By JoAnne Sommers
(This is the second in a two-part series dealing with fraud in the small business workplace.)
The Certified General Accountants Association of Canada (CGA-Canada) estimates that $3.2 billion is lost to small and medium-sized (SMEs) Canadian enterprises annually from occupational fraud, defined as fraud committed by employees, managers and owners, where the victim is the organization itself. The figure comes from a 2011 CGA-Canada survey, which found that 26 per cent of SMEs surveyed (290,000 companies) reported experiencing occupational fraud in 2010.
The report cited misappropriation of inventory or assets, misappropriation of cash and misrepresentation of employment credentials as some of the most common types of occupational fraud.
Beyond the financial losses incurred as a result of occupational fraud, there is a significant non-financial cost to the companies involved. Nearly two-thirds of survey respondents said it had impacted staff morale and one-quarter said it affected the company’s reputation. Other negative consequences included the impact on the company’s ability to attract and retain employees and its ability to develop its business.
Small and medium-sized enterprises are more vulnerable to fraud than other types of businesses because they often have limited ability to allocate financial and human resources to fraud prevention and detection, says the report. As well, companies with fewer employees tend to have less segregation of duties and fewer internal accounting and auditing controls, according to Sage 50, a supplier of accounting and business management software to start-up, small, and midsized businesses.
Despite these challenges, it is possible for small businesses to protect themselves by making employee fraud prevention a priority. Here are some steps you can take:
• Know Your Employees
To reduce the risk of employee fraud, it’s important to hire good people. Check the references of prospective employees, along with their employment and educational history for any previous incidents of fraud or illegal activity.
This is particularly important when hiring for positions involving inventory and money. In such cases, BMO Bank of Montreal says you should also scrutinize date and time gaps in candidates’ resumes. Obtain written permission before conducting a deeper background check – such as a criminal record investigation or credit check – which can be done by a third-party firm.
• Educate Your Employees
Employees serve as the eyes and ears of a company, says Sage 50, and by ensuring that staff members are knowledgeable about basic fraud prevention techniques, you’ll establish a first line of anti-fraud defence.
Educate your staff on basic security measures, such as how to recognize potential threats and why it’s important to take precautions. Enforce the training by instituting policies that guide employees on the proper use and handling of confidential information, including financial data, personnel and customer information.
• Segregate Key Responsibilities
In a smaller business, employees often wear several hats, which can make the company more vulnerable to fraud. When possible, segregate financial responsibilities for budgeting, purchasing and payment approvals, says Mohit Veoli, assistant vice president, Fraud Management, TD Canada Trust.
Ensure that one employee isn’t both writing cheques and reconciling bank statements or initiating purchase orders and approving the payment, says Barkin Sayiner, commercial banking area manager, BMO Bank of Montreal. “If you don’t have enough staff to divide these key roles, consider requiring a second approval – from a supervisor or manager – to check that these financial actions are valid.”
• Limit Employee Access to Bank Account Data
Ensure that you have rigorous internal processes to manage functions like payroll accounts and bank transfers. All it takes is your account number and bank transit information to initiate fraudulent bank transfers from unauthorized sources.
• Review Financials
Regular reviews of bank statements, accounts receivable and payable, invoices, purchase orders and payments can eliminate many types of fraud.
• Track Inventory
Can you account for all of your company’s computers, including laptops and tablets? Does all your sales stock end up in the hands of paying customers? To ensure you can answer, “yes,” to these questions, establish a written inventory policy and make sure all employees receive a copy. The policy should outline procedures for ordering and keeping track of stock and equipment at every stage. Also, take inventory regularly and rotate the responsibility for it.
• Limit Administrative Access
Make sure that all sensitive business information is password-protected, and assign access to company business data, website and email accounts to different individuals, if possible. Change passwords regularly and monitor when business files – especially financial material – are being worked on. If there is a pattern of someone logging in after hours, that could be a red flag.
• Develop a Fraud Policy
By developing a code of ethics for your company and communicating it to all employees you signal not only that you take these activities seriously but also that there will be consequences. “If employees understand the negative consequences of fraud they may think twice,” says Sayiner.
• Take action When Fraud is Discovered
Having a fraud policy is useless if you are unwilling to enforce it. Treat all employees equally regardless of tenure, says Veoli. “It should be about the process, not the individual.”