Just this week, there was a story in the news of a small not-for-profit company dealing with fraud from a bookkeeper/bookkeeping service. It happens too many times and can occur with the most reliable employees. Often times the business owner is heard saying that the employee was long term, loyal, and trusted.
How does this happen?
Rarely does the fraud occur in one lump million-dollar heist. No, it occurs over time, months, and even years. It typically happens when your bookkeeper/finance manager is performing all accounting functions including payment approval, writing/signing checks and performing the bank reconciliation. The most common situations are:
- Creation of double checks. The accounting person writes a check to pay a bill and enters another one for the same amount to themselves. The second check is booked to the same general ledger account as the original bill and therefore hidden in the total cost for that expense account.
- Access to cash. This is only common sense. Checks and balances need to be in place for access to cash. Access to cash from someone who is not an owner enables them to take cash and enter a journal entry to any expense account.
- The ability to order a credit card in their own name. There should only be one administrator on credit card accounts, and it should be the owner. A bookkeeper with access to this account can open a card in their name, charge on it and pay the bill without the owner ever finding out.
What can I do to prevent it?
Separating accounting duties is a critical step in avoiding fraud all businesses. A business should never have one person (other than the owner) writing checks, paying bills, and reconciling the bank account. Period. Technology can assist with the separation of duties. Apps like Expex create stopgaps and tools to mitigate the possibility of financial fraud by:
- Eliminating the need for paper checks.
- Creating an audit trail for each transaction.
- Creating rule-based rights so that the same person does not approve and pay bills.
- Limiting expense categories that each user has access to.
- Assigning system email addresses that vendors can email bills to.
- Restricting access to the bank account.
- Creating monthly reports that detail user activity.
Fraud doesn’t always happen.
True, it does not always happen but why put yourself in those shoes? Ask us how we can help you and your business stay healthy, happy, and growing!