Operations & Management

Fraud & Internal Controls

Small businesses are the most vulnerable to fraud because they often don’t have effective internal controls. Internal controls are policies and procedures that will protect your business assets and reduce the risk of fraud. They can be simple, little to no cost ways that may prevent or minimize financial disaster.

REMEMBER: Every dollar stolen is a dollar out of your pocket. A small business owner should always be an active participant in the going operations of the business.

Download the handout on Internal Controls.

Why are internal controls important?

Internal controls are important because they:

  • Safeguard assets
  • Prevent or reduce the risk of fraud and error by employees and vendors
  • Ensure proper financial reporting
  • Serve as evidence of internal controls to banks and other financial institutions who may lend to your business

What are the costs of fraud?

Lack of internal controls can lead to fraud and be devastating to a small business.

Direct Costs:

  • Loss of cash, inventory and other assets that may not be recoverable
  • Cost of investigation and litigation
  • May have to close business if loss is severe

Indirect Costs:

  • Lost reputation and trust of vendors, creditors and customers
  • Loss of trust for other employees
  • May need to lay off employees

10 Essential Internal Controls for Small Business

  1. Segregation of duties – By requiring more than one person to complete a task, you reduce the risk of mistakes and inappropriate or fraudulent actions. The individual responsible for bank reconciliation should not make bank deposits or have custody of checks.
  2. Background checks – Do a criminal and civil background check prior to hiring and check references. Be aware that prior businesses may not have filed charges if fraud was committed.
  3. Educate employees about fraud and internal controls. Small businesses should conduct annual training on fraud: what it is, preventive measures, how to report it, how to detect it and consequences for committing it.
  4. All bank and credit card statements should be mailed to the owner and have one designated person do it – if the owner can’t.
  5. Owners should set an example of ethical and behavioral standards. That will set the tone from the top of what is expected of everyone.
  6. Require employees to take a vacation. Just knowing they must take a vacation every year is a deterrent because it increases the risk of getting caught.
  7. Tipster hotline – Set up a system where employees can report suspected theft anonymously. Most detections of employee theft are from a tip.
  8. System of authorization – Management authorizes employees to execute transactions within limited parameters.
  9. Safeguard valuable assets and keep an inventory; secure bank check stock, make daily deposits of checks and cash, backup computer records.
  10. Regular internal and external reviews – Doing financial/accountant reviews may uncover fraudulent activity and areas that need more oversight.