Financial fraud is a bad scenario for business owners. Beyond the embarrassment or the financial loss, fraud can also result in the termination of a long-term employee. A few factors may put a company at risk; however, the primary cause is a lack of internal controls and oversight. We also find that a lack of segregation of duties is a common problem, due to limited staffing and resources.
Read more about common types of fraud, the fraud triangle, and simple internal control measures to help your organization avoid negative situations.
Common Financial Scams
The below describes common scams found across organizations, especially in smaller companies:
• Lapping receivables – employee with access to deposits and accounts receivable steals a deposit from Customer A and then applies a payment from Customer B a day or two later to Company A’s account.
• Fraudulent payroll – person with access to payroll and the G/L overpays fictitious employees, their own account, or posts a negative deduction to their paycheck. A person with access to G/L coding hides fraud in some account where it’s not obvious.
• Fraudulent disbursements – employee simply writes checks or wires to themselves or some other entity and with access to G/L hides it in some account where it’s not obvious.
• Stealing inventory – goes undetected.
• Kickbacks – typically in purchasing, the buyer takes a kickback from a vendor.
• Changing the books later on – an exposure with Quickbooks and systems where transactions can be changed after the fact and/or can be posted to a prior period – there is no hard system close.
The Fraud Triangle
Businesses question the causes of financial crimes and what drives an employee to harm their own company. Fraud almost always has three factors, also termed the Fraud Triangle, an idea first put forward in an article by Donald R. Cressey and Edwin Sutherland. The term was later coined by Steve Albrecht, which includes the following:
• Motive (or pressure) – the need for committing fraud (need for money, etc.)
• Rationalization – the mindset of the fraudster that justifies them to commit fraud
• Opportunity – the situation that enables fraud to occur (often when internal controls are weak or nonexistent)
Breaking the Fraud Triangle is the key to fraud deterrence. The action implies that an organization must remove one of the three elements in the fraud triangle in order to reduce the likelihood of fraud.
Motive (or pressure) sometimes shows in an employee’s workplace appearance or behavior. Understanding the employee’s typical dress and demeanor at work can help determine when something is off. Under pressure, an employee experiencing financial woes will carry themselves differently around the office.
Rationalization speaks to company culture and individual personality. If you have a culture that truly places a high importance on integrity, your chances of fraud are reduced or if your employees feel they are compensated and treated fairly and cared about, your chances of fraud are reduced. If not, this is an opportunity to reevaluate the company culture.
Removing Opportunity is most directly affected by the system of internal controls and generally provides the most actionable route to fraud deterrence. Internal controls are generally divided into controls around prevention or access – restricting the ability to get assets, and detection – controls designed to discover fraud after the fact. Internal control also relates to the overall culture of the organization. More structured cultures tend to have better controls as opposed to free-wheeling cultures with weaker controls. Interestingly enough, having someone look over your employees’ shoulders and give the perception of an active review will do more to limit fraud than other internal controls due to fear of being caught.
Understanding the types of fraud, the below explains simple steps you can take to prevent or detect such scenarios:
• Require employees to go on vacation for two weeks. Some frauds, like lapping receivables, will pop to the surface during the perpetrator’s absence.
• The owner signs checks and releases ACH’s and wires, thus limiting check signers. Owners ask me – how long do I have to keep doing this? It’s eating me alive. The answer – as long as you can stand it. If (when) you give up this prevention/access control, you are well advised to set up other controls to compensate.
• Bank statements go to the owner with digital images of the check. Review the transactions and images of checks and then pass on to whoever reconciles the statement. In this day and age, the owner or officer outside of accounting logs into the bank frequently and looks at the balance and transactions.
• The owner looks at payroll ledgers from time to time. Reviewing the reports can be a tedious process, however, look once in a while at who is making how much money and the deductions.
• Task someone with no access to cash or ability with initiating transactions and reconciling the bank accounts.
• Big account – Small account. If you have a big pot of money, limit signers and access on that account. Move money to a smaller disbursement account in smaller chunks as needed.
• Keep a regular count on inventory by limiting access and controlling how items in the department move. Some companies put tighter controls around higher dollar items.
• The person responsible for deposits does not post to, manage or have access to accounts receivable.
• Establish policies within the Purchasing department for formal bidding processes, rules about gifts, and zero tolerance policies for kickbacks.
• Financial statement and performance review are the ultimate detection controls. Pay attention to trends, comparison to budget, margin analysis, and ratio analysis. During a review, insist on good explanations for variances or other abnormalities. Are the explanations fuzzy, slow, or muddled? If so, these are all red flags and should serve as warnings.
When effectively implemented, all such methods can both detect and prevent internal threats against your company’s finances. Opportunity is removed by establishing a strong segregation of duties, where the understanding of financial statements isn’t limited to one or a small number of employees. These attainable measures are not only a means of prevention and detection; they are an opportunity for companies to create a positive culture for their teams.
For any additional information on how vcfo can help you prevent financial fraud, please contact Carter Freeman.