• The owner should never give up check signing authority or online pin access to another employee. And source documents (bills, receiving tickets, purchase orders) should be presented and reviewed during the check signing process. Have someone other than the person who printed the checks, stuff the envelopes and mail the checks to prevent altering.
• Bank Reconciliations should balance and be performed timely.  Statements that consistently do not reconcile may be an indication of sloppy bookkeeping or a more serious indication of employees helping themselves to company assets.   Unreconciled differences will appear in a QuickBooks equity account "opening balance equity or reconciliation discrepancies on the P&L". Check this account regularly, except for QuickBooks set-up transactions, this account should not hold any transactions. Review bank statements very carefully, check for unfamiliar fees charged by third parties, and check bank statements online at least twice a month. Have your bank mail the bank statement and all correspondence to the owners home address or a PO box- this can deter attempts to alter or remove fraud transactions from the statement). Research any uncleared transaction older than 30 days.  These could represent duplicate entries or a fraudulent transactions.
• Download your banking transactions regularly and research transactions that are not already entered into QuickBooks.
  Fraudsters might transfer money between company accounts before dipping into the account attempting to avoid detection due to lower bank balances.
• Print every reconciliation report and file with the original bank statement.
• Bank balance adjustments should require approval from an employee other than the individual(s) entering the transactions.
• Periodic review of the checking account register by the owner/controller, will deter thoughts of misdeeds. Create and memorize the following QuickBooks report for this purpose:
  

  Reports Menu > Company & Financial Reports > Balance Sheet Standard Drill down on the checking account balance Modify the date range For companies that assign customer names to expenses: Modify Report and include the payee by placing a check next to "source name"

• Periodically, run an expenses by vendor detail (found under Reports menu > company & financial).   Look for multiple (or double) bills/payments to the same vendor, especially credit card vendors where the fraudster would apply the payment to a personal credit card account.
• Keep blank checks locked up, account for missing numbers and periodically inventory the remaining stock. Review the petty cash reconciliation including receipts. Have someone reconcile petty cash when it gets low that is different from the person who has access to the petty cash key. Check tampering accounts for 15% of all employee fraud, where an employee steals blank company checks and makes them out to themselves or an accomplice.
• Review the following reports under accountants report group in QuickBooks
  "Voided/Deleted transactions"  - Look for supporting voided documentation
  Make a policy that all voids, returns, refunds should require management approval, or be reviewed daily by management.
  "Closing Date Exception Report"- determine why the changes were needed
  "Audit Trail report" - look at changes made to transactions
• Have an  Employee Handbook that includes a policy that all cases of fraud will be prosecuted, with a zero tolerance. Value company integrity.  Workers who observe illegal or unethical conduct at their jobs during the previous year are more likely to rationalize fraudulent behavior. So keep a squeaky clean office and speak openly with employees about theft and dishonesty.  Set up a anonymous hotline for other employees to report fraud without fear of consequences, then take prompt action to investigate reports. A study by KMPG showed that only 4 in 10 of individuals who suspected that colleagues were committing a fraud, stood up to the plate and reported the infraction. Fraud is a serious accusation and if a colleague does not have proof but simply a suspicion and if being wrong results in job loss or demotion, or,  a fear that having knowledge may backlash into being considered as a co-conspirator, are all fears that hinder a potential whistleblowers from coming forth. Create policies in your employee handbook that reward information on nonconforming business practices.  Assure employees that all reports will be fully investigated and no action will be taken until proof is obtained.
• Find a means for dissatisfied employees to voice their frustrations.  The motivation for many fraud cases is 'getting back/even' with the employer.
• Track all assets (computers, telephones, equipment, furniture by employee/location and have employees who leave the company return all assets.
• Review accounts receivable aging report monthly and identify transactions over 30 days. Review documentation of collection efforts and select several random customers to make collection calls to. Require all credit memos be approved in writing by the supervisor and filed with the invoice. For credits/refunds for website purchases, spot check the documentation for all returns, calculate the % of refunds to sales and look for spikes.  Run a report containing only credit memos and review frequently. audit/spot check 1 or 2 a month to make sure procedures are being followed.  Reports > transaction detail report > modify >
  filter tab > select transaction type > select credit memo> click on display tab, add the item field.  Memorized for easy access.
• Downloaded debit and credit card transactions should be matched to a paper receipt submitted by the person responsible for the charge. Have a separate credit card number for each person authorized to spend on behalf of the business for accountability. Analysis of gas purchases- or budgets/limits set for gas purchases is a good idea to help deter employees filling their vehicles for personal use.
  
