Fraud risks and prevention
Fraud can be distilled into three main categories, the taking of money, the taking of tangible assets or the taking of time. Money and tangible assets are at risk whenever there is a transaction with a third party. Time is at risk while your employees are at work.
First, let me share a couple of words of caution about preventing fraud. Even the most stringent of controls is not 100% foolproof. There is a point of diminishing returns when the cost of the control exceeds the potential fraud it is trying to prevent. You don’t want to have to frisk everyone for office supplies on their way out the door each day. However, if there is a significant spike in the your costs of office supplies, there needs to be a pretty good explaination.
There are three things that must be present for a fraud to be perpetrated. The perpetrator must have some motivation. Is that person living a lifestyle beyond their means? Have they had a sudden unexpected expense such as medical bills or home repair? Do they have a side business or job? Just observing employees can identify those who might be motivated to inappropriately take from the company.
There must be rationalization on the part of the perpetrator. That is do they feel like they are owed something? Have they been passed over for a promotion or a raise? Do they have a habit of treating company property as their own? Would they simply think of taking something as temporarily “borrowing it” until they could return it?
Finally there must be the opportunity for the perpetrator to take from the company. Do they have a company credit card? Are they not properly supervised? Is there a cross check on goods coming in or going out?
Internal control measures are there not only to protect the organization from theft, but to protect the employees from being wrongly accused or being tempted in a difficult time. For the internal control measures to work, you must get buy-in from your employees. Stressing that the internal controls are designed to protect them is a good way to your employees’ acceptance of them.
As the management team, there is very little you can do about the first two factors, but there is a lot that can be done to minimize the opportunity for fraud. The overriding principle to a good fraud protection program is “trust but verify”. Employees, suppliers and customers cannot function effectively in an environment where the controls are too tight or too lax. Over the next several weeks, I will be posting blogs tailored to specific industries and situations. I hope you will find them useful. As always, please feel free to email me at firstname.lastname@example.org with specific questions.