(800) 931-6557
(800) 931-6557
ASP
  • Home
  • Services
    • Accounting
    • Accounting FAQ
  • Recruiting
    • Services
    • Recruiting Team
    • Our Process
    • Recruiting Podcast
    • Top Candidates
    • Recruiting FAQ
  • Openings
  • Locations
    • Oregon >
      • Oregon Accounting
      • Oregon Bookkeeping
      • Oregon Team
    • Washington >
      • Washington Accounting
      • Washington Bookkeeping
      • Washington Team
    • Colorado >
      • Colorado Accounting
      • Colorado Bookkeeping
      • Colorado Team
    • Texas >
      • Texas Accounting
      • Texas Bookkeeping
      • Texas Team
  • About
    • Clients
    • Testimonials
    • Inclusion at ASP
    • Resources
    • Submit Resume
  • Blog
  • Contact
  • Payments
  • Home
  • Services
    • Accounting
    • Accounting FAQ
  • Recruiting
    • Services
    • Recruiting Team
    • Our Process
    • Recruiting Podcast
    • Top Candidates
    • Recruiting FAQ
  • Openings
  • Locations
    • Oregon >
      • Oregon Accounting
      • Oregon Bookkeeping
      • Oregon Team
    • Washington >
      • Washington Accounting
      • Washington Bookkeeping
      • Washington Team
    • Colorado >
      • Colorado Accounting
      • Colorado Bookkeeping
      • Colorado Team
    • Texas >
      • Texas Accounting
      • Texas Bookkeeping
      • Texas Team
  • About
    • Clients
    • Testimonials
    • Inclusion at ASP
    • Resources
    • Submit Resume
  • Blog
  • Contact
  • Payments

​In Pursuit of Profit

Read our expert article below or sign up to get articles sent to your inbox.​

9/19/2022

Comments

Eliminating the Possibility for Fraud: A Business Fraud Checklist

 
​Unfortunately, there is no way to eliminate the potential for business fraud entirely. However, you can minimize the likelihood that it will occur by strategically removing the most common ways that fraud occurs. 
A business fraud checklist
A magnifying glass over the word Fraud
As a business owner you need to understand that no company is immune from the possibility for fraud. Every day businesses become victims of theft, resulting in not only lost cash but also sensitive information and business data. Realizing this is paramount. Fraud does happen and it can happen to you.
​Implementing internal controls is the foundation of fraud prevention initiatives, but your efforts should not stop there. Today’s heightened cyber threats require a tactical approach to cybersecurity as well. Consider the following cyber fraud statistics about US companies:
  • Cybercrime cost businesses $6.9B last year
  • 41% of executives do not believe that their security precautions have kept up with the digital transformation
  • Only half of businesses have a cyber security plan in place, and of those 32% have not changed that plan since the pandemic shifted their employees into remote/hybrid work
  • Only 43% of businesses feel prepared to face a cyberattack
  • Weak or compromised passwords account for 71% of cybersecurity breaches
  • Over the last two years there has been a 60% increase in cyberattacks

So, what can be done about this vulnerability in the face of heightened cybersecurity concerns? Businesses must take a comprehensive approach to the security of their financial data. Establishing and maintaining internal controls and cybersecurity best practices are going to be your best defense against internal or external fraud.

 Use this comprehensive business fraud checklist to mitigate fraud risk:

  • Practice Segregation of Duties
Separate accounting duties among different employees at all levels to keep activities like making cash deposits and preparing financial reports apart. Making it difficult for an individual to cover up their fraudulent activity closes the door on simple opportunistic theft. To reduce the risk of collusion the further accounting duties are distanced the better.

  • Establish Access Controls
As the old saying goes “Access controls keep people out to keep value in.” Access controls can be physical (like locks on cash drawers, safes, or badge-only access areas) or virtual (like passwords).

Set permission levels on accounting software and apps and establish unique passwords for all employees. Use a password manager service to generate secure passwords and require that these passwords be changed frequently to minimize the likelihood that a compromised password can be used fraudulently on an ongoing basis. Where possible, utilize multi-factor authentication as well.

Use access logs to see what employees are accessing and when to ensure that it matches with their job duties. Rely on these records to help identify the culprit if fraudulent activity is discovered.

