If I only had a dollar for every time that I have heard that statement. The fact is, workplace fraud happens, and it happens frequently. Newspaper headlines featuring employees stealing large sums of money are becoming more frequent. It happens to all businesses, large and small. It also happens in the nonprofit and municipal sectors […]
If I only had a dollar for every time that I have heard that statement.
The fact is, workplace fraud happens, and it happens frequently. Newspaper headlines featuring employees stealing large sums of money are becoming more frequent. It happens to all businesses, large and small. It also happens in the nonprofit and municipal sectors with alarming frequency. No one will argue that economic times are tough and many employees are under financial pressure. Often this pressure translates into incentive or rationalization for employees to steal from your business to make ends meet.
Even with all the statistics and news, many business owners think it can never happen to their company. It is often this type of thinking that makes a business more vulnerable. While it is true that fraud can happen in even the best controlled environments, a few simple changes and safeguards can often go a long way.
Small-office environments are particularly vulnerable to fraud because of their size. Fraud can happen in any size company. However, the fewer people involved in the accounting function, the more opportunity there is for an individual to commit fraud and go undetected.
A common term often used when accountants discuss internal control is “segregation of duties.” Simply put, the more segregated the accounting function is, the better the control environment. If the same individual is responsible for collecting payments from customers, adjusting customer accounts, and making bank deposits, there is a lot of opportunity for that person to steal money and cover up his/her tracks.
Fully segregating all of the accounting duties is a struggle for many small businesses because they simply do not have enough people in the accounting department to segregate duties adequately. This does not mean that small businesses have to live with this risk. There are some simple questions all business owners can ask themselves to help improve controls at their company.
Do you really see all the checks your business issues?
Having the business owner sign all the checks is probably one of the most common controls among small businesses. While this is a great control to have in place, many fraud investigations uncover checks being issued that the owner did not know about. In addition to signing the checks, business owners should keep track of check numbers.
Simply put, the first check number in the pile of checks that the payables person requests a signature for this week should be one check number higher than the last check number in the pile the owner signed last week. Any breaks in sequencing should be investigated as these could be unauthorized checks being issued.
Do you review the cancelled checks for the month?
While most banks no longer provide the cancelled-check copies in the mail anymore, most provide access to scanned copies of the cancelled checks online. You would be surprised at how many fraud investigations often uncover alternate manual checkbooks that business owners never knew existed. With the availability of online banking, owners have instant access to review all banking activity.
Who has access to the company credit card?
Abuse of corporate credit cards is one of the most common sources of fraudulent activity at small businesses. Company credit cards should be used for just that, company expenses only. Often, small-business owners will use one credit card for both business and personal expenses. Some will provide the number or even a card to their office or business manager. If the credit-card activity is not monitored, the opportunity for authorized users to use the card for personal charges is unlimited.
It is very easy for employees with the company card to rationalize that they will pay the company back, etc. Again, this is an area where real-time monitoring of activity online is very easy to do. Any unexpected or unusual charges should be investigated, and all charges to the company credit card should require back-up receipts with explanation of business purpose. Personal charges to the company credit card should be strictly disallowed.
Who brings the deposit to the bank?
If it is the same person who reconciles the bank accounts or posts the deposits to the general ledger, there is opportunity for that person to short the deposit and adjust the records to cover it up.
Is there independent verification from the billing system or receipts ledger to ensure all deposits actually made it to the bank? A simple control small businesses can often add is having a receptionist open the mail and make a list of payments received so that that listing can be compared to the deposits actually made to the bank.
What do I do if I catch one of my employees stealing?
This is probably the one area that small businesses differ from larger ones. Large companies often have “no tolerance” policies requiring prosecution of employees caught stealing from the firm. This sends a strong message to employees that if you decide to steal from the company, the consequences are going to be great.
In small businesses, however, the reaction and punishment of the employee can vary tremendously. While no one wants to see a long-time employee arrested or named in the newspaper, the bottom line is that that employee stole from the company and there should be consequences. The message business owners send by how they deal with an employee caught stealing is very important. Any employee caught stealing should have his/her employment terminated and should be prosecuted.
Many times, small-business owners do not prosecute because they just want it to be over, they don’t think they will ever recover the money, they don’t want to ruin the person’s reputation, etc. However, the employee who stole from the company will most likely go on to steal from his next employer. In no case should an employee caught stealing from the company be allowed to remain employed. Especially in a small-business environment where everyone talks, it is very easy to send a message that stealing from the business will be brushed off and it becomes more likely that others within the organization will try it because they think they can get away with it.
When looking at their office environment and controls in place, all business owners should always remember that for fraud to happen, three underlying factors must be present — incentive, rationalization, and opportunity. These three factors are commonly referred to as the “fraud triangle.” While most companies have little control of why an employee commits fraud or how the employee rationalizes his actions, a good control environment will strive to limit the opportunities for fraud to occur and go undetected. The beginning of a good fraud-deterrence program starts with asking a few simple questions and maybe trusting employees just a little bit less. While no control environment is fool-proof, a few simple changes can often go a long way.
Linda Gabor is a certified public accountant and certified fraud examiner. She is the partner-in-charge of audit services at Grossman St. Amour CPAs PLLC. Contact Gabor at lgabor@gsacpas.com or (315) 701-6346.