Research reveals that a typical company loses a significant amount of its revenue to fraud every year. Alarming it is but the majority of the organizations still deny that they might be vulnerable to effective internal controls for fraud prevention. Association of Certified Fraud Examiners (ACFE) suggests that many of the fraud cases are never detected because fraud inherently involves efforts of concealment. This calls for the implementation of strong anti-fraud controls to reduce the opportunities for committing fraud. Also, the attitude of the company towards internal controls, fraud, and ethical culture is an important requisite for fraud prevention.
The Committee of Sponsoring Organizations (COSO) defines internal control as a process, effected by an entity’s board of directors, management, and other personnel, designed to provide “reasonable assurance” regarding the achievement of objectives in the following categories:
- Effectiveness and efficiency of operations
- Reliability of financial reporting
- Compliance with applicable laws and regulations
Although strengthening internal controls don’t give you complete immunity from fraud, it makes you less vulnerable and a less attractive target for both internal as well as external criminals. Here are a few strategies that could help you to strengthen your internal controls:
1. Review of Expense Reimbursements
Managers and supervisors must review and authorize expense reimbursement on a regular basis. Reimbursement claims made by employees often account for asset misappropriation, involving inflated or fictitious business expenses. It is the duty of the management to ensure that all the policies related to travel and expense reimbursements are communicated clearly to the employees, along with notifications on updates. Expense reports submitted by employees must be reviewed thoroughly by the supervisors and the payroll department.
2. Division of Responsibilities
Another way of strengthening effective internal controls for fraud prevention is segregating the duties related to authorization of the transaction, custody of assets, record-keeping, and reporting. This aims at reducing the probability of a single person committing fraud and then concealing it. The Institute of Internal Auditors also suggests that there must be an adequate division of responsibilities among those performing accounting or control activities and those who handle the assets. Such a system helps in reducing the risks of fraudulent activities and their concealment.
3. Bank Reconciliations
Bank reconciliations could be helpful in determining the differences between the cash balance of an organization according to the balance sheet and according to the bank statement. It also helps in finding out the accuracy of the recorded data in the organization’s cash ledger. The frequency of performing bank reconciliations must be decided on the basis or organizational size and volume of cash transactions. Additionally, the process also needs adequate segregation of duties.
4. Web-Based Portal or Fraud Hotline
Introducing a web-based portal or a fraud hotline for reporting suspicious or fraudulent behavior could be beneficial. Such hotlines could be used by external or internal sources to report such activities confidentially and anonymously. Management must define the policies and procedures for using the hotline clearly and must also promote its usage. The fraud hotline can also be linked to a whistleblower reward program or an anti-retaliation policy to make it more effective.
5. Safeguarding Petty Cash
Petty cash is a small amount of cash held by a company for small or daily expenditure. Reconciliation of petty cash funds by authorized employees is also important on a periodic basis. Detecting petty cash improprieties could be helpful in understanding the broader issues regarding the organization’s approach towards internal controls. Internal controls on petty cash could be strengthened by keeping and reviewing sequentially numbered vouchers and disbursement receipts with the disbursement date, purpose, amount, and employee name. Also, only a limited number of employees must have the access to the petty cash fund. Periodic audit of the petty cash, conducted by the management, is also helpful.
Identification of the vulnerabilities is necessary for implementing strong and effective internal controls in an organization. It is also important to note that internal controls are a fluid and dynamic set of tools that evolve with time as well as changing technologies and fraud environment.