In the last installment in this series, we introduced the topic of fraud. We discussed what fraud is and what is needed for it to occur. I ended it by saying that you can’t completely eliminate the possibility of fraud occurring. We can, however, reduce the chances that fraud will occur. So, how do we do accomplish that?
Let’s start by focusing on ways to prevent it from happening in the first place. It’s less expensive to prevent fraud from occurring than the costs involved in detecting a fraud. This can be achieved by implementing policies, procedures and controls into the company. The easiest policy to implement in this area isn’t really a policy at all. It’s more a belief or an ethical position.
“ABC Plumbing & Heating has a zero-tolerance policy on acts of fraud against the company, our clients, our vendors and our communities. Fraud will not be tolerated under any circumstances. We will take appropriate disciplinary action and pursue all legal remedies to recover misappropriated assets or losses due to the acts of the perpetrators.”
The owners and managers of the business set the example and tone of fraud intolerance for the entire company! Simply communicating the company’s policy on fraud and the consequences for those who commit fraudulent acts reduces the chances that fraud will occur. Why is that? By communicating the company’s policy on fraud, it has introduced the perception of detection (possibility of getting caught) to those considering committing fraudulent acts.
The next morning his bookkeeper didn't show up for work!
A quick real-world story: A few years ago I did a webinar for a contracting group on this topic. During that program, I shared the above suggestion (i.e., establish the zero-tolerance policy on fraud and communicate it with the company’s staff) with the audience. During the second part of the webinar series the following week, an attendee shared with the group that he brought up the topic in the company’s weekly meeting a day or so after the first fraud webinar. He also put up a few of the fraud policy posters mentioned during the webinar. The next morning his bookkeeper didn’t show up for work! As of the day of the second part of the webinar (a week later), he had not been able to contact the bookkeeper. He knew something happened but he wasn’t sure what it was. Unfortunately, I never found out what happened with the contractor after that. I share the story because it’s a good example of the power of simply communicating a company’s belief or position to the staff.
That’s a great start to a company’s policy on fraud. However, it takes a lot more than that to really reduce the chances that a fraud may occur in the company. According to the Association of Certified Fraud Examiners (ACFE), a strong system of internal controls is considered to be the most valuable fraud prevention tool for a company. So, what are internal controls?
Internal controls are the processes and procedures that allow the company to safeguard its assets, separate duties of employees, properly authorize transactions and maintain adequate documentation and records. The policies and procedures need to be detailed and specific. They need to specify job responsibilities and authority as well as acceptable behaviors. Doing this will eliminate the “I didn’t know” excuse. For example, “Is it ok to buy materials for personal use?” “Is it ok to accept gifts from clients?” “Is it ok to use my company truck to pick up my kids from school?” Detailed, documented company policies and procedures will provide the answers to questions like these.
In my opinion, the most important internal control you can implement in your company is separating the duties of employees in the company. Separation of duties is implemented to prevent an individual from having control over too many (or all) aspects of a transaction. For example, allowing one person to have access to an asset, being able to record a transaction and then approving the transaction.
You wouldn’t want one person being able to issue a purchase order, approve a vendor invoice and sign accounts payable checks because it increases the chance that fraud could occur. It doesn’t mean that someone would steal from the company. It simply means that the opportunity to steal now exists and that’s on the company. That’s the leg of the tripod that the company has control over (opportunity). Remember the three legs of the tripod necessary for fraud to occur: Need, Rationalization and Opportunity.
In the next installment, we’ll look at some specific types of fraud as well as some control procedures you can put into place to address that specific type of fraudulent activity.
Michael Bohinc is a Certified Public Accountant in Cleveland, Ohio, and the owner of Keeping Score Inc. He has served as the Chief Financial Officer of Norhio Plumbing Inc., his family’s plumbing company in Aurora, Ohio, since 1988. He is no doubt counting the days until his Cleveland Indians report for spring training in Goodyear, Arizona. He can be reached at [email protected].