Businesses utilize internal control procedures to prevent and detect errors, safeguard assets (especially cash) from misappropriation, and encourage staff adherence to prescribed managerial policies. It is imperative that every organization has a set of internal control policies and procedures and communicates them to staff, while providing oversight that includes monitoring by a high-level executive.
According to the Association of Certified Fraud Examiners “Report to the Nations,” asset misappropriation is 89% of the occupational fraud committed. In addition, the report estimated that businesses lose up to $4 trillion annually due to occupational fraud; and, unfortunately, small businesses are twice as vulnerable. Although each organization’s controls will differ depending on its size and complexity, there are six controls ALL organizations should have in place.
- Segregate Cash-Related Functions
The most important control is the segregation of duties. Owners, directors, and high-level staff often lack the time to perform such duties as payment collection and posting, check writing, general ledger maintenance, and bank reconciliation preparation; and, therefore, entrust such responsibilities to their staff. The office administrator/manager is often trusted most.
However, one employee having responsibility for all these duties can lead to asset misappropriation. According to the “Report to the Nations,” those who commit occupational fraud comprise 44% employees, 34% managers, 19% owners, and 3% other. In small organizations, the office manager realistically must perform these functions, but instituting reasonable controls can certainly deter and help prevent fraud.
For example, the office manager likely prepares the payroll and makes entries in the accounting system and cash account. But does a higher-level staff (or owner) review the payroll journal for reasonableness (i.e., the gross wages are consistent with salary amounts, and all persons receiving paychecks are actual organization employees)? Does he or she also review the bank account for the payroll drafts and cross-check the amounts?
If the office manager enters all deposits, automatic withdrawals, and written checks, and also reconciles the bank account, someone else must review bank reconciliation. The higher-level staff or owner must also open the bank statement and review the contents prior to returning it to the office manager for the reconciliation preparation. Furthermore, after reviewing the completed bank reconciliation, the higher-level staff or owner must question outstanding items, or items that appear unreasonable in nature and amount. Performing a higher-level review of these duties will minimize fraud exposure if your office size prevents the proper segregation of duties.
- Monitor the Typical Volume of Your Organization on a Daily, Weekly, Monthly Basis and Immediately Investigate Any Material Deviations
A valid reason for revenue to decline within a given month might, for example, be that a high-producing employee took a vacation the month prior, which could explain a decrease in revenue in the subsequent month. But in order to determine realistic trends, the current period’s activity should be compared with that of the previous month. If there is a significant decrease for no apparent reason, questions must be asked immediately. The more questions you ask, the more your staff realizes you are paying attention, which will further deter fraud.
- Ensure All Employees Take Vacations and Are Properly Cross-Trained
Because most fraud is uncovered when the perpetrator is out of the office, employee vacations afford a natural point for checks-and-balances and accountability. Fraudsters can cover their tracks when working and tend to do a good job at hiding their actions. The “Report to the Nations” also showed the average duration of a fraud scheme is 16 months, but many continue for years before detection. As such, employees should be cross-trained in various organizational duties to allow coverage if one employee is out. This protocol not only motivates your staff to work conscientiously, it can also deter and help detect fraud, as it ensures employees are accountable to another person in various capacities.
- Check References of New Hires and Perform Background Checks
Checking references and performing background checks are critical steps in the hiring process. When checking references, it’s wise to ask whether that previous employer would rehire the employee. While employers may be reluctant to divulge the specifics of employee termination, most will indicate if they would or would not rehire that person. If you get a negative response, go back to the drawing board.
- Use a “Sentinel Effect” and Sample Entries, Either in the Billing System or Your Accounting System
Do you count the cash drawer and review the bank statement, as well as the monthly bank reconciliations, unexpectedly? Do you request a comparative monthly profit-and-loss statement from your accounting system and investigate any material swings in costs? As mentioned previously, your personal involvement in the organization will be one of the greatest deterrents to misappropriation of assets. If you use a sentinel effect and ask questions, employees will know you are paying attention to details. Higher-level staff involvement is the best financial control to deter embezzlement.
- Monitor and Account for the Petty Cash and Change Fund
While the petty cash and change kept in an organization may be minimal, staff are still capable of “borrowing” money from those funds. In most cases, an employee might initially borrow lunch money with every intention of returning the money. However, he or she might forget to pay back the fund, then realize that the account is not monitored, since the missing cash went undetected. In order to prevent this common misappropriation of funds, a petty cash custodian should be appointed to audit receipts, count the balance, and replenish the account.
While there is no foolproof way to prevent fraud, a clear, well-documented set of financial controls communicated to staff will minimize exposure. If you don’t currently follow any of the financial controls mentioned, closely review your policies and procedures and take steps to strengthen them.
For more information about how to best implement financial controls for your organization, or if you would like assistance with any matter involving asset protection strategies, tax preparation, tax planning, or business advice, contact a PYA executive below at (800) 270-9629.
© 2019 PYA
No portion of this article may be used or duplicated by any person or entity for any purpose without the express written permission of PYA.