• Consider installing a computer monitoring software that enables employers, employees and parents/guardians to audit computer use through activity tracking. How much time do your employees spend on the internet?

• A typical fraud scheme is where an employee creates a payment to a nonexistent vendor or a company controlled by the employee. In these situations it is common for the employee to have the checks mailed to his/her personal residence. Before adding a vendor to the vendor list, make sure they exist - check the phone book to see if they are listed and call them.  Make sure the same employee who is authorized to set up new vendors does not have check-writing or check-approval authority. Periodically run a list of vendor addresses against a list of employee addresses to see if there is a match and lookup in phone book or run an internet search to see if they can be found. (QuickBooks Enterprise edition offers a list of 115 permissions you can choose from when setting up user permission access - We sell, install and implement QuickBooks Enterprise, call us for more information 800-216-0763)
  Reports menu > Lists > Vendor> Sort by field address one
  Make sure you review Inactive vendors as well, as a fraudster can activate the vendor
  make a payment then inactivate the vendor.
• Payroll fraud accounts for 10% of business fraud cases, be sure to divide payroll tasks between two trusted employees who are responsible for data input and the review process. Make sure all payroll information is totally secure and password protected. Don't write passwords down or make them too easy to hack.  Red flags  that would suggest review are high federal or state payroll taxes; or a payroll provider that delivers multiple packages during the payroll period.
  Honest employees don't know what fraud looks like.  Educating employees on what a dishonest employee can do will help to create policies that will discourage and uncover any fraud actions.  For example:  Payroll fraud includes paying employees for more hours than worked, paying overtime rates for hours not worked, setting up fictitious employees and creating paychecks, continuing to pay employee's that have been terminated (perpetrator will intercept and cash the check) and while you would think the terminated employee would recognize an inaccurate W2, this is not reality, as long as they receive a tax refund at year end, they are happy.  Sit down with your employees and brainstorm for policies that help to prevent these acts from occurring.
  Run a report from QuickBooks and look for modified hourly rates
  Payroll item detail> modify > display tab - under columns as Qty and Sales price. Run report for last 6 months and review hours pd and hourly rate.
  Make sure all payroll rate changes are documented on paper and signed by the owner and filed in the employee's file.
• Make sure every employee takes regular vacations. If fraud activity exists it is likely to be detected when someone else assumes the job temporarily.
• If your employee is collecting payment at time work is performed, consider automating the process with Intuit Field service management, or giving employee consecutively numbered sales receipts which should be accounted for.  Consider random calls to customers to survey work performance and price of job. Keep statistics on number of incoming calls to the number of new job requests. Monitor to make sure work is not diverted to an employee "after hours", follow-up on inquiries that did not result in a work order placed.
• Have someone other than the person preparing payroll deliver the paychecks to the employees. After the bookkeeper prints them, the owner signs them, then the owner or 3rd employee delivers the checks. Doing so will prevent the bookkeeper from printing checks to phantom employees as he/she will surely be questioned when phantom employee does not show up to collect his paycheck. .
• Consider implementing job rotation to reduce the likelihood of an employee feeling secure in the fact that no one knows how to do his/her job
• Print timesheets from QuickBooks and have the supervisor familiar with employees hours approve the time sheet and initial off on the overtime. If possible purchase an integrated time clock system. Without human intervention, time theft is difficult to accomplish. Technology has advanced to the extent that purchasing a time clock that uses biometric devices to confirm that the employee in only clocking themselves in and out.
• A sophisticated employee knowledgeable in all aspects of payroll and payroll taxes could make a payroll liability adjustment, increasing federal and state withholding on their pay.
  This amount is submitted to the government agency without being transparent to the owner and then refunded to the employee at year end with the filing of his/her 1040 tax return. To prevent this from happening, running a report on payroll liability adjustments in QuickBooks and reviewing periodically will easily uncover this scheme.
• Stealing cash register disbursements by voiding a sale or not ringing up a sale or an employee stealing cash from a vault only accounts for 3% of fraud cases. Tight inventory controls will help. For example - if you sell coffee - keeping inventory count on paper cups purchased and comparing to number of coffees sold will deter employees from failing to ring up coffee purchases.
• Make frequent unannounced visits to the shop/warehouse, walk around and look at where stock is held and ask questions about stock located by the door, or separated from others of its kind.  Randomly open a few deliveries from vendors and compare against purchase orders. Randomly check a box prepared to ship to you customer and check against sales orders.  Require a form to be completed and approved when inventory is taken (damaged, samples or obsolete)  or purchased by an employee. Take physical inventory counts regularly and compare with amounts in QuickBooks. Employee theft of inventory accounts for 16.3% of all fraud cases. Write off obsolete inventory so changes in inventory values become more noticeable.. Consider installing security cameras to deter theft.
• Run a profit & loss by month in QuickBooks for last 12 months and look at trends of spending.
• Pay commissions on sales after payment from customer has been made. That will deter fraudulent activity to boost sales dollars and will enlist salesmen with the collection efforts.
• 14.5% of all fraud cases involve an employee receiving payment from a customer but does not record the sale and embezzles the funds. A check for missing Invoice numbers
  (using Reports > Banking> Missing Checks Report > Switch account to Accounts Receivable) is a helpful report.
• Consider having credit cards billed to the employee rather than to the company with a policy that the bill will only be paid if original receipts are submitted before the due date on the card. Set budget limits per card per type of expense to control how much can be spent. Set up the online banking feature for each credit card and download transactions daily/weekly. Early detection of abusive spending will save the company money!
• Audit paid bills, randomly pull company records from the files and ask the responsible employee if they compared pricing, and verify if their are matching packing slips (signed by the warehouse staff with a date and time and notes as to condition of goods upon arrival) and Purchase Orders signed by authorized employee.
• No more than 3 days of Undeposited Funds activity should appear in the make deposit window, weekly check online for the weeks deposit amounts be group customer deposits for checks and credit cards payments.  Old ungrouped deposits could be a result of error or an unscrupulous employee recording a fraudulent transaction or an employee stealing cash and checks from daily receipts before they can be deposited into bank.  Review the undeposited funds account and ensure that funds are being deposited into the regular business bank accounts (not fake accounts used to hide transactions)
• Have someone other than the bookkeeper open the mail and log the checks received onto a deposit slip, then make a copy of the deposit slip and give one to the owner and the other to the bookkeeper. The owner should check the deposit slips against the bank statement
• Watch out for employees making a claim for reimbursement of fictitious or inflated business expenses (claiming personal travel, meals as business).  Get receipts along with a log of discussions. Have a policy of randomly auditing an expense report by   calling the client who was entertained to verify the meeting took place - be sure employees are aware of this procedure. Setting budgets per expense type is also helpful.
• Watch for business red flags and investigate promptly
  • New hires quit soon after starting
  • Vendors who insist on dealing with just one individual
  • Unable to identify the cause of lower gross margins or high overhead
  • Employees with unreasonable close relationships with suppliers
  • Photocopies of invoices and packing slips should be rejected. Only pay against original documents.
  • Customer complaints of missing invoices or transactions on invoices that were not ordered or received.
  • Employees that have external businesses may find your coffers to be a means to reduce their overhead.
     
