Combating Fraud With Internal Controls – Where Do I Start?Whitney Irish
Post By Khal Taib
“It can never happen to us!” is a too common thought that passes through the minds of managers across the globe spanning countless industries. The concept of fraud is not a sexy subject for those in management. No one ever believes that what happened in the well-publicized fraud schemes, could happen to them or their respective organization. And yet, an entity with weak control activities can find itself swirling in fraud and finding themselves in the latest CNN headline. Managers are often stretched so thin across their responsibilities, that they are not actively considering fraudulent behavior in their trusted staff. They are focused on having their organization and employees grow, succeed, and thrive. While that focus is necessary for sustainable development of an entity, a desire to be successful can easily be disrupted and devastated under the weight of fraud.
No manager wakes up every day determined to combat fraud. This is why setting in place transparent and strong internal controls is key to protecting an organization, and even producing better results as an unexpected outcome. Managers who put time and effort into the necessary first step of creating control policies and procedures will help their organization move forward. Setting manageable and clear policies that all employees need to observe is necessary to set the tone from the top. Enforcing controls without clear formalized practices will ultimately lead to inefficiency of internal control activities. After taking the necessary steps to formally implement policy regarding control activities, managers should emphasize, but not limit themselves to the following areas of control activities: internal audit reviews, segregation of duties, and account reconciliation.
Each control activity has its purpose within an organization. Internal audit helps keep a constant flow of information and feedback to an entity’s Audit Committee. Segregation of duties is key to an entity’s daily operation. These are specific controls preventing an individual from starting and completing a critical transaction. And yet, even with segregation of duties properly in place, errors and fraud can still occur. This is how account reconciliation becomes a necessary control. Periodic reconciliation of account items will help an organization detect omissions of data, or fraudulent activity earlier than internal or external auditors can.
It’s impossible to expect that fraud will never happen even with internal controls in place. But the work of managers who heed the importance of internal control activities and implement the tone from top-down will be that much more effective in leading their organization in the fight against it. Fraud happens. It is a force that can take down an entity, and managers should do all they can to prepare accordingly.