Smaller firms, unfortunately, can be highly susceptible to incidents of fraud. Here's some advice on protecting your company and instituting a policy to prevent external (and internal) theft.
The amount of fraud being perpetrated against businesses is getting worse, both in terms of the number of instances and the amount of money that is being lost, and some of that can be attributed to worsening economic times, according to research. Almost half of the companies around the world surveyed by PriceWaterhouseCoopers (www.pwc.com) in 2009 reported that they suffered one or more instance of economic crimes. The survey, which involved 3,000 executives of businesses large and small in 54 countries, found that 88 percent of U.S. companies that reported some type of fraud also reported declines in financial performances. In addition, three-fourths of the crimes against businesses in the U.S. were carried out by insiders.
For small and mid-sized businesses, the vulnerability to fraud can be compounded because of the sometimes informal nature and the fact that fewer staff members can result in less oversight -- and a lack of checks and balances.
'Small businesses tend to be very informal in nature. A lot of times they're either formed with friends or family members, and all the formalities are not in place as they would be in a larger business,' says Elena N. Lougovskaia, co-founder of Lougovskaia Boop, LLC (www.lougoboop.com), a law practice in Cleveland, Ohio, focused on business law and commercial litigation. 'Employees wear many different hats and perhaps decision makers should be separated from people who sign the checks or one person should be responsible for signing check and a separate person should be responsible for accounting, processing invoices, and purchasing.'
The following pages will cover the types of fraud against business, how to detect fraud in your business, and how to set up policies and procedures to prevent your business becoming a victim of fraud.
Dig Deeper: Are Your Staffers Stealing from You?
How to Protect Your Business against Fraud: Types of Fraud against Business
The media is filled with stories of consumer victims of fraud. But the reality is that businesses, especially smaller enterprises, are more often the victims of fraud than consumers. The types of fraud can vary wildly, from accounting scams carried out by employees to fraudulent returns from customers to data theft by outsiders. Businesses have less protection than the consumer and, in some cases, can be held responsible in a business fraud scheme, owing liability to banks, shareholders, insurers, credit card processors and other entities. New laws also hold businesses accountable for liability in the event of some types of fraud perpetrated by third parties, such as data breaches.
Sources of Business Fraud
In order to understand the types of fraud that your business may be vulnerable to, you must first understand the different sources of these crimes. Most professionals agree that the top sources of business fraud, ranked in the order of frequency and cost, are as follows:
Employees and Officers
In previous surveys, PriceWaterhouseCoopers had found that the sources of crimes against business were evenly split between insiders and outsiders. But in the 2009 survey, the numbers tipped in favor of insiders carrying out the majority of crimes -- in 76 percent of the cases in the U.S., according to the survey. The increased financial pressures in many companies have also prompted a rise in the amount of fraud committed by middle managers, which now accounts for 42 percent of internal frauds globally from 26 percent in 2007, the survey found. Meanwhile, the Association of Certified Fraud Examiners (ACFE) (www.acfe.com) estimates that business organizations lose 5 percent of annual revenue to fraud by employees and officers.
'Managers and small business owners have a tendency to trust their employees to a higher degree and, because they are doing more, they may not be as detail oriented as they should be,' says Allan Bachman, education manager for the ACFE. 'That level of trust is often betrayed. Sometimes employees start taking advantage of the fact that the boss isn't looking and thinks I'm doing a great job.'
The most common types of insider frauds include theft of assets and accounting frauds, but this type of crime can also include other categories, such as fraudulent worker's compensation claims. 'If you're in a no-fault worker's compensation state, as long as they're injured within the scope of employment, they can receive compensation for their injuries,' Lougovskaia says. 'That's an area where employees could be taking advantage.'
Employees, managers, and directors have the inside track and understand how a business works. That's why they are able to perpetrate so many different types of schemes -- and how they can often go undetected. Bachman says that the biggest source of insider fraud against businesses involves purchasing and procurement of goods and supplies. Insiders may be buying more goods than a business needs and lining their own pockets or paying invoices to an external third party for fraudulent orders. Other common schemes, says Bachman, include creating fictitious vendors or no-show employees -- who get paid for doing nothing. Accounts payable is another area where insiders may be skimming money by taking cash payments and failing to report them or replacing today's payments with cash paid at later dates.
Customers can also be notorious for trying to perpetrate fraud against businesses. Whether writing bad checks, using stolen credit cards, returning items not purchased from a business, or filing fraudulent injury and liability claims, there are a whole host of schemes that customers can perpetrate that will cost your business money.
'This is a very litigious society, so if you own a store or surface where customers walk or you have a parking lot, you are susceptible to people claiming they fell and injured themselves,' Lougovskaia says. 'If you don't have any surveillance and safety procedures in place, you are susceptible to frivolous liability complaints.'
False return schemes are another type of fraud that tends to impact retailers. People sometimes bring back merchandise from one store to another or they bring back merchandise that has been used. 'I've seen frauds where someone walks into a store and bought three pieces of merchandise, went out to their car and put the merchandise away, and came back into the store and picked the same stuff up and put it in a bag and walked out with it,' Bachman says.
