One of the critical investments a small business can make to mitigate loss and risk is hiring a CPA and putting that CPA on the 'management team.' As Wells notes in his groundbreaking research, "Denise, a bookkeeper for a small trucking firm in Birmingham, Alabama, wishes she had never heard of Ralph Summerford, CPA. Because of his thoroughness, Denise is facing several years in prison for embezzling $550,000 from her employer. At least she will look good standing before the sentencing judge: Denise spent a great deal of her illegal loot on head-to-toe cosmetic surgery. She blew the rest on a shiny new Lexus, luxury vacations, clothing and jewelry. And, of course, Denise had to have a big house to store all of her finery." (Wells, 2003)
Surprisingly, it was not at all the fancy standard of living that made her employer suspicious. "The owner was going over the trucking company's budget when he noticed Denise's salary was listed at $38,000 a year," commented the CPA Summerford. "But the business owner distinctly remembered that he had set her pay at $35,000." (Wells, 2003) The owner himself pulled Denise's personnel file and uncovered the fact that her pay record had been altered. It was obvious to the owner that no one but Denise would have been motivated to falsely increase her salary. Investigating further, he noticed suspicious-looking wire transfers from the company's bank account. At that point, he called in Summerford.
"Like a lot of small businesses, the trucking company had very limited accounting controls," commented Summerford, the veteran CPA, now a partner with Dixon Odom PLLC in Birmingham, Alabama. "In this case, the sole division of responsibilities concerned authorizing all the checks. While only the owner could sign checks, Denise did everything else: post the books, reconcile the checking account and authorize wire transfers." (Wells, 2003)
Denise's idea was beautiful in its simplicity. After wiring money straight from the company bank account to her own, Denise would post the books, charging the funds transfer to one or multiple accounts payable accounts. Then, when she balanced the bank account, she just quite simply rip up the evidence.
The CPA Summerford looked into the fraud case, interviewed Denise's coworkers and got together the documentary evidence including bank statements, wire transfer requests and bank deposit slips. Summerford then prepared charts and exhibits summarizing the scheme, which he inserted in a written report to prosecutors. Summerford's work was used to indict Denise for her thefts -- but although the owner did detect the fraud, he did so well after the $550,000 was lost. A CPA on staff constantly would have solved that problem before it because a revenue loser.
"Denise was well aware the owner did not review the bank statements," said Summerford, also a certified fraud examiner. "And since the business was not audited, there was no independent review of Denise's work; yet almost any degree of scrutiny of the bank statement could have prevented this scheme." (Wells, 2003)
Summerford notes in Wells' research that most schemes like Denise's start out relatively small. "But when thieves avoid detection, it motivates them to steal even more," he said. "Many will continue to steal from a small business until it literally runs out of money and goes broke." (Wells, 2003)
Although the small trucking company survived and did not go bankrupt, Denise's thefts were extremely costly. Small organizations face a serious fraud problem: Dishonest employees will steal them blind, and their thefts obviously mean a lot more to the Mom 'n' Pop trucking company than they do to, for instance, Microsoft. Plus, small businesses are much more vulnerable to this sort of fraud, as they do not have the human resources generally to anticipate and act as a prophylactic against fraud.
Small businesses have every reason to worry about fraud, Wells' research indicates. According to the Association of Certified Fraud Examiners' (ACFE) "2002 Report to the Nation on Occupational Fraud and Abuse," the per-employee losses from fraud in the smallest businesses are 100 times the amount of their largest counterparts. (The complete report can be downloaded at www.cfenet.com.) According to Wells, thus, this is one situation and scene in which CPAs can be valuable consultants to their clients. Although most small businesses do not have a need for a CPA to do a full audit; however, CPAs can provide a number of fraud prevention services.
First, there is employee education. CPAs can conduct on-site training for clients in the form of live presentations and/or computer-based education -- this will serve as a one-time cost to educate key employees at small business how to detect fraud on their own.
Second, CPAs can suggest and run internal control reviews. Reasonable internal controls are critical in every small business, according to Wells' research. A CPA brought in can review the existing system and make recommendations for improvements.
Third and finally, there is the advantage of cash reviews and reconciliations. Since 9 in 10 occupational frauds involve the company's cash, CPAs can regularly review receipts and disbursements for anomalies, even if they are not on the full-time payroll. As Wells' research establishes, however, although this is an excellent deterrent, it is important to realize that no CPA can guarantee that any specific procedures will uncover fraud.
CPAs are able to perform inventory observations and asset verifications. For organizations with inventory or other assets that make attractive misappropriation targets, CPAs are able to observe inventory procedures and/or verify specific items. Both the 1996 and the 2002 ACFE study showed a similar trend: Small business is very vulnerable to fraud. There appear to be three reasons:
First, there is inadequate employee prescreening. According to Wells, "Small businesses rarely spend the money to check work references, criminal records or professional recommendations of potential hires or require applicants to undergo drug screening, psychological testing and other vetting procedures. Undesirable applicants know this and thus gravitate to small businesses. The problem, according to the study, is that about 7% of employees have a history of workplace theft and fraud. This small but costly group knows the degree of scrutiny into their past likely will be minimal; all too often, they are right." (Wells, 2003)
Second there are limited controls at small companies. The very essence of fraud prevention is the division of responsibilities between employees. The reason is simple and cut-and-dried enough: It is one thing to steal by yourself but quite another to enlist the aid of a coworker. According to Wells, "Small businesses rarely have sufficient personnel to adapt adequate controls; "one-person accounting departments" as in Denise's case are the rule, not the exception. Consequently, it becomes important for the owner to overcome this deficiency with reasonable oversight, which can be accomplished two ways. First, the business owner should actively understand and verify the financial information reported to him or her. Second, the owner can engage a CPA to attest to the credibility of the financial information, even if the company doesn't have a regular audit. However, the audit can be a powerful deterrent in its own right: The ACFE study found losses to companies that had audits were about a third lower than losses at companies that didn't." (Wells, 2003)
Third and finally there is too much trust at small companies. This final reason for disproportionate fraud losses in small businesses involves the ever-present and ever-dangerous human element. In a company where employees know each other well, it is natural for them to trust one another. In fact, the intimate familial atmosphere of a small business is one of its most attractive features.
Most of the time, believing in one's coworkers is well founded, but not always, and without a CPA it is often impossible to distinguish. The CPA's job is to maintain distance and not allow friendships and comraderie to get in the way of the work and analysis that must be done. Without CPAs, the dichotomy is that trust is an essential element of business as well as an essential element of fraud. Never having confidence and trust in your employees is a bad thing; but unfortunately, so is always trusting them. The goal is to strike a balance between the two. Or, as Peter Dunne said, "Trust everybody, but make sure you cut the cards." (Dunne, 1930)
According to Wells' research, small businesses are most vulnerable to two types of fraud from within: asset misappropriation and corruption. Startingly, Moreover, the average length an occupational fraud goes on at a small company before discovery is about 18 months.
By getting tabs on the common warning signs or red flags of these schemes early, small businesses can reduce or avoid losses. Fraud indicators include: rising expenses and/or declining revenue, abnormally high inventory shrinkage, unfamiliar vendors or other payees and excessive spending by employees. Moreover, accountants' studies have shown that employees who engage in workplace abuse (excessive absenteeism, goldbricking,…