In the latest edition of the SMTA magazine Auto Insight, Director of Audit Jacqueline Whyte examines the different ways a business can be exposed to fraud and how to minimise the risks.
How exposed is your business to fraud? Could it happen to me?
People commit fraud for one of two reasons: greed or need. With the cost-of-living crisis perhaps ‘need’ is higher than ever and therefore the potential for fraud is elevated. Fraud also requires motive or opportunity. There is little that can be done to mitigate against motive but there are steps businesses can take to reduce opportunity. Whilst businesses often focus on technological threats, what about the everyday opportunities that exist offline? What steps can you take to reduce exposure to these risks within your business?
Risk Register and Controls
Do you have a formal risk register? The answer to this probably depends on the size and complexity of your business. If there is no formal risk register, how often do you step back and consider which areas of your business could be susceptible to fraud? Fraud can take a number of forms, either internal to an organisation or external. Let us first consider this from an internal perspective.
Fraud is commonly committed by people exploiting weaknesses in internal controls. Whilst it is impossible to completely eradicate fraud risk, by considering weaknesses and designing controls to minimise them, businesses can mitigate these risks to an acceptable level. A risk register often helps to identify what or where such weaknesses could occur.
Types of Fraud
Common types of fraud include:
- Misappropriation of assets – using company assets for personal purposes, theft of cash or stock.
- Customer fraud – theft.
- Supply chain fraud – paying for goods that are not delivered to you or your customers but diverted to a third party.
- Payroll fraud – do all employees on the payroll actually exist? Are they being paid at the correct rates per their contract?
- Financial fraud – management override of controls, unnecessary provisions, inflating results to meet bonus targets or bank covenants.
Consider the examples above in the context of your own business, and ask yourself which areas of your business are most susceptible to fraud:
- do you have physical restrictions over access to stock? Is access limited to those who require it? Do you carry out monthly or annual stocktakes?
- Are staff using company time and resources to repair their own vehicles or those owned by family and friends?
- Are delivery notes tied up to purchase orders to ensure all goods ordered are actually delivered? Are suppliers overcharging for products?
- What procedures are in place for accepting and banking cash? How is cash recorded? Do you carry out spot checks on cash?
- Who authorises payroll payments? Is it possible to create a fictitious employee and divert funds to a personal bank account?
- What procedures are in place to authorise a change in supplier bank details?
- Are key financial ratios such as gross margin, stock turnover days or creditors days reviewed on a regular basis?
Opportunity creates risk
Wherever there is an opportunity there is a fraud risk. Three of the main areas where fraud may occur are:
- Staff
- Customers
- Suppliers
Consider the following in relation to these areas:
- How well do you know your staff? Are there any indications of financial difficulties? Have there been unexplained changes in lifestyle? Has there been an increase in customer complaints?
- Do you have new customers placing high volume orders who haven’t been properly vetted? Are existing customers placing unusually high value orders and requesting changes to delivery addresses?
- Have suppliers requested changes to payment and delivery addresses? Are goods of a poorer quality than usual? Are they supplying unofficial parts?
Considering the questions posed above should help to set you on your journey to identifying opportunities for fraud and how to create a strong control environment to reduce risk wherever possible. Consider what controls exist and how effective they are. Monitor controls regularly and strengthen them or implement new controls if required. Remember fraud prevention is not a one-off exercise.
Prevention
Tips to prevent fraud include:
- Be wary. If something sounds too good to be true it probably is.
- Know your business, staff, customers and suppliers.
- Talk to staff about fraud prevention measures and ensure they know how to spot the warning signs.
- Think like a fraudster – how could weaknesses be exploited?
Conclusion
It will never happen to me and I thought he/she was trustworthy are common words used when frauds are uncovered.
Consider the impact if your business became a victim of fraud. Could it affect the long-term future of the business and perhaps cause reputational damage? Carrying out a risk assessment, implementing robust controls and having good financial management will all contribute towards minimising the risk of fraud.
Jacqueline is an experienced audit specialist who manages the firm’s audit compliance responsibilities, as well as overseeing many of the firm’s largest audit engagements. Please email Jacqueline at jwhyte@thomsoncooper.com if you wish to discuss anything covered in this article.
You can read the magazine here, with our article appearing on pages 20-21.