Fraudsters are becoming ever more inventive in their attempts to con private individuals and entrepreneurs. A healthy dose of vigilance can prevent a lot of distress.

Six most common fraud techniques

• Fake transfers
  Fraudsters send fake transfers to the bank in the name of an organisation.  Signatures on payment orders are perfectly forged and can scarcely be distinguished from the original.
• Forged invoices
  Fraudsters intercept outgoing invoices from a company. They change the account number of the beneficiary and send the 'adapted' invoice to the customer or bank, which then pays into the fraudulent number.
• Social engineering
  This fraud technique is based on manipulation and breach of confidence. Fraudsters firstly gather personal information about their victim on social media or Google. They then contact the victim, posing as a help desk worker, for example, and try to get the victim to reveal sensitive information such as passwords or account numbers.
• Phishing
  A specific form of social engineering used by criminals to "fish" for personal data, mainly by e-mail, that enables them to steal money from a bank account at a later stage. The fraudsters often play on the feeling of fear of their victims: they warn them, for example, that there is a threat of their account being closed. 
• Hacking
  Hackers install a virus on your computer. That program observes what you do and collects all types of data. During an online banking session, the hacker can display a pop-up in which you are asked to insert your PIN code for example.
• Infiltration
  A new fraud technique by which a fraudster arranges to be hired by a company in order to learn its payment and monitoring procedures. After a few months, the fraudster makes large payments to his own account and then disappears from the scene. 

How to teach fraudsters a lesson

Fraud prevention does not have to be expensive or high-tech. Being alert and responding decisively is key.

• Raise your employees' awareness: The best form of fraud prevention is to raise awareness among potential victims. Make your employees aware of the real risk of fraud. Convince them of the need to regard business data as company property. Also encourage your employees to be critical towards everything that differs from the normal state of affairs.
• Be vigilant for suspicious behaviour: Look out for sudden changes among your customers or suppliers. Focus particularly on deviations from payment details. Example: if a supplier asks you to pay into a foreign account. Contact your customer or supplier, preferably people whom you have known for years and trust.
• Do not allow any phishing of your data: Banks never ask your for personal details by e-mail or telephone. You can assume such questions come from fraudsters. Other indications are poor language, an incorrect form of address, or the fact that the e-mail ended up in your spam folder. Mark these as unwanted messages in your e-mail program. Report the misuse to your internet provider, so the sender can be blocked.

Protect your IT systems

• Install an anti-virus program and firewall on your computer(s) and update these systematically.
• Never respond to any questions by telephone. Again: your bank will never ask you by telephone for a code or any confidential information.
• Going to do online banking? Only open the program concerned. Close all other sites. 
• Never click on links that refer to the website of a bank, especially if they have been sent by e-mail.

Central banks worldwide are stimulating the economy with cheap money. This leads to a false sense of security in the financial markets.

After all, any news - positive or negative - can trigger severe market fluctuations. Companies run substantial interest rate and exchange rate risks as a result, even though they are not always aware of this. Fortunately, there are financial techniques to hedge these risks. 

A recent study by BNP Paribas Fortis and ATEB, the association of corporate treasurers in Belgium, speaks volumes. Barely 51% of the 402 companies interviewed have the same risk tolerance today as in 2008. This is a surprising finding because risk managers are dealing with a complex and therefore more unpredictable economic context in 2015.

“Today, financial risks, especially systemic risks, are more difficult to manage than five years ago,” says Eric Charléty, head of the Business Development department of the dealing room. “What if the interest rates suddenly start to rise? Many companies have taken out loans with a variable interest rate, because they assume that interest rates will remain low. But that choice exposes them to a substantial risk. As soon as rates rise, you have a problem.”

Exchange rate risk is often underestimated

Besides the interest rate risk, most companies are also exposed to a significant exchange rate risk, because they import and export goods or have partnerships with companies outside the Eurozone. According to Eric Charléty, Belgian entrepreneurs often take a very narrow view of financial risks:

“Sometimes they do not look further than what is on paper, for example that their invoice must be paid within 30 days. But if the payment is in Pound Sterling, the profitability of the transaction will largely depend on the conversion into euros. In this case, it is certainly a good idea to hedge yourself against the exchange rate risk in advance.

Even so, very few companies manage to successfully link their risk management to their strategy. They assume all too often that they only run risks if they do business outside the Eurozone. This is incorrect; a broader perspective that takes due account of the competition is needed. Even a company that only does business in the Eurozone has to deal with competition from outside it. Due to fluctuations in foreign exchange markets, a British or Japanese competitor may suddenly be cheaper.

That makes risk management a key factor of the business strategy, on par with target markets, products, and value chains. Good knowledge of the competition, their exposure to risks, and how they manage them is just as essential to the success of the company.”

Hedging = avoiding risks

The good news is that companies can hedge or cover the interest or exchange rate risk of a particular transaction by entering into a separate contract with a third party. In practice, this third party is usually a bank and the contract itself is called a ‘derivative’. Certain risks are placed with the bank through such a contract. Eric Charléty sees two major advantages in this:

“Banks are better informed about exchange rates and interest rate developments than companies. It is their core business. Banks are moreover able to spread the risk better. An individual company cannot beat the law of large numbers.”

