BizInsights This content is part of BizConnect and is made possible by our sponsors. Click here to learn more.

How safe is your business?

Order Reprint

โ€œIt was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishnessโ€ฆโ€

It may not be as odd as you think to quote Charles Dickens when talking about protecting your business against fraud. Clearly itโ€™s the โ€œbest of timesโ€ when it comes to how technology enables us to do business faster and better. Yet in some ways itโ€™s also the โ€œworst of times,โ€ considering how the same technologies can leave companies vulnerable to fraud and even at risk of failing.

Rarely a week goes by that we donโ€™t read about a business that was hacked and had data stolen or even held for ransom. Or one where a trusted employee was discovered to have embezzled funds, even to the extent that it threatened business continuation.

In its 2016 Report to the Nations on Occupational Fraud & Abuse, the Association of Certified Fraud Examiners (ACFE) estimated that the typical organization loses 5% of revenues in a given year due to fraud, with median losses running around $150,000 and almost a quarter of cases studied losing $1 million or more.

Unfortunately, even simple prevention measures are often overlooked by growing businesses. A strong banking partner should advise business customers to establish policies and procedures that are as robust as possible. Setting them up correctly from the start makes it much easier to keep them current โ€“ and their business healthy โˆ’ as time goes on.

Fortunately, this is also an โ€œage of wisdomโ€ because we know more about how to protect business operations and financesโ€ฆthat is, if weโ€™re not ignoring best practices for companies of any size or type. We recommend this list as a good place to assess whether youโ€™re doing enough to reduce your risks.

Internal Controls
Sometimes one of the strongest deterrents to internal fraud is reducing opportunities for it to occur and knowing the employer has strong controls in place.

Access to products, data, financial information, emails, intellectual property

  • Are user IDs unique?
  • Are password changes periodically required?
  • Are employees regularly educated about current scams & risks โˆ’ from not opening certain types of emails to falling prey to scam fund transfer requests, etc.
  • Is intellectual property protected beyond just codes & passwords?

Security of physical assets

  • Laptops secured every night
  • Lockable files & desks
  • A safe for overnight cash deposits
  • Security cameras

Security of financial assets โ€” custody of cash, signed checks, etc.

  • Authorization hierarchy clearly defined
  • For key processes, procedures & transactions
  • For documentation required
  • For acceptable request methods

Segregation of compatible roles

  • Recording and posting in accounting systems
  • If departmental staffing prohibits internal segregation, have independent checks done by a 3rd party not involved in that process, such as owner review of bank statements

Dual approval processes

  • One person required to initiate and a second to confirm any money movement
  • Account reconciliation
  • Conducted daily and via online banking when feasible

External Controls

Part of your risk planning should also include external controls that can help you conduct periodic audits and manage access, including who is allowed to direct and who is allowed to either send out or pull payments. Consider these measures.

  • Automated Clearing House โˆ’ ACH
  • Blocks and filters โˆ’ an added ACH service that enables retrieval of wired funds if fraud is detected within 48 hours
  • Annual treasury check-up
  • Annual financial procedure audit
  • Background checks โˆ’ an important way to ensure youโ€™re hiring wisely

Itโ€™s easy to get lulled into โ€œThis is how weโ€™ve always done itโ€ or โ€œThese are people Iโ€™ve known and trusted for a long time.โ€ Even if yours is a family business โ€“ or your employees have been with you so long they feel like family โ€“ you could still be at risk. Your bank or financial advisor can recommend reputable third party resources for external controls or audits that are appropriate for your business.

The good news is that, if you donโ€™t write off these tips as โ€œfoolishโ€ safeguards because youโ€™re busy or too trusting, putting in place smart controls and exercising vigilance will protect your business against the โ€œworst of times.โ€

Click here for additional resources for mitigating fraud and risk.

Sign up for the BizTimes email newsletter

Stay up-to-date on the people, companies and issues that impact business in Milwaukee and Southeast Wisconsin