Scammers are targeting victims with new tactics, causing financial loss and mental distress. Ola Opoosun explains how organisations can protect themselves with the SCAM checklist From convincing phone calls and text messages requesting financial information to elaborate online scams, scammers are always looking for new ways to catch people off guard.   In 2023 alone, UK Finance reported that scammers stole £1.17 billion through unauthorised and authorised fraud. In fact, scammers target those who they perceive as more vulnerable, including the elderly, with data showing that an older person falls victim to fraud every 40 seconds.   While the financial impact of scams can be costly, they can also leave people feeling embarrassed and unsettled and can have a lasting impact on our confidence, especially in a workplace situation.  Three in ten (29%) say that being a victim of fraud has harmed their mental health, leading them to seek help with anxiety and depression.   How can organisations stay alert to scams and prevent them from happening to themselves and their clients? The golden rule of avoiding scams is to be vigilant.   Knowing what to look out for and feeling confident enough to check or challenge what you're being asked to do, especially where something doesn't feel quite right, is very important.    If you ever find yourself in a situation where you’re unsure what to do, our handy acronym “SCAM” can help you put together a quick checklist to help you work out if a request for financial and personal information is genuine or not.  S – Sender  If you receive a message out of the blue, ask yourself: is it a complicated email address, or one that's familiar yet not quite right? An unknown phone number?  Don’t assume that an email address, postal address, website or phone number is always authentic.   Always stop and check the sender’s address or number to make sure it’s legit. C – Chasing  If you get a call out from someone requesting sensitive or urgent information relating to their account, it could be a scam. Time pressure can be an obvious red flag as scammers might use tactics to convince you to make a hasty decision without thinking things through. However, a trusted organisation would never rush you into make an important decision such as transferring money or sharing credit card numbers.   Remember to stop and take the time to think through your decision and question if it seems like suspicious activity.   A – Action  An online, phone or email scammer will likely try one of a number of ways to get you to send money or personal information but it’s important to remember that a genuine organisation would never ask you for security details, especially out of the blue.   M – Mistakes  Scammers impersonate trusted companies, organisations and even people. If you receive an email or text with spelling errors or strange wording, these are tell-tale signs that can be a big giveaway that it’s a scam.  Scammers are hoping that people will overlook typos. You should carry out an online search of the number or email address to see if it's legitimate before replying to the message.   Falling victim to a scam  It’s important to remember that anyone can fall victim to a scam. Falling victim to a scam is nothing to be embarrassed about.   If you’re worried that you have been scammed online or through another method, your organisation’s financial security has been compromised, or you spot any fraudulent activity on accounts, involve your leadership team as soon as possible so they can contact the proper authorities and minimise risk to the company. With scams becoming increasingly sophisticated, it’s important to be more vigilant and feel confident to check or challenge what you're being asked to do.   Trust your instincts and remember “SCAM” to protect yourself and your organisation.   Ola Opoosun is Head of Support Services at caba

As businesses navigate technological disruptions, economic fluctuations and global crises, leaders must prioritise investing in resilience, writes Neil Hughes Resilience is defined as the ability to adapt to change positively, recover from difficulties and persist in facing challenges. The pace of change in business today is relentless, and for business leaders, resilience is a more crucial attribute than ever. Organisations need leaders capable of staying focused, being consistent and remaining inclusive under pressure. Building a resilient workforce can help organisations to navigate change more effectively, sustaining competitive advantage, growth and long-term success. Best practice suggests several key areas of focus for leaders and organisations to consider. Prioritising wellbeing and mental health According to a 2023 survey by the Chartered Institute of Personnel and Development, 76 percent of UK employees reported that mental health support at work directly contributes to their overall job satisfaction. Mental health is foundational to resilience. Business leaders should strive to create a supportive environment that prioritises mental health through comprehensive wellness programmes. This includes providing access to mental health professionals and resilience tools to support employees in managing stress and adapting to change. Encouraging open conversations about mental health can foster a culture where employees feel safe and supported. Fostering a resilient and inclusive team culture Resilience should be embedded within the organisational culture. Leaders must foster a workplace culture that encourages collaboration, open communication and psychological safety, where small wins are recognised, feedback is encouraged and acted on and failures are seen as learning opportunities rather than setbacks. Creating an inclusive culture where diverse perspectives are valued can enhance problem-solving and innovation. Regular team-building activities, training focused on resilience, and creating a safe space for employees to voice their concerns can significantly boost team morale and cohesion. Investing in continuous learning and development Continuous learning is critical to building a resilient workforce. By investing in ongoing training and development programmes, leaders can equip employees with the skills needed to adapt to new challenges. Offering opportunities for professional growth helps employees stay current and confident in