Greg H. Carver, The Daily Record Newswire
For the small business owner, thinking about internal controls and fraud prevention is often times dead last on their daily to-do list. Consider this however, according to one study, the estimated amount stolen from U.S. businesses by employees is approximately $50 billion dollars annually and 33 percent of all business bankruptcies are caused by employee theft.
Most business owners think effective fraud prevention is only for the big Fortune 500 companies, but there are some simple steps that you can take right now to help prevent fraud.
1. Examine original bank statements
Not so long ago the best control around was to have the bank statement sent to the owner’s house, then the owner could open and examine the bank statement before giving it to the accounting department or bookkeeper. With the Internet and online account access, this control is slightly out of date, but the root of the control is not.
Examining the monthly activity and looking at copies of cancelled checks is probably the best single control you can have against fraud. An important distinction here is to examine the original bank statement, not a copy or one that has already been reviewed by someone else. There are numerous examples of fraudsters manipulating bank statements to hide fraudulent activity.
Examination of the bank reconciliation should also be done, but don’t forget about the bank statement. A potential fraudster would have much more opportunity to commit fraud if the bank statement was not being examined every month.
2. Examine credit card statements
Credit cards have flourished as a means of purchasing for many small businesses, but so has misuse and fraudulent charges. Examining the original credit card statement or online activity will quickly show you what the card has been used for and can easily point out any questionable charges. This is not a time consuming process, it literally involves just examining the statement and doing a quick analysis. As with the bank statement, a potential fraudster that knows no one looks at the credit card activity has a lot more opportunity to commit fraud.
3. Review comparative monthly or periodic financial statements
This is probably the most obvious control of all, and you really should be doing this regardless of fraud prevention. Often what is missed in the monthly or periodic review of information is the analytical comparison to a prior period. Whether it is the previous month or the prior year month, informative and effective financial statements should be presented comparatively. This comparison can highlight anything out of the ordinary. This is a sound practice for both the management of your business and for preventing and detecting fraud.
4. Avoid the “SuperBookkeeper”
SuperBookkeeper is not a comic book hero, but they could be working for you right now. SuperBookkeeper is a person who does basically all of the accounting and bookkeeping for a business. This person would receive all the mail, deposit checks to the bank, create invoices, purchase materials and supplies, sign checks and finally reconcile the bank statement.
The person with this type of power could cause immeasurable damage to your company if they wanted to do so. The SuperBookkeeper shows up in many small businesses where the office staff is very small, if not only one person. The answer to this problem is what we CPAs call “segregation of duties”.
As much as possible, some basic accounting powers should be spread out amongst employees. For most small businesses the easiest fix for this is to change some of the security settings in the accounting software. Most accounting programs allow you to set access levels for different employees.
For instance, the person that does the purchasing for the company should not have the ability to create a vendor on the accounting system, or the person reconciling the bank statement should not have the ability to sign checks. Segregating duties when practical is a smart business practice and like the other steps, takes away the opportunity from a potential fraudster to commit fraud.
5. Use professional skepticism when dealing with employees
This term is actually part of the CPA lexicon to describe our attitude when auditing a company, however, I think the term holds true for business owners or any person in business. The definition for a business owner is to have an attitude that includes a questioning mind and a critical assessment of evidence. The individual using professional skepticism should not assume that an employee is either honest or dishonest.
One way to exhibit this behavior would be to institute background checks on all potential employees. Often times when an employee has committed fraud at a company, they have most likely committed fraud at their previous employer. Not all fraud is reported so the background check is not fail proof, but do you think a convicted fraudster would apply to your company knowing there was a background check?
Other ways to exhibit professional skepticism would be to examine invoices and packing slips when you are signing checks, regularly reviewing payroll entries for reasonableness, and of course all of the steps mentioned previously.
The bad news is that applying all of these steps does not guarantee fraud won’t occur, however enacting even one of these steps takes away the opportunity from potential fraudsters and will make them think twice before attempting to commit fraud.
—————
Greg H. Carver, CPA, is a manager with Mengel, Metzger, Barr & Co. LLP and may be reached at gcarver@mmb-co.com.
