Fraud of all kinds is prevalent across every type of construction project. And while cases of construction companies defrauding their clients are the most reported, it's the companies themselves that often lose money to fraud perpetrated by employees, contractors, and partners.
To protect yourself as a construction company, here are the most common fraud schemes to be aware of:
- Non-payment of subcontractors and material suppliers done by delaying or falsifying lien waivers, or using project cash receipts to pay bills for other projects.
- Billing for unperformed work - often by exaggerating the units of production accomplished or the labour and equipment actually used.
- Manipulating the schedule of values (SOV) and contingency accounts in one or more of the following ways:
- Failing to update SOV line items
- Charging phony bills
- Failing to associate subcontractors or vendors with SOC items.
- Substituting or remove material. This can include doing things like installing low-grade materials that should require future repairs.
- Stealing tools or equipment from a work-site. This is often done by billing for equipment or tools for the job-site that are then used for other subcontractor projects or personal use, or billing for unnecessary tools.
For further protection, it's a good idea to implement a compliance and ethics program, set up an anonymous reporting system, properly define project scopes, and ensure segregation of duties.
READ: 10 Hazards in the Workplace for Construction Workers
Cyber Risks in the Construction Industry
Regardless of how big or small your construction firm is, chances are you store valuable information—information cyber criminals can use for personal gain.
Additionally, hackers are just as interested in proprietary information, and construction firms could lose their competitive advantage with just one data breach.
In order to protect your business and customers, it’s imperative to learn about the common cyber risks in the construction industry.
- Loss of Files and Personal Information
- Loss of Proprietary Data
- Infrastructure Exposures
Loss of Files and Personal Information
In order to make their business more streamlined, almost all construction firms store some type of personal information. Because of this, the files and data they keep on hand is particularly vulnerable and a common target for hackers.
The average contractor stores and transmits sensitive information such as employee records, customer lists, bid data and financial records.
Criminals can easily use this information to steal identities and credit card information. They could even ransom these files against a firm, blocking your access and demanding large sums for their release.
In addition, contractors often have login credentials for systems outside of their immediate control. If these contractors are hacked or decide to use their credentials for malicious purposes, your firm could be held liable.
Loss of Proprietary Data
One of the greatest assets a construction firm has is proprietary corporate data. At any given time, your organization could be holding valuable information related to privileged contracts, architectural designs and intellectual property.
In order to make their business more streamlined, almost all construction firms store some type of personal information. Because of this, the files and data they keep on hand is particularly vulnerable and a common target for hackers.
In some cases, you could lose this information to cyber criminals without a breach ever occurring. This type of theft can occur through social engineering and phishing schemes, which are strategies criminals use to entice employees into transferring corporate funds or assets.
Infrastructure Exposures
As technology advances, buildings are becoming more connected. Smart technologies allow businesses and homeowners to automate processes that control a variety of systems, including heating, ventilation, air conditioning, lighting and security.
While these new advancements are a major leap forward and provide your clients with opportunities to lower their costs and increase their efficiency, they also create cyber exposures.
When hackers gain control of a connected building, they can access things like IP addresses, security codes, automated building processes and camera footage.
In some cases, construction firms that provide smart technologies to their clients may be liable for any damage done by cyber criminals long after work is completed.
At the very least, organizations that install products that negatively impact the privacy and security of customers could face serious reputational damage.
LEARN MORE: Contractors Insurance Ontario
Be Proactive in Reducing Your Cyber Risk
In addition to the unique risks listed above, construction firms are subject to the same cyber exposures as the average business. Financial loss, business interruption and third-party liability are very real after-effects of a data breach, and your firm needs to be ready.
The best way to protect your firm from cyber exposures is with cyber liability insurance. These policies can and should be customized to meet your specific needs.
![Employee Cyber Training Manual [Free Download]](https://assets-global.website-files.com/5b3f6860fa3aa956567733e7/603fbb80f0150131af1fa665_Download%20Free%20Guide%20-%20Employee%20Cyber%20Training%20Manual.png)