Risky business Featured

7:00pm EDT November 25, 2008

Technology drives business today — and it also provides ready access to company information, financials and other critical transactions. Organizations that do not protect themselves with appropriate insurance, financial checks and balances, and accountability measures within their operations open the doors for fraud.

How much risk are you willing to take? “Risk management involves far more than business insurance,” says Mark Metzler, a director at Kreischer Miller, Horsham, Pa. “Companies must focus on the overall cost of risk, including claims management, loss prevention, and protecting their people, property, equipment, trade secrets and financial information. You must assess and protect every aspect of your business.”

A monitoring process helps to red-flag risky areas of the business, whether that is lack of inventory oversight, inefficiencies that allow “room” for fraud, misappropriation of funds or fraudulent financial statements.

Metzler spoke with Smart Business about monitoring for fraud and risk management best practices.

What areas of a business are particularly susceptible to fraud?

Asset misappropriation schemes are some of the most commonly reported fraud incidents. Financial fraud is not cited as often, but when it occurs, it is much more costly to businesses. Whenever segregation of duties is not in place, the risk of fraudulent activity is great. This explains why small businesses are especially susceptible to internal fraud. One person cuts checks, receives payments, balances the books and prepares financial statements. That one person has access to every bit of information necessary to commit fraud.

The problem is, many companies do not put systems in place until after an unfortunate incident occurs. No company of any size can afford ‘missing funds,’ which can destroy the year’s profit margin and, in worst-case scenarios, put a company out of business. That includes manufacturing operations, where inventory is a key area of the business to monitor for fraud. Oversight is critical to prevent ‘walking inventory’ and scams associated with shipping and receiving.

How can an organization evaluate its risk for fraudulent behavior?

Start by evaluating key aspects of the business. You may enlist in a third party — a licensed professional experienced in fraud evaluation — to provide a tailored fraud prevention checkup. This includes interviews with management and key employees. Digging deeper, the adviser may ask for company records, such as accounts receivable, transaction journals, or beginning and ending trial balances. Additionally, the professional would want to review the manual journal entries posted into the accounting system to determine the nature and propriety of them. There are software programs available that mine your company’s data for suspicious behavior based on your industry and size. In the meantime, an adviser will compare your company’s risk potential to similar organizations and offer suggestions for improvement. During the process, it is critical that employees buy in to the company’s efforts to eliminate the potential for fraud. Communicate clearly with your team members why their interviews are important for protecting the business and its stability.

Develop a system for reporting fraud. Appoint a person who can receive ‘tips’ or check into 800 numbers and other outsourced services that allow workers to call in to report suspicious behavior. These services can be especially beneficial in a close-knit organization where employees fear ‘ratting out’ a colleague.

What new risk does the current marketplace pose to employers?

The recent global credit crisis has had a significant impact on the confidence of the general public and, consequently, employees of all businesses. The high-profile failures of some of the major financial players have led to a loss of confidence among investors, lenders and the general public. There has been a temporary closing of the market for new credits, and traditional banks have been forced to reevaluate their policies and lending criteria.

Additionally, employers are reducing head count, and the equity that many employees thought they once had (whether in the value of their home or in their retirement accounts) is considerably less. These factors exacerbate the owner’s risk. Owners who manage their business often mistakenly believe that they understand all that is going on and have a ‘finger on the pulse’ of their organization, even though fraud by its very nature is concealed. Many fraudsters are long-time, trusted employees in a position of authority who can exploit the systems of their company.

How are companies confronting those risks?

A company needs to demonstrate that it has a robust response plan and effective controls in place to act as a deterrent, and it needs to take the issue seriously and act decisively if it discovers fraud (regardless of the dollar value). It is critical that an anti-fraud stance become part of the company’s culture, otherwise fraudsters will take advantage of and work around weak systems. Combating fraud depends upon clear, unambiguous policies about what is allowable. Robust internal controls remain the first line of defense against fraud for companies in all markets.

MARK METZLER is a director at Kreischer Miller, Horsham, Pa. Contact him at (215) 441-4600 or mmetzler@kmco.com.