Protecting your business from fraud
Occasions of fraud scandals are being seen more and more frequently in newspapers or on TV. This increased reporting has caused many business owners to become concerned with fraud that could be happening within their own organization.
A 2014 report from the Association of Certified Fraud Examiners indicated that, on average, 5% of an organization’s gross annual sales are lost to internal fraud. The report also shows that most fraud occurs over a period of at least 18 months before it is detected. Small businesses are particularly vulnerable to fraud because the owner-manager is typically the driver of sales and in most cases not familiar with the internal reporting requirements, which means they are not fully aware of how the receivables and payables are being managed.
How to Protect Your Business
Although there are many ways to prevent fraud within an organization, the most important step to take is to implement a system of internal controls. This system will not only help to prevent fraud in the first place, but also works to detect fraud after it has already taken place. Those controls are generally divided in three simple categories:
- Policies and Procedures – must be in writing and employees have to be educated about them; especially about policies regarding cash disbursements; attendance and leave; travel expenses/reimbursement; purchasing guidelines; petty cash; and conflicts of interest.
- Preventive Controls – Ensure that an authorized employee reviews and approves purchases, payroll, and disbursements; separate cash handling— receipt and deposit—from recordkeeping functions. The IT department should also limit computer access so that employees are granted only the access rights necessary to perform their particular duties. Computer passwords should have at least eight characters in length and use a combination of alphabetic and numeric characters; require users to change their passwords every 90 days; and prohibit password sharing.
- Detective Controls – Supervisors must review the activity of employees who have been granted heightened computer access. Require an employee who does not have bookkeeping or cash-handling responsibilities to complete monthly reconciliations.
In addition to these controls, it is also important to promote a sense of ethical behaviour within the organization. Far too often, companies simply expect ethical behavior; however, this behaviour needs to be promoted among staff. The organizational culture along with its mission and vision statements definitely influence the ethical behavior of their employees.
If you are a small business owner concerned about your susceptibility to fraud, contact us today.