Businesses are often the target of unscrupulous contractors' overcharging, over billing, kick backs, failing to perform contracted work or service, and other actions.
Some vendors you hire may try to scam you by billing for work they never complete. 'I can come into your company to provide carpet cleaning and you give me the alarm code and I come in once a month instead of once a week but bill for providing the service once a week,' Bachman says. 'Of you can short out services or goods because no one is paying attention. You order 50 chairs and I send 45. There are a lot of different ways of doing this.'
A growing number of types of fraud are being perpetrated by electronic means. Hacking, slamming (changing your telephone service without your knowledge), phishing (acquiring user names, passwords, credit card information), identity theft and other forms of business fraud are some of the most difficult to control. More businesses are being held accountable for data breaches perpetrated by third parties, as 45 states, the District of Columbia, and some U.S. territories now have laws on the books requiring companies to notify potential victims if their personal information has been stolen or otherwise compromised.
How to Protect Your Business against Fraud: How to Detect Fraud
Given that fraud against your business can impact the bottom line, it's important to set up procedures to verify adherence to anti-fraud policies and to detect and deter possible business fraud. Lougovskaia says business executives should commit to talking control by developing an enterprise-wide, anti-fraud policy that:
Below are several ways to deter and detect fraud in your business:
Employee Tips and Reporting
An often overlooked, but excellent way to prevent fraud is to develop an anonymous way for employees to report suspected fraud and work practices that lead to fraud. Businesses that institute anonymous employee reporting detect fraud earlier and significantly limit financial losses. 'You could have an anonymous tip box,' Lougovskaia suggests. If you do opt for a tip box, you should take steps to ensure that the process isn't abused to settle personal grudges. One way would be to appoint one individual to investigate all claims and ensure that anonymity is protected.
Internal Audits and Surprise Audits
Work processes, inventories, and accounting should be subject to regularly scheduled and announced internal audits. In addition, unscheduled -- or surprise -- internal audits also should be conducted. Work processes, inventories, and accounting can be altered in advance of regular audits, but knowing a surprise audit may occur removes temptation and increases the chance for fraud detection.
At a regular interval, external auditors should be employed to review company accounts, contracts, inventory and work processes, Lougovskaia says. Depending on the size of your business and whether it is a publicly-held enterprise, this may be required by law. Thus, it makes sense to set up external audits early in the history of your business so compliance with applicable laws and regulations can be achieved as your business grows.
How to Protect Your Business against Fraud: How to Deter Fraud
There are ways to deter fraud. One of the most important steps a business can take is to create a system of awareness at the top level of management. 'Never think that it can't happen here,' Bachman says. 'Create a level of awareness throughout the organization that we're watching for it. Make it clear in terms of deterrents that, if we catch it, we're going to prosecute, both criminally and civilly.' Civil action may be needed because people who have profited from ill-gotten gains may not have the cash on hand to return – they may have bought items, such as fancy cars or jewelry.
Written procedures are necessary to develop internal consistency and to insure adherence to anti-fraud work practices and policies. At a minimum, the business should take the following steps:
How to Protect Your Business against Fraud: Creating Checks and Balances
Internal controls are one of the great fraud deterrents. Internal controls involve the processes by which a business operates and goals are achieved. In accounting, it refers to the reliability of financial reporting and compliance with laws and regulations. Setting up good controls is important for a business to detect and deter fraud.
'A lot of organizations have an internal audit department, but small organizations can't always afford that luxury,' Bachman says. 'But they do have accountants and other people in charge of keeping track of accounts.' However, small businesses may have some weaknesses in terms of controls, such as putting the same employee in charge of making deposits and reconciling bank statements. Allowing one employee/department to perform multiple critical functions is inconsistent with preventing fraud. By dividing the responsibility of certain functions, a system of checks and balances is created and this creates an environment where fraud is less likely to occur. Lougovskaia says businesses should consider the following examples to establish better checks and balances:
Implementing a fraud prevention plan requires commitment and also requires the business to provide the right tools and support to its employees. Businesses are better off if they build in deterrents, establish good controls, and provide oversight. It's also important to encourage employees to have a conscientious attitude, says Bachman, such as: 'Our business' survival depends on employees being honest.'
Ten Ways to Prevent Identity Theft from Staples.com
The FBI's List of Common Fraud Schemes:
Understanding and Detecting Fraud by the Department of Justice
The United States Treasury's Financial Crimes Division
The United States Post Office Mail Fraud Unit
PriceWaterhouseCoopers 2009 Global Economic Crime Survey
Read more recent articles by Elizabeth Wasserman:
ELIZABETH WASSERMAN is editor of Inc.'s technology website, IncTechnology.com. Based in the Washington, D.C. area, she has more than 15 years experience writing about business, technology, and politics for newspapers, magazines and websites. Her work has appeared in such publications as Congressional Quarterly, Business Week, Portfolio and Slate.