Small business owners often take pride in the ‘family’ culture of their organisation, but unfortunately not all employees do the right thing by their employers. What steps should you take to make your business fraud resistant?
Fraud is a deliberately hidden act conducted by people who want to take advantage of employers for their own personal gain. Small and mid-size businesses are vulnerable to fraud because of three factors:
- They are less likely to have an audit
- They often don’t have strong internal controls in place
- An employee frequently has sole responsibility for a job function, and therefore more opportunity to commit fraud with less chance of it being detected. This single issue can be the downfall of any small- medium business.
Nevertheless, businesses can implement preventative measures to minimise the risk of fraud.
Strong policies and procedures
A strong set of internal controls is central to preventing fraudulent behaviour. These should aim to enhance the efficiency and effectiveness of your operations, your compliance with regulations, and the accuracy of your financial reporting.
Typical examples include:
- Separation of duties – one employee should not be responsible for recording and processing a transaction.
- Access controls – access to tangible or financial assets and information along with accounting systems should be limited to authorised employees who are sufficiently monitored.
- Authorisation controls – creating policies to define how financial transactions are initiated, authorised, recorded and reviewed.
Ways to identify fraud
If these basic internal controls are not in place, the risk of fraud increases.
To identify potential fraud, watch out for:
- Round dollar payment amounts
- Journals entered or altered in the ledger well after a transaction occurred
- Friendly relationships between staff and suppliers that might lead to “side-agreements”
- Unusual numbers of credit notes around period end
- Two consistent payments of the same amount (one going to a supplier but the other could be going to a fraudster).
Internet banking controls
Tight controls should be in place for access to your banking facility. Major banks now offer customers tools to increase the security of their funds such as:
- Electronic Token Keys to identify users with proper authorisation
- Multi-tiered authorisation so that the person who enters the payment cannot approve it and vice versa
- Double verification involving both a login plus an SMS code authorisation
- Maintain a good record of online payments including supplier name, account, payment date and amount, ensuring that it matches with the accounting system.
Background checks
When hiring new employees, employers should look not only for the right skills and qualifications, but also the right ethical background. Background checks are a relatively inexpensive and easy way to assist with this.
Another important thing to remember is that employees are a business’s best watchdogs. By creating a positive and friendly work environment, employees will more likely follow established internal controls and act with the best interests of the business in mind.
Show initiative
Businesses that wish to prevent fraud need to establish systems that enable employees, suppliers and customers an anonymous and risk free method of reporting any fraudulent activities.
Encouraging an ethical culture
Studies show that organisations that visibly adhere to clear ethical principles are more resistant to misconduct of all kinds, including fraud. By creating a positive, ethical and friendly work environment, employees will more likely follow established internal controls and act with the best interests of the business in mind. Employees should also be made to feel comfortable questioning results, and have an anonymous and risk-free way of reporting any possible fraudulent activities.
Assess and address fraud risk
Employers should aim to uphold their professional scepticism and assess their business’s potential fraud risk in detail. An internal audit can help to evaluate the effectiveness of processes and risk management and address weaknesses. By performing periodic audits, employers also signal to employees they take fraud prevention seriously and are on the lookout for any threats to which their business might be exposed.
Accru has assisted many clients with internal audits and control reviews. We can demonstrate success in developing systems and processes which both minimise risk and result in greater efficiencies. Accru offers a data analytics service which has been proven to prevent common fraudulent disbursements. Please contact your local Accru partner to find out more.