4 Tips to Strengthen Internal Controls at Small Businesses and Not-For-Profits
We got a call from an old friend in late December. While we have never been engaged as his accountants, from time to time, we discussed certain aspects of his business, tax matters and operating procedures, including controls.
The call was disconcerting. My friend explained that his longtime bookkeeper had not been to work for a couple of weeks and during that time he received a notice from the Internal Revenue Service saying that payroll taxes have not been paid for the past several months. In addition, several of his most valuable vendors had not been paid.
He asked if we could come out and see what was going on. Having known this man for a long time we immediately met with him and reviewed his books and records. Upon investigation we found that the bookkeeper-who had access to all of the books and records and had the authority to approve invoices for payment, sign checks and handle all of the payroll filings-had been stealing and falsifying the records to cover up the fraudulent payments.
Unfortunately, this happens frequently to small businessmen and women, non-for-profit organizations, as well as churches and synagogues. It happens because there is an opportunity coupled with a perceived financial need followed by rationalization. My friend asked if we could help him prevent this from happening in the future. The answer is absolutely, but it would require a new way of doing things coupled with a certain discipline.
Here are four ways to improve internal controls and oversight within your organization to help protect your business from employee fraud:
1. Separate, incompatible functions
For example, the bookkeeper should not have access to assets. One of the best ways to accomplish this is to have someone other than the bookkeeper make deposits and sign checks. This might require new operating procedures.
2. Restrict access
The operating manager making the purchase and possibly the business owner should approve vendor invoices. Business owners should retain ADMIN rights (if possible) to the company’s accounting system and consider restricting user access to only areas necessary for their functions. This will help reduce the chances of an individual creating false entries and covering up their tracks.
3. Segregate accounting duties
For example, if your situation still warrants physical checks, consider signing them yourself or authorizing an additional signer. Ensure the signer is separate from the person issuing the checks and that signer matches the checks to invoices prior to mailing. Also, someone other than the bookkeeper should receive and make deposits. Copies of the deposits including the customer checks can be forwarded to the bookkeeper.
4. Review statements on a regular basis
The owner or another responsible official should review receivables on a regular basis. An individual who knows that the work performed will subsequently be reviewed is more likely to be deterred from committing fraud.
There are numerous control features that every business should have. Such control systems reduce the possibility of fraud or errors. Regrettably, the business of fraud is on the rise and comes in so many ways, including the Internet, phone scams, stealing, padding time and selling business products.
For over four decades, the team at Whisman Giordano & Associates, LLC has focused on building extraordinary relationships by working diligently and spending time getting to know our clients. Our focus is on providing peerless accounting, auditing, tax planning, compliance and business advisory services. We’d love to learn more about your tax situation and give you insight into what to do next.
Whisman Giordano & Associates, LLC
Certified Public Accountants
111 Continental Drive, Suite 210
Newark, DE 19713