• Perform background checks on employees  Don't forget to check on your temporary employees as well,  Include employment verification, criminal and civil background checks, credit checks, drug screening, education verification and references checks.
• Be aware of employee actions.

  Are they living a life style not commensurate with their wage income? Is there unexplained wealth or sudden change in lifestyle? Are they the first to arrive at work and the last to leave? Do they show signs of reluctance to take leave? Are they taking vacations? Are they adequately supervised? Look into unexplained employee absences. Are they repeatedly forced to manually make journal entries, batches, etc... that should have normally been handled by the system?* Staff under stress without a high workload - marked personality changes Do they refuse promotion? Implement a support program at work that can assist employees struggling with mental/emotional health, family or financial problems. Conduct anonymous surveys to assess employee morale and find an outlet for employees to talk about pressures so management can find ways to alleviate pressures before they reach a boiling point. Don't hire individuals who may have the motivation (financial need) to embezzle  Ask potential employees these questions: We do background checks on all finalists. Do you have any concerns about that? We do a criminal check on all finalists. Do you have any concerns about that? We contact all past employers. What do you think they will say? Will your past employer tell us about any negative job-related issues? Can you explain where you were during these gaps in your resume? A study conducted by by KPMG uncovered a few trends about about who the typical perpetrator of a fraud is likely to be: - directors/senior managers committed almost two     thirds of the 100 cases surveyed - 32 percent of fraudsters had been working for their   companies for 10 to 25 years - 51% of fraudsters did not work alone

