Fraud Prevention Tip #48: Suggestions for Small Businesses, Small Government and Not-for-Profits

Fraud Prevention Tip #48: Suggestions for Small Businesses, Small Government and Not-for-Profits

The Anti-Fraud Toolkit

The Anti-Fraud Toolkit Structure
In 9 modules, more than 6 hours of recorded video lecture, over 250 PowerPoint slides, and many practice ‘To-Do’ action items and practice tools (downloadable in each module), you’ll get the step-by-step, turn-by-turn instructions you need to take action right now. Short on theory and long on action steps, the lectures and tools in each module will enable you to take confident, effective action by building on the successes I’ve witnessed in my clients all of these years.
You’ll also get guidance on what not to do in the fight against fraud – to help you avoid common mistakes, focus your precious limited energy, and avoid undermining your own efforts through inefficiency and uncertainly!

Most smaller businesses, local governmental entities, and not-for-profits face the inherent risk of insufficient staff and limited control resources. These special challenges require extra effort by anti-fraud leaders. Here are seven ideas that will help.

  • Create a written Code of Conduct that addresses routine and non-routine situations staff will encounter in performing their work. Provide examples, short cases and answers to Frequently Asked Questions. Be wary of boilerplate terminology. Focus instead on meaningful real-world guidance for conduct.
  • Due to limitations in staffing and inadequate segregation of duties controls, managers should compensate by spot checking and re-performing the work of subordinates. Make this ‘quality check’ a daily habit.
  • Require that approvers carefully review all disbursement documentation prior to approval. Verify details, ask questions, and when in doubt, choose to follow up until a valid verifiable conclusion is reached.
  • Have organization bank account and credit card statements sent unopened directly to the chief executive. This executive should review all statements in detail as soon as they are received.
  • Verify the existence and legitimacy of all first-time payment recipients.
  • Make everyone take uninterrupted vacations or other time away from their jobs. Have other staff fill in for them and complete their work while they are away. This practice builds skills and acts as a deterrent to wrongdoing.
  • You simply must perform meaningful criminal background checks on employees and higher-risk volunteers. There’s no easy way around this one. Those terminated for cheating at prior employers know they need a new job right now. No delay. And prime targets for new jobs for these folks are the smaller business, governmental entity or not-for-profit that everyone knows has limited resources and staff to check backgrounds.

Comply with the privacy, anti-discrimination and other applicable laws. Beware of blanket policies that prevent hiring those with prior criminal records. Get competent legal advice and find a way to get these reviews done

John J. Hall, CPA

John J. Hall, CPA

John J. Hall, CPA, is an author, speaker and results expert who presents around the world at conventions, corporate meetings and association events. Throughout his 38-year career as a business consultant, corporate executive and professional speaker, John has helped organizations and individuals achieve measurable results. He inspires audience members in corporations, not-for-profit organizations and professional associations to step up, take action and “do what you can.”

 

 

preparation for fraud incident

Fraud Prevention Tip #43: Build The Response Team Before It’s Needed

Near our home, there’s a city firehouse. Inside 24 hours a day are trained professionals ready to go when the alarm sounds. Their equipment is maintained in outstanding condition, their trucks are fueled, and their protective jackets, boots and helmets are already in place. They don’t wait for the alarm to go off before thinking through what they might need, recruiting their staff, buying equipment and getting their training. That’s already done.

That’s exactly the way you should look at you ability to respond to fraud incidents. Evaluate your fraud response needs during periods of calm. Not crisis.

Gaps in capabilities should be addressed before a fraud incident is being pursued.

As part of fraud risk brainstorming, think through what skills might be needed later if identified risks become reality. In many organizations, these skills do not necessarily need to be available in-house. But you should know exactly who to call if you need them in a hurry. Assess internal capabilities. Build relationships with outsiders before they are needed.

Here is a list of good places to start.

Legal Oversight

At the center of the response team are lawyers skilled in criminal matters. These attorneys should be able to provide quick response guidance to members of the investigative team. They should be available when needed, and provide oversight of the investigative process. Consider other legal needs that may arise, such as employment law, government contracting, procurement, international commerce, real estate, technology, intellectual property, and environmental law.

Investigators, Fraud Examiners, and Forensic Accountants

This group will comprise the core investigative team. While the roles of the three groups mentioned in the title above are similar, the specific subspecialties of each are important to have available. These skills may all be found in one person, or we may need multiple experts to fill the investigative needs.

Certified Fraud Examiners

While there are many sources of help, many Certified Fraud Examiners (Association of Certified Fraud Examiners, Austin, TX www.acfe.com) are experts in fraud issues and can bring first-hand experience to your fraud incidents. In many organizations, CFEs are an integral part of the investigative team.

Internal Auditors

If your organization has a formal internal audit function, this resource should be utilized in pursuing reported suspicions. Internal auditors have the capability to review issues from the inside: that is, they can often pull data, double check facts and interview employees quietly. This allows the organization to take initial steps in the incident response process without attracting a lot of attention.

