Every organization – from large corporations to small companies, from s to philanthropic entities – can be the victim of internal fraud. All too often, an entity leaves itself vulnerable by not devoting adequate resources to fraud-prevention tools or adopting a laser-like focus on sales, product development or mission that leaves other areas of the organization, such as finance and accounting systems, ripe for malfeasance.

Lacking Internal Controls

The top fraud weakness at organizations is a lack of internal controls. One of the most effective internal controls is segregation of duties, or ensuring that at least two different people are responsible for separate components of financial tasks. This helps prevent any one person from having total control and misusing this control to commit fraud or embezzle funds.

The functions that should generally be separated among more than one employee at most organizations are 1) approval, 2) accounting and reconciling, and 3) asset custody. If these functions can’t be separated in a small accounting department, a detailed supervisory review of related activities may instead serve as a compensating control activity.

How Fraud Schemes Work

Here’s one example of how a fraud scheme might work: An employee will set up a fake company in the accounting system as a payee, create fake invoices and issue checks payable to the phantom company. The employee then cashes the checks, effectively stealing the money from the organization.

Proper segregation of duties makes it significantly more difficult for a dishonest employee to pull off such a scheme. When duties are segregated properly, no single employee will update the vendor master file or be able to initiate, approve, and record a transaction; reconcile balances; handle assets; and review reports.

A few examples of how financial duties might be segregated include:

• The employee who requisitions purchases is not the same one who approves purchases.
• The employee who approves purchases is not the same one who reconciles monthly financial reports or obtains custody of checks.
• The employee who maintains and reconciles accounting records is not able to obtain custody of checks.
• The employee who prepares a listing of checks received should not maintain receivable or accounts receivable records.

Here is how of segregation of duties among three employees might look:

• The CFO (approval function) will:
• Approve vendor invoices, purchase orders, expense reports, and all journal entries
• Sign checks and authorize electronic payments
• Approve timesheets, review payroll reports, and approve compensation adjustments
• Review wire transfers, ACH payments, and bank account activities
• Sign contracts and approve budgets and financial plans
• Review bank reconciliations and cancelled checks
• Review the monthly financial statements

The first accounting employee (accounting and reconciling function) will:

• Record financial transactions, such as expenses
• Process payroll and record the payroll entries into the general ledger
• Reconcile various general ledger accounts, such as bank accounts and accounts receivable, investments, and fixed assets
• Prepare the monthly financial statements

The second accounting employee (asset custody function) will:

• Mail or distribute checks and payroll
• Handle cash receipts and deposits
• Issue payments
• Manage petty cash

If your organization can’t devote three people to segregation of duties, segregate as best as you can with two employees.

Document Segregation of Duties

It is critical that the segregation of financial duties be documented and, at not-for-profit organizations, for management to share this with the board of directors. Board members have both direct and oversight responsibilities with respect to fraud prevention that include ensuring the organization has adopted adequate policies and internal controls.

Precautionary measures – like the segregation of duties – are helpful in preventing fraud but, like all systems and processes, they aren’t foolproof. Even if an organization adheres to all the rules and guidelines, dishonest employees will still be looking for, and may find, a way to work around the system for their own gain. Nonetheless, establishing clear and sound processes will make it difficult for an employee to commit fraud.

The specialists at Dembo Jones can help you define what internal controls your organization needs and will work with you as you implement them. Let us help you reduce the potential for fraud.