"But I trusted him."
That’s what everyone says when they uncover employee theft, because let's face it, nobody wants to suspect that an employee would steal from them. However, you work hard for your money, so it's only right that you work hard to keep it from disappearing. That's where strong internal controls can help.
Whether your accounting tasks are done on one PC or you have multiple users working on different screens, it’s critical that you make use of all that QuickBooks offers in terms of internal controls. You’ll also need to establish some common-sense rules.
First Stop: Audit Trail
An audit trail is a very large report that displays every addition, deletion and modification of every transaction. In older versions of QuickBooks, you could turn it on and off, but it’s permanently on now.
Due to its size, you may need to use QuickBooks’ filtering tools to zero in on the user and/or date(s) you’re looking for. Go to Reports > Accountant & Taxes > Audit Trail. Click Customize Report > Filters to set up your search.
Your audit trail won’t alert you when someone tries to enter a prohibited area, and it won’t detect changes to lists. Setting up permissions will help (Company > Set Up Users and Passwords > Set Up Users), but you need more than that.
Run the Right Reports
Other QuickBooks features can help prevent fraud. Review these reports regularly:
- Closing Date Exception. Why were those changes necessary?
- Voided/Deleted Transactions. Is there supporting documentation? Should you be reviewing these daily?
- Expenses by Vendor Detail. Look for irregularities, especially multiple payments made to a vendor in a short period of time.
- Check registers. Use the Balance Sheet for this. Go to Reports > Company & Financial > Balance Sheet Standard and customize the report for the correct period and – if necessary – for specific customers, vendors and/or jobs.
Adhere to Best Practices
You undoubtedly implement financial best practices in your personal life. You reconcile your accounts. You don’t give your online banking password to anyone. And you glance through your recently-posted transactions on your financial institutions' websites.
If your company is large enough that you have multiple accounting employees, you probably can’t be as hands-on as you are at home, but you can set up internal control procedures.
For example, if your company has grown to the point where you’re removed from the daily workflow, you may still want to have approval rights for some procedures, like bank balance adjustments, refunds and credits, printed checks (you should still be signing them), time sheets and expense reports.
It goes without saying that you should password-protect your QuickBooks company file and change the password regularly, even – and especially – if you’re the entire accounting department. And protect yourself from external fraud. We can do a review of your security procedures and make suggestions.
Reinforce the Rules
Know who your employees are (background checks are fast and affordable). However possible, try to rotate the duties assigned to accounting staff. If you have only one person managing all of your bookkeeping work, conduct an even more thorough background search: credit, references, criminal activity, etc.
Finally, make sure that all employees understand the definition and consequences of fraud. Let them know about the steps being taken to prevent it, but do some unannounced auditing on your own. Include a session on fraud in orientation and get current staff up to speed. Explain that this is necessary for their protection, too. Make it easy to report fraud anonymously, without fear of repercussions.
This may seem like a lot of extra tasks in your workday, but imagine what's risk of losing if you do nothing - according to data from the ACFE 2012 Report to the Nation, survey participants estimated that the typical organization loses 5% of its revenues to fraud each year, with the median fraud case costing $140,000.00.