Experienced internal auditors have expertise in internal controls as a core skill. They should be an active part of efforts to identify fraud risks and assess the adequacy of prevention and detection controls. Using auditing analytical procedures and tools (including computer-assisted audit techniques), internal audit can also surface fraud indicators for further investigation. Last, they are a critical resource to management in efforts to strengthen controls after a fraud incident has surfaced.

Information Technology and Computer Forensics

Few business fraud cases fail to touch on electronic records. Information technology expertise is needed to assess the risks to these records and to assist in the collection of necessary data stored in electronic form.

Computer forensics expertise is often necessary to preserve data that will be used as evidence in legal proceedings. Qualified experts in these fields should be formally on call if not on staff. These skills should be found before you need them, as response time to collect and protect critical data may be very short.

Human Resources

The response team should include human resources specialists with fraud background. Fraud involves people, and often those people are employees.

Rights and obligations need to be honored. Laws and employment contracts must be respected. Decisions must be adequately and appropriately documented. Mistakes must be avoided. The qualified HR representative can assist in all of these concerns, and should be a core member of the response team.

John J. Hall, CPA

John J. Hall, CPA

John J. Hall, CPA, is an author, speaker and results expert who presents around the world at conventions, corporate meetings and association events. Throughout his 35-year career as a business consultant, corporate executive and professional speaker, John has helped organizations and individuals achieve measurable results. He inspires audience members in corporations, not-for-profit organizations and professional associations to step up, take action and “do what you can.”

 

 

he Anti-Fraud Toolkit Structure

Fraud Prevention Tip #42: Be Ready to Respond

Here’s an exercise that will keep you awake at night. Assume that despite your best efforts at fraud prevention, you get hit anyway. What should you expect when fraud is detected?

Explode False Beliefs

Start by exploding these three myths:

1. We’re ready to address what might come up
2. The authorities will take care of most of it for us
3. The insurance company will give us protection from loss

It would be great if these three statements were true – and sometimes they are. But often they’re not.

• Unless you deal with fraud on a regular schedule, you’ll find that you and your leaders may be very much unprepared to respond.
• The authorities will do their best to assist you in pursuing wrongdoing – if you cooperate fully with them and you are willing to supply the information they need to proceed. They are busy people just like you. They have limited resources and other priorities – again just like you.
• The insurance policy is a contract with requirements you must meet before any losses covered by the policy are paid. Are you in compliance? Have you ever read the insurance contract?

Once you have counterbalanced any existing myths and flawed beliefs, then do these three things:

The Anti-Fraud Toolkit Structure

The Anti-Fraud Toolkit Structure

In 9 modules, more than 6 hours of recorded video lecture, over 250 PowerPoint slides, and many practice ‘To-Do’ action items and practice tools (downloadable in each module), you’ll get the step-by-step, turn-by-turn instructions you need to take action right now. Short on theory and long on action steps, the lectures and tools in each module will enable you to take confident, effective action by building on the successes I’ve witnessed in my clients all of these years.
You’ll also get guidance on what not to do in the fight against fraud – to help you avoid common mistakes, focus your precious limited energy, and avoid undermining your own efforts through inefficiency and uncertainly!

Assemble the Team

There are inherent risks in responding to wrongdoing, misconduct and fraud. Legal, physical, career, reputation, regulatory, human resources and other risks should be managed by professionals with the requisite authority, background, resources, and interest. List the skills and relationships that will be needed when fraud is found. Recruit and prepare your team of experts in advance.

Prepare the Message

Before fraud is found (right now is a good time!) craft the basics of the message you may need to deliver to employees, customers, the press and others. Write out the bullet points of these messages before they’re needed. Be fully prepared to deliver these messages in an organized confident manner at the appropriate time and place, and by the appropriate authorized spokesperson. But get the basics on paper now when things are calm.

Put the Fraud Response Plan in Writing

Make sure that everyone in the organization knows who’s authorized (and who isn’t) to investigate, handle formal and informal information requests, and interact with any outside parties. Put this ‘crisis response plan’ in writing.

Correcting myths, preparing the team and messages and putting it all in writing isn’t everything, but it a foundation that will pay off many times over if you take care of it right now.

John J. Hall, CPA

John J. Hall, CPA

John J. Hall, CPA, is an author, speaker and results expert who presents around the world at conventions, corporate meetings and association events. Throughout his 35-year career as a business consultant, corporate executive and professional speaker, John has helped organizations and individuals achieve measurable results. He inspires audience members in corporations, not-for-profit organizations and professional associations to step up, take action and “do what you can.”

 

 

Approving Purchasing Card Transactions

Fraud Prevention Tip #38: Approving Purchasing Card Transactions – Good Questions to Ask

The use of Purchasing cards or P-Cards for small dollar transactions makes a lot of sense. The cost per transaction is significantly less than that incurred when a requisition, purchase order, invoice and check payment takes place. But with the convenience of P-Cards comes an elevated risk of abuse and fraud.

