Small businesses (under 100 employees) lose almost twice as much to occupational fraud – per case – as large businesses. [Source: ACFE Report to the Nations: 2018 Global study on occupational fraud and abuse]
And according to the PWC Global Economic Crime Survey 2016, seven out of 10 organisations believe the biggest driver of internal economic crime is opportunity.
What you can do
While business owners can’t do much about a fraudster’s personal drivers, we can definitely limit opportunities to commit employee crimes and create a work environment that actively discourages fraud.
Listed below are 15 strategies to minimise the risk of employee fraud occurring in your business.
(This list comes from CPA Australia, which kindly allowed us to reproduce information and advice from their brochure Employee fraud – A guide to reducing the risk of employee fraud and what to do after a fraud is detected. CPA Australia is one of the world’s largest accounting bodies, with a global membership of more than 160,000 members working in 118 countries around the world.)
15 strategies to minimise the risk of employee fraud
1. Lead by example
Every person within the business, regardless of seniority, should adhere to the policies and procedures and be held accountable for their actions.
2. Create a positive work environment
A positive working environment encourages employees to follow policies and procedures, and act in the best interests of the business.
Most employees will respond positively to:
- clear organisational structure
- clarity of job responsibilities
- fair employment practices
- open lines of communication between management and employees
- positive employee recognition
...hence reducing the likelihood employee fraud.
3. Have a policy manual
Ensure your control procedures are documented and that every employee has access to the procedures and is trained in them.
Reports on the implementation of the procedures should be made to senior management regularly.
There should be a 'zero tolerance' of breaches and adherence to the procedures should form part of the conditions of employment.
4. Create a code of conduct
The code of conduct should make it clear that there will be zero tolerance of any fraudulent activity on any level of the business and that any such fraud will be reported to the police.
This code should also clarify what constitutes employee fraud, as this is often an area of confusion for employees.
5. Separation of duties
No one person should be responsible for a complete transaction from start to finish.
For small businesses, where this is not practical, employees handling finance should be subject to close supervision.
6. Authorisation controls
Implement policies that clearly articulate who is authorised to conduct transactions on behalf of the business and who is responsible for each step of a transaction (including who has authority to authorise a payment over a certain amount or entering into a contract).
7. Implement a whistleblowing policy
Have a whistleblowing policy in place that outlines the steps to be taken if an employee suspects another individual of fraud.
To supplement such a policy, a mechanism that allows employees to anonymously communicate their concerns about potential fraud is recommended.
It is important that employees are aware that there will be no negative consequences when ‘blowing the whistle’.
Management must also demonstrate that they actively follow up on all issues raised via the whistleblowing mechanism.
8. Create an organisational chart
Define the roles and responsibilities of all employees.
This could include: job descriptions, reporting lines/segregation of duties, mandatory job rotations, authorisation policy and leave.
9. Implement a comprehensive recruitment policy
Make sure your recruitment policy involves the following:
- past employment verification and seeking explanations of any employment gaps
- police checks – there are specialist businesses that can provide this information within 48 hours
- verification of qualifications – sight original documents or contact institutions that issued the qualifications
- reference checks
- credit checks, particularly for employees in finance roles and those handling cash
- using technology to research potential employees, including viewing social networking sites.
10. Monitor employee behaviour
There are a number of employee behaviours that may indicate a heightened probability that an employee is committing fraud. For example:
- the employee regularly works outside of business hours or rarely takes leave – although they may appear diligent, they may have other motives for being in the workplace unsupervised
- the employee appears to be spending or living beyond their means
- reports and reconciliations are not done (for whatever reason)
- tax returns and other compliance forms are lodged late.
11. Implement supervisory processes
Strong supervision is vital, especially in smaller businesses that may have difficulty segregating duties.
This can include approval, review, authorisations and occasional spot checks which might involve redoing work.
12. Perform regular accounting reconciliations
Regular accounting reconciliations (such as bank reconciliations, payroll reconciliations and analysis between budget and actual figures) often make fraud concealment very difficult.
The person doing a bank reconciliation should be different from the person doing the banking.
13. Implement physical access controls
Control physical access to premises, cash registers, computer systems, safes and other secure systems. For example:
- ensure doors, desks and filing cabinets are locked
- implement systems that report on employee activity, such as who has viewed and altered data in your database
- consider installing electronic surveillance systems.
14. Investigate every incident
Gain the facts you need to make informed decisions and reduce losses through a thorough and prompt investigation of policy and procedure violations, allegations of fraud or warning signs of fraud.
15. Others
In addition to the aforementioned, employers should:
- regularly review financial statements
- deposit cash and cheques daily and make sure the person doing the banking is not the person collecting the money
- secure blank cheques, signature stamps and access to EFT payments
- never sign or authorise payments that are not fully completed
- periodically check suppliers’ details, including bank account details, with the actual supplier
- only pay on original invoices
- review billing error complaints from customers
- engage an external accountant to audit their books
- periodically compare payroll payees with employee records
- ensure that all employees take annual leave during the year
- have a cross training program in place to ensure that one employee is never the only person capable of a particular role
- in instances where they use a personnel agency, check their contract with the agency to see whether the staff hired through the agency have been subject to a police check
- question unusual accounting methods or unnecessary complexity in an accounting transaction or excessively long charts of accounts
- bring in a contract accountant to fill in when their accountant is on leave.
Download our checklist to test your fraud prevention measures
To help you mitigate against and protect your business from employee fraud, we have also created a downloadable version of the 2018 ACFE report’s ‘Fraud Prevention Checklist’.
The checklist is designed to help you consider and test the effectiveness of your organisation’s fraud prevention measures.
For more information about employee fraud, take a look at our 2016 eBook: Employee fraud: 15 strategies to reduce the risk.
If you would like support to develop a sound business culture and operational practices and checks that will underpin a fraud prevention strategy for your business, contact the team at JPAbusiness on 02 6360 0360 or 02 9893 1803 for a confidential discussion.
Content in this blog has been used under licence from CPA Australia Ltd, www.cpaaustralia.com.au
James Price has over 30 years' experience in providing strategic, commercial and financial advice to Australian and international business clients. James' blogs provide business advice for aspiring and current small to mid-sized business owners, operators and managers.