of RiskOps and Open Source Intelligence. He is the author of SEON’s Fraud Prevention for Dummies guide.

Sign up for our newsletter

The top stories of the month delivered straight to your inbox