Avoiding Fraud and Hackers in 2020: Part III (Prevention)

Fraud happens year-round but can be especially prevalent during tax season. That’s why we’ve been focusing on identifying where it occurs and how to spot it, both from an individual and small business perspective, where corporate fraud tends to occur most often.

Why does fraud happen more often in small businesses than large enterprises? There are fewer assets, but small businesses make better targets because they’re easier to steal from, both digitally through cyber crime and through theft of physical assets. One of the biggest reasons why they’re easier targets is because they have fewer anti-fraud controls in place than large organizations.

In a comparison of small and large businesses, the ACFE found that large businesses are much more likely to have in place:

  • Internal audit department
  • Management certification of financial statements
  • External audit of internal controls over financial reporting
  • Independent audit committee
  • Fraud hotline

A separate system of checks and balances combined with more opportunities to detect fraud means that large businesses, while still very much susceptible, tend to experience fraud events less often. (Note, however, that the losses can be much more extreme.)

In comparison, fraud in small businesses is most often detected through a tip as compared to proactively monitoring financial statements and other assets. And seven percent of small business fraud is detected on accident.

Small business executives already know the top five causes of corporate fraud from our last post. Here’s how to safeguard your company and business assets to better protect against theft and fraud.

Fraud Tip 1: Implement an anti-fraud hotline.

Give employees an anonymous, easy way to report fraud anytime, from anywhere. Only a quarter of small businesses have one, and it’s one of the easiest ways to deter fraud.


Fraud Tip 2: Write, distribute, and abide by a code of conduct and anti-fraud policy.

Make sure that employees know what constitutes fraud and illegal behavior, and what your company (and management) stance on it is. Lead by example and make sure to double-check financial reporting yourself. Create and uphold a company culture where fraud isn’t even considered.


Fraud Tip 3: Conduct fraud training for all employees.

At all levels of the organization, educate executives and employees on the different types of fraud, how to spot it, avoid it, and report it. Repeat the training as needed.


Fraud Tip 4: Segment duties for positions that deal with invoices, checks, and financial reporting.

When possible, segregate duties among two or more people for anything that can give rise to fraud. For example, the person who deposits checks should not be the same one who signs them. The person who authorizes invoices should not be the same person dispersing checks. Have a means of verifying bank statements from someone other than the account holder. These controls serve to protect the company as well as decrease the odds of honest mistakes happening.


Fraud Tip 5: Implement mandatory vacation policies and cross-training.

In small businesses, employee fraud can be hard to spot when only one person knows how to do a job, or never goes on vacation. Cross-training employees has other benefits too, like decreased work stress.


Fraud Tip 6: Perform formal fraud risk assessments and proactive monitoring.

Your CPA is a good place to start. Not all CPAs are qualified to perform fraud risk assessments; they should have extensive industry experience and/or possess ACFE credentials. Either way, having someone else analyze the controls, operations, and financials and identify weaknesses is better than waiting for something to happen on its own.

And a final note on financial statement audits as fraud detection tools: Many executives make the mistake of thinking that independent financial statement audits will detect fraud. Sometimes, it does happen that way. But audits are not designed to detect fraud, only report on the accuracy of what’s presented. Only about three percent of fraud cases were discovered through external audits.

Some of these anti-fraud measures don’t cost anything to implement, just time and effort. The saying ‘an ounce of prevention is worth a pound of cure’ is overused but applies quite well to mitigating small business fraud.

Contact Naden/Lean if you have questions about your company’s internal controls, anti-fraud mechanisms, or want to discuss other ways to better safeguard your business.