<img alt="" src="https://secure.leadforensics.com/167082.png" style="display:none;">

Have a question? Call us  877-735-7693

25 Internal Controls to Reduce Risk in Your Business


3 min read

Internal Controls Business

Print as a PDF

When you have one or two people doing your books, you are putting your business at a higher risk for fraud. Many small businesses don't know how to get around this problem. Trust isn't enough. You may not have the extra money available to hire a controller, and it's likely that you find it hard to spend the time double-checking the work your bookkeeper is doing. 

Key Takeaways

  • Trust isn't enough for preventing the risk of fraud-- you need a separation of duties and internal controls.
  • Internal controls such as setting up an anonymous hotline, limiting permissions, and limiting manual checks will lessen the risk of fraud.
  • If you can't separate duties between two people, use an outsourced service to do the bank reconciliation and check the audit trail report. Just the threat that someone is looking over your 'trusted' employee is enough to help deter theft.


Best practices like separation of duties and setting up internal controls considerably helps to reduce your risk. 

One of the most important reasons companies choose to outsource their accounting is to reduce fraud. Having a dedicated 3-person team as your outsourced full-service bookkeeping department, along with written processes and procedures, can give you peace of mind so you don't have to worry about fraud. 

Click here to download: The Guide to Outsourcing Your Bookkeeping & Accounting  for SMBs

Alternatively, you can get controller-only service - someone to just look over the shoulder of your bookkeeper to make sure that everything is in line. Some of our clients start there, then as they grow, our scalable services adapt as needed.

If you aren't ready to outsource just yet, here is a checklist of the top 25 controls to help reduce your risk of fraud... 

25 Internal Controls to Help Reduce Your Risk of Business Fraud 

  1. Clearly define what constitutes fraud in your employee manual.
  2. Set up an anonymous hotline - Encourage employees to speak up if they suspect fraud.
  3. Perform monthly bank reconciliations - by someone who does not write checks.
  4. Review Accounts Receivable reports - don't let the person who does billing issue credits.
  5. Limit permissions for people entering bills – you can set "view-only" users in QuickBooks Enterprise Edition.
  6. Set user permissions to limit access - don't let anyone use the Admin password
  7. Implement an expense and reimbursement policy - what's acceptable and what's not.
  8. Use a credit card to track business expenses - replace it yearly.
  9. Ensure the Undeposited Funds account is cleared regularly.
  10. Review outstanding checks and depositsmake sure you write off things that aren't going to happen.
  11. Sign-off approvalbefore checks are issued to make sure every check is authorized.
  12. Limit manual checks and lock up your check stock.
  13. Even better, don’t write checks. Use bill.com, a billing solution that integrates with QuickBooks. This links scanned images of every bill with the payment.
  14. If you must use your own bank’s bill payment, use SmartVault to link scanned images of every transaction to the QuickBooks file. This way you know what’s getting paid.
  15. Each user should have a separate password. Don’t ever share passwords.
  16. Set a closing date and password - even if you give it to the bookkeeper, all prior period changes will now be tracked
  17. Utilize the Audit Trail Report and filter it for critical transactions - deleted invoices, credits, changed disbursements
  18. Calculate sales commission on cash received not billed
  19. Use purchase orders for approval of large amounts - and get approvals on POs
  20. Implement a physical inventory count periodically and reconcile to the accounting system balance
  21. Ensure vendor records are complete - W9’s should be required for all vendors who are not companies
  22. Sign-off approval before checks are issued
  23. Reconcile petty cash
  24. Prepare Daily Flash Report - How much cash do you have? What is your a/r and a/p balance?
  25. Perform a physical count of fixed assets

*Important final tip: Make sure the external accountant user type in QuickBooks is only used for the accountant. There are tools in there that only your CPA or outsourced accounting service should use!

Get a Quote for Outsourced Accounting & Bookkeeping Services

If you can't separate duties between two people, use an outsourced service to do the bank reconciliation and check the audit trail report. Just the threat that someone is looking over your 'trusted' employee is enough to help deter theft. No system of internal controls will prevent all theft, but without proper separation of duties, your risk goes way up.

New call-to-action

Subscribe Here!