Tag Archives | internal controls

What Happens When Companies Don’t Have Internal Controls

While we never aim to scare our clients and readers, we have a huge plethora of war stories about what happens when companies don’t have internal controls. Just in my 18+ years of experience, I’ve compiled all the crazy stories for you today. 

What Happens When Companies Don’t Have Internal Controls 

So, what happens when companies don’t have internal controls? They open themselves up for theft, embezzlement, and liability. If there are no controls over what’s going on inside, then there is no control over cash flow, profitability, etc. It also “gives permission” to your team to do as they please and when it pleases them.  They may or may not be making decisions in the best interest of the company.  But without internal controls, they are likely less careful with the decisions they make.  Have you ever noticed how easy it is for a child to spend their parent’s money, but if it was their own money they are less likely to spend frivolously?

War Stories | What Happens When There Are NO Internal Controls 

In my experience, I have gathered so many war stories on what happens when there are no internal controls. Read about some of my most unforgettable below.  

My Most Trusted Accountant and Advisor 

Many years ago, while I was part of the audit team, I had a client who had the same accountant for 20+ years – we’ll call her Sheila. She has been with the company since it opened its doors and was the owner’s most trusted confidant and advisor. Sheila was in complete control of the receivable and payables.  There was no oversight over Sheila’s position. When I started to look at their accounting records, there were several red flags…

Sheila was very defensive and abrasive when I came into the office and during the review phase of the engagement.  She mentioned several times it was okay for me to work remotely.  She wanted me to sit outside of her office, even though her office was large and had a meeting table and several chairs. Intuitively, I knew something was off with her.

I also noticed that the company cut thousands of checks every month to different companies. Sheila cut them and signed them herself.  The business owner trusted Sheila and gave her access to manage the bank account and accounting records.

The biggest red flag was discovered during the audit of the transactions.  There were several inconsistencies with who the checks were being written to and how they were recorded in the accounting system.  It appeared Sheila would have the checks payable to herself and immediately go back into the system and change the name to a made-up vendor.  After months of due diligence and investigation, it was discovered that she had stolen at least a quarter of a million dollars in just the last 10 years of her employment. While this hurts the owner, the owner gave less trust at face value and implemented internal controls to regain trust in accountants.

Creating Checks and Balances with Internal Controls

In another instance, the Chief Operating Officer of a company approved several supplier invoices.  The accounts payable department processed the invoice and paid the supplier without further questioning. It took at least a year before the company learned that the COO created this false company, approved the invoices and received payments for personal gain.

Therefore, it is critical to have internal control at all levels of the company with different teams in place to create the check and balances it needs.  Internal control would the purchasing group validate the supplier, approve the purchase order before submitting the order to accounts payable.  Generally, operations would have received a receiving document once goods/services have been provided with a signature of the person receiving the goods/services.  Accounts payable would receive the final invoice and match it against the approved purchase order and receiving document.

 

What I Learned About Internal Controls 

There are several things I learned about internal controls when I was in audit and now even as a CFO 

Trust Your Gut 

If your gut is telling you something is wrong or off, it is worth investigating. When I have followed my gut, I have either found something wrong or found comfort that everything is okay. But those few times I did not trust my intuition, I missed steps to prevent fraud, etc.  

Never Do Anything Without Oversight 

As a CFO, business owner, entrepreneur, and accountant, I have learned that no one is too high not to have oversight. If I cut all the checks and sign them, that leaves it all up to me. Thankfully, I know myself and I would never do anything criminal! However, not all people are like me. There are, unfortunately, individuals that are motivated by rationalization, pressure, and/or opportunity. Oversight helps protect all parties – even yourself.  

So that is what happens when companies don’t have internal controls – lack of control.

what happens when companies don't have internal controls, When Companies Don't Have Internal Controls

what happens when companies don't have internal controls, When Companies Don't Have Internal Controls

Share this:
0

7 Warning Signs of Fraud

warning signs of fraudUnfortunately, companies of all sizes can become victims of fraud. In fact, a study on fraud published by accounting firm KPMG International found “a very large increase in cases involving the exploitation of weak internal controls by fraudsters up from 49 percent in 2007 to 74 percent in 2011.” Thus, internal controls are a first line of defense and are important in any size organization. So, implement them to reduce the opportunity for fraud. Whatever the size company, there are some warning signs of fraud that are important to pay attention to.

7 Warning Signs of Fraud

1.  Is the person reconciling the bank statement also a check signer?

These are important duties to segregate. When combined, a person signing a fraudulent check can go on without being detected.

2.  Does your company have several bank accounts?

Multiple bank accounts make inappropriate movements of cash harder to detect. So, make sure you understand the business need for each bank account the company has and use as few accounts as possible.