Companies have different options for hedging their risks. They can agree in advance on a fixed exchange rate with the bank.  By way of example: Company A sells goods for USD 100,000 to company B. A receives payment a month later. The US dollar can fluctuate greatly in the meantime. A can play things safely and agree on a fixed dollar rate with its bank today. A then knows exactly how many euros it will receive.  The risk of a fall in the exchange rate then lies fully with the bank. The bank charges a premium for this. Although this sounds attractive, Eric Charléty warns against a possible competitive disadvantage:

“If you fix exchange or interest rates, you are less flexible. You can no longer profit from positive market developments.  If your competitors follow the same strategy, there is no problem. However, if they do not fix their exchange rate, they can enjoy and benefit from exchange rate fluctuations.”

Customisation

Instead of fixing the exchange rate (and thus limiting its flexibility), A may choose to ‘cap’ the rate. A can then profit from any depreciation of the dollar, while any increase is capped. Just as in the case of insurance, you have to pay a premium for such protection. However, this is not necessary. A can also avoid paying a premium by choosing a third option. In that case, you allow the rate to fluctuate between a predetermined lower and upper threshold.

“Every situation is different and so the most appropriate solution is not always the most obvious. You can combine different building blocks with each other. Choosing a derivative is customised by definition,” concludes Eric Charléty.

Insurance should be a company's last line of defence. However, many risk managers follow the opposite reasoning. They sign a policy and think that is the end of the story. Bart Cuypers of Aon advises caution and advocates a structured approach.

Many companies act like families in relation to insurance. They insure themselves against standard risks, such as fire, occupational accidents, and liability. There is nothing wrong with this per se. After all, the material damage after an incident is compensated. But as Bart Cuypers of Aon points out, the risk does not stop there:

“If your family home goes up in flames, you live in a hotel temporarily or move in with friends. But what happens if your factory is reduced to ashes? Or if your most important machines break down? Where and how are you going to carry on production? Companies think everything is under control once they sign an insurance policy. But they overlook what is known as consequential damage.”

Expect the unexpected

According to Bart Cuypers, companies all too often cover themselves against low-impact risks, leaving themselves uninsured against larger risks:

“Companies in the food sector, for example, forget that a production error can have serious consequences. They must organise an expensive recall action, there is marketing and reputational damage. Briefly put, an error can cost you a lot of money. Yet the directors' cars all have full comprehensive insurance, even though an accident will only set you back about EUR 40,000. Companies often fixate on minor damage, while you should be considering what can really go wrong if the impossible happens.”

Do not opt for an easy solution

Bart Cuypers also warns against standard insurance policies. While these are excellent for families, they are inadequate for companies because they exclude the real risks of doing business. According to Cuypers, companies frequently opt for an easy solution. They hand over their risk management to an external partner that is then given carte blanche. Not a good idea, it turns out: 

“Many SMEs operate in a specific niche or certain countries. That implies certain risks are not obvious. It is not easy for an outsider to identify those risks. The company must take the lead itself and establish its own weaknesses. It can only do that exercise itself.”

Last life buoy

Is a company's only option then to take out a large and expensive insurance package? Bart Cuypers does not think so. On the contrary:

“Insurance is actually a company's last resort. Companies are well-advised to rather work on prevention. By creating procedures, putting alternative plans on paper. You can spend a fortune insuring yourself against cyber fraud, but you can also take preventive measures. Or you can already plan today where you are going to produce if your factory burns down. As an entrepreneur, you need to be forward-thinking, including with regard to any setbacks. But most companies hardly free up any time for this, which is logical because it is unlikely to occur and you still have your routine tasks to complete.”

Step-by-step plan

Risk management is customised by definition. It is practically impossible to use a step-by-step plan that can be applied to every company. Nevertheless, Bart Cuypers gives some good general advice:

“Companies can start by identifying their risks as best as possible. That is a long-term exercise involving many parties. People on the shop floor, for example, can provide valuable information. Then check how likely it is that the risks will actually occur, and estimate the financial impact of each risk. The company can then decide whether and which action is necessary. Focusing on prevention, or taking out more insurance. It may also opt to do nothing. That is a legitimate choice, certainly if it has sufficient reserves and the impact is low.”

SMEs mainly focus on risks that are obvious but unlikely, such as fire. Some risks are less obvious but may have serious consequences.

Empowered employees

People are far more empowered today than before. The relationship between employees and employers has changed considerably as a result. Employees are far more prone to fight their dismissal or to lodge a complaint against their managers than before. This new empowerment comes with a price tag. It implies additional legal costs and possibly even penalties. 

Internal fraud

Companies conveniently assume that fraud is an external threat, but the enemy sometimes comes from within. Moreover, internal fraud is a typical risk for small and medium-sized enterprises, precisely because of the focus on trust. Some employees dare to betray this trust. They have their hands in the till, sell machine parts, or pass on sensitive data to the competition for payment. There are various reasons for susceptibility to fraud. First of all, people today are not as loyal as before. SMEs also have fewer rules and procedures. That freedom opens the door to abuse.

