Fraud, particularly internal theft, is a prevalent issue for many businesses. And unfortunately, if it’s not detected in time, it can put your company-owning clients out of business. But what are some of the root causes of this common issue, and how can you prevent them? At the recent Accountex conference in Boston, Michael Cichy, senior executive at Palette Software, addressed these questions.
One of the biggest culprits is indirect purchasing controls, Cichy says. While direct costs, like inventory, are usually well managed, operations frequently aren’t, leaving room for thieves to siphon off funds and bleed the company dry. To counteract opportunists, he advocates controlling spending with 100 percent PO utilization, as well as implementing permissions to make purchases and view information in your databases. He also suggests consolidating your vendor list so you can better keep track, as well as randomly checking invoices yourself to make sure everything is above board.
Another root cause? Bad data entry. This is absolutely one area where it’s crucial to rely on technology, according to Cichy. Simply put, human data entry is incredibly problematic. Not only are people prone to making mistakes, but this also leaves the door open for thieves to take advantage of you.
Unfortunately, the electronic networks and third-party capture mailroom services many large companies utilize to stop this issue often aren’t the right solutions for small to medium businesses. Instead, Cichy recommends using intelligent PDFs, since they’re inexpensive, easy to implement and completely accurate. They offer a structured invoice format as well, unlike optical character recognition (OCR) solutions, which also suffer from a questionable ROI.
A lack of AP controls also leaves businesses vulnerable to fraud. This is largely because IT companies just don’t prioritize AP, a fact you and your business-owning clients should keep in mind when working with technology professionals on your systems. It’s also due to the lack of P2P controls and processes ERPs suffer from. Shore up your defenses, urges Cichy. You probably have a “table of authorization” somewhere detailing levels of authority and who is responsible for what. Use it, especially when deciding who has what electronic permissions. He also encourages enforcing a four-eyes policy on all invoice approvals, as well as collaborating with purchasing for PO utilization.
A final root cause of devastating internal fraud is poor vendor management controls. All too frequently, businesses don’t manage their vendor files well. Rather than deleting old companies from databases when they’re not being used anymore, many simply just add new vendors to an outdated list, a situation that can lead to accidental fraud, like duplicate payments to the same vendor that switched locations, or intentional theft. This is one situation in which being paper based will actually cause your company direct harm, Cichy notes. Have a report engine for auditing and cleaning, and consolidate all your current vendors into one place. Every company needs an automatic vendor payment process as well.