I tend to write my articles about matters that we become aware of--somewhere. Unfortunately, the topic of defrauding both for-profit and non-for-profit organizations (NFP) tends to rear its ugly head all too often.
Those who have defrauded may have been long-term employees, in a position of trust. Therefore, you must be extra diligent in your oversight and set the tone from the top with proper governance.
I've heard the following:
* I know the employee has a lot of control, but we're small--we have to trust someone!
* The employee has been with us forever --they are like part of the family.
* Who would ever do that? It would take a devious mind!
Let's consider this:
Small business and NFPs face unique and significant challenges which put them at greater risk of suffering from fraud. In efforts to minimize administrative costs, many are minimally staffed and a lot of unilateral power is given to the bookkeeper or the controller with, oftentimes, insufficient or no internal controls in place and very limited board of directors or owner/shareholder oversight. This can lead to many issues, including fraud and improper spending.
Common Schemes of Misuse
The most common ways employees defraud include:
* writing unauthorized cheques or electronically transferring funds to themselves or family members;
* changing banking information for online payments to personal banking information;
* claiming for reimbursement of personal items including travel via expense reports or directly charging credit cards; and
* awarding vendor contracts to relatives or friends and paying prices that exceed fair market value.
Oversight is very important in the fight against fraud. To reduce the risk of fraudulent activities, you could consider the following:
* written policies and procedures--including conflict of interest, and guidance addressing personal versus business expenses and travel reimbursement policies;
* implementing strong internal controls over disbursements including:
segregation of duties (ordering, receiving, invoice approval, and payment);
control electronic fund transfers (EFTs) so that two electronic approvals are required. This includes the ability to set up a payee or change banking information for a supplier;
proper authorization of transactions (including escalation and review of adequate supporting documentation); and
control over credit cards to ensure all credit card statements are submitted with...