their roles. Encouraging a growth mindset, where challenges are seen as opportunities for learning, can foster resilience and innovation. Role modelling resilience and self-care To lead effectively, business leaders need to invest in their own wellbeing and resilience. Resilient leaders are those who continuously learn, adapt, and maintain their physical and mental health. This involves regular training, seeking coaching or mentorship, and embracing a growth mindset. Leaders who prioritise self-care practices such as regular exercise, adequate sleep, and mindfulness activities can manage stress more effectively, maintaining mental agility. . Leaders play a critical role in modelling resilience and those leaders who prioritise resilience not only enhance their capacity to grow and move forward in the face of adversity but also inspire their teams to do the same. Whilst building resilience involves effort, commitment and time, it can be the protective layer required to equip leaders, their teams and organisations to face the challenges of the ever-changing landscape of work. Neil Hughes is a Director in People and Change Consulting at Grant Thornton Northern Ireland

Sandra Healy explains the importance of a strong organisational culture and how it can lead to satisfied and long-term employees Organisational culture is the personality of the organisation, shaping how employees interact with each other, management and customers. A strong organisational culture can have a significant impact on employee retention because it creates a sense of belonging and purpose. When employees feel that they are part of a community that shares their values and goals, they are more likely to stay with the company for the long term.  A positive organisational culture can also lead to greater employee engagement. When employees feel that their work is meaningful and that they are making a difference, they are more likely to be motivated and productive. This can lead to better business outcomes, such as increased revenue and customer satisfaction.  On the other hand, a negative organisational culture can have the opposite effect. If employees feel that they are not valued or that their contributions are not recognised, they may become disengaged and demotivated leading to high turnover rates.  Organisational culture can impact employee retention in other ways, as well. A strong culture of work-life balance can help employees feel that they are able to maintain a healthy balance between their personal and professional lives. Similarly, a culture of learning and development can help employees feel that they are growing and developing professionally.  Key components to a good organisational culture  A strong organisational culture is built on a foundation of shared values and beliefs that guide the behaviour of employees. These values and beliefs are communicated through various channels, such as company mission statements, vision statements, and core values. When employees understand and embrace these values, they are more likely to feel a sense of belonging and purpose within the organisation.  Another key component of a strong organisational culture is effective communication. Leaders who communicate regularly and transparently with their employees can help to build trust and foster a sense of community within the organisation. Employee recognition and appreciation are also important components of a strong organisational culture. When employees feel that their contributions are valued and recognised, they are more likely to feel motivated and engaged in their work. Finally, a strong organisational culture is one that promotes work-life balance and employee well-being. When employees feel that their personal needs and well-being are valued by the organisation, they are more likely to feel satisfied and committed to their work. Measuring organisational culture Measuring the current organisational culture can be done through various methods: Surveys can be distributed to employees to gather their opinions on the company's values, communication, leadership, and overall culture. Interviews with key personnel such as managers and executives can provide insight into the company's goals and how they align with the culture. Focus groups can also be conducted to gather opinions from a diverse group of employees. These methods can help identify areas where the company's culture is strong and where it needs improvement.  Another way to measure the organisational culture is to look at employee turnover rates. High turnover rates can indicate a negative or toxic culture, while low turnover rates can indicate a positive and supportive culture. Exit interviews can also provide valuable feedback on why employees are leaving and what can be improved to retain them.  Once the current organisational culture has been measured, the company can identify areas for improvement by analysing the data collected from surveys, interviews, focus groups, employee turnover and exit interviews, then create an action plan to address the areas that need improvement. Improving the organisational culture is an ongoing process. The company should regularly measure the culture and make adjustments as needed. This will help ensure that the culture remains strong and supportive, leading to greater employee engagement and retention.  Best practice One of the best practices for building a positive and inclusive organisational culture is to establish a clear set of values and principles that guide the organisation's actions and decisions and then communicated to all employees and integrated into all aspects of the company's operations. Organisations must also encourage open communication and collaboration among employees by engaging everyone in regular team-building activities, open-door policies, and opportunities for feedback and input. When employees feel that their voices are heard and their contributions are valued, they are more likely to feel invested in the success of the organisation and less likely to seek opportunities elsewhere.  Creating a supportive and inclusive work environment is also crucial for building a positive organisational culture. This means promoting diversity and inclusivity in all aspects of the workplace, from hiring practices to daily interactions among employees. Finally, it is important to create formal recognition programs, such as employee of the month awards or performance bonuses, as well as through informal gestures such as thank-you notes or public praise. When employees feel that their hard work and dedication are appreciated, they are more likely to feel motivated and committed to the organisation over the long term.  Sandra Healy is Founder of Inclusio

