Tipsters top fraud guard
Detecting and preventing fraud in your organisation
There has been a significant increase in the number of reported frauds during recent tough economic times and business owners and managers should consider added precautions and internal controls to manage this risk.
Recent studies estimate that fraud has cost businesses in Australia in excess of $1 billion over the past four years.
In this same period our firm has investigated more than a dozen instances of fraud for our clients generally involving misappropriation of cash, manipulation of electronic banking, procurement fraud, credit card fraud, and theft of sensitive and confidential information.
The most startling and unfortunate fact is that often business insiders and those in the "inner circle" of trust are the main offenders as a result of how close these trusted people can get to key systems and people. When coupled with inadequate internal controls, fraud can be difficult to detect and there is little deterrent.
One vital control to consider is a strong whistleblower program. Statistics highlight that whistleblowers uncover around 20% of frauds, meaning they could provide a frontline defence for your business against this kind of activity. A good whistleblower policy should include whistleblower protection measures and an anonymous external reporting facility.
What else should you consider?
Steps to help your Financial Controller or accountant identify and prevent fraud in your business:
1. Get real, be aware - fraud is a real and current risk. You can insure against loss arising from fraud, but make sure you understand the extent of your cover and that it is commensurate with the strength of your systems;
2. Segregate duties - use your people and systems to separate duties and responsibilities. Assess current protections and identify what needs to be improved. Understand the true capability of your systems and ensure you obtain maximum benefit;
3. Accounting and subsidiary systems - identify risks by documenting and understanding each system module, including who can access what. Introduce internal controls which respond to identified risks, and introduce segregation of duties by restricting user access;
4. Electronic banking - control access to online accounts and ensure different people are responsible for different aspects of the payment procedure;
5. General Journals - should be processed by only a few and always reviewed. Get back to basics: never process to a control account, always have a narration, should not be processed by junior and assisting accountants in high volumes.
6. Masterfiles - contain the "permanents records" of your customers, suppliers and employees, including bank account details. Masterfile protection controls are often overlooked. Protect this highly sensitive information like you would protect your own.
7. Review and oversight - consider the fraud checks that you can introduce to your month end review process, for example, general journal review, credit note review, checking for debit/credit balances in creditors/receivables, and inspect old reconciling items and clearing accounts.