Most business owners are familiar with the concept of internal financial controls, but there is often confusion around who needs them. We hear this every day in the conversations we have with the leadership teams of small to mid-sized business.

There is widely held a misconception that only publicly traded companies need to worry about internal controls. Private companies often assume that because they do not need to file their financial reports with an external entity or report them to shareholders that they do not need to implement the same types of controls that larger, public organizations do. The confusion here stems from the that many people view internal controls as a piece of the regulatory puzzle, when in reality internal controls are “The policies and procedures used to ensure accuracy and reliability across accounting reports.” 

What kind of accounting controls do you have in place right now?

If you are not sure, or are too embarrassed to answer, chances are you have some work to do.
​
Internal controls protect your business from not only fraud but also the kinds of financial errors and reporting mistakes that can negatively affect cash flow management, dissuade investors, and hinder long-term business growth. 

​This summer, the IRS began urging tax professionals to increase their security measures amid a storm of increased cyber-attacks. Through the first half of 2021, cyber-attacks against tax professionals had already outpaced the annual numbers for 2020 and 2019. And tax pros are not alone.
​
Cyber security has become a hot topic among all financial professionals over the last year as security attacks against businesses and individuals soared during the pandemic. Michael Cohn explains the recent rise in security threats when he says, 

So, how do you keep your financial data secure? 

Whether your accounting team is employed in-house or outsourced to a third party, the question of whether it will return to the office or continue to work remotely is likely at the top of your mind. Nationwide many companies have returned the office, at least as part of a hybrid work model, but those changes have been the source of stress at various levels. With some workers wanting to go back, others desiring to stay home, and management tasked with keeping everyone happy and productive, this topic is causing friction across the board. But increasing employee satisfaction is not the only factor being considered.

More serious issues like financial integrity and risk management are also in jeopardy. Just like the concerns that arose when employees began working from home suddenly at the start of the pandemic, this transition to a permanent remote work pattern has many experts analyzing the implications for financial controls.

To understand how these internal controls can become compromised with remote workers, let’s examine the most important accounting controls in your business right now and discuss how you can strengthen them amid a remote work environment: 

Automation improves ROI, enables scalability, increases collaboration, and develops organizational resiliency. And if that was not enough of a reason to go down the path of exploring your automation options, these days technology is cheaper, more robust, and easier to use than ever before. As a result, it is more ubiquitous across all industries, especially in technical professions like finance and accounting.
​
CPA and technologist, Aaron Benson explains, “I think that technology has finally infiltrated every aspect of what we do within the profession, and to be competitive and to move forward, you have to use technology.” In his interview at the 2019 AICPA ENGAGE Conference he further goes on to explain, “Most people use like 20–30% of the software they [could] use and leave everything else on the table.”

What is a fractional accountant and when do you need one?

​It may sound cliched, but fractional accountants are whatever you need whenever you need them.

Fractional accountants are the “a la carte” version of accounting professionals. These financial professionals can be hired to do any number of financial functions, handling everything from financial reporting and cash flow management to tax preparation and internal controls. They can do part-time work, project work, and interim assignments while working on-site, off-site, or a combination of the two. Essentially, a fractional accountant can provide as much or as little work as you need.
​
Most often though, fractional accountants are brought in to assist existing accounting teams, work on special projects, and supplement software systems. 

The Association of Certified Fraud Examiners’ Report to the Nations reveals that on average companies lose 5% of their annual revenue to fraud with a median loss per case of $125,000 and an average loss per case of just over $1.5M.

The report further elaborates that more than half of businesses never recover any of the lost funds.

While only 20% of fraud is reportedly committed by business owners (compared to 41% by individual contributors and 35% by managers), the cost of owner-run fraud schemes cost their businesses 10 times more on average than fraud cases committed by lower-level employees.  

The average perpetrator of fraudulent crimes has been with the company for 1-5 years and engages in their fraudulent activity for 14 months before being detected. And small businesses typically carry a higher fraud risk than their larger counterparts with twice the rate of billing fraud and payroll fraud and four times the rate of check and payment tampering. 

No one wants to believe that fraud could be happening at their company, but these statistics tell the true story – fraud is far more widespread than many people think.

So, how does this kind of fraud occur and why is the risk of fraud higher this year than previous years? And most importantly, how do you identify fraud and what can you do to prevent it?  

The IRS lays out a set of six best practices that tax professionals must abide by to protect taxpayer data, referred to as the “Security Six.”

​While the phrase Security Six applies specifically to tax accountants, tax preparers, and tax auditors, anyone can (and should) follow these same safeguards with sensitive data. Additionally, if you are outsourcing your financial functions to a third-party bookkeeper or accountant, they should be taking these precautions on your behalf as a component of your overall cyber security strategy.

Ask yourself what kind of security measures you have in place to protect your financial information and your customers’ information. How many of these Security Six protections are you using right now?

Cybersecurity is always vital, but in recent months it has become more critical than ever before. In the wake of the COVID-19 pandemic, hackers and fraudsters have capitalized on the disruption and increased their efforts to steal personal and business data. According to Jeff Bathurst, cybercriminals have used this as an opportunity to prey on companies that were not fully prepared to work in a completely remote environment. The pandemic quickly magnified any cybersecurity weaknesses that businesses had, and immediately after the pandemic hit, there was a 40% increase in cyberattacks. In April alone, criminals stole a staggering 220 million company and personal records.
​
But pandemic or not, cybersecurity should be a top priority for every company. Understanding where your business is vulnerable and what it can do to stay protected will help you avoid cybersecurity issues. 

The possibility of business fraud is the dirty little secret that business owners tend to ignore. Unfortunately, there will always be unscrupulous individuals that try to take what is not theirs, even during hard times. Recent reports of bookkeeper fraud serve as a reminder to business owners that fraud never stops, even when businesses are down on their luck. In fact, a global fraud study found that, on average, companies lose 5% of their yearly revenue to fraudulent activities.
​
While it is easy to imagine fraud occurring by faceless cybercriminals or strangers sneaking in to rob your company of cash and valuable assets, most perpetrators have deep ties to the business, and many are first-time offenders. Many times, the people you least expect are the ones responsible for fraudulent activity – long-time employees, close friends, and even family. These bonds can make it difficult to spot the warning signs, causing fraud to go undetected far longer than it should.