Businesses need clever strategies to counter the cyber security challenges arising from the emergence of artificial intelligence, writes Puneet Kukreja The enormous power of generative artificial intelligence (GenAI) and large language models (LLMs) is just beginning to be understood. Its capacity to automate and accelerate business processes is only starting to be explored fully. As is the case with the deployment of any new technology, however, GenAI brings with it new cyber vulnerabilities. Cyber security matters are emerging as a key concern for technology leaders in Ireland amid the surge of AI-enabled cyber attacks. According to the EY Ireland Tech Leaders Outlook Survey 2024, the percentage of respondents who identified elevated cyber risks and the management of data protection and data flows as critical challenges has risen to 61 percent, up from 53 percent in 2023. Like the move to the cloud over a decade ago, the technology will create new cyber exposures and increase the attack surface for cyber criminals. For example, consideration needs to be given to securing the LLMs that gather and analyse data from various departments within the organisation. Ensuring the secure collection and transmission of this data is paramount, as is the fortification and security of the model itself. Monitoring emerging vulnerabilities closely This is not a reason to shy away from the technology. It is simply a reminder that it must be treated in the same way as any new IT investment from a cyber security point of view. Few organisations would risk connecting an unsecured PC or laptop to their network and the same approach should apply to AI. AI in cyber security is a double-edged sword. Where it empowers organisations with enhanced security capabilities, it also equips cyber criminals with similar tools by enabling individuals lacking advanced coding skills to leverage GenAI and create malicious code efficiently. With just a few prompts, GenAI can quickly generate code to identify and exploit vulnerabilities within an organisation's network, a task achievable within minutes. Change approach, not budget The good news for organisations and for Chief Information Security Officers (CISOs) is that they do not necessarily have to make significant new cyber security investments to restore the balance. The first step is to focus on what you already have. It is not a question of a new investment in cyber security, rather a new approach. In the same way as the cloud changed the shape of organisations’ networks and cyber defences had to be extended to cover the new expanded perimeter, existing defence systems will need modification to bring GenAI models within their orbit. Stolen credentials present a grave peril to organisations. To bolster security beyond passwords and multi-factor authentication (MFA), organisations can deploy AI-driven solutions that monitor user behaviour for unusual login patterns or atypical actions. These systems scrutinise user interactions with critical infrastructure and can swiftly detect unauthorised access attempts or transactions. Adopting this strategy enhances cyber security defences by integrating AI technology that can strengthen existing measures and counter new threats with speed and efficacy. Procurement processes will also play an important role. Organisations must ensure that they are not buying trouble when they invest in GenAI. They need to interrogate vendors very closely to ensure that the systems they are acquiring are secure and do not bring increased vulnerabilities with them. Of course, organisations will need to invest in upgrades to guard against the AI-driven increased sophistication of phishing and other cyberattacks, but this can be accommodated within normal cyber budgets. Finally, it cannot be emphasised enough that GenAI will not offer a silver bullet to organisations seeking to bolster their cyber defences. Humans: the last line of defence While organisations exploit the potential of advanced AI, they need to be mindful of the advent of new cyber vulnerabilities. Using existing cyber security measures to protect AI systems and applying rigorous due diligence to the purchase of such systems will help deal with the heightened threat, as will increased awareness of the new environment. While it undoubtedly offers the ability to further automate certain elements of cyber defence and to enhance threat detection, this will not replace any of the existing cyber security systems in place or the human as the last line of defence. Puneet Kukreja is Cyber Security Leader at EY

As 2024’s global elections shape business, corporate governance professionals must anticipate changes to compliance and ESG regulations, says Dan Byrne We are in full election mode in 2024. About 50 countries – representing around half of the world’s population – are expected to hold elections this year. Indonesia went to the polls in February, and Mexico, South Africa and India have just finished. The European Union cast votes for bloc-wide representatives on 7 June, and the United Kingdom will follow with a general election in July. Then there’s the small matter of the US Presidential Election in November, rounding off a truly remarkable year for democracy. Corporate governance and elections It’s crucial to recognise that this year’s elections will shape the leadership landscape for the rest of the decade and significantly impact corporate leaders, who will be observing them with keen interest. So, what should corporate governance professionals watch for in these elections? The intensity of regulations It’s the defining question of this corporate generation: how many rules will come down from elected officials? Before going any further, we should acknowledge that the volume of government regulations worldwide has generally increased, meaning more responsibility for directors and more robust penalties for getting it wrong. That said, regulations are broad, and there will always be political tug-of-war