Fraud hits small businesses hard. Statistically, the smallest businesses have the largest median losses. They don’t always implement anti-fraud measures and significant losses over an extended period can be catastrophic. A small business that has continually lost thousands of dollars for a year or more may be ill equipped to recover and have to downsize or ultimately close their doors as a result of the loss.
The ACFE, or the Associate of Certified Fraud Examiners, releases the Report to the Nations on Occupational Fraud and Abuse every two years. The report provides insight into occupational fraud at an international level. Here are some key findings from the 2016 report:
- More than 23% of the businesses reported losses of at least $1 million.
- The median business fraud loss was $150,000.
- People in six departments committed 76% of small business fraud: accounting, operations, sales, management, purchasing and customer service.
- The average loss from lower-level employee fraud was $60,000.
- The average loss from higher-level employees (managers) was $160,000.
- There were three major occupational fraud categories:
- Asset Misappropriation with $125,000 median loss per scheme
- Corruption with $200.000 median loss per scheme
- Financial Statement Fraud with $975,000 median loss per scheme
- It took an average of 18 months before most fraud was detected.
- 1% of all victim businesses did not recover any of the fraud losses.
The most effective protection against occupational fraud is effective internal controls, especially segregation of duties. Divide and conquer by breaking up responsibilities so that no one employee is in charge of more than one part of transactional activity. When you separate duties like this, it is easier to track and identify discrepancies. There are four main positions that should remain separate to improve fraud protection (even if you’d trust your employee with your first-born child): an approver, a bookkeeper, an asset custodian and a reconciler.
An Approver: Establish a clear chain-of-command for financial transactions by designating a point person to approve them. This individual would be in charge of signing checks, approving electronic cash transfers, and has the final say on cash going out the door for purchases, service agreements with vendors, etc. Each transaction must be reviewed and approved for payment to the right place before any cash may leave your company.
A Bookkeeper: One specific person should be responsible for the bookkeeping within your company. It is important that this person NOT be the same one who cuts and signs checks, otherwise it would be easy for a dishonest employee to cover their tracks and it may be hard for you to detect the loss.
An Asset Custodian: Set-up one person to be in custody of your financial assets including collecting cash or checks, making bank deposits and reviewing bank statements. It’s important that this role be segregated from bookkeeping. If the same person performed both duties, then it would be much easier for them to force false numbers and match bank statements by deleting, modifying or adding transactions to the ledger.
A Reconciler: Ideally, accounts are reconciled daily by someone who is NOT the asset custodian and NOT the bookkeeper. Some business owners choose to limit internal access to bank and bookkeeping systems by outsourcing this to a third-party (see the paragraph below about Outsourcing Bookkeeping). However, it’s sometimes possible to give an employee view-only access to the ledger so they can compare the books against the bank statements without making changes.
In reality, many small businesses don’t have enough employees to accomplish a 4-way separation of duties. Therefore, many business owners outsource to an external bookkeeper as their main fraud detection and prevention protocol. An outsourced provider like Sherman Oaks Accounting And Bookkeeping powered by One Source Services, Inc. will manage your books and ensure separation of duties while implementing control procedures and identifying suspicious activity or discrepancies. Outsourcing your bookkeeping and reconciliation processes will ensure strong controls are in place within your business without increasing payroll expenses.
There is one fraud protection step that is often understated. It is simply restricting access to your company’s sensitive data and keeping track of who’s doing what in your accounting system through effectively using login credentials. It’s imperative that people who use your accounting software have unique, confidential credentials known only to them. As a standing rule, employees should be prohibited from logging-in and working as the Administrator. Furthermore, the Owner, Office Manager and CPA should have their own separate accounts. Many business owners don’t realize that doing this contributes a great deal to loss prevention.
QuickBooks tools can be applied to prevent fraud, as well. For example, check tampering is a common type of fraud. Most often, when an employee tampers with a check they cut a check that is payable to themselves, sign it and then cash it but change the payee field in the books. QuickBooks can help prevent this type of fraud by allowing you to run an Audit Trail Report. It scans for a changed entry and can filter by transaction type to see who made the modifications and when. Other common types of fraud that QuickBooks can prevent are skimming (when an employee moves funds received as payment from customers into their own pocket), inventory theft (often by adjusting the recorded inventory to match the physical inventory, even writing off the adjustment on a prior financial period) and payroll fraud (one of the costliest forms of business fraud that can long go undetected). QuickBooks has built-in controls that help reduce loss plus it integrates well with numerous apps like Hubdoc and Bill.com to put even more controls in place and prevent these types of fraud.
It takes time and resources to implement internal controls like segregation of duties, user accountability and the implementation of accounting software and digital applications. Leveraging these controls can provide you with protections against business fraud, fewer opportunities for thieves to pick your pockets and ultimately, more security and success for your business.