Fraud happens everywhere, even in our home towns. Nearly half of all small businesses experience fraud at some point.
Here’s an example from my home town. Late this summer, a federal jury convicted Adam Martin for wire fraud, money laundering, and identity theft. He stole over $350,000 from his employer, Cold Spring Brewery, Minnesota’s third-largest brewery. Adam Martin, resided in a suburb of St. Cloud, and worked for Cold Spring Brewery as their Controller. During his 7 years of employment with the business, he wired ~$244,000 to an online business brokerage account he opened (using his sister-in-law’s identity as the “director” of the account), took company funds to make a $106,000 down payment on a new home for himself, used the company credit card for $78,000 in personal expenses, and it’s estimated he took $30,000 cash from the brewery’s weekend proceeds.
When I learned of his embezzlement, I wondered how he got away with it for so long. The typical employee fraud takes, on average, a year and a half before it’s detected (and longer, if the employee is an executive). Why wasn’t the Executive Management – or the owner – of Cold Spring Brewery more aware? It got me thinking about how important it is for business owners to identify risk areas within their operations and to develop strong internal controls and – most importantly – to take an active role in fraud prevention.
This is International Fraud Prevention Week, so let’s look at how fraud affects entrepreneurs and small business owners.
A small business owner faces an uphill battle to fight fraud. Small businesses are the most common victims (compared to mid- or large-sized businesses). The average loss incurred as a result of fraud is ~$150,000 regardless of whether the business is small or large, but smaller businesses don’t have the same resources as large ones do to focus on fraud prevention. These combined factors leave smaller businesses especially vulnerable to fraud.
Fraud also creates non-financial consequences such as bad publicity, decreased consumer confidence, increased scrutiny, inability to meet organizational goals, and low employee morale. In order to recoup the losses, the business owner may have to increase prices, reduce annual raises or employee benefits, or reduce staff levels.
It is important to note that fraud doesn’t occur only in Accounting and Finance departments. Conflicts of interest and abuse of influence or power with vendors or customers can occur in Operations, Sales, Purchasing, Warehousing and Executive Management. Fraud doesn’t only involve money, either; the loss of inventory or other asset misappropriations can happen.
What can a business owner do?
Don’t be an easy target! The next four action items are your best chances for preventing and detecting fraud:
1. Offer multiple channels for reporting fraud. This action item is, by far, the best fraud detection method you can employ. Many employees prefer to report fraud directly to their supervisor, while some go straight to an executive or HR. A minority prefer to report anonymously via online forms or through a fraud hotline or tipline.
2. If you’re not reviewing your business’ financial and operational activities with an eye for fraudulent activity, start now! You should be regularly reviewing bank statements, credit card statements, payroll reports, accounts payable batch reports, and budget to actual performance (with variance analysis). Expect account reconciliations from your Accounting department. Set the expectation that Executive Management will routinely perform reviews and establish an internal audit process.
3. About 80% of fraudsters will exhibit one or more of the following common behaviors. Look for these behavioral warning signs in your employees:
• living beyond his or her means
• going through financial difficulties, divorce, or other family problems
• having an unusually close relationship with a vendor or customer
• exhibiting excessive control issues
• using clever or ethically questionable methods to conduct business
4. Increase employees’ awareness of fraud in the workplace and its consequences. It’s critical to train employees at all levels so they gain a basic understanding of how fraud schemes work, what the warning signs are, and how to report suspected fraud.
I didn’t include background checks. Don’t background checks help?
Only ~5% of fraudsters have a prior criminal conviction that a background check would catch. The vast majority of workplace fraud is done by first-time offenders. So, background checks are of little use to identify potential fraudsters.
What about IT controls?
The passage of the Sarbanes-Oxley Act (SOX) – an act that requires public companies to establish adequate internal controls over financial reporting – increased the focus on IT controls. Improved IT controls is good business practice. However, the success of IT controls as a method of detecting fraud is about as successful as getting a confession.
Trust is not an internal control.
Fraudsters can commit their crimes because they’re trusted. They may be family members or friends, or be in good standing and have years of service. They are not your stereotypical criminal.
As a business owner, you have a responsibility to protect your business and the staff whom you employ by building strong internal controls. You can do this by implementing the four action items noted above. Strong internal controls are ones that a fraudster cannot override. Having a combination of effective internal controls reduces that risk.