Fraud prevention. We are not all aware of this phrase, nor does it always top the list of concerns for business owners. However, this phrase is synonymous with internal controls, which is a familiar term to most CPAs and business professionals.
Strengthening internal controls is easier said than done. Segregating duties and creating multiple review procedures may be expensive or inefficient. It has been my experience that the hardest part for business professionals, when implementing internal controls, is knowing where to begin. Let me preface that last sentence by saying internal controls is not chess, it’s checkers. Finding out where the primary fraud-risk areas are should be the number one objective. A business can determine these areas with one easy step…ask.
Who should you ask? Specifically, individuals who have access to, maintain, or account for assets within the company. People who work in accounting, finance, inventory, etc. are all great people to ask. These employees have the best knowledge of how the current internal control structure can be manipulated or overridden. They have noticed the loopholes and they have seen the weaknesses.
Most honest employees have no problem expressing their concerns with policies and procedures to management when asked. Not only do they have the opportunity to express their ideas, they are also providing vital information on the location of fraud risks. An individual in accounts payable may tell you it would be very simple for him to issue a check to himself without detection. The warehouse manager may say that inventory shrinkage would drop in half if there were security cameras. Susan in payroll may indicate that the current timekeeping system is outdated and other employees could easily pad their weekly hours.
These are just a few examples of concerns that have surfaced when conducting internal control examinations for other organizations. During the questioning process, not only can you receive vital information on internal control weaknesses, you may find out about actual instances of fraud or theft occurring within the entity. According to the Association of Certified Fraud Examiners’ 2014 Report to the Nations, 42.2% of fraud incidents were initially detected by tips. Of these tips, 49.0% came from employees.
It is important to note not all employees are willing to admit internal control weaknesses to their superiors. This may be a result of the following:
- They may feel responsible.
- They are afraid to make management aware of their weaknesses.
- They may be taking advantage of the weaknesses for personal gain.
- They may simply believe there are no deficiencies.
In these instances, many organizations request that professional fraud prevention consultants assess the internal control structure and interview employees within the organization. These professionals are not only trained in assessing fraud risk, but will ask the right questions to allow employees to think differently about the processes and procedures they use every day. Professionals can also identify red flags in employee responses and accurately identify areas where risk for fraud may be highest. These areas can then be tested for anomalies or suspicious activity.
Preventing fraud from occurring in a business starts with internal controls. Prioritizing specific areas to implement new controls does not have to be a difficult process. If you don’t know…just ask.