Steps to Prevent and Detect Business Fraud by Steve Nouss, CPA
Posted on December 29, 2014
Corporate fraud is an undiscriminating epidemic that occurs in large, multi-national companies equally as often as it does within small, entrepreneurial businesses. Unfortunately, there is no one magical solution businesses can employ to protect themselves from these schemes over the long term. However, there are opportunities for businesses of all sizes to plan ahead and put into place a series of internal controls to help mitigate their exposure to fraudulent activities and the financial and reputational losses that can result. It is through these systems that businesses can improve their efforts to deter, prevent and detect fraud and ultimately protect the long-term viability of their organizations.
Manage Enterprise Risk
Over time, frauds evolve and multiply as scammers become more creative and their schemes more sophisticated. While businesses cannot eliminate all of their exposure to potential fraud, they can manage their risks by identifying, assessing and addressing operational weaknesses that can make it easier for employees, vendors or management to commit these deceptions.
To that end, effective Enterprise Risk Management (ERM) programs identify potential threats and exploit operational deficiencies that may negatively affect a particular business today and into the future. It enables businesses to assess their exposure to risk and their abilities to absorb and recover from it with as few negative outcomes as possible.
Institute Policies and Internal Controls
Once a business identifies real and potential threats, it can then address its exposure to these risks by adopting a system of processes and internal controls to mitigate and manage them effectively.
For example, a business should consider drafting and sharing with employees a formal policy that defines fraud and misconduct in the workplace and outlines the steps the business will take to respond to these unacceptable behaviors. Additionally, by conducting regular internal audits, the business can monitor potential risks and ensure that controls implemented to deter those risks work as planned. Often, anti-fraud policies and knowledge about periodic audits are fraud deterrents, in and of themselves, when a business makes employees aware that it has a system of checks and balances in place.
Similarly, by adopting a system of internal controls and applying proven principles throughout all areas of its organization, a business can mitigate its risks of falling victim to fraud. Such controls also improve the business’s ability to deter and detect fraud more quickly and with less loss and costs to the business.
Opportunity and access are two factors that make it easier for fraudsters to commit their deceptive practices. Both are preventable when businesses separate the duties and responsibilities of business transactions to different people within the organization. For example, a business may assign payroll processing to a clerk while delineating responsibility for reviewing and approving payments to its CFO or controller. Similarly, a business may consider dividing the duties of managing receivables and handling cash payments to two different employees.
When breaking down the various transactions that occur during a typical business day, organizations should not overlook the seemingly mundane task of mail processing. Remember, correspondence via postal service often includes confidential information or payments for services. As a result, a business should consider assigning this task to the most appropriate employee who can manage such privileged information.
Monitor and Detect Risks
Because corporate risk is not 100 percent preventable, a business should take the time to monitor the controls it puts into place and conduct periodic audits to identify instances of fraud before they become so damaging that the business cannot recover.
According to the Association of Certified Fraud Examiner’s (ACFE) 2014 Report to the Nation on Occupational Fraud and Abuse, tips, most often from a business’s own employees, are the most common method of fraud detection. For this reason, businesses should implement an anonymous hotline or whistleblower policy to enable employees to report suspicions of fraud without threat of negative repercussions.
For most business, fraud is unavoidable. However, by establishing an environment of oversight, control and accountability, businesses can do their part to deter misconduct and mitigate their risk of unmanageable losses. The professionals with Berkowitz Pollack Brant’s Consulting practice have years of experience helping organizations of all sizes identify and address their vulnerabilities and establish sound policies and processes for monitoring, investigate and responding to potential fraud.
About the Author: Steve Nouss, CPA, is chief consulting officer with Berkowitz Pollack Brant. For more information, call (954)712-7000 or email firstname.lastname@example.org.