Few things in life are risk-free, but running a business may well be a more precarious pursuit than most, with companies facing multiple threats, from economic uncertainty and legal liability to volatile markets. However, one of the biggest threats faced by enterprises is a fraud. According to PwC’s Global Economic Crime and Fraud Survey 2020, nearly half of the roughly 5000 companies they polled had suffered at least one fraud in the past two years, with an average of six incidents per business. Worryingly, there was almost an even split between whether these were committed by internal or external perpetrators. The report also found that the total cost of these crimes was $42 billion, which works out to be $8.4 million per company if you divide this figure by 5000.
The consequences of fraud are clear to see, and can easily lead to a business struggling financially or going under entirely. It’s therefore essential that companies do everything they can to protect themselves from fraud. But what exactly can your own business do to achieve this?
Strengthen your internal systems and controls
A report from the Association of Fraud Examiners found that half of all fraud attempts were the result of poor internal systems and controls. As a result, fortifying is a vital first step to preventing fraud. One way to do so is to create unerasable “footprints” within your financial systems, therefore generating an audit trail. This creates a permanent record of who altered which accounting records and who is responsible for what, making it harder for individuals to cover up a theft. There are numerous types of auditing software that can help you do this: SolarWinds’s Access Rights Manager provides ongoing visibility of the access rights of everyone on the network, while its Security Event Manager tool will alert you to any unusual logins or data modifications.
Another major source of fraud and theft results from the lack of very tight control and management of corporate Excel spreadsheets – a typical scenario in many companies. Spreadsheets often contain sensitive financial, personal and proprietary technical information that can result in major losses, fraud and theft if they get into the wrong hands. One way to eliminate this common vulnerability is to convert spreadsheets into browser-based apps eliminating the free circulation of the Excel files. An example of one of these Excel to web app conversion solutions is EASA, which allows staff to make use of spreadsheets without directly handling them. Instead, they provide inputs via a web page, and results or output are only provided if the web app allows it, but the contents (logic, formulas, data, etc.) are never accessible to them. This completely eliminates any possibility of theft or alteration of the core Excel files.
Offer fraud prevention training
It’s crucial that your team knows how to identify and avoid any attempts to defraud your company, by both colleagues and external actors. After all, fighting fraud is a collective effort, and prioritizing it from the top down will encourage everyone else in the organization to follow suit. Once your employees can identify some of the warning signs of fraud, they will be much better placed not to fall into any traps. They will also be able to report any suspicious incidents, allowing your company to deal with them more effectively.
You can provide this training either internally or externally. Should you want to offer it from within the company, there are certain topics you must focus on, such as what exactly constitutes fraud and common examples. For example, you may wish to point out phishing scams, including deceptive phishing, spear-phishing and vishing, as well as for instructions on how to safely handle company data, what responsibilities staff have in regards to fraud, how to report it and anti-bribery training. Alternatively, many companies offer fraud prevention training, with courses being offered through West Virginia University, Udemy and the American Bankers Association.
Segregate accounting duties
Many small businesses rely on one individual to handle their bookkeeping tasks, such as client receivables, processing payments, paying invoices and keeping track of everything in an accounting system. However, there are two key reasons why this can be a recipe for fraud. Firstly, there is nobody else with the authority to double-check the information and catch any errors, while the accountant will also go unscrutinized, potentially making it much easier for them to hide any illicit transactions.
Consequently, it’s critical that your company segregates its accounting duties, and has at least two people working on them at any one time. Oxford University notes that this is a key principle of financial control, listing a number of accounting segregations for businesses to implement. These include ensuring that staff who reconcile cash to underlying records don’t create these records in the first instance, nor access the cash, and making sure requisition preparation, approval and receipting are completed by multiple people. They also recommend that all expenses forms must be authorized by somebody other than the claimant, and those tasked with counting and reconciling petty cash shouldn’t be the ones keeping the cash float.