For business owners, occupational fraud can be one of the most dangerous threats to a company’s success. According to the Association of Certified Fraud Examiners, the median loss in a business fraud case is about $130,000, and this number is even higher for small businesses. However, don’t let the statistics scare you. Using the following preventive and detective internal controls, any business owner can take action to keep fraud at bay.
As the name implies, preventive controls are the measures a company can take to discourage errors and abnormalities, including fraud, from occurring. If your company has not yet implemented any preventative internal controls to counter fraud, get started with these:
- Segregation of duties
- Make sure that different people are responsible for various parts of a financial transaction. For example, separate handling and recordkeeping duties by having one person receive and deposit checks and another keep the company checkbook.
- This ensures that no one person has complete control of any transaction.
- Restriction of business credit card use
- Always limit the number of company credit cards and users, and inform employees with access about which purchases are appropriate.
- Do not allow employees to make personal purchases with a company card, even with the promise of reimbursement.
- Implementation of an accounting policies and procedures manual
- Keeping a list of financial policies and procedures will keep employees informed about what is acceptable for your organization.
- These policies and procedures can include (but are not limited to): cash disbursements, attendance and leave, petty cash, use of company assets and conflicts of interest.
- Use of assets for official business only
- You should make a habit of periodically checking credit card charges and expense reports to ensure that company assets (like vehicles, cell phones and other equipment) are only being used for official business.
- Keep logs for company vehicle usage, and ensure that trips made with company vehicles are appropriate.
- Protection of cash and checks
- Limit access to petty cash funds and keep them in a locked box, restricting the number of employees who have access to the key. For further protection, prohibit checks being made payable to cash and store blank checks in a locked drawer.
- Make sure to deposit all received checks promptly.
- Avoidance of related party transactions
- Keep an updated conflict of interest and code of ethics policy.
- Require disclosure of related party transactions and approval by the company board.
While countering fraud before it occurs is ideal, a chance always exists that preventive controls still may not work. Therefore, it is crucial to make sure that your company is also prepared to check for fraud. Detective controls can do just this, allowing you to identify errors and abnormalities after they have occurred. In addition to preventive controls, try implementing these three detective methods:
- Reconciliation of bank accounts monthly
- Ensure that the person completing the reconciliation is not also responsible for bookkeeping or check signing, and check for unusual or missing transactions.
- Review of all transactions and high-level approval on significant transactions
- Ensure that upper-level management reviews invoices and signs agreements. You may want to consider requiring two signatures on checks above a certain threshold.
- Board oversight
- Give oversight of all financial operations to the Board of Directors, and evaluate the Executive Director’s performance regularly to ensure safety of finances.
Congratulations! Having these controls in place is a major step in preventing and detecting improper revenue recognition, misappropriation of assets and other kinds of business fraud.
If you have additional questions, the audit team at Halt, Buzas & Powell can help. HBP’s knowledgeable auditors strive to make sure that they provide the best services possible. For assistance, please contact us online or call 703-836-1350.
Written by Allison Griesbach, CPA; Senior Accountant.