Fraud Protection Strategies for Your Business - Fraud Protection Strategies for Your Business
Fraud Protection Strategies for Your Business
According to the Association of Certified Fraud Examiners (ACFE) Report to the Nations 2018 Global Study on Occupational Fraud and Abuse, 42% of reported workplace fraud occurs in private companies, mostly small businesses, compared to 29% for public companies. The ACFE study found that the most common fraud methods include billing schemes, skimming and non-cash misappropriation. Internal control weaknesses were cited as being responsible for nearly half of all fraud cases.
What You Can Do
Understanding and integrating anti-fraud best practices into your business is the best way to deter and detect fraud. You’ll want to start by conducting a thorough audit of your organization's particular vulnerabilities, and then put in safeguards appropriate to your situation. We’ve outlined essential and up-to-date recommendations below.
Actively manage business processes
Monitor bank account activity and statements
First things first: separate your personal banking and credit cards from your business accounts. You’ll minimize the risk of all your money going to fraudsters and more easily track your expenses, according to the Small Business Administration. Next, reconcile and monitor all account activity frequently to quickly identify suspicious transactions. Going paperless also helps keep account information safe.
Secure all accounting documents
You’ll want to secure all check stock, signature equipment, invoices and other critical accounting information. Keep them in a secure location with limited access as well as keep encrypted digital backups when appropriate.
“Even just checking account balances and account activity at least on a weekly basis, if not more often--ideally on a daily basis--can catch fraud activity early and really nip it in the bud.”
EVP, Bank of the West
Centralize payroll check distribution
One payroll system for your entire business eliminates any “ghost” employees – including fictitious persons on the payroll, employees still on the payroll that no longer work for the company, or friends and relatives of an employee.
Implement dual controls
Use dual controls as a check and balance for any high-risk process. For example, whoever writes the checks shouldn’t also reconcile the accounts. Whoever reconciles the accounts should not be a signer on, or have access to, the business account. The same goes for all online payment services (ACH, wire transfer, foreign exchange). Accounts should be reconciled daily to spot suspicious activity.
Tighten your cyber security
Update anti-virus and anti-spyware software and firewalls regularly. Never give out passwords, IDs or other authorization credentials. If you receive an email, call or text claiming to be from your financial institution, asking for your credentials, it is likely a "phishing" attempt. Don’t respond.
Protect your payments
Consider Positive Pay
Positive Pay is a financial service that compares checks presented for payment to your issued-check files to find serial numbers and dollar amounts that don't match. This ensures that only authorized checks get cashed, providing an extra layer of protection for your check payments.
Establish tight controls over check stock
Paper checks are particularly vulnerable to fraud. Keep an inventory and conduct audits of paper checks regularly. Be sure to shred outdated checks and statements. Consider using a digital payments and/or an invoicing system instead of paper checks.
Ensure separation of duties
As mentioned above, dual controls are especially important when it comes to payments. Check writers shouldn’t reconcile accounts, period. Delegate separate individuals for invoicing, collecting and posting funds to Accounts Receivable. Conduct periodic reviews. With ACH and wire payments, have one person originate the transaction while another approves it.
Lockdown your ACH process
Be sure to review and confirm ACH debit and credit transactions that post to your account. Be on the lookout for unauthorized transactions. Consider ACH debit filters, which set review thresholds based on debits, credits, company ID and dollar amounts.
Use only approved vendors
Routinely review your list of approved vendors and check for suspicious additions. Double check vendor names that are similar to other well-known vendors, vendors with no physical address or phone number or vendor addresses that match those of employees.
Know your employees and vendors
Conduct employee background checks
In about 90% of workplace fraud cases, the perpetrating employee never underwent a background check according to the ACFE report. Verify educational and employment history, as well as references, to detect previous fraud or illegal activity. Run authorized credit checks on any employees managing company assets to identify financial activity that may put your business at risk.
Train employees in fraud prevention
Employees serve as the eyes and ears of your business. Ensure your staff is knowledgeable about basic fraud prevention techniques and you’ll establish that valuable first line of anti-fraud defense. According to the ACFE study, tips were by far the most common detection device. And over half of these were from employees. Don’t underestimate their value.
Create written guidelines
“It's important for small businesses to document the right thing to do. Without documentation, then it's left up to the employee's individual judgment, and they may not be doing what's responsible for the business.”
Chief Information Security Officer, Bank of the West
Define a fraud policy
Ensure that every member of your team is made aware of, and can help implement, fraud protection policies. Design, publish and implement a fraud policy that establishes expected employee conduct, prohibited actions, how fraud can be reported and the consequences of non-compliance.
Ensure employees take vacations
Dedicated worker or fraudster? Employees undertaking fraudulent activity often don’t take time off because they’re fearful of someone catching on to their transgressions. Ensure all employees take vacations so no one person in the organization has uninterrupted physical control over their area of responsibility.
Conduct surprise audits on high risk areas
Routine and unannounced spot checks of your business, including the financial and inventory departments, can expose vulnerabilities and possible fraudulent activities. The element of surprise makes it difficult to conceal fraudulent acts or intentions.