11/20/2011

Research shows that small businesses, those with less than 100 employees, fall prey to fraud more than any other sized business. The average loss suffered is greater and the rate at which these losses occur is more frequent than in larger companies. The most common types of fraud are:

Asset misappropriation:  schemes are frauds in which the perpetrator steals or misuses an organization‘s resources.

Corruption : schemes in which fraudsters use their influence in business transactions in a way that violates their duty to their employers in order to obtain a benefit for themselves or someone else.

Financial statement fraud: the intentional misstatement or omission of material information from the organization‘s financial reports; these are the cases of “cooking the books” that often make front page headlines.

How can you limit your exposure to fraud as small business owner?

Evaluate the tone at the top.

Are you building your enterprise on deception or honesty and transparency? Employees will mirror the actions of the owners, so if you are lax in book or recordkeeping expect this to trickle down to employees. Take hold of company morality by creating a clear ethics policy and model good business practices. Make your employees see the importance of this policy and really follow through on it. As your business grows you will see that a culture of ethical behavior will follow. Examples of ethics policies can be found HERE.

Understand your finances
As the business owner it is your duty to take an interest in your company’s finances. You may not have a background in finance and the majority of your time is best spent nurturing your company than dealing with the details. However, a few spot checks may be all you need to deter fraudulent activity.  Ask to review invoices that match your Quickbooks file, look at bank reconciliations or check registers. Never assume that all is well; be proactive in limiting your fraud exposure. In addition to spot checks, make a date with your bookkeeper and learn how the financial statements flow together and what red flags to look for. Also, make sure that the statements you are reviewing are error free. You are relying on this data to make important decisions about your company including hiring additional employees, expanding a product line or investing in advertising. It is important to have a non biased third party, such as a bookkeeper and CPA, to review your financial statements and Quickbooks file with you frequently because it may just be the thing that saves your company from expensive fraudulent activity. A quick look at this graphic will show you how expensive fraud can be.

Segregation of duties

Segregation of duties is one of the key concepts of internal controls but hard to do with a small business. Often times responsibilities overlap and we find that less than ideal situations arise. For example, it is recommended that the person counting cash does not record or make deposits. How do you do this when you are operating with only two people on board? Use your judgement and segregate duties to the best of your abilities.  It is one of the most effective internal controls in combating employee fraud. Segregation of duties creates a system of checks and balances. It is important to split responsibility for custody of assets, record keeping, authorization and reconciliation.

Ideally, no individual should handle more than one of the above-noted functions in a process. When an organization separates these functions among its employees, it has implemented a strong internal control, which may deter and prevent employee fraud. Additional tips regarding segregation of duties can be found HERE.

Limit Access in Quickbooks

If more that one person is accessing your Quickbooks file and you want to limit their exposure to confidential information, you are in luck! Limiting access is flexible and easy; for instance you may want to limit access for specific employees to specific tasks, including payroll processing and reporting. Depending on a user‘s specific job responsibilities, rights may be assigned in up to ten distinct areas:

  • Sales and Accounts Receivable
  • Purchases and Accounts Payable
  • Checking and Credit Cards
  • Inventory
  • Time Tracking
  • Payroll and Employees
  • Sensitive Accounting Activities
  • Sensitive Financial Reports
  • Changing or Deleting Transactions
  • Changing Closed Transactions

You may also choose to customize each user’s access level to: View-only, Create, Modify or Delete. Your bookkeeper can show you how to adjust this when you set up (or change) your user. It is easy and very helpful. Remember, only the owner should have full access to the Quickbooks file. Even the accountant cannot view sensitive customer information, like credit card numbers, as an added safety precaution.

One bonus with Quickbooks is their “always on” audit trails. Once individual user profiles have been established in QuickBooks, the effectiveness of the Audit Trail Report as an internal control procedure is increased significantly. The Audit Trail Report provides a summary to the Administrator of all QuickBooks transaction activity answering three essential questions:

Who added/edited/deleted the transaction?

When was the transaction added/edited/deleted?

What were the relevant details of the transaction, i.e., date, amount, accounts, names, etc.?

Red flags to watch out for are deleted entries, voided transactions, changes to sales, deposits or reconciliations  This report can be quite info heavy so export it to Excel and filter it for better readability. If you see a trend forming with one person, you may want to pay special attention and nip the problem in the bud quickly.

Back Up Your Work

What good is doing your work if you don’t back it up? At Accountingprose, all of our clients are provided with their very own SmartVault at no additional charge. Why? We want to make sure that they have secure access to important financial documents 24 hours a day in the the event of a computer crash or worse.  We always provide a backed up copy of your Quickbooks file and urge you to make one in our absence. Make this a daily or weekly task that happens no matter what.  It is so painful and expensive to have to recreate months of work.

When investigating a secure method of file transfer and storage we scoured the market and SmartVault is the most secure option available. It is important to note that all interactions with SmartVault occur over an encrypted channel. They employ AES-256 SSL to protect your documents, passwords, and interactions with SmartVault from eavesdropping. Much like Quickbooks, SmartVault employs an Activity Log that you can use to review: who has been granted permissions to access documents and who has actually accessed documents. These are important bits of knowledge when investigating potential fraud.

While this list isn’t all inclusive, it can jump start fraud protection within your company. Make sure you keep a keen eye on the finances and create internal controls before it is too late. Finally, rely on your bookkeeper and CPA to help you along and never stop asking questions. Remember, this is your business and you are in charge!

Cristina Garza

Accountingprose

o: 480-359-6149 || f: 866-611-6989