It takes years for an owner to build a business, but only a few weeks for an unscrupulous employee to destroy all of that hard work by committing multiple acts of fraud. Approximately 75 percent of employees have stolen from their companies at least once over the course of their careers, according to the International Foundation for Protection Officers, and about half of those offenders will steal again.
The risk is greatest in small to mid-size companies with limited staff, where one person is solely responsible for processing financial transactions and signing checks.
“Executives are asking for trouble if they don’t background check prospective employees or segregate financial transactions because the accumulated losses from internal fraud are capable of bringing a small company to its knees,” says Charlie Ott, a vice president and regional manager for security at California Bank & Trust, a wholly-owned subsidiary of Zions Bancorporation.
Smart Business spoke with Ott about the growing risk of employee fraud and the most effective ways to prevent it.
What are some common types of internal fraud?
Trusted employees, with access to the company’s bookkeeping system and bank accounts, can siphon off funds by setting up phony vendors in the accounts payable module and paying erroneous invoices. Or, they may surreptitiously switch account numbers in the online bill pay system and use company funds to pay personal credit cards, mortgages and car payments. Some use software to replicate blank check stock or insert their name into the payee line. Other times, they submit phony receipts on expense reports or deposit company checks into their personal accounts.
Fraudsters spend every day looking for opportunities and honing their craft, and they’re bound to succeed unless you are vigilant and take a few preventative measures.
Which preventative measures are most effective?
Internal fraud starts with people. So even if you hire referrals from trusted employees or family friends, it’s critical to conduct several interviews, a background investigation and reference checks before extending an offer. Repeat offenders often target small businesses due to their lax vetting practices, and background checks aren’t that expensive when you consider what’s at stake.
Once you have established strong hiring practices, consider opportunity. Based on your business and accounting practices, where do opportunities exist for an employee to defraud your business? What controls are in place to deter employees from defrauding your business? You can mitigate opportunity by making it difficult for fraudsters to conceal their deeds, which is done by apportioning accounting and banking duties among several employees and conducting random checks on financial and banking activity. As an example, have one person open the mail and enter invoices into the system, another approve the payments, and a third person sign the checks, make deposits and reconcile the monthly bank statement. Finally, safeguard the company’s legal filings and resolutions so fraudsters can’t access sensitive company information and use it to open up a phony bank account. Typically, fraudsters test the waters by stealing a small amount of money to see if anyone notices, then they increase the frequency and volume of their illicit activities. Also, they typically act alone; rarely do they act in concert with someone else, as that raises the risk of getting caught.
Is there a way to minimize the risk of check fraud and counterfeiting?
Keep cancelled checks and blank check stock under lock and key, and only release small batches of checks as necessary. Take advantage of your bank’s fraud prevention programs like positive pay and reverse positive pay, which are specifically designed to spot and stop payment on counterfeit, altered or forged checks. Even if your company is small and writes very few checks, you can still look for altered, forged and counterfeit checks or account anomalies by using online banking to view activity and photos of cancelled checks. Finally, don’t let the bank statement sit on your desk; nip fraud in the bud by reviewing your statement the minute it arrives.
What can executives do to avert technology breaches and phishing?
Every company should have virus protection software and a firewall installed on its network, and executives should ask their banker about programs like Trusteer that are specifically designed to spot fraudulent or suspicious electronic banking activity. Keep hackers from gaining access to accounts by using a standalone computer to process banking transactions, utilizing dual authentication and having two people approve transfers of funds between accounts. Educate employees on the risk of phishing and fraudsters’ tactics so they aren’t duped into providing passwords or login information. Never allow multiple users to use the same password or logon name. Keep passwords under lock and key, changing them from time to time, especially when an employee leaves or takes on different responsibilities.
How can executives help prevent fraud?
Don’t be so consumed with growing your business that you overlook the need to establish rigorous accounting policies and procedures or communicate a zero-tolerance policy for deviations. Inspect what you expect by ensuring accounting procedures are followed and seek professional advice by commissioning an outside audit annually. Spot irregularities by reviewing accounting and banking activity at least once a week and ask questions so employees know you’re paying attention. Ask about a sudden increase in invoice activity, the addition of a new vendor or a large change in account balances. Spend time with employees and have lunch in the cafeteria occasionally because you might be surprised at what you learn by just hanging around.
While it may be impossible to eliminate internal fraud, you’ll be able to minimize it as long as you’re vigilant and take a few precautions.
Charlie Ott is a vice president and regional manager for security at California Bank & Trust, a wholly-owned subsidiary of Zions Bancorporation. Reach him at (510) 808-1644 or firstname.lastname@example.org.
Insights Banking & Finance is brought to you by California Bank & Trust