The biggest risk of fraud to a business comes not from outside but from within.
The problem can be particularly acute for an expanding business, as the owner or manager concentrates on generating growth and hands over responsibility for functions like banking and accounts to other staff.
Measuring the fraud problem in Australia is difficult because many businesses are too embarrassed to admit they've been defrauded, says Darryl Swindells, a partner in HLB Mann Judd's audit and corporate advisory section. But it's estimated one in six or seven businesses have suffered employee fraud in the past three years.
The most common type of fraud by far is financial fraud - stealing money from a bank account - followed by stealing stock and taking bribes from suppliers.
Create a no tolerance culture
The first step is to recognise that fraud is likely, and set out what's acceptable to staff. Is it OK to leave early on Friday afternoon? Or to take a few pens? Aside from setting expectations, this can have another benefit. “If everybody knows all the rules and they know the rules are going to be enforced then morale improves in places because people are going to feel more comfortable,” says Swindells.
Whether a business uses cheques or electronic banking, it shouldn't hand over control to a single person. The manager should be signing the cheques personally, or if they can't, two staff members sign them. And both staff members need to know that they're equally responsible to make sure that all payments are legitimate. “That's the biggest thing you can do and will cover 90 per cent of your problems,” says Swindells.
Likewise with electronic banking, two people should be required to sign off on any transfers, rather than just letting control reside with a single staffer. And passwords should be kept secret.
Businesses should have their accounts done monthly so that they can spot a problem early. Checks on cash flow and cash balances can show up trends, even small amounts of money leaking out of the business, which can point to fraud. “A lot of business owners are really focused on growing the business and they don't want to spend a lot of time tied to their desk, but it's really time well spent,” says Swindells. “If someone's stealing money from you, you've got to sell a lot of air conditioning or whatever you're selling to make up for money being stolen.”
Control the gate
It's important to have a stock control and inventory management system so that staff can't just help themselves to goods in the warehouse. “You need controls at the gate, we call it, between you and the outside world,” says Swindells. “Whereever that is, you need to make sure that people can't just walk out with stuff or drive out with truckloads of stuff – it happens all too often.”
Often once business owners start to trust staff they stop keeping an eye on what's going on, and this is when they become vulnerable, says Kimberley Middlemis, a partner at Adrians Chartered Accountants. So it's worth checking the accounts from time to time.
“It's as simple as just grabbing some original documentation and doing a mini-audit on some of the expenses that have gone through,” says Middlemis. Checking a few documents every month can ensure that the invoices and other documents behind the payments does exist. It also sends a message to staff that the business owner is checking and keeping an eye on them.
Companies can also insure themselves against fraud. Many insurers include a section for employee fraud dishonesty in the business packs for small businesses, says Andrew Faber, an account director at MGA Insurance Brokers.
Faber says businesses with a turnover of over $1 million should be taking out a management liability policy, which along with other things also covers employee dishonesty or fraud. Once fraud is uncovered, these policies allow the affected business to go back and check for previous fraud by the same person, which is also covered. Most of these policies will also cover theft by a third party or a contractor, such as an accountant or lawyer.