Employees of most small to mid-size businesses are seen as part of the family, and business owners could never imagine that their family would steal from them. In fact, employees pose the greatest fraud threat in today’s economy. In its 2016 Report to the Nations on Occupational Fraud and Abuse, the Association of Certified Fraud Examiners states that 49% of employee fraud is committed by someone with over five years’ tenure. These employees are often the most trusted, yet the fraud they commit average over $225,000 in losses.
A business cannot grow to new heights without a strong foundation and, in order to have a strong foundation, it is necessary for a business to have thorough internal controls. It is important to understand the four cornerstones of internal controls.
It is vital for businesses to have proper procedures in place. This includes a written policy that outlines who is in charge of what duties within the company, along with the expected deadlines for these duties. When determining which employees are performing specific tasks, always keep segregation of duties in mind. Segregation of duties is dividing or allocating tasks among various individuals, striving to reduce the risk of error and fraud. The three categories to separate are authorization, custody, and record keeping. Smaller businesses may have a harder time spreading duties amongst staff, but custody and record keeping should remain separate.
Complete and detailed documentation plays a key role in fraud prevention and detection. For example, invoices that are pre-numbered in sequential order allow for early detection of out-of-order or abnormal invoice numbers. Recording the original invoice number along with the sales remittance number makes for accurate records and appropriate collections on receivables. It is important to have original copies of supporting documentation. All documentation and records should be reported in a timely manner to reduce the ease of fraudulent activity.
3. Security Controls
Inventory is usually one of the biggest assets on a company’s balance sheet, so it is important to keep those assets safe. Proper security controls are needed. Good physical security controls include locked doors, safes, and vaults. Strong mechanical security controls are video-monitoring systems, time clocks, alarm systems, and employee key cards. Protecting the company’s information is a necessary security control in this day and age. Make sure each employee has a separate log-in and password in order to access the company’s network.
Even with the proper internal controls in place, a business manager still needs to monitor the entire process to make sure the internal controls are operating effectively. Large companies utilize an internal audit team to make sure their internal controls are operating properly. External audits are another highly recommended monitoring function. A CPA can make sure that a company is following Generally Accepted Accounting Principles (GAAP), but the process is not designed to focus on fraud detection. If a company does not have an internal audit team, it is strongly recommended to have an internal control study performed by an external party.
Use Yeo & Yeo’s Internal Control Checklist
Are you leaving your company exposed to fraud? If employees can easily take cash, inventory or supplies, alter financial records or manipulate records of cash received or paid, you could be inadvertently increasing the risk of fraud. Review the questions on Yeo & Yeo’s Internal Control Checklist, which may indicate the likeliness of fraud in your business.
Fraud prevention and detection have a direct impact on a business’s financial health. Yeo & Yeo’s CPAs, Fraud & Forensics examiners and forensic accountants can help business owners and managers become savvier about fraud, and develop and execute strong internal controls. We can also be a valuable resource to have on your side to help safeguard critical data and investigate losses when fraud strikes.