Are You at Risk for Fraud?
Identify your Risk and Protect your Organization from Internal Fraud
Do you know your organization’s risk for fraud? Just when everything seems to be going well, internal fraud can derail even the best run company. Understanding the value of internal controls and the critical importance of reviewing those controls on a regular basis can ensure that your company does not become another victim of internal fraud. So how what can you do to protect your company from fraud?
The prevention and detection of internal fraud is dependent on the design, implementation and monitoring of effective internal controls. Understanding common vulnerabilities will allow you to design and implement safeguards that will protect you, and your employees, against the threat of internal fraud.
No Business is Immune to Fraud
First, it’s important to understand that no company is immune to fraud. In fact, in many cases, companies that don’t recognize the threat are at the greatest risk. Small companies can be especially vulnerable. Frequently, smaller organizations have employees who perform multiple duties. In many cases, these employees are performing “conflicting tasks” – meaning they are performing tasks that should be separated in order to prevent fraud. Separating tasks will force potential perpetrators of fraud to conspire. Fraud involving collusion between multiple individuals is far less common than fraud committed by single individuals.
Larger businesses are also not immune to fraud. Even well designed control systems can break down over time as they become lax in the administration of their controls or as people find ways around the controls. Often, weaknesses are not apparent until it is too late.
Regardless of organizational size, most victims have one thing in common. They didn’t believe they were susceptible to internal fraud until after it happened. In fact, fraud is most commonly perpetrated by a long-term employee whom the owners felt they could trust.
Fraud Occurs When Opportunity Meets Motivation
Typically, fraud occurs when a motivated perpetrator meets opportunity created by poorly designed or poorly maintained internal controls.
Surprisingly, the motivations of perpetrators are often very similar. Employees often rationalize theft by believing they are entitled to what they steal. Whether they think they should be paid more or that the company has in some way shorted them, most perpetrators of fraud create justification for their actions. Need is also a strong motivating factor. Employees who have recently suffered financial hardship are much more likely to commit fraud.
Regardless of the motivation or justification, businesses that are victimized by fraud generally have poorly designed or poorly monitored internal controls. Common examples of poorly designed controls include checks being signed without a thorough review of supporting invoices, or when checks are signed by the same individual that processes invoices.
Effective Controls Can Prevent Most Fraud
While many business owners don’t even recognize the risk of fraud, others are simply unsure about how to prevent it. If you don’t have anyone on staff that is familiar with internal controls, consider using a third party to help uncover potential problems with the company’s internal controls. This will help identify the areas of biggest risk.
The second step is to implement the recommendations of the fraud prevention expert such as separating conflicting duties of employees. Once your controls are in place, periodic reviews by internal managers and external assessors will help to keep controls from slipping out of practice.
Outside Advisors can help with the Implementation of Controls
If your business needs assistance preventing fraud, a CPA with audit experience is a great place to start. They don’t necessarily need to specialize in fraud. CPAs are well-suited to evaluate controls that currently exist and assist in developing additional or more effective controls.
A basic assessment can be conducted pretty quickly by an experienced advisor. After controls are implemented, periodic maintenance must be performed. It’s a good idea to continue to rely on outside help periodically to ensure that your controls are effective. Over time, even well-designed controls can fail. Eventually people find their way around controls, especially if they know they are not being monitored.
Be Proactive in your Efforts to Prevent Fraud
The most important thing when it comes to fraud prevention is being proactive. If you wait until there’s a problem, it’s probably already too late. If you don’t have strong internal financial controls in place within your company, the time to implement them is now. No business is immune to fraud, but those that take a proactive, strategic approach to fraud prevention can greatly minimize their organizational risk.