Insolvency among customers and suppliers

Insolvency is and remains a substantial risk, especially after the crisis. Companies do not dwell nearly enough on the fact that customers can go insolvent. Insolvency has dramatic consequences for your profit margin. Suppliers may also be affected, which can seriously threaten your production process. After all, it is not an easy task to quickly find a new raw materials supplier. Companies are well advised to purchase external data about their partners, especially if you do business abroad.

Interdependencies

Companies depend on other partners in order to operate. Problems with suppliers may thus impact on their internal functioning. Imagine if an important supplier's machine breaks down, and you are left without raw materials. Companies must assess their full value chain in order to detect possible risks. Bear in mind that your customers may also have problems. For example, a fire at your most important partner can prove to be a major spanner in the works. You can include an additional clause in your business interruption loss policy so as to receive compensation if your supplier is affected by fire.

Professional liability

Like people, companies are fallible and thus occasionally make errors. These errors can cause damage to third parties. The resultant claims can range from several thousand to possibly millions of euros. For example, an engineer could have made a calculation error in the design of a new production line.  Apart from material damage to the assembly line itself, there may also be financial losses due to production stoppages.

Caution with contracts

Nearly every contract that companies enter into has a clause on liability. This describes each party's responsibilities. Companies pay scant attention to this, even though the contractual consequences may be significant. An excellent example is a lease for a crane. The lessee is usually responsible for any damage to the crane, which can be very costly. Study the liability clauses thoroughly as they can have a serious effect on your company's financial health.

Political risk

By political risk, we mean all events that may prevent your foreign customers from being able to pay or your foreign partners from being able to produce. These may be purely political events such as a war or revolution, but may also be natural disasters, economic difficulties, or government decisions that complicate trade. For instance, import permits may suddenly be withdrawn. Belgian companies have a strong international orientation and are thus well-advised to have insurance against political risk.

Environmental damage

“The polluter pays” is a well-known principle. Restoring the environment to its original state is a costly business. A few dozen litres of oil can cause hundreds of thousands of euros of damage.

(Source: www.Aon.com)

Cash management is an SME's frontline weapon, and payment terms are a key means of keeping it under control – providing companies proactively open negotiations with their suppliers. But this solution remains underutilised by entrepreneurs

Cash flow difficulties are the number one cause of company bankruptcy in Belgium. Business owners face a constant battle to stay in control and maintain the balance of their inflows and outflows. Negotiating payment terms is one of the levers that can be employed: shortening them for customers while extending them for suppliers. In Belgium, the statutory deadline between companies is 30 days. Yet the reality can be different, since either trading partner may deviate from the rule. Where one of the parties is in a dominant position, the other is often obliged to accept the conditions it imposes... meaning its payment term becomes longer. Everything is negotiable, however, even with "big" suppliers, as long as you formalise the situation and ensure you protect your business relationship.

Who is your supplier?

They say information is power, and there is some truth in this. Indeed, the more you know about your "opponent", the more you will be able to turn the tables. How are the company's finances, and what is its cash position? Is it experiencing difficulties? Where is it placed on the market, particularly in relation to its competitors? What is your dependency ratio in relation to this partner? How does it make payments, and what is its purchase history? The answers to these questions will allow you to take up better positions in the negotiations, and find the best angle to launch an attack that catches the other side by surprise. Specialised websites, data banks, word of mouth (the competition): all means are justified in order to find out more!

What do you want to gain?

And a resulting question: what are you willing to put on the table to achieve your objective? In other words, you need to be properly prepared and establish a strategy regarding what you are willing to concede (and how much this will cost you) and what you absolutely want to gain in return. Remember that the other party has presumably not requested anything, and potentially has little to gain. Therefore, you cannot arrive empty-handed. Are you willing to order larger volumes in order to extend your payment terms? Can you envisage a long-term contractual commitment? Could you contemplate paying more in return for spreading your debits further? Imagine you are playing poker: clearly, you should keep your cards close to your chest. Wait for the right time to show your negotiating partner that you are prepared to make concessions.

How can you negotiate successfully?

The art of negotiating is a difficult skill. However well prepared you are, keep the following principles in mind:

• Even if you have brought a proposal to the table, listen to the other side and pay attention to detail so that you can react quickly.
• Do not be frightened of bearing your teeth a little, even if you are concerned about spoiling the business relationship with your supplier. Stand your ground and mention what the competition can offer you, for example.
• You must control how you communicate, so that you avoid giving the impression that you have cash management problems. Emphasise that payment delays do not help anyone, and that it would be better to agree on a reasonable and sustainable schedule.
• If your business relationship is established, mention your positive partnership and your desire to see this continue.
• During discussions, regularly refer to how far you have come and your shared progress to date. This positive tone will be well received.
• If the negotiations stall, try to resolve the difficulty by pulling out a trump card, for example (i.e. a concession).
• Remember: a good agreement is balanced, and leaves neither party feeling wronged. So do not be too greedy: the outcome must be worthwhile.
• Are you happy with the situation? Move to finalise the deal, either by accepting what is on offer or by finally opting for a fair compromise.