Preventing opportunities for fraud

The existence of fraud in business is more common than we’d like to think. In its 2012 Report to the Nations on Occupational Fraud and Abuse, the Association of Certified Fraud Examiners (ACFE) noted that survey participants estimated that "the typical organization loses five percent of its revenues to fraud each year." The report also mentions that "the smallest organizations in their study suffered the largest median losses, as these organizations typically employ fewer anti-fraud controls than their larger counterparts, which increases their vulnerability to fraud."

The fraud triangle

Regardless of size, your organization may have some of the characteristics that make fraud possible. Three factors are generally present when fraud occurs:

Fraud triangle
Fraud triangle

Since the only factor that lies within the control of an organization is opportunity, it is the responsibility of management and the governing body to limit those opportunities.

The theft of cash is often involved in the most damaging fraud schemes, and there are various conditions that provide opportunities to steal cash in one form or other. Four common schemes are described below, along with the conditions that may be providing the opportunities.

1. Skimming – Theft of cash without entering into the cash receipting system

  • Opportunities
    • Cash is accepted at a decentralized location with few employees and little oversight
    • Personnel collecting cash have the ability to adjust the amount of a payment due in a subsidiary system
    • Adequate supporting documentation or reconciliations are not required to accompany bank deposits
  • How to reduce your risk
    • Limit decentralized cash collection points when possible. When not possible, utilize a receipting system and determine mitigating controls that can be put in place. For example, if the decentralized cash collection point is the building inspector’s office which collects inspection fees, consider required reconciliations of pre-numbered permits issued to related fees collected. Independent verification should be performed by another department.
    • When personnel are able to adjust payments due, such as fines and forfeitures, those adjustments should be tracked by the system and reviewed by a supervisor on a periodic basis.

2. Unauthorized vendor payments

  • Opportunities
    • Vendors are easily created in the system by various employees or departments without supervision.
    • New vendors are not reviewed to identify duplicate names or addresses.
    • Procurement card policies are weak or not enforced.
    • Purchases are not thoroughly reviewed by appropriate independent personnel.
  • How to reduce your risk
    • Limit responsibilities for creating new vendors in the system to select personnel. New vendors added to the system should be reviewed by a supervisor on a periodic basis. Names that appear to be duplicative should be reviewed and eliminated as necessary.
    • Procurement card policies should require adequate supporting documentation and should be closely reviewed by a supervisor for appropriateness. Supervisor review of all disbursements should be done with care to ensure purchases were for actual goods received.

3. Unauthorized payroll disbursements

  • Opportunities
    • Employees are easily created in the system without proper approval.
    • New employees are not reviewed to identify duplicate names or addresses.
    • Reconciliations between payroll reports and actual disbursements are not performed.
    • Journal entries are not adequately reviewed by appropriate independent personnel.
  • How to reduce your risk
    • Limit responsibilities for creating new employees in the system to select personnel. New employees added to the system should be reviewed by a supervisor on a periodic basis. Names and addresses that appear to be duplicative should be reviewed and eliminated as necessary.
    • Supervisors should review payroll-related journal entries and reconciliations of actual disbursements from the bank accounts to the related payroll reports to ensure accuracy and prevent potential duplicate payments.

4. Forgery/alteration of checks

  • Opportunities
    • Bank accounts are maintained and reconciled at a decentralized location with few employees and little oversight.
    • Checks are pre-signed by an authorized signer.
    • Signature stamps/plates are accessible to various employees.
    • Check sequences are not accounted for from one check run to the next.
    • Journal entries are not adequately reviewed by appropriate independent personnel.
  • How to reduce your risk
    • Limit the number of bank accounts present at decentralized locations. If bank accounts cannot be eliminated, implement procedures to involve another department in the reconciliation process.
    • Do not allow checks to be pre-signed and keep signature plates in a secure area accessible by only a limited number of personnel.
    • Ensure that all checks are subject to review by the governing body or appropriate supervisor by accounting for the sequence and documenting ranges approved.
    • Journal entries should be reviewed by someone other than the preparer. The reviewer should ensure that the population of journal entries is complete to prevent potential omissions from review.

The schemes noted above showcase just some of the opportunities that may be present within your organization. As mentioned earlier, it is the responsibility of management and the governing body to limit the opportunities for fraud to the extent possible. We encourage you to complete a risk assessment of your organization to identify opportunities for fraud so that appropriate procedures, policies, or controls can be implemented or improved.