Is your business susceptible to fraud? What measures do you have in place to assess and address fraud risks? As long as there is opportunity, fraud will exist. The story is especially sad when you have a long-time employee that you have trusted without question, who has used their access to your business records to perpetrate theft of your hard-earned profit. Here are some ways to protect your business:
Internal controls
Fraud is most likely to occur when an employee recognizes a weakness in the internal controls. Some of the more obvious internal controls that should be present in any organization are: segregation of duties (ex. one person alone should not be able to initiate a bank wire or transfer), multiple signatures should be required on cheques, and there should be safeguards over physical assets (such as cash, inventory or fixed assets). Expense reports should be reviewed in details and receipts should be attached. The reason is that expense reports are a common area where personal expenses can slip through the cracks. Larger organizations may justify an internal audit function and/or an audit committee. Financial results should be reviewed monthly for unexpected results that cannot be explained. This is especially important when an owner is not as active in the finance or operations of the company.
Hiring practices and human resources
It is a good idea to conduct reference checks on new hires, and verify experience and qualifications. Employees should also be given full entitlement to vacation and have full performance appraisals done at least on an annual basis. Whistleblower policies also have traction as a means for employees to report suspicious activity to the appropriate level of authority within the organization. Care should also be taken when tying an employee’s compensation plan to performance, as this can create a motive to manipulate financial results.
Business environment
The following is a laundry list of conditions that could elevate an organization’s exposure to fraud: deterioration of the company’s financial position and/or the industry in which it operates; unrealistic commitments to bankers, creditors or other third parties; material changes in operations, products, or regulations; uncertainties or high levels of judgement.
Fraud from external perpetrators
Businesses are not immune to other frauds which individuals are also concerned with, such as false billing, credit card fraud, identity theft, and cyber-attacks (which have large public corporations falling victim on a seemingly weekly basis). Online security is an immense risk these days and should be reviewed and addressed regularly.
The above scratches the surface on what to consider in managing fraud risk, but hopefully, this will get you thinking about whether your organization is exposed, and where you can make improvements to limit your exposure to loss resulting from fraud.