3 min read
When you have one or two people doing your books, you are putting your business at a higher risk for fraud. Many small businesses don't know how to get around this problem. Trust isn't enough. You may not have the extra money available to hire a controller, and it's likely that you find it hard to spend the time double-checking the work your bookkeeper is doing.
Best practices like separation of duties and setting up internal controls considerably helps to reduce your risk.
One of the most important reasons companies choose to outsource their accounting is to reduce fraud. Having a dedicated 3-person team as your outsourced full-service bookkeeping department, along with written processes and procedures, can give you peace of mind so you don't have to worry about fraud.
Alternatively, you can get controller-only service - someone to just look over the shoulder of your bookkeeper to make sure that everything is in line. Some of our clients start there, then as they grow, our scalable services adapt as needed.
If you aren't ready to outsource just yet, here is a checklist of the top 25 controls to help reduce your risk of fraud...
25 Internal Controls to Help Reduce Your Risk of Business Fraud
- Clearly define what constitutes fraud in your employee manual.
- Set up an anonymous hotline - Encourage employees to speak up if they suspect fraud.
- Perform monthly bank reconciliations - by someone who does not write checks.
- Review Accounts Receivable reports - don't let the person who does billing issue credits.
- Limit permissions for people entering bills – you can set "view-only" users in QuickBooks Enterprise Edition.
- Set user permissions to limit access - don't let anyone use the Admin password
- Implement an expense and reimbursement policy - what's acceptable and what's not.
- Use a credit card to track business expenses - replace it yearly.
- Ensure the Undeposited Funds account is cleared regularly.
- Review outstanding checks and deposits - make sure you write off things that aren't going to happen.
- Sign-off approval - before checks are issued to make sure every check is authorized.
- Limit manual checks and lock up your check stock.
- Even better, don’t write checks. Use bill.com, a billing solution that integrates with QuickBooks. This links scanned images of every bill with the payment.
- If you must use your own bank’s bill payment, use SmartVault to link scanned images of every transaction to the QuickBooks file. This way you know what’s getting paid.
- Each user should have a separate password. Don’t ever share passwords.
- Set a closing date and password - even if you give it to the bookkeeper, all prior period changes will now be tracked
- Utilize the Audit Trail Report and filter it for critical transactions - deleted invoices, credits, changed disbursements
- Calculate sales commission on cash received not billed
- Use purchase orders for approval of large amounts - and get approvals on POs
- Implement a physical inventory count periodically and reconcile to the accounting system balance
- Ensure vendor records are complete - W9’s should be required for all vendors who are not companies
- Sign-off approval before checks are issued
- Reconcile petty cash
- Prepare Daily Flash Report - How much cash do you have? What is your a/r and a/p balance?
- Perform a physical count of fixed assets
*Important final tip: Make sure the external accountant user type in QuickBooks is only used for the accountant. There are tools in there that only your CPA or outsourced accounting service should use!
If you can't separate duties between two people, use an outsourced service to do the bank reconciliation and check the audit trail report. Just the threat that someone is looking over your 'trusted' employee is enough to help deter theft. No system of internal controls will prevent all theft, but without proper separation of duties, your risk goes way up.