Seven strategies to prevent fraud in your small business
Every business should have internal controls in place to reduce the risk of fraud.
But, according to Ulton partner Bernard Whebell, unfortunately smaller businesses often have a more relaxed approach to these controls – and with fraud costing the sector millions each year, this can prove to be an expensive mistake.
How can fraud occur?
Fraud is something that can be relatively easy to carry out, especially if internal controls are non-existent or lax.
Examples of small business fraud include:
• Employee claims for time that was not actually worked or for expenses not actually incurred.
• Small regular cash thefts that tend to go unnoticed.
• Use of business credit cards for personal expenses.
• Making double-payments, or creating fake invoices and directing payments to a private bank account.
What are internal controls?
Internal controls are systems that are put in place within a business to help reduce errors, safeguard assets, ensure greater financial accuracy, keep better track of assets and liabilities, keep up-to-date with compliance, and reduce the risk of fraud.
Why might small businesses fail to have internal controls? It could be a lack of management skills and experience, a preference for operating on trust, or simply a failure to recognise the potential for fraud to occur. Small business owners can also become so busy building their businesses that they don’t pay enough attention to what is happening at the operational level.
So what can be done to prevent fraud?
Here are seven internal control procedures to help prevent fraud in small businesses.
1. Physical access restrictions
Physical security includes locking of the premises, as well as filing cabinets, cupboards and safes after hours so they cannot be accessed. It may also involve restricting access to sensitive information and assets (such as cash) during working hours. This might relate to specific personnel, or mean restricted access to certain areas of the premises.
2. Job descriptions and clearly defined responsibilities
Clear job descriptions enable employees and contractors to understand the scope of their employment, and what is and is not expected of them in their jobs. This not only helps to reduce the risk of fraud, but also provides employees with greater security in that they are clear about your expectations of them.
3. Account analysis and reconciliations
Regular reconciliation of accounts not only keeps records up-to-date but also enables you to better detect errors and suspect entries. A monthly bank reconciliation for instance can ensure that only authorised transactions are processed through your bank account. Regular internal audits of expenses can also help you to uncover any unauthorised entries.
4. Staff supervision
Supervision is important for checking and reviewing work that is carried out. This isn’t meant to micro-manage workers, but to detect errors and reduce opportunities and any temptation to commit fraud.
5. Fraud awareness training
Training enables business owners and managers to better understand what fraud is and how it can happen, recognise their vulnerability to it, learn how it can be detected and prevented, and what to do if it does occur. Fraud awareness training can also be used to instruct employees on how to detect and report it in the workplace.
6. Segregation of duties and authorisation reviews
Segregating duties where possible defines task responsibilities and can also help to reduce the risk of fraud. Examples include designating separate individuals to receive cash and to take it to the bank, ensuring that two signatories are required for cheques, and ensuring that all electronic transactions don’t go through without authorisation.
7. IT policies and controls
The use of logins and passwords and restriction of access to certain programs can prevent unauthorised alteration of information or transactions on the computer system. Other IT measures include performing regular backups and installing anti-virus software and firewalls to safeguard data and prevent unauthorised access and hacking.
There are many other measures you can take to prevent fraud, such as thorough background checks of potential employees, regular external audits, shredding of sensitive documents, and rewarding employees appropriately for their efforts.
Ultimately, it’s up to you to determine the level of risk you are willing to carry in your business, and to develop procedures and controls for reducing the potential and opportunity for fraud to occur. To learn more about fraud prevention for your SME join Ulton partner, Bernard Whebell as he presents ‘Fraud and Forensics – Part 2, How to optimise fraud prevention in your business’ on Thursday March 3.