FRAUD -
 WHAT TO DO NEXT

Last month, we started looking at internal controls and how they can help you and your company avoid fraudulent behaviour by your employees. This month, we’ll look at the steps to take when there is fraud.

The COO of a national organisation accumulated a number of internal control offences. Her first violation was not to disclose a major conflict of interest. She overrode the company’s internal controls around procurement and gave a seven- figure contract to a company for which she is a board member. The next offence, was directing the accountant to divert funds from district offices to a partner organisation that propelled her to a status of major importance in the national community. How did she manage to do this unnoticed by senior management? She had unilaterally altered the HR and accounting policy manuals for her region to provide her additional authority and had threatened to re anyone who talked to head office.

WHO NEEDS TO KNOW

The fallout to the business owner of a case such as above is significant in emotional stress, time spent upgrading internal controls, instilling a new culture, and managing stakeholders.

The first group of people you inform is your Board of Directors. Although this is a difficult conversation, they are on your side and will help you phrase your communication to your other stakeholders. It’s common that the first question asked by the head of your finance committee is, “How did this happen?” You then spend the next few nights lying awake reflecting in hindsight on the now obvious signs you missed.

The next group to tell is your investors. With the help of your board you will have all the correct facts to make a transparent and objective statement. Investors talk to each other and your message must be consistent. Keep your message factual and unemotional. Two years from now you want everything to be forgotten. If questions ever come up, you can provide objective documents stating what happened and how it was resolved.

If the situation wasn’t contained to just one employee and there was collusion, then conversations must be had with all the staff. If there was clear evidence of misconduct by other employees, then they must also be let go. The company’s values and culture must be recommunicated to the staff and a whistleblower policy set up, if there wasn’t one, that is known to everyone. The whistleblower policy allows an employee to disclose information about any kind of abuse of policies and processes, violation of legal statutes, or fraudulent activity within the organisation without fear of retribution by the employer. A confidential email or phone number must be available to contact someone in authority who is independent of the complaint.

It’s common for young companies to neglect tight internal controls to prevent financial fraud by staff

The last stakeholder to inform is your audit rm. You must carefully determine what exactly happened. Was money stolen, was there fraud, were internal controls overruled, were procedures just not followed? It matters, because ideally you want to keep this situation out of your audit report, and for non-profits, the Form 990. Your wording will be crucial because these documents will be open to the public.

WHAT NEEDS TO BE REVIEWED

You must review all your internal controls and policies. First, your accounting and finance policy manual must be scrutinised. Look at the cash limits on singular approvals and determine what is appropriate for your business. For some companies $500 is enough for others $3,000. Ensure there are dual approvals of signatures on cheques and outgoing wires, and establish who in your company has signatory authority. Keep this group to 2-4 people maximum. Each month you and your accountant must review and sign your bank statements, cheque log, cancelled cheques, payroll, journal entries, timesheets, and accounts reconciliation. The person approving these documents must never be the one preparing them.

Three areas that are prone to problems are procurement procedures, cash advances, and inventory management. Each area should have its own detailed policy manual. For procurement, there needs to be policy around vendor selection, ensuring there are no conflict of interests. Frequently, a bids evaluation committee is set to ensure each bid is anonymous and receives a fair hearing. Cash advances for travel must be approved beforehand and all receipts and remaining cash accounted for upon the return of the employee. No further cash advances may be made unless the employee’s account has a zero balance. Depending on the type of business and amount of inventory in stock, there must be either a quarterly or annual accounting of all items in the warehouse. The more frequently the stock changes hands the easier it is for items to go missing.

Secondly, look through your HR manual and contract templates to ensure they would hold up in court if ever tested. Ensure there’s a whistleblower policy and a conflict of interest policy. The HR manual has to be signed by all staff at the start of employment. At the start of each year, the following documents must be signed by each staff member: A 1-2-page update to the HR manual, a letter indicating their salary increase and title promotion, and a new conflict of interest statement indicating no new conflicts have arisen. This last document must be signed by all staff, contractors, and board members.

WHAT TO DO WITH THE CULPRIT AND HIS POSSE

The co-founder of a non-pro t applied for a $500,000 grant from a global sovereign fund using his company’s brand. When he won the proposal, he didn’t disclose it to his organisation. The funding arrangement was discovered when the sovereign fund called the company’s office and asked the finance director for their mailing address nearly a year after the grant had been processed. It was then that questions began to be asked and the plan was uncovered. The co-founder denied any wrong-doing and asked for a multiple six-figure severance package when he was asked to leave. It’s uncertain in a case such as this whether a bookkeeper or anyone else in the accounting department was involved.

There must be a zero-tolerance policy for this type of behaviour. First, determine the facts and examine the culprit’s contract, the company’s HR policy, and any other areas of vulnerability. Ensure you know exactly the legal position you are in. Then confront the employee and get their side of the situation. They will frequently deny any wrong-doing. Then, ask them to resign. Only terminate their employment as a last resort as you want to stay out of court. The time and emotional cost of engaging in a lengthy multi-year court battle will most likely far outweigh your monetary sacrifice to get to a quick resolution. If money has been stolen, calculate the exact amount and ask them to repay. It’s not uncommon for individuals to pay the money owed over time. It’s also possible they will ask for a severance package. Remember, they honestly believe they have done nothing wrong.

CONCLUSION

Fraud is something you talk about when it didn’t happen to you. But nobody discusses their fraud experience in public as it’s too embarrassing. Here’s a truth – everybody will experience some level of inappropriate activity or fraud by employees. I’ve outlined many behaviors to be aware of and systems and policies to implement in this article that can significantly reduce the likelihood of this happening to you. Start preparing early and you will sleep soundly at night.