April 27, 2022

This paid piece is sponsored by Eide Bailly LLP.

A version of this article appeared on eidebailly.com.

We’re safe. We’re in the Midwest. Only big businesses on the coast are at risk. You can tell yourself that, but it is far from the truth. All organizations big and small could be at risk internally and externally. Without sound controls in place, you could be leaving your organization wide open to threats that could cost you productivity, money and even proprietary information. While you can’t fully escape it, there are ways to minimize your risk and feel confident that your organization is stable and secure.

Fraud and internal controls issues

Did you know that 5 percent of a company’s annual revenue is lost to fraud each year? It may be hard to imagine it happening at your organization, but fraud is much more common than you might think.

When many of us think about fraud, we think about big-name criminals and high-profile embezzlement cases. But fraud is often a lot quieter than that. The circumstances that can act as a catalyst for fraud are illustrated by the sociological theory of the fraud triangle.

The three sides of the fraud triangle can be understood as follows:

• A motive could include high amounts of debt, family medical costs, housing market pressures, bad investment decisions, addiction problems – either substances or gambling – or the desire for a lavish lifestyle. Any of these pressures are further exacerbated when the economy is struggling.
• When the weight of these pressures becomes too much, people begin to rationalize their intentions. Rationalization to commit fraud may look like thoughts of “I’ll pay this back soon.” “No one will notice this is gone.” “I’m not hurting anyone.” These rationalizations can be justified further when employee morale is low. Low employee morale is linked to theft more often than low pay is linked to theft. When this low morale comes into play, the rationalizations may look like “the boss can afford it” or “they owe me.”
• The final side of the triangle is opportunity. Opportunities can arise in the form of exploiting job duties and responsibilities, taking advantage of weak internal controls and flying under the radar because of poor oversight.

Dealing with internal risk

Of these three factors, opportunity is the one that your organization has the most control over. You can reduce opportunity by implementing good internal controls and increasing the perception of detection; people rarely commit fraud if they think they will be caught.

Common ways to strengthen your internal controls include:

• Checking that stock and company credit cards are stored in a locked drawer.
• Using dual authorization methods for electronic bank transfers.
• Setting up user restrictions on accounting and computer software to limit access.
• Locking inventory to ensure limited employee access.
• Performing employee background checks.

You can further reduce opportunity and make reporting even easier by setting up a fraud hotline. In many cases of fraud, others were aware that something suspicious was going on, but they didn’t want to get involved. Providing employees with an avenue to report fraud easily and anonymously can go a long way; over one-third of fraud cases are detected by a tip line, and, more often than not, employees are the source of the tip.

People are much more likely to speak up if it’s easy to. That’s why organizations with a hotline are 50 percent quicker at detecting fraud. An anonymous reporting service gives employees a safe way to report a potential incident so your organization can quickly address and work to mitigate the impacts.

Know what you’re dealing with: Conduct an internal audit

Strategically evaluating and managing risk is critical for fraud prevention and the overall security of your organization. A strong, risk-based internal audit function will help you understand major risk areas and work to reduce fraud risk.

An internal audit provides an independent, objective review of internal controls, corporate governance and accounting processes and procedures. Not only can an internal audit help you reduce and mitigate risk, but also it can help you improve processes and overall performance.

Learning to spot areas of risk

Risk is something that you’ll typically find only if you’re looking for it — and it’s better to look for and find it before it finds you. That’s why proactive planning and regular testing can help you expose areas susceptible to risk and face it head on.

A holistic approach to risk management involves partnering with a team of advisers to examine multiple facets of your business. This includes:

• Forensic accounting
• Risk advisory
• Cybersecurity
• IT systems

Working with a knowledgeable team who are well-versed in each of these areas is also a great way to stay in the know about current threats and incidents; one of the best ways to stay protected is to stay aware. Through preventative measures, you can shed light on problem areas and create an organizational culture of security that minimizes risk and maximizes results.

To learn more managing risk in your organization, visit eidebailly.com.