Most Occupational Fraud Preventable
GRAND RAPIDS — Three years ago, Adamy & Co. started working with its clients in the area of occupational fraud prevention and detection. The accounting firm had developed a niche market serving closely held businesses, the majority with 100 employees or less, and had found that those were especially susceptible to internal theft and misappropriation.
In the Association of Certified Fraud Examiners (ACFE) 2004 Report to the Nation on Occupational Fraud and Abuse, companies with less than 100 employees accounted for 46 percent of all fraud.
“Customers had concerns about this,” said Adamy & Co. CPA and CFE Paul Spindler. “They wanted a better understanding of how they could increase their controls and help mitigate fraud.”
Adamy provides internal control evaluations and fraud audits, third-party services that help expose opportunities for fraud and instances of it.
“Many companies say things like, ‘I trust my employees,’ and ‘We have a family atmosphere.’ There is a concern that if they do something like this it will have an impact on their culture,” Spindler said.
“It is very important to be able to trust your employees, but trust is not a control. You need to have internal controls in place.”
More often that not, the culprit is a long-standing employee.
“Someone no one would ever expect,” Spindler said. “It’s a very emotional event. It’s like the feeling you have when someone breaks into your home.”
In addition to misappropriated funds, the true cost of occupational fraud is difficult to measure — namely the investment of time and energy investigating and fixing problems that could have been spent growing and marketing the business.
By cost alone, the median loss experienced by small businesses in the ACFE report was $98,000. On average, roughly $9 a day per employee. The median recovery rate was 20 percent of the original loss; almost 40 percent of victims recovered nothing.
Nearly all cases of occupational fraud consist of three common factors, Spindler said. An employee must have the motivation to misappropriate assets — some pressing need for cash. There also has to be opportunity to do so. Thirdly, the employee has to be able to rationalize his or her actions.
The easiest to address is the opportunity, which can be mitigated by strengthening internal controls. For closely held businesses, Spindler said, the first thing to look at is a separation of duties.
“It is common in West Michigan to not have a separation of duties,” Spindler said. “You need to segregate the duties of the person that has custody of the assets from the person that records the accounting transaction.”
Fraud commonly arises in small businesses when a single person is responsible for a segment of the company’s outward cash flow.
Here an employee has the opportunity to create a fictitious vendor or employee. Other fraud can be hidden within real accounts or phantom inventory. Companies need to separate payroll from hiring, accounts payable from purchasing.
“Most small businesses don’t want to add an accounting person to segregate, but they can mitigate it by using others such as administrative assistants or receptionists,” Spindler said.
Such an employee can provide a cost-effective control just by seeing where checks are going. They also could be responsible for preparing deposit slips.
“It’s more of an educational thought process,” Spindler said. “Look at your company and see where you can strengthen and add internal controls.”
Another measure is to review monthly bank statements before they are sent to the controller and again after reconciliation.
Many banks offer positive pay, a service in which the bank will match a check payee with the company’s accounts payable before cashing the check.
Plus, businesses should always reconcile their accounts on a regular basis — otherwise, the first sign of trouble may not come until checks start bouncing.
Spindler advises clients to never sign blank checks, to lock up check stocks and if a company uses a rubber stamp to sign checks — he suggests not to — lock that up as well. He also suggests companies have a third-person computer consultant examine the computer system for fraud opportunity on a semi-regular basis.
Management should review vendor lists on a regular basis.
Because direct deposit has streamlined the process of creating a fictitious employee, be sure someone outside of payroll still walks around and delivers pay stubs. If the account or the amount on the check doesn’t match, it alerts the company.
“It’s important for management to ask questions when something doesn’t make sense,” Spindler said. “Management needs to be paying attention.”
Indeed, of that 86 percent of frauds that could have been prevented, 40 percent were because controls were ignored.
The 14 percent of frauds that occur when strong internal controls are in place are many times the result of collusion, Spindler said. In situations where more than one person is orchestrating the fraud, there is an opportunity to circumvent internal controls.
“It is also important for management to communicate with employees on a regular basis that unethical behavior is not tolerated,” Spindler said. “You need to set the tone from the top. If management has high integrity and high ethical standards, it is harder for employees to rationalize fraud.”