The National Fraud Office have reported that out of 500 businesses surveyed, 136 had detected and experienced fraud. It is a sad fact that a lot of fraud goes undetected and unreported and so the instance of it is almost certainly much higher. Small businesses employing less than 100 people continue to be statistically most at risk.
Prevention is always better than cure and a few simple procedures can both identify the areas most at risk and also head off problems before they occur. As a starting point, look at how your cash and bank deposits are handled. As gaining access to a bank is becoming harder, are you keeping a greater supply of liquid cash in the safe? Implementing double-checks when handling cash is also important. Poor banking procedures could mean that banking (or storing) a different amount of cash to the actual takings goes undetected or the taking of a cash deposit is not recorded in the first place. Who has control over on-line banking, both the amounts and the creation of new payees?
Is the same person who controls the physical movement of cash and banking the same person who controls the records? If so, theft and fraud can become much harder to detect quickly. Who has access to safe keys, cheque security, computer record keeping and actual stock control? Remember that it is possible to defraud by the creation of false purchase ledger invoices.
In smaller businesses, one person can often be responsible for the entire accounting function or at least a very substantial part of it. Owner-managers should review whether this is a potential risk area for their business and implement controls as necessary. When was the last time their work was randomly-checked to ensure that they are doing things correctly? Is their training up to date including any Money Laundering training?
Scams and fraud can come from outside the business too. Is that email from your regular customer genuine? You know, the one notifying you of a new bank account. Do not reply using the telephone number or email on that instruction (because those could have been falsified). Call back on an older, trusted telephone number to double-check instead. Does the person making the payments online have the authority to stop the payment if they feel it is not 100% genuine. Surely it is better that the payment is a few days late whilst you check rather than losing money, reputation, the customer and future business?
Fraud detection will often rely on the owner-manager’s knowledge of their business so it is important to be able to identify unexpected or unusual transactions. Areas to monitor include cash flow patterns, expenditure levels and stock patterns. Computerised accounting systems, such as SAGE, can often help in this regard as most programs will be able to run reports which can help identify unusual activity. However, who checks the computer? Does one employee have higher fuel or tool usage than the others? Is there an identifiable reason for the difference – and has that difference been verified?
Most often, the common theme in frauds is that the flow of information is nearly always controlled by the guilty party with no independent checking or random overseeing of records and information.
Finally – arguably on a lighter note – you should not just sign paperwork put before you, read it first. Many years ago, a junior officer in the RAF had developed the habit of signing paperwork without reading it first. His NCOs (who really run any military unit) noticed this and in order to train their boss, arranged for him to sign for a 4-tonne truck and a dozen marines. Whilst the officer got off lightly (his only cost was a bit of embarrassment and a lot of beer for the marines), you may not be so lucky if you do not exercise your own due diligence. Time is never wasted in double-checking things.
To discuss concerns regarding business or employee fraud please speak with Forensics director Simon Martin.