Compounding the risk is the fact that many organizations train employees in the proper use of P-Cards, but very few teach new supervisors how to review this activity. The flawed belief is that if you know the rules of using P-Cards, then of course you know how to review transactions submitted by subordinates.

Here is a long list of example questions to ask yourself when reviewing P-Card transactions. Create a shorter list that better reflects your business culture and exposures, and keep it handy the next time you review these purchases. Share your list with others in your work group or in an article for all employees.

1. What is the business purpose of the charge? Is it reasonable for the person making the claim?
2. Are original receipts or other support attached for every item claimed (as required by policy)?
3. Is the expense allowable under organization policies?
4. Are the costs claimed ‘reasonable’ considering organization culture, policy, locations?
5. Does the receipt show the name, address and phone number of the vendor?
6. Were any costs split to avoid the allowable maximum?
7. Would this type of purchase normally require the issuance of a Purchase Order?
8. Could the item purchased be used in the home? If so, verify location of item.
9. Was the purchase date or time unusual – for example weekends, evenings or just prior to a holiday?
10. Was the quantity purchased reasonable?
11. Was the item returned for store credit?
12. Is P-Card spending in line with supervisor expectations and budget?
13. Does the purchase location make sense?
14. Where appropriate, verify that the place of business actually exists (for example, call the phone number printed on the receipt or search for their website).
15. If the charge is unfamiliar, consider entering SKU codes from receipts into the website of the vendor (for example, Home Depot.com).
16. For fuel purchases, review total charges over a period of several weeks or months. Compare to vehicle mileage.
17. Find what was purchased. Verify existence and business purpose.
18. When month-end control reports are received, perform a one-to-one match of every item on the control report back to original receipts.

John J. Hall, CPA

John J. Hall, CPA

John J. Hall, CPA, is an author, speaker and results expert who presents around the world at conventions, corporate meetings and association events. Throughout his 35-year career as a business consultant, corporate executive and professional speaker, John has helped organizations and individuals achieve measurable results. He inspires audience members in corporations, not-for-profit organizations and professional associations to step up, take action and “do what you can.”

 

 

Fraud Prevention Tip

Fraud Prevention Tip #18: Daily Preventive Behaviors

Fraud has many names: embezzlement and theft, financial manipulation, kickbacks and other shadow deals, misconduct, and outright wrongdoing. But in 90% of the cases I’ve touched over 37 years, there was one thing in common: formal control procedures without the related human competence and daily attention to detail created false security about fraud prevention.

Anti-fraud daily behaviors by informed managers and staff are the critical missing link in most efforts to battle wrongdoing. And few organizations are doing anything about it.

Effective anti-fraud behaviors include three specific actions:

1. Pausing at the moment of transaction approval to think, “How do I know that what I’m reviewing right now is correct?” This is The Anti-Fraud Moment. “How do I know” – or HDIK? – becomes the mantra of those who take pride in their approval signature.
2. Choosing to ‘doubt’ when something doesn’t look or feel right. Doubters double check details as a quality step: not just as an anti-fraud step. (And Doubters make great supervisors!)
3. Resolving or referring suspicions. Refuse to sign any document that looks funny to you until you know it’s correct. Resolve what you can; quickly refer any suspicions you can’t resolve to the experts who specialize in Fraud Prevention and Detection.

If all managers and staff would just take these three simple steps every day, most fraud risks go away.

But here’s where this process breaks down. Employees care. They want to do the right thing. But they simply do not know how.

Here’s an example:

Frustration oozed from Jim’s expression. He had just completed the required Policy on Anti-Fraud Responsibilities annual certification acknowledging that he was responsible for preventing fraud in his department. “I’m willing!” he said to himself. “But no one has ever taught me what fraud looks like in what I see.”

The fix, of course, is meaningful Anti-Fraud Skills Training. Not just awareness sessions. Real skills training that includes examples of exactly what wrongdoing and fraud look like in documents managers and staff see each day.

The best and most cost-effective training comes directly from supervisors who coach their team in what can go wrong and exactly what it looks like. This coaching includes setting the right tone about what’s expected, and encourages every employee to speak up immediately when anything doesn’t look right.

To help you in your anti-fraud efforts, here’s a quick summary checklist you can share with others. Tell them, “We deter fraud when we:

1. Pay attention and question details
2. Know before approving
3. Hold others accountable for results
4. Enforce the rules
5. Enforce documentation standards
6. Ask, count, inspect, double-check
7. Balance, reconcile and review
8. Are passionate about quality
These same steps can be applied to any risk – not just fraud.

Knowing what to look for, paying attention each day, and speaking up are the fundamentals of any quality or process improvement effort. And that makes fraud prevention behaviors part of the normal workflow; not extra work.

John J. Hall, CPA

John J. Hall, CPA

John J. Hall, CPA, is an author, speaker and results expert who presents around the world at conventions, corporate meetings and association events. Throughout his 35-year career as a business consultant, corporate executive and professional speaker, John has helped organizations and individuals achieve measurable results. He inspires audience members in corporations, not-for-profit organizations and professional associations to step up, take action and “do what you can.”

 

 

next page