Act on evidence: Reduce internal and external fraud risks through automation.
| Risk | Activity |
|---|---|
| 1. Fake Orders & Money Laundering: | Each order flow is cross-checked in the system to ensure orders, deliveries, inventory and payment flows match, with alerts for unexpected behaviour. A common trick with Money Laundering is to place orders and pay funds, without any delivery. Instead money is cleaned and returned to the Client, minus a cleaning fee. This does not mean every return is flagged but our algo will look for suspicious behaviour and patterns. |
| 2. Fake Orders & Employee Fraud: | Using a similar approach staff, with system know-how, could set up fake Clients and Orders through shell companies, cancel orders and have refunds wired out, or receive goods to sell on to 3rd parties. To reduce this risk only authorised staff may onboard new clients and we recommend only Client portals may place Orders but this final check is optional. We also recommend separation of front and back office to ensure Sales have no access to wiring funds and equally finance have no access to placing orders. |
| 3. Vendor Collusion: | To mitigate the risk of Vendor Collusion, all vendors register and have their material and labour costs approved before they are accepted into the system. For fixed rate jobs min/max ranges are approved. Prior to any job, precise fixed quotes and spare part costs are approved. When a work order is booked, Staff are only shown the 3 cheapest suppliers. The calculation takes into account labour rates, call-out charges, billing increments and all spare parts costs. This prevents Vendors from colluding with internal staff to push up pricing. Checks are adjusted according to industry and your own requirements. |
| 4. Inventory Mismtaches: | Staff with system know-how could place fake orders to hide a drop in inventory, while stealing goods in stock. Payments would never arrive. Our integrated system would flag the mismatch. Naturally during production there is always some slippage/wastage - for example a part breaks/human error. A "likelihood" indicator is applied and only events passing a threshold are flagged, to reduce false positives. |
| 5. Permissions and Controls: | Only those with permission may authorise and make payments to mitigate wire fraud risks. |
| 6. Commissions: | Finance validate commissions independently to ensure no duplicates or over-billing. |
| Benefit | Rationale |
|---|---|
| Proud to Ban WordPress (WP) From Our Servers: |
For WordPress to be functional, it relies on 3rd Party Plugins.
It appears many plugin developers prioritise profit over security.
By Oct23 WP and related plugins had suffered over 7,000 vulnerabilities. By Aug. 2024 this figure had jumped to over 10,000 vulnerabilities and by Oct. 2025 exploded to over 27,000 vulnerabilities. This is exponential growth! One vulnerability can take down a system. To check for vulnerabilities of any software visit: "cve.org'. AdaptiveERP has a clean record. Any mention of 'adaptive' refers to other well-known companies. On a daily basis "bots" scour all servers, to determine which run WordPress e.g. they search for the WP Admin Login. |
| "Home-cooked" not "ready-made": | Adaptive offers "home-cooked" food rather than "ready-made" to focus on security, quality, control and facilitate customisation. |
| Enhanced Security: | Each client has their own database and unique encryption key. All client data is segregated. |
| Key-Based 2-FA: | Key-Based 2-Factor Authentication (2-FA) login, uses a PIN which is never transmitted nor stored and would fail after a few incorrect attempts. The PIN is entered onto a special keypad so keyloggers (malware) could not detect the PIN. Users enter their PIN then click on a matching image - this protects against BOTs, making it close to hack-proof. |
| Protect Invoices & Payments: | Our login is almost hack-proof, which means all invoices inside the portal are real invoices from genuine vendors. Furthermore, based on known fees and pricing, our systems automatically create shadow supplier invoicing and client invoices, leaving nothing to chance, and as a further level of control, only authorised senior finance staff, can approve outgoing payments. |
| Implementation: | Risk-Based Access Controls to handle permissions and system access. We recommend operating on a least-privileged basis. |
| Philosophy & Approach: | Please visit our Security Website (Products/Security) for more insights. |
| APIs and Plugins: | Our APIs and Plugins each rely on A-Auth (Adaptive Authorization) and numerous additional measures to block malicious intruders. |