When you’re an employee, expense reports are a pain. I worked at a magazine where every purchase had a tribunal-like approval process. Meals couldn’t exceed $25 (difficult when taking out a source in Manhattan), office supplies capped out at $10. I dreamed of owning a corporate credit card. Oh, to swipe on a whim with limited oversight.
Now that I write about small-business concerns for a living, I realize that my past employers were smarter than I thought. Thanks to their stringent rules, I have a clean criminal record. (Well, not entirely thanks to them: I do have morals.) But the point is, anyone can commit fraud. And, sadly, many small business owners know this all too well.
According to the Association of Certified Fraud Examiners 2010 Global Fraud Survey, small companies are most vulnerable to fraud thanks to limited anti-fraud procedures and precautions. More bad news: The typical organization loses 5 percent of its annual revenues to fraud, and most frauds take at least 18 months to detect.
Fraud case study
In 2005, Ken Stalcup was treasurer at a small non-profit when the executive director barged into his office in a panic.
“He had asked our bookkeeper a question about a bill payment and the bookkeeper couldn’t answer,” he says. “It raised a red flag and the director asked me to look into it.”
Stalcup balked at first. The association’s bookkeeper was a trusted employee and personal friend. No way was he committing fraud. Even so, Stalcup followed orders and initiated an internal investigation.
“We found that he had been forging checks and increasing his pay for two years. By that point he’d taken around $400,000,” says Stalcup.
The bookkeeper was suspended and then terminated. He was sentenced to five years in prison. According to Stalcup, he was recently released.
How did this happen?
“My job as treasurer was to come in and look things over, and sign checks and tax returns,” Stalcup says. “This guy had access to the checkbook and was in charge of reconciling the bank accounts. Basically, we let him do too much. I would have had to really dive in to catch that kind of error. He was a master at the cover-up.”
The incident shook Stalcup to the core and forced him to reevaluate his career trajectory. Today, he works for the accounting forensic team at Somerset CPAs in Indianapolis, Indiana, to protect small companies from the kind of fraud he experienced.
Most common fraud
“Credit card fraud is [involved] in almost all of the cases I see. Employees use cards for personal expenses,” he says. Small-business owners are “universally shocked” when they find fraud, primarily because of two major myths.
Myth 1: It won’t happen here
A criminal is someone who has a record, looks shady and makes everyone uncomfortable, right? Think again.
“Trusted employees will embezzle and it will be the first time they’ve ever done anything like that,” Stalcup says.
Myth 2: The yearly audit will catch it
Don’t count on your third-party accountant to catch financial improprieties.
“If auditors are told not to look at anything below $50,000, for example, it will make it hard to stumble across fraud if the amount stolen is less than $50,000,” he says.
How to protect yourself
Just because fraud is common, doesn’t mean it’s inevitable in your organization. Here are a few ways to protect your company.
Step 1: Establish a tip line
Most fraudulent activity comes to light from a tip, according to the Association of Certified Fraud Examiners. Protect tattling employees by setting up a reporting hotline or suggestion box where they can report anonymously, advises Stalcup.
And if they come to you, promise confidentiality. “If the whistleblower is identified, they can receive a lot of retribution,” he says.
Step 2: Educate employees
Schedule mandatory seminars on spotting fraud, suggests Stalcup. “Explain the types of things people should look for, such as an employee living beyond their means,” he adds.
Step 3: Segregate duties
Arguably the most important protection against fraud is an ironclad system of checks and balances.
“One person shouldn’t do everything,” says Stalcup. “Make sure there are others checking for accuracy.”