The cost of fraud is too high to ignore
By: Mike Klein, Partner
The 2013 Global Fraud Report survey reports 70 percent of companies suffered from at least one type of fraud, up from 61 percent in the previous poll. Businesses reported physical assets or stock theft increased four percent, internal financial fraud or theft up four percent, and vendor, supplier and procurement fraud up seven percent in just one year. This is a trend business leaders cannot ignore.
Your best defense against fraud is to implement effective internal controls. Your CPA is your best resource to test your internal controls and suggest strategies to protect your business. However, keep in mind an audit doesn’t specifically focus on fraud defense and detection, but rather determines whether your financial reporting meets Generally Accepted Accounting Principles (GAAP) standards. Testing your internal controls is not a requirement in most audits of non-publically traded businesses.
To gain further insights into how your controls are operating, consider having your CPA firm perform agreed-upon procedures to test the operating effectiveness of your controls. Your CPA firm can also help you perform a gap analysis to identify areas of weakness that make your organization susceptible to fraud.
If you suspect you are a victim of fraud, consider engaging a forensic accountant. He or she can conduct an actual investigation to determine if fraud has occurred and help you quantify the amount.
Following are practices you should have in place right now to protect against fraud:
Draft and implement an ethics policy. When employees know such a policy exists, and management is following it, they’ll also know attempted fraud will be much riskier. Equally important to a strong ethical position is a clear delineation of internal control responsibilities.
Spread risk-intensive tasks among several employees. Authorization duties (check signing or releasing a wire transfer), custody (access to the blank check stock or the ability to establish a wire transfer), and recordkeeping (recording transactions in the accounting system) should be separated so one individual cannot complete a transaction from start to finish. For many businesses, proper segregation of duties can be difficult to achieve. In these instances, company owners should consider having the unopened bank statements delivered to them directly. The owners should then review the bank statements and the check images on-line for any transactions appearing unusual, and follow up to understand them.
For example: controls over your vendor list and payments. Implementing controls such as requiring vendors to sign a code of conduct annually, ensuring the vendor set-up process incorporates segregation of duties and implementing check validation of select vendor payments can help deter and detect fraudulent activities. Business owners should also review the vendor list at least annually and question any vendors on the list that seem unusual. Each review of the vendor list may help to uncover potential instances of vendor-related fraud, highlight opportunities for strengthening controls around vendor-related files, and mitigate future exposures.
Secure your facility. Lock up valuable assets. Invest in video monitoring systems, time clocks for tracking the work of hourly employees, and alarm systems and use them. Implement IT security policies such as passwords and server and software authentication to prevent fraudsters from stealing or vandalizing critical information (or money and products).
Know what you have and what you don’t. Scrupulously maintain your financial statements and regularly review them for suspicious budget-to-actual variances. Create invoices unique to your company and sufficiently informative so they are difficult to fabricate. And use pre-numbered, consecutive documents as a quick indicator if things are out of order.
If you suspect fraud, address it. Contact an accounting firm specializing in fraud services to investigate. But don’t inform your employees. The element of surprise can be helpful. When employees don’t know when the process is scheduled to begin, they can’t preemptively fix mistakes or, in worst cases, cover their tracks after committing fraud.
For an internal control assessment to help protect your business from fraud contact Mike Klein, CPA, MBA, Ciuni & Panichi, Inc., 216-765-6943 mklein@cp-advisors.com or for more information click here.