over how much control should be placed on businesses. Take the UK, for example. The current Conservative government promised to strengthen the country’s corporate reporting system, but in November 2023, it rolled back many of these proposals amid fears that Britain’s competitiveness would be harmed. Corporate leaders should watch prominent politicians to see how they plan to strike this careful balance between integrity and competitiveness. For many boards, it’s not about whether regulations will strengthen; it’s about the pace of that strengthening. A fiscally conservative government, less prone to market intervention, could easily slow the pace, perhaps prompting a rethink of strategy. ESG Beyond any doubt, these global elections will have a significant impact in shaping the future focus on ESG. There are two main reasons for this: The EU has seized on ESG over the last decade, if not in name, then in principle. Efforts to reach net zero, advance diversity initiatives and enhance reporting requirements through CSRD have dominated the bloc’s political agenda. The sheer scale of ESG-related initiatives means these trends will likely continue no matter what the next European Parliament looks like. That said, the political climate in Europe is changing. Corporate leaders should watch to see how pushback against reporting requirements and net-zero transitions, as well as hot-topic issues like immigration, will translate into votes. Will it mean more seats won by parties on the right or by those with other vested interests such as protecting agriculture? If so, the pro-ESG agenda may suffer from greater political pressure, hampering things like directive adoption and implementation, potentially meaning your corporate strategy might need to change or rewind in the short term. Make or break in the US The United States has become an ESG battleground – a distant landscape from the EU. In the US, politicians fight over its very existence rather than its pace of implementation. Critics of ESG in the US claim it harms investors’ returns and infringes on their free market rights. In some states, laws have already been enacted to prevent ESG investing where possible. The composition of the next US Congress and the person in the White House will ultimately decide whether the anti-ESG movement will take hold on a national level. If it does happen, US companies will then be in a different environment, and their corporate strategies will have to reflect that.  Will your company continue to incorporate ESG? If yes, will you be public with it or approach it under a different name to avoid politics? These questions have been raised before in the US; we just need to wait and see what kind of political landscape is forming around them. What will the changes be? For corporate leaders, the strength and pace of regulations regarding governance and ESG are the things to watch. The 2020s are proving highly polarised politically, and big changes in government will likely mean your strategies will see a change on the ground in some shape or form. Your job is to be clear on what that change will be, and how your organisation will manage and capitalise. Remember, though, that regulations are just one part of the story. And your company still needs to stay in touch with shareholder, consumer and community moods. It’s a hard game, but a rewarding one if you get it right. Dan Byrne is a writer with the Corporate Governance Institute

C-suite leaders must navigate the geopolitical landscape to mitigate business risks, writes Enda McDonagh According to a recent poll conducted at The PwC Leadership Exchange, C-suite executives view geopolitical risks as the most significant threat to their businesses in the coming year. As global uncertainties persist, leaders must negotiate an increasingly complex landscape to ensure the resilience and success of their organisations. The poll results reveal that after geopolitical risks (41%), the top concerns for C-suite executives are macroeconomic volatility (28%), climate change (18%), cybersecurity (6%), skills/talent shortages (5%) and supply chain disruption (2%). These findings underscore the multifaceted nature of the challenges facing business leaders today. Addressing geopolitical risks requires a proactive and strategic approach by C-suite executives. By staying informed about global developments, fostering relationships with key stakeholders and developing contingency plans, leaders can better position their organisations to weather potential storms. Additionally, investing in risk management processes and building a culture of resilience can help companies adapt to changing circumstances and emerge stronger. Key takeaways for navigating geopolitical risks 1. Continuously monitor the geopolitical landscape and assess potential impacts on your business Stay informed about global events, regulatory changes and shifting power dynamics that could affect your operations, supply chains or market access. Regularly update your risk assessments and adapt your strategies to minimise exposure to geopolitical disruptions. 2. Foster a culture of resilience and agility within your organisation Encourage cross-functional collaboration in your organisation, empower teams to make decisions quickly and invest in training and development to build a workforce that can adapt to changing circumstances. By cultivating a resilient and agile mindset, your organisation will be better equipped to manage the challenges posed by geopolitical risks. 3. Develop comprehensive contingency plans to mitigate potential disruptions Identify critical vulnerabilities in your operations, supply chains and market presence, and create detailed plans to address potential disruptions. These may include diversifying supplier networks, exploring alternative markets or investing in risk transfer mechanisms such as insurance. By proactively planning for various scenarios, you can minimise the impact of geopolitical risks on your business. As C-suite leaders navigate an increasingly complex global landscape, it is crucial that they remain vigilant and adaptable. By prioritising risk management, building resilience and developing robust contingency plans, executives can position their organisations for success in the face of geopolitical uncertainties. Enda McDonagh is Managing Partner at PwC Ireland