How to Prevent Small Business Fraud Using Internal Controls

Feb 22, 2021

When combating fraud, most businesses turn their attention outward, defending against anonymous cybercriminals who may be hacking into their systems. However, it is equally important to identify the threats within your organization. Whether deliberately or not, your employees could be stealing from your company month after month. In fact, employee theft costs U.S. businesses an estimated $50 billion a year. When you add suppliers and vendors to the mix, the true cost of fraud from known sources is even greater.

Fortunately, you can limit these losses by implementing more internal controls. Use the strategies below to help reduce employee fraud and protect your business.

Preventing Fraud
Fraud goes undetected by definition. With so much business activity throughout the day, it can be easy for illegitimate sales and padded expenses to fall through the cracks. As such, carefully reviewing your sales and financial records every day is the single most important step you can take to reduce employee theft. That way, you will be able to reconcile all accounts and quickly spot any discrepancies. However, as a busy executive, you likely lack the bandwidth to conduct daily, in-depth financial audits. If this sounds familiar, consider outsourcing the job to a third-party accounting advisory firm that specializes in financial audits. This simple step could reduce the potential vulnerabilities within your organization.

Preventing Accidental Fraud
Not all instances of fraud are malicious. It is possible for employees to unintentionally share sensitive information or accidentally leave it unguarded. While you can’t eliminate these slipups completely, limiting access to business-critical data on a need-to-know basis might be a good place to start. Also known as the “principle of least privilege” (PoLP), this strategy involves blocking lower-level employees from information that is unnecessary to perform their jobs — from secure logins to financial records. The goal here is to plug as many potential holes as possible before this information falls into the wrong hands. A similar strategy involves separating those tasked with writing checks from those who have the authority to sign them. Ideally, you or a team member you trust should have the sole power to approve these payments before they are sent. Here, the objective is to create checks and balances to make abuse more difficult to conduct — for honest and malicious actors alike.

Preventing Cash Fraud
Cash is inherently tempting — especially if it is easily accessible and often left unguarded. Even with the most trusted team, there may be times that money goes missing. However, there are commonsense steps you can take to help reduce the temptation to sneak some cash, including:

  • Installing a cash register that prevents users from opening the till unless a sale has been rung up — although you should still reconcile receipts at the end of the day.

  • Encouraging more customers to use cashless payment options such as credit cards, ACH and wire transfers — each of which leaves a clear paper trail.

  • Implementing payment integration so that incoming sales and outgoing expenses are automatically reported in your accounting books — without the need for human intervention.

5 Common Fraud Scenarios

Preventing Card Fraud
It is not uncommon for employees to spend “liberally” when using company-issued credit and debit cards. The more plastic you give out, the more headaches you create for yourself. Following the principle of least privilege, you should provide cards only to those who need to use them. Additional safeguards against credit card abuse include establishing spending limits and using Level II or III credit card processing that require more detailed information on each transaction.

Preventing Payroll Fraud
In organizations where employees use timeslips, workers may be tempted to adjust their timecards and make it look as though they have spent more time on the job than they did in reality. This was true before COVID-19, but with more employees now working remotely, padded timesheets could be a significant vulnerability. However, you can designate a manager on your team to carefully review all time logs before forwarding them to the payroll department. Although this step will likely cost you more money in terms of that supervisor’s time, it could end up saving you thousands of dollars in fraudulent wages.

The same is true with any invoices you receive from suppliers, contractors, and service providers. Carefully checking each invoice is the best way to ensure you are not overbilled.

Protect Your Assets

As you can see, small business fraud comes in many forms — with the above list representing a tiny fraction of the various ways that employees, suppliers, and vendors might chip away at your bottom line. As businesses worldwide become more digitally connected, the number of security vulnerabilities could increase.

By Mark A. Gilbert