My first fraud investigation involved working with handwriting experts to identify forged cheque signatures or working through countless boxes paper evidence. Nowadays, fraud investigations leverage forensic technology, data analytics and often involve cross-border investigations.

Even the offenders are changing, with employees no longer the primary threat. Cyber-attacks and offenders defrauding organisations from afar have significantly increased. With attackers attempting to access employee information online through compromised business email accounts, apps and fake websites.

While there have been changes, many red flags remain the same including, unauthorised changes in staff or vendor bank account details or the creation of unauthorised or ‘ghost’ vendors or employees. Undisclosed conflicts of interest, due to employees neglecting procedures. Individuals visibly or audibly spending beyond their means (or level of authority) and behaviour-related issues, like a gambling habit. Or if the organisation is suffering from poor cash flow, even though other business activities and reporting looks positive.

Even if just one of these red flags is brought to your attention, it is worth exploring further.

The Association of Certified Fraud Examiners estimate organisations lose approximately 5 per cent of revenues to fraud each year. Authorities have been working hard to stem the effects of fraud by raising awareness of fraud and cyber-attacks. These initiatives are encouraging but, in my experience, the red flags are getting harder to spot and the trail to find the alleged offender is complex and across borders.

While awareness is positive and can help reduce the risk of fraud occurring, I would always recommend organisations take a proactive approach to fraud and cyber risks by ensuring you have effective prevention, and detection controls in place.

These red flags above are mere ‘lead indicators’, meaning there may be more than meets the eye initially.

This is not even the tip of the iceberg; it is worth spending a bit of time looking into your systems and letting your staff know that you are actively working on strategies to identify and prevent fraudulent behaviour. Train your people so that they can identify a scam, and know how to report it, before it takes hold in your business.

Andrew Howard is a Brisbane partner in the forensic services team at accounting and advisory firm, BDO Australia.