January 08, 2015
Every business should have a fraud prevention system in place that includes a solidly written fraud policy as well as providing training to develop a culture of fraud awareness.
Smaller businesses are especially vulnerable to fraud because they lack the resources to implement complete systems of internal controls and properly segregate accounting duties among their limited staffs.
Businesses think they cannot afford fraud prevention time and effort. Wrong – businesses cannot afford NOT to! According to the ACFE’s 2012 Report to the Nations, estimated median losses for small organizations (less than 100 employees) that experience fraud were $147,000. That amount is more than the average salary for approximately three accounting personnel. The report indicated that small organizations are the most common victims in fraud at 31.8% - the highest rate of ANY business size category.
So where do you begin? Let’s just take one example – invoice approval. Each day, managers review and approve thousands of invoices, contractor statements, time sheets, expense reimbursements, purchasing card details, and other documents that cause cash to be disbursed. All too often, that approval becomes a ‘rubber stamp’ with little active thought about what the approval step really means. “Signatures without thought” make it easy for those who are trying to fool us. Approval of transactions that turn out to be fraudulent can be embarrassing at best and career ending at worst!
In this example I would encourage managers to answer a few basic questions before approving invoices and other payment documents. All address the general question of: “How do I know?”
How well do I know this vendor or contractor? Do I have first hand knowledge that they even exist?
Do I know that they actually provided the goods or services identified in the invoice or other billing statement?
Do I know that they are using the correct amounts for price (including unit prices used), sales tax, freight, and other variables that make up the amount invoiced?
On what basis do I know that the prices are reasonable in the first place? What standard have I used in determining that the price charged is fair?
How do I know that the quantities make sense? On what basis have we agreed to purchase the stated quantities?
How do I know that the invoice and other documents are mathematically correct?
Do I know that this invoice has not already been paid?
Your fraud policy will help provide these questions, and help your employees know how to do the following
- Know what can go wrong in their areas of responsibility, including what it would look like if it happened on their watch
- Use best-faith behaviors and formal controls to deter it from happening
- Use best-faith behaviors and controls to find it right away when their prevention and deterrence efforts fail
- Raise the alarm right away upon suspicion – so that the experts can take it from there
A policy without training is of limited use. Most employees won’t take a policy seriously unless you make a point of training them and impressing the seriousness of the issue upon them. Here are four ways you can provide this training:
- Written ‘how-to’ articles (similar to the one in this article)
- One-on one coaching, during every audit and every interview
- Group-live training – where people come to an in-house training event
- Technology-enables programs – like webinars and recordings of your group-live training
Smaller organizations may have more difficulty due to the limited resources but here are a few solutions to consider:
- Outsourcing financial statement reviews and detailed transaction reviews
- Have certain accounting functions audited randomly
- Outsource bank account reconciliations and payment reviews
- Outsource payroll
The fraud policy and follow-up skills training are the two most important parts of an Anti-Fraud Campaign. I know this because I am an expert in this area and yet few organizations follow up on either idea. Both steps are truly needed to help protect your business. Don’t wait until you’ve been hit by fraud. Take the steps necessary to protect your company and your clients.