Dig Deeper: Keys to Improving Network Fraud Protection
How to Protect Your Business against Fraud: How to Detect Fraud
Given that fraud against your business can impact the bottom line, it's important to set up procedures to verify adherence to anti-fraud policies and to detect and deter possible business fraud. Lougovskaia says business executives should commit to talking control by developing an enterprise-wide, anti-fraud policy that:
- Verifies that anti-fraud work practices are followed and detects fraudulent activity.
- Develops written procedures that dictate work processes in critical areas.
- Institutes checks and balances and divides key responsibilities.
Below are several ways to deter and detect fraud in your business:
Employee Tips and Reporting
An often overlooked, but excellent way to prevent fraud is to develop an anonymous way for employees to report suspected fraud and work practices that lead to fraud. Businesses that institute anonymous employee reporting detect fraud earlier and significantly limit financial losses. 'You could have an anonymous tip box,' Lougovskaia suggests. If you do opt for a tip box, you should take steps to ensure that the process isn't abused to settle personal grudges. One way would be to appoint one individual to investigate all claims and ensure that anonymity is protected.
Internal Audits and Surprise Audits
Work processes, inventories, and accounting should be subject to regularly scheduled and announced internal audits. In addition, unscheduled -- or surprise -- internal audits also should be conducted. Work processes, inventories, and accounting can be altered in advance of regular audits, but knowing a surprise audit may occur removes temptation and increases the chance for fraud detection.
External Audits
At a regular interval, external auditors should be employed to review company accounts, contracts, inventory and work processes, Lougovskaia says. Depending on the size of your business and whether it is a publicly-held enterprise, this may be required by law. Thus, it makes sense to set up external audits early in the history of your business so compliance with applicable laws and regulations can be achieved as your business grows.
Dig Deeper: Learning to Love Whistleblowers
How to Protect Your Business against Fraud: How to Deter Fraud
There are ways to deter fraud. One of the most important steps a business can take is to create a system of awareness at the top level of management. 'Never think that it can't happen here,' Bachman says. 'Create a level of awareness throughout the organization that we're watching for it. Make it clear in terms of deterrents that, if we catch it, we're going to prosecute, both criminally and civilly.' Civil action may be needed because people who have profited from ill-gotten gains may not have the cash on hand to return – they may have bought items, such as fancy cars or jewelry.
Written procedures are necessary to develop internal consistency and to insure adherence to anti-fraud work practices and policies. At a minimum, the business should take the following steps:
- Hiring practices and background checks. Background checks should be a precondition to employment. The business should secure written permission to conduct such investigations, which should include criminal background investigation, verification of education, right to work, licensure and past employment, Lougovskaia says. A credit check should be performed on employees who will handle cash or inventory.
- Cash and receivables and accounting. A written cash and receivables handling policy should accomplish two goals. It should train employees to spot bad checks, counterfeit currency, and stolen credit cards and insure proper accounting. 'The policy should address possible discipline for cash shortages and failure to strictly follow handling guidelines,' Lougovskaia says. The policy should address the use of customer-provided information and the handling of vital customer data.
- Inventory handling and tracking. A written inventory policy covers sales stock and company equipment. Pilferage is often an 'entry level' criminal enterprise. Contractors and employees engaged in this activity often perceive a weakness in inventory controls as an indication that fraud will not be detected. 'What happens to those items from the time they get off the truck to the time they hit the store shelves?' Lougovskaia says. Put those procedures in writing and give them to employees.
- Contract and invoice reviews and procurement. Regular reviews of accounts payable invoices, purchase orders, and payments can eliminate various types of fraud. It is important for small businesses to be able to verify that contractors have performed the work that they bill for -- before paying the invoice from that contractor. 'You need to outline billing practices with your contractors and require them to itemize billing, including the names of employees involved and listing a quarter hour itemization for each task,' Lougovskaia says. 'You need to provide better oversight and you need to have it in writing.'
- Critical data and corporate information. These days, every business that keeps sensitive data -- whether about customers or employees or the company -- need to have written data handling policies. These policies should spell out who has access to vital information, passwords, account numbers, databases, etc. Document retention policies should include scheduled, mandatory shredding of certain documents containing employee information or corporate data. Use confidentiality agreements and non-compete agreements for key employees.
- Customer returns. Customer returns can be a significant source of fraud. Since most state consumer laws require a posted customer return policy, it makes sense to develop a written return policy that will eliminate fraud risk, Lougovskaia says. Elements of your policy might include that you require returns to take place where the item was purchased, require a receipt, and do not issue cash refunds for credit card or check purchases.
- Visitor/customer injuries. There are ways of deterring fraudulent customer claims of accidents or incidents involving your business property. Retail establishments should consider installing video surveillance systems and having a handheld video camera ready in the event a customer falls on the premises to protect your business. If your business is not a retail establishment, you might consider requiring visitors to sign in and wear clearly identifiable badges. Tracking customer claims of injury via incident reports, and training employees to create reports immediately, cuts down on fraudulent injury claims.
- Internet, e-mail, laptops, cell phones, and storage devices. Clearly defined policies need to establish that Internet access and e-mail remain the property of the business for business purposes. Eliminate all employee access to non-work e-mail and Internet sites, Lougovskaia says. Written guidelines addressing the use of business laptops, cell phones, and storage devices will reduce the possibility of critical corporate and customer data being lost or stolen.
Dig Deeper: New Tools to Battle Online Fraud