  • Require Approvals
Requiring a sign off on things like major expenses or business travel reduces the likelihood that asset misappropriation will occur. Funneling purchases through more senior employees or your most trusted leadership members adds an extra layer of defense. Now, keep in mind, it is possible that someone at the top can be stealing from the company as well, and required approvals will not prevent against that. However, this is a solid defense against the rising trend of employee embezzlement from normal business activities like adding new vendors or increasing payments to existing vendors.

  • Audit Assets
Regular asset audits are common at most businesses, whether they are virtual, physical, or both. Taking the time to count inventory on a quarterly or yearly basis is a way to protect business assets. However, audits should not end with these types of predictable examinations. They should also include surprise checks of cash drawers, bank account balances, and other company assets to keep employees honest.

  • Use Trial Balances
Trial balances are used to keep an internal record of credits and debits, thereby allowing a company to find errors and omissions in their double-entry accounting system. Whether these are a result of a mistake or fraudulent activity will need to be determined as part of a follow-up investigation after a discrepancy is found. At the very least trial balances can increase the accuracy of financial data, at the most they can help to identify and stop fraud quickly.

  • Conduct Reconciliations
Bank and credit reconciliations are a crucial part of cash flow management, which means that companies should already be performing them regularly. But as an added bonus, they can also help uncover fraudulent activity by knowing which deposits, charges, and payments are cleared or in-transit at any given time.

  • Standardize Business Templates
Use the same templates across all business teams for estimates, invoices, purchase orders, expense reports, and other business activities to streamline audits. It is much easier to find the kinds of discrepancies that can signal fraud when your accountants are looking at the same kind of documents than it is if they are trying to line up incongruous items.

  • Perform Data Backups
Regular data backups provide a safeguard against data loss. If there is a cybersecurity breach and information must be restored, you will want to know that you have current financial data to fall back on. Data backups can also be used to compare against current financial information in the case of fraudulent activity that involves deleting or changing records.

  • Utilize Reputable Service Providers
Even companies that have excellent internal controls can be compromised by partnering with vendors or providers with vulnerabilities. This is one reason that some companies prefer to work with more established service providers instead of freelancers for their outsourced business needs.
Companies that have strong internal controls should look for providers with similar policies and protocols in place to maintain their strength in these areas. Companies with weaker internal controls should seek out providers that have more stringent security guidelines to help encourage their efforts in these areas.

  • Train Employees to Identify Threats
Employees are not inherently going to know how to protect their employers from fraud. Help employees understand what kinds of threats exist, how to avoid them, and where to report them by providing formal training them in this area.

Some companies not only offer cyber threat training but also run periodic tests to analyze their vulnerabilities. Staging fake threats like fictitious email phishing schemes or phony vendor invoices to see how employees react is a proven way to gauge the effectiveness of their training and sure up security holes before a real threat arises. Reward employees who respond to these correctly and offer additional training to employees that fall for these threats.

  • Put Employees Behind a Firewall
Ensure that all the work employees do is happening behind an anti-malware firewall. Your firewall should protect individual devices as well as the entire network from malware to ward off cyberattacks.

As a secondary layer of defense, use anti-virus software to catch anything that makes it through your firewall. Anti-virus software will conduct routine scans automatically to look for malicious software or attempts to breech the firewall. As long as it is regularly updated it will operate using the newest cybersecurity information available to keep up with constantly evolving cyber threats as well.

Working together a VPN and firewall make up two of the “Security Six” safeguards that the IRS lays out as best practices for tax professionals, which demonstrates how important they are to cybersecurity for accountants.

  • Adapt to Remote Work
When employees are working remotely, safeguard their work and their devices by having them work over a VPN. A VPN creates an encrypted tunnel for data to move through no matter where a user is located to keep it safe along the way. Once only used for financial institutions, most companies are using some kind of VPN service for anyone that is working on shared networks these days.

If possible, only have employees work on company-provided devices to avoid the additional security risks associated with working on their own phones and computers. Use drive encryption in case a device is lost, stolen, or hacked. Where possible, use a mobile device management platform on company equipment for any employees working offsite so that if a device is lost or stolen it can be locked down to block access.

