There are lots of steps recommended by experts to prevent fraud, some more practically and affordably implement by small businesses than others.
In my experience, there are a few important things that small business owners should be doing themselves on an monthly basis that are very effective to deter, help detect, and stop most fraud fairly quickly.
1. Be interested in the financial aspect of your business.
When you demonstrate that the finances matter to you, that you are involved with them, and that you’re running a tight ship, that in and of itself deters fraud, and promotes accuracy.
2. Establish best practices of accounting.
Doing the accounting according to best practices allows others to clearly follow what’s been done, verify accuracy, and detect patterns of fraudulent activity. When the books are a mess, it’s hard for everyone to follow, and easier for fraud to go un-noticed. It also requires more work and money to examine and tie out books that are a mess.
Work is usually performed properly if you have a professional bookkeeper or an accountant doing the books. This is often not the case when an owner, owner’s spouse, receptionist/office manager is doing the books. They usually lack the training, aptitude, and focus required for such detail oriented work. Sometimes with training, this might be able to be turned around. Best practices include accounting procedures and processes, but also related things like separate user names and password on the accounting software and web sites accessed like banking and credit cards.
3. Require that bank account and credit card reconciliations are performed monthly.
Fraud can occur from outside an organization apart from the doing of internal staff. If reconciliations are performed regularly, this type of fraud can be detected by your staff more timely.
4. Establish a paperless document storage system.
If bank, credit card statement, reconciliations, accounts receivable, accounts payable, vendor documents, etc. are all centrally stored electronically for all appropriate staff, things are harder to hide, because data is readily available for verification. It’s also a much more efficient way to work.
5. Review the payroll reports each pay date.
Look at the employee names and make sure that you know everyone that is being paid. Paying a false employee is an easy way to slip in a fraudulent disbursement. The recipient shares the proceeds with the bookkeeper.
6. Don’t use a debit card.
If fraud occurs on your debit card, then it can wipe out your bank balance out and other checks and payments to bounce like payroll and payroll tax payments. Also, if you have more than one person with a debit card, it’s usually hard to track purchases by debit card. Instead, use a small business or corporate type credit card account that allows for multiple cards, each with their own credit limit. The statement will come consolidated but will sub-total expenses by card so that you can easily review each card’s transactions. Give your bookkeeper their own card for things that they need to make as opposed to them using your card.
7. Don’t ever make cash withdraws or take cash back from deposits.
For most businesses, doing either is an indication of very poor accounting practices that really exposes owners to fraud. Minimize the use of petty cash and write a check to cash so that there is a record of who did it when the check clears. Cash withdraws and cash back is typically done because the owner needs money. Instead, owners should transfer money from their business account to their personal account, and then withdraw or disperse personal funds anyway they see fit from their personal account. If you never withdraw cash or take cash back from a deposit, it will be more easily identifiable if it does occur fraudulently.
8. Review bank and credit card statements timely each month.
Look for transactions you don’t recognize and investigate. The quicker you catch inappropriate transactions, the faster you can make it stop and begin taking action to collect the amounts back and/or report fraud to your bank or credit card company.
9. Review check images from your bank.
If you have online banking, you can review the image of a item as soon as it clears your account. Look at the payee’s name, do you know who it is? Does the amount seem appropriate? Who signed the check?
10. Write as few checks as possible.
Checks are ripe for fraud by sources inside and outside your organization. There’s lots of reasons for this, but they all come down to the reality that a check passes through many hands from internal staff, to postal staff, to the recipient’s staff. Lots of things can happen to that check as it travels through those many hands.
Checks can also be delivered to an incorrect recipient further adding complexity. Checks can be altered after the fact through a process called washing whereby a fairly simply chemical process is applied to the check to lift the toner/or ink of the payee name and/or check amount, while leaving the date and signature and intact. Payee name and amount is changed and looks original. Checks can be written and signatures forged. Checks can be created by someone outside your organization that has seen one of your checks. The list goes on and on. If you have checks, secure them well, and keep track of each check. Most accounting systems can produce a missing check report show gaps in check number sequence.
ACH, wire, and credit card payment is much more specific and traceable as to whom the recipient is, and typically more secure. If you have to write checks, there are steps that can be taken to mitigate fraud, such as using a bill pay service. Some services have levels permissions for users who are authorized to approve and optionally a separate user to release payment. The checks cut are typically on the Bill Pay company’s bank account, and then a total is deducted from your bank account. Many bill pay services allow for ACH payment to the recipient at no cost to the recipient.
11. Know your accounts receivable and bank deposits.
This was purposely placed after the explanation about writing as few checks as possible. So, if you skipped that, read it that point in it’s entirety because it applies here too. Check fraud can occur on the receiving side as well.
Here’s how. When a customer’s payment is received, instead of it being deposited into the company’s bank account, that check could be taken by your internal staff and deposited into their own bank account. How can that be you may ask. Well, most ATM deposits under a certain value are not looked at by humans, so there is no verification that the payee shown on the check is the account holder. A second method would be to cash the check, as described above, changing the payee name and/or amount.
The way to prevent this kind of fraud is a bit more intensive on the owner’s part but very doable with some guidance about which reports to run and how to tie them out. Essentially, an owner would need to request some reports from the bookkeeper each week.
The owner would use the reports for two purposes: to verify deposits have been made to the bank account, and to tie those deposits to customer payments of invoices to keep track of open customer invoices. Owner is monitoring that no invoices have mysteriously disappeared, only those that have been paid or credited for some reason such as bad debt write-off should fall off.
12. Review your company’s financial statements monthly.
I’ve found that small business owners have great intuition about how certain aspects of their business are doing. By learning how to interpret the income statement and balance sheet, and doing so at least monthly (after reconciliations are complete), they can identify areas that don’t sit right in their gut, and investigate them further. Also in reviewing these statements, they can glean valuable insights on the health of the business, and make strategic changes.
We offer one-on-one training to owners on how to carry out these basic steps and do provide various services for hire, including this 12 step monthly process. Contact us for more information.