3.  Do you have a budget to compare with your actual financial results on a monthly basis?

This is an important control in the detection of unauthorized transactions.

4.  Have you noticed a controlling personality or secretive behavior on the part of an employee?

This may be a sign that a person is being deceptive or needs to control people or the environment in order to conceal their activity.

(Have you ever heard of skimming fraud? It’s the most difficult fraud to detect.)

5.  Are there accounts on your financial statements that you do not understand?

Ask! If your question is not welcomed or answered to your satisfaction, then pay attention to this response.

6.  Financials that are not timely or closed on a monthly basis.

Lax or non-existent cut offs leave room for inappropriate entries in months long gone.

7.  Are employees related in your accounting department?

Part of a functioning internal controls system is the need for collusion in order to circumvent controls.

The Fraud Triangle

What is the motivation for an employee to steal?  The fraud triangle shows us 3 following conditions:

  • Pressure (motivation or intent to steal)
  • Rationalization (justification of dishonesty)
  • Opportunity (ability to carry out misappropriation of company assets.)

Well designed internal controls serve to mitigate the opportunity for fraud in your organization.

(Have you every wondered does fraud follow economic cycles?)

How to Reduce Fraud

What can you do to reduce the chance for fraud in your organization? First, remember that internal controls are necessary for all size organizations. Check out the following ideas that you will find helpful as you assess controls in your organization:

Live Ethics in Your Corporate Culture 

A culture of ethics starts at the top and you start by demonstrating it on a daily basis. We cannot emphasize this enough as it sets the bar for acceptable behavior in your organization.

Trust is Not a Control 

Trust is not a control, so design internal controls. Then put them in place for the position. Thus, they should not be for a particular employee, regardless of how trusted that employee is.

Pre-Employment Screening

Conduct pre-employment screening including background checks as appropriate.

Utilize Entire Team

If you do not have enough employees in accounting, then utilize others as part of your control system.

Have Different Signers

If your bank account reconciler is a signer, then find a different signer. Segregate the check cutting, signing and reconciling duties from each other.

Unbiased Reviewer

Have the company bank statements go unopened for review by someone in a management position who isn’t cutting or signing checks.

Choose Signers Carefully

Understand what authority signers have with company bank accounts and choose signers carefully. Add extra controls to your corporate bank accounts – an example is precluding any counter withdrawals so that all bank account withdrawals go through the check writing process.

Anonymous Alert System

Set up an anonymous way for your employees to alert you of any concerns/suspicions related to potential fraud within your company. Then take these alerts seriously.

Segregation of Duties & Controls

Segregation of duties and internal controls protect both your employees and the company.

If you want to reduce the fraud or detect fraud in your company, then check out our free Internal Analysis whitepaper. We have designed this whitepaper to assist your leadership decisions and create the roadmap for your company’s success!

warning signs of fraud
Strategic CFO Lab Member Extra
Access your Exit Strategy Checklist Execution Plan in SCFO Lab. The step-by-step plan to put together your exit strategy and maximize the amount of value you get.

Click here to access your Execution Plan. Not a Lab Member?

Click here to learn more about SCFO Labs

warning signs of fraud

Share this:
3

Separation Of Duties

Separation of Duties Definition

Some circles refer to separation of duties as segregation of duties. It refers to a concept that leads to greater internal control within a company. The accounting separation of duties definition is a theory that the job of an employee should provide a reasonable evaluation for the job of another employee. In layman’s terms, no one person has too many responsibilities rested on him/her. What this does is prevent mistakes and fraud which could bring detrimental consequences upon the company as a whole as well as the individual.

Separation of Duties Example

A separation of duties example could be the relationship that exists between an accountant and a cashier. This policy maintains that the accountant should not update the cash balance on the cash as well as keep track of the cash on his person. Contrarily, the cashier should not have both those responsibilities either. It upholds that the accountant should keep track of the cash books while the cashier accepts responsibility for the cash that’s on hand. At the same time, separation of duties works for constructs other than business types. Our government has Legislative, Judicial, and Executive branches. The “duty” of running an efficient and successful government is spread over three entities.

Accounting Separation of Duties

While it is intelligent for there to be some sort of accounting separation of duties when it comes to jobs in general, it is paramount to efficiency and success. In fact, keep accounting completely separate from the rest of the operations divisions in the company. This remains constant for all aspects of production and financing. Therefore, there should be no individuals in the work-in-progress section that are keeping track of products in the finished goods section.

Why Is Separation Of Duties Important?

