More

MindShare

Minimizing Exposure to Fraud – Part 1: Checking Account Controls

Small businesses and nonprofit organizations may have more exposure to fraud since they often do not have the resources or systems available for fraud prevention. Fraud can occur when an employee is provided with the opportunity to handle cash or assets without a system of “checks and balances” in place. While there is no way to completely prevent fraud, there are ways to minimize the risk and increase the chance of detection.

When considering an organization’s vulnerability to fraud, it is important to keep the following in mind:

  • Financial statement audits do not detect fraud. Audit reports specifically state that they are not intended to detect fraud. Fraud may be discovered during a financial statement audit, but an audit is not an effective means of protecting your organization from fraud.
  • Banks do not guarantee signature verification. Although your bank may notice an unauthorized signature or missing signature(s) on a check, the volume of bank activity makes signature verification an unreliable method for protecting against fraud.

The following recommendations can help organizations minimize exposure:

Checking Account Controls

  • Do not delegate responsibility for check signing. CEOs and Executive Directors are ultimately responsible for the finances of an organization and should retain check signing authority.
  • Do not use signature stamps for checks.
  • Have all checks printed from QuickBooks (or your accounting system). Computer generated checks provide a level of assurance that the payee on the check matches that recorded in the system and reduces the risk of alteration.
  • Minimize handwritten checks. Although the bank reconciliation process verifies check amounts and numbers, it is not often possible to verify the payee.
  • Request that the bank return cancelled checks (or electronic images) with your bank statements and verify that the payee on a cleared check matches the payee in the accounting system.
  • Endorse checks for Deposit. Immediately upon receipt, use a stamp or endorse all checks received with “For Deposit Only” along with the company’s bank account number.
  • Have bank statements mailed to a separate address.
  • Open and review bank statements when received – before providing statements to accountant for reconciliation.
  • Limit access to bank account PIN numbers and avoid the use of debit cards. Providing employees with codes or software that enables them to transfer money essentially provides them with check signing authority.
  • Do not allow anyone to misrepresent themselves as you by giving them your password, or allowing them to sign your name. Allowing an employee to sign your name, even on credit card purchases, could compromise your legal recourse if fraud or embezzlement occurs.
  • Provide only original documents for posting and payment processing. Using original documents can prevent fraudulent alteration of document copies.
Tagged With: , , ,

Financial Record Security

You might think that your small organization is not a target for malicious hackers. But, a survey by the Small Business Technology Institute reported that more than half of all small businesses in the U.S. experienced a security breach in the past year. Here are the steps you should take to provide basic security for your financial records.

  1. Protect Your Systems—Equip all PCs and servers with a) an un-interruptible power supply to prevent corruption of data, b) virus detection software, adware/spyware detection and removal tools, and c) a firewall on all computers that connect to the Internet.
  2. Create Backups—Make regular backup copies of all your important data. Store a copy away from your office.
  3. Use Effective Passwords—Encourage non-obvious passwords and change them every three months. Use password protection for folders and files containing accounting information.
  4. Keep Software Up To Date—Without updates, your anti-virus, anti-spyware and firewall software will not protect you against new cyber threats.
  5. Lock Your Records—Lock file cabinets and access to computers that contain financial information. Block all unauthorized access to the QuickBooks data file.
  6. Be Prepared For Emergencies—Create a contingency plan for your organization so you can recover if you experience an emergency. Test your plan annually.
  7. Use A Payroll Service—Use a payroll service and keep employee names and detailed payroll information separate from the accounting system.
  8. Audit Trail—Make sure that your accounting software’s audit trail is turned on, allowing unauthorized changes in data to be investigated.
  9. Computer Checks—Generate bill payment checks directly from the accounting system to reduce the risk of check alteration and duplicate bill payment.
  10.  Educate Your Staff About Security—Develop a “culture of security” in your employees and in your business. You might think that your small organization is not a target for malicious hackers.
Tagged With: , , , , , , , ,