It is often said that fraud migrates to the point of least resistance… meaning people committing fraud attack companies with the least number of effective defenses, roadblocks, technical countermeasures and internal controls. Unfortunately, this describes businesses of all sizes.
In an article I recently authored, for CSO Magazine, I discussed strengthening internal controls to prevent fraud. However, companies cannot prevent fraud if they’re unaware what their fraud risks are and this is imperative in businesses of all sizes. I cannot tell you
how many times I’ve seen large embezzlement/theft/fraud cases in businesses, which were directly attributable to the fact that one employee was solely responsible for all accounting, bookkeeping, accounts receivable and accounts payable functions and there were no controls or oversight in place to monitor the transactions and activity of that employee. This, of course, is completely preventable.
This leads me to ask: Have you had your annual fraud checkup? What was the Dx? What were the results? This is an important first step. No matter what size company you are, the question is: “How aware are you of the specific fraud risks facing your company?”
The CSO Magazine article generally targeted fraud prevention methodologies in larger businesses, but it’s a great primer for small to medium size businesses as well. For businesses of all sizes, awareness of your fraud risks is an important key in the effort to prevent fraud and fraud risk assessments are an excellent vehicle to assess a company’s compliance with internal controls, fraud control deficiencies and overall fraud health. Fraud risks cannot be mitigated until they are identified. I’m often asked how often
should fraud risk assessments be conducted? Best practices dictate that fraud
risk assessments should be conducted on a “regular basis” (annual or semi-annual at a minimum, if not quarterly, depending on the type of business or business unit).
Remember, you can’t fix something you don’t know is broken so get tested, take preventative measures to improve your company’s fraud health, become a less attractive target to fraudsters and protect your bottom line.