Lastly, establish company policies to clearly define expectations related to things like accessing, transmitting, and sharing sensitive information and financial data. Do not leave it up to guesswork. What may seem obvious to management may not be well understood by some employees. Clearly differentiate between what is and what is not allowed. For legal reasons, it is typically best to also include verbiage that explains the consequences of not adhering to these policies.

For a real world example from one of our colleagues of how these types of precautions can safeguard your business read: A True Story About Accounting Cybersecurity a One Company’s Narrow Escape

Remember, your business cannot be protected against fraud if you cannot trust the people tasked with managing its finances. If you are looking for a reputable accounting company, please reach out to us. We employ a seasoned team of accounting professionals that uses their extensive experience combined with ethical practices to deliver top-rated accounting services to clients across Oregon, Washington, and Colorado.  
Comments

    SUBSCRIBE:

    DOWNLOAD:

    The Ultimate New Business Formation Checklist

    DOWNLOAD:

    Accountant Evaluation

    Categories:

    All
    Accountant
    Accounting
    Accounting Systems
    Artificial Intelligence
    Audit
    Bank Reconciliation
    Benefits
    Bookkeeper
    Bookkeeping
    Brand
    Budgeting
    Business Analysis
    Business Trends
    Career
    Cash Flow
    Change Management
    Checklist
    Closing The Books
    Colorado
    Community
    Contracts
    Controller
    Depreciation
    Ecommerce
    Economy
    Finance
    Fraud
    Government
    Hack
    Hiring
    HR
    Infographic
    Internal Controls
    IRS
    Laws
    Leadership
    Legal
    Local Economics
    Manuals
    Market Trends
    News
    Nonprofit
    Online Bookkeeping
    Oregon
    Outsource
    Payroll
    Payroll Taxes
    Planning
    Procedures
    QuickBooks
    Record Keeping
    Recruiting
    Recruiting Market Reports
    Remote Workforce
    Reporting
    Restaurants
    Risk
    Sales Tax
    Scam
    Security
    Small Business
    Social Media
    Software
    Startup
    Statistics
    Strategy
    Taxes
    Technology
    Texas
    Time Management
    Washington State

    Archives:

    June 2025
    May 2025
    April 2025
    March 2025
    February 2025
    January 2025
    December 2024
    November 2024
    October 2024
    September 2024
    August 2024
    July 2024
    June 2024
    May 2024
    April 2024
    March 2024
    February 2024
    January 2024
    December 2023
    November 2023
    October 2023
    September 2023
    August 2023
    July 2023
    June 2023
    May 2023
    April 2023
    March 2023
    February 2023
    January 2023
    December 2022
    November 2022
    October 2022
    September 2022
    August 2022
    July 2022
    June 2022
    May 2022
    April 2022
    March 2022
    February 2022
    January 2022
    December 2021
    November 2021
    October 2021
    September 2021
    August 2021
    July 2021
    June 2021
    May 2021
    April 2021
    March 2021
    February 2021
    January 2021
    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    July 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019
    September 2019
    August 2019
    July 2019
    June 2019
    May 2019
    April 2019
    March 2019
    February 2019
    January 2019
    November 2018
    October 2018
    September 2018
    August 2018
    July 2018
    June 2018
    May 2018
    April 2018
    March 2018
    February 2018
    January 2018
    December 2017
    November 2017
    October 2017
    September 2017
    August 2017
    July 2017
    June 2017
    April 2017
    March 2017
    February 2017
    January 2017
    December 2016
    June 2015
    February 2013
    October 2012
    November 2011
    May 2011



    RSS Feed

Services

Accounting Services
Recruiting Services

​

Company

About
Oregon Team
​Washington Team
Colorado Team
​Texas Team
Clients


Support

Contact
CC
FAQ
​Resources
​Blog
​

ASP

Your resource for accounting & recruiting services. Serving Seattle, Bellevue, Redmond, Kirkland, Portland, Beaverton, Hillsboro, Lake Oswego, Denver, Lakewood, Aurora, Dallas, Frisco, Fort Worth, and more.
Contact us today for a free,
no-obligation consultation:
Toll Free (800) 931-6557
WA (425) 492-1901
OR (503) 473-0122
​CO (720) 572-8211
TX (214) 396-7403

[email protected]
© COPYRIGHT ASP - ALL RIGHTS RESERVED 
 A CFO Selections Company
Privacy Policy
Photos from Pricenfees, Debbieallendale