Many business owners assume they have hired honest and ethical employees. Even if you have hired honest and ethical employees you need to have anti-fraud controls in place. Sometimes even honest employees, when given the opportunity, will commit fraud.
Every two years the Association of Certified Fraud Examiners (ACFE) conducts a comprehensive survey of fraud cases encountered by their Certified Fraud Examiner (CFE) members. The most recent report is the 2016 Report to the Nations on Occupational Fraud and Abuse. This report has some interesting findings relevant to small businesses. Here are a few basics about the report:
- Analyzed 2,410 fraud cases that were investigated between January 2014 and October 2015. 1,038 of these cases took place in the United States.
- Median loss for all cases analyzed was $150,000.
- Asset misappropriation was the most common form of fraud noted (83% of cases).
- The longer a fraud took place the greater the financial damage.
One of the most interesting findings related to small organizations (companies with less than 100 employees) is how they detected fraud. Small organizations detected the majority of their frauds through management review, account reconciliation, accident, and external audit. Another interesting fact noted in the report is that small organizations have significantly less anti-fraud controls than large organizations. This is understandable because small organizations are usually limited in these areas because they have less resources available to prevent and detect fraud.
Even through small organizations may have limited resources here are four actions all businesses should take to prevent and/or detect fraud.
- Fraud risk assessment – A fraud risk assessment is generally an in-depth process that involves several employees, however, many small companies will see significant benefits by simply evaluating their core processes and activities. Once you know where your risks are you’ll be able to better focus your prevention and detection efforts.
- Segregation of duties – make sure you segregate all incompatible duties. No single employee should be involved in all aspects of processing a single type of transaction (Cash disbursements, cash receipts, etc.) If you can’t properly segregate all duties due to limited staff, implement mitigating controls to reduce your risk.
- Tone at the top – lead by example, make sure your employees know that fraud will not be tolerated. Support this behavior by writing an anti-fraud policy and code of conduct into your personnel documents.
- Management/Owner Review – make sure all areas of risk are reviewed by management. Ask questions, make sure it’s known that everything is being reviewed and monitored.
Fraud is not something that should be ignored. Every company should evaluate their risks and resources and implement appropriate controls.