Resilient clients and stakeholders
Supporting clients, suppliers, providers, contractors, industry partners to protect themselves from scams, exploitation, identity theft and compromise.
Why this countermeasure matters
Even the most robust fraud control environments can be undermined by scammers and cyber criminals taking advantage of client and stakeholder vulnerabilities to commit fraud. Boosting your stakeholders’ and clients’ counter fraud capabilities protects your entity from further attack.
Failing to support clients and stakeholders to protect themselves from scams, exploitation, identity theft and compromise can lead to:
- organisational information and assets being stolen via a stakeholder’s trusted access to systems or premises
- systems being compromised due to identity take-over
- payments being hijacked due to identity take-over
- clients and stakeholders falling victim to scams reputational damage through clients and stakeholders being defrauded.
How you might apply this countermeasure
Some ways to implement this countermeasure include:
- providing tools and support to boost a supplier’s capabilities to resist scams and fraud.
- sharing intelligence with suppliers and vendors to help them better identify and manage scams and fraud
- educating clients on scams and how to protect their identify and accounts from compromise
- supporting clients to remediate their compromised identity or account
- collaborating with stakeholders to help identify unscrupulous businesses and business practices
- participating in relevant industry meeting to share intelligence and raise awareness of scams and fraud.
How to check if your countermeasures are effective
Here are some ways to measure the effectiveness of this type of countermeasure:
- consider how reliant your organisation is on your clients and stakeholders being resilient to scams – could their vulnerabilities lead to fraud against your organisation?
- survey clients and stakeholders to check their knowledge and resilience to scams
- review the effectiveness and reach of public messaging and education
- talk to clients and stakeholders about their understanding and resilience to scammers and cyber criminals
- confirm suppliers, providers, contractors, industry partners are meeting contractual obligations to protect information and funding from theft and misuse
- review frequency of attendance and contribution to key meetings.