Fraud against privately held small businesses are on the rise. According to the Association of Certified Fraud Examiners in its recent report, businesses with fewer than 100 employees suffered a median loss of $200,000 per event. Nearly double the losses reported for companies with 100 or more employees. These attacks are increasing in frequency, largely due to poor internal controls and the increased reliance on technology. While technology is a wonderful productivity tool, we are overly relying on it to communicate and transact without proper safeguards.
Below are some of the risk areas and what Finance Leaders can do to protect the business from loss:
Cyber Attacks:
According to Juniper Research, cybercriminals have stolen an estimated 12 billion records in 2018 and predict this will almost triple to 33 billion records by 2023. Cybercriminals attack through downloaded apps and spam campaigns which give criminals access to passwords and contacts.
Employees must be trained not to download lifestyle apps at work. Also, they must never download a link or a pdf unless they know who the sender is. Make sure all computers are password protected and have anti-virus software, including malware. Finally, use a password manager for your accounts, do not use the same password for more than one account, and make sure your insurance covers cyber-attacks.
Phishing:
Once you enter your name and password to a fraudulent site, you have given the perpetrator access to your account. Make sure the site is real. Do the logos and colors make sense? If you want to test the site, reload the page. Hit reply button and see if the sender is the company or an individual’s email. If it does not seem right, stay away.
Bank Wire Transfers:
According to the federal government, 60 percent of all fraud attempts feature a wire transfer. A criminal may have hacked your email and/or an email from a vendor or customer through phishing. What happens next is that you get an email from someone you know and trust asking you to wire transfer funds to a remote account. DO NOT DO IT! Rather call the customer first to make sure it is the same person on the email.
Corporate Credit Cards:
One of the biggest temptations for a dishonest employee is to buy personal items masked as a business expense. Another employee scam is to buy legitimate business items and return them for cash. Be discerning about who gets a credit card in your company and by all means, review the statements periodically as well as employee expense reports to make sure it all makes sense. Ways to potentially prevent this: do background checks on prospective hires as well as making sure all employees take vacations, and have another employee do their work while they are out. By having a culture of accountability and work checking, this can help to prevent theft from your own people.
Purchasing:
An employee can set up a fake vendor, send invoices to the company and steal the company’s cash. They can also send a fake invoice from a real vendor but change the address for where the check is to be sent, thus diverting the cash. Review vendor spend by month and by type. Periodically review invoices that come into your company.
Payroll:
While more difficult to execute in a smaller company, payroll theft is a real risk and a common area for fraud to occur. They are several ways payroll fraud can occur. Perhaps the most common is when an employee requests an advance and does not pay it back. A second area risk is when employees collude to create and pay ghost employees, alter the pay rates or pay for unauthorized hours for employees and share the benefits. Since separation of duties is a larger challenge in smaller companies, the best thing to do is use an outside payroll service and review the payroll inputs.
Sales:
Common sales frauds include inventory theft and extending pricing to customers with the salesperson then taking a portion of the discount in the form of a kickback. Perform physical inventory counts and/or maintain a perpetual inventory system. Review invoicing periodically and note whether any salespeople seem to be living beyond their means. Other forms of sales fraud include phony customer orders. Be on the lookout for suspicious customer orders or customers who want you to ship overseas. Also be alert to a large order that seems out of character from a customer.
Conclusion:
Fraud can attack you from any direction. Remember that many frauds are perpetrated by some of the most tenured employees who seem honest but are not. A successful small business owner is a perfect target. Take the time to put in some basic internal controls as follows:
These are the absolute minimum that you should do to protect your Company’s funds.
09/03/2019
By: Stanley N. Logan, Quality Back Office, LLC
CONGRATULATIONS! You have successfully submitted your information for a new payroll set up! In the…
As of early October, 2020, the IRS has sent over 9 million notices out to…
The Child Tax Credit Update Portal allows families to update direct deposit information or unenroll…
Here are the instructions if you go the route of creating an IRS.gov account prior…
The IRS is sending letters to more than 36 million families who may qualify for…
IRS Tax Tips: A Message for the IRS The IRS mails letters or notices to…