Obviously, as said before, duties maintains an efficient balance of work that ensure the accuracy and correctness of jobs. The work of one man, in turn, checks the work of another. Overall, this keeps a company or organization running as smoothly as possible. In addition, it produces accurate product and financial information. Separation of duties also creates jobs for more individuals. If one person was expected to be responsible for multiple jobs, then there would most certainly be fewer jobs for others. This spreading of responsibility allows for a more manageable workload. In addition, it allows for more available responsibilities for others to take.

separation of duties, Accounting Separation of Duties

Share this:
0

Employee Theft

Throughout my career, I’ve witnessed theft of office supplies, the use of company property for personal gain, dishonesty on time sheets, and other infractions that cost the company thousands of dollars per year. But, I worked under the naive assumption that the more significant embezzlement of company assets was scarce and overblown by the media.

Employee Theft Example

It turns out that the Controller of a company I’ve worked with had embezzled well over $1 million in cash. In addition, most of the embezzlement occurred in 15 months. As I discussed the matter with colleagues, I was surprised by the number of individual experiences that were shared with me on similar situations. I was particularly intrigued by my colleague’s recollection of a controller who when caught, admitted to stealing to pay back a judgement against her for theft from a prior employer. According to the US Chamber of Commerce, approximately 75% of employees steal from their employers. In addition, over half of these employees do it more than once. The US Commerce Department estimates that employee theft costs employers over $50 billion dollars a year. These are staggering figures.

In the example above, there were two primary factors contributing to employee’s ability to perpetrate this fraud including:

This employee was responsible for every facet of accounting. They had complete control of the cash accounts (received customer payments, made deposits, paid vendors, and was responsible for collections). Due to financial constraints and/or lack of transactional volume, it is not practical for many small businesses to have more than one person in accounting. That’s okay.

Steps to Prevent Employee Theft

There are still steps you can take to help prevent most types of dishonesty. Here are a few examples:

  1. Outsource payroll. In addition to removing fraud opportunities, you are greatly reducing your risk associated with federal, state, and local payroll tax filings.
  2. Have a non-accounting employee open and inventory mail, and stamp any checks with “For Deposit Only, Acct number ####” before turning it over to the person that will enter the receipts and make the deposit.
  3. Have an executive or manager review deposit slips, check copies, and compare them to the inventory previously taken.
  4. Open a lock box and print remittance instructions clearly on all customer invoices.
  5. Have someone who does not perform deposits or disbursements reconcile the bank accounts.
  6. Review your bank statement, check copies (if you don’t get them now, arrange to get them going forward), and the reconciliations each month.
  7. Perform background checks on your employment candidates BEFORE offering employment.
  8. Have an audit (or at a minimum a review) performed by your CPA annually. Although CPA firms specifically indicate that they may not detect fraud, that outside look requires GL to sub-ledger reconciliations and random samplings of detailed transactions that would make most people think twice.
  9. Count physical inventory at random intervals and reconcile the increases or decreases to sales, purchases, and damaged items.
  10. Be suspicious. As the business owner or manager, you have the right to ask questions and review detailed work. If an employee is defensive or resistant to sharing their work, this may be a red flag.

Conclusion

It is an unfortunate reality in today’s business environment that we need to be on guard at all times. There are many additional steps you can take based on your industry and the resources available to you. Because the problem is so widespread, look into adding employee dishonesty to your insurance coverage. It could save you one day!

If you want to prevent employee theft, check out our free Internal Analysis whitepaper and learn what weaknesses need to be resolved.

employee theft
Strategic CFO Lab Member Extra
Access your Exit Strategy Checklist Execution Plan in SCFO Lab. The step-by-step plan to put together your exit strategy and maximize the amount of value you get.
Click here to access your Execution Plan. Not a Lab Member?
Click here to learn more about SCFO Labs

employee theft

Share this:
0

Risk Management

By now you may have heard of the 31 year old, lower level trader at Société Générale, one of the largest banks in France, who apparently made some unauthorized bad bets on European equity indexes using futures contracts, resulting in a €4.9 billion ($7.2 billion) loss for the company. The trader had managed to fraudulently bet some €50 billion ($72 billion) that those indexes would rise. Why’d he do it? As of now it appears that he did not profit from these trades. Maybe his boss ticked him off. Maybe it was the thrill. Regardless, this wouldn’t have happened if there was risk management.

Risk Management

While you may not have a trading operation and your firm may not be able to place such outsized bets, perhaps you should consider if your internal controls are strong enough to prevent an employee from pulling off a fraud with disastrous consequences. For many firms, this usually centers around cash management. But it encompasses more, such as who exactly is able to enter the firm into agreements. You want to think the best of your employees, but prudence requires sound policies and procedures.

Risk Management

Share this:
0

LEARN THE ART OF THE CFO