• Password protect your QuickBooks file. Download our free QuickBooks passwords and permissions checklist
  Passwords, anti-virus software, and firewalls on computers should be maintained.
  Limit access to employee records to prevent Identity theft. Limit access to customer records to prevent Credit Card theft.
  Choose your administrator wisely. QuickBooks audit trail will track transaction history and prevent users from creating or modifying transactions undetected. Changing certain fields on a transaction that has been saved into QuickBooks triggers the audit trail to save a record of the change and the audit trail report will display in bold italics the value that has been changed and previous version of the transactions value.. If a user attempts to print or e-mail a transaction, by default QuickBooks forces the user to save the transaction first which posts to the audit trail. However, the administrator can override this preference (edit menu > preferences > general)  The following fields trigger an audit trail record
  Name, account, amount, qty, class, unit price, item, payment method, transaction type, transaction date, ship date, billed date, due date, terms, discount, payment terms, sales rep, document number, modifying user, reconciliation status, posting status. If the transaction was entered in a version prior to 2006 (without audit trail preference) converted to the current version, the audit trail report would show modified but it would not include a prior entry.
  The audit trail is not designed as an employee-tracking tool. It records changes made to transactions, but it does not track attempts to access areas of the program by people who do not have permission to use those areas. The audit trail does not capture changes to lists, (although client data review - a QuickBooks tool available to accountants)  will  display changes to the accounts, items, fixed asset items and payroll items, since the last data review
• Back up your QuickBooks file and keep the backup off premises away from the harm of a disgruntled employee. Think about using the remote access in the QuickBooks Premier version to easily transfer data files to safe offsite locations
• A few do's and don'ts to improve your internal controls:
  • Former owners may not make for good employees
  • Banks do not check the endorsement on each check you write, so make sure you make it a step in your monthly bank reconciliation. Look at checks made payable to unknown vendors or persons; checks made out in even amounts; dual endorsements; and checks to cash and to employees.
  • Segregate financial duties- approve payments, write checks, bank reconciliations, place orders, customer billing, apply customer payments, etc.
  • Have a complete written supporting  documentation for each financial transaction. Do not allow accounting to rely continuous verbal assurances from the employees who hold supervisory positions.
  • Zero Tolerance policy - Prosecute those who commit fraud. It will help deter future crimes from being committed.
  • If you uncover questionable transactions, and do not have concrete proof, take care before confronting an employee, a mistaken accusation will cause damage to employee moral and could result in a lawsuit. Consult with your attorney before taking action.
  • Do employees know what fraud looks like? Discuss the cost to the business of Fraud including lost profits, adverse publicity, job loss, and decreased morale and productivity. Select several individuals as ethics counselors so employees can seek advice when faced with a problem.
  • Auditing software is available to help detect fraud. In fact, beginning with the 2010 version of QuickBooks, you can subscribe to continuous auditing software fully integrated with QuickBooks, by clicking on "APPS" on your icon bar!

A ripe environment for fraud is when an opportunity arises that can be rationalized by the employee who has additional outside pressure or incentive to respond to that opportunity.  So keep the guard up with watchful eyes, always evaluating - is there opportunity? is there financial pressure or gain? is the employee content?.  Set the tone at top executive level of honesty.  Review periodically what areas of your business could be vulnerable to fraud, set policy and procedures, communicate to employees what is expected of them and then monitor to make sure policies and procedures are being followed. If possible have employees switch procedures on a irregular interval, making cover-up more difficult.   Don't wait for signs of fraud to grab your attention.  Doing so could mean significant loss of income to the company  Create proactive fraud policies that include procedures to aggressively seek out fraudulent conduct and insist that these procedures be conducted at regular intervals.  Doing so means you will reap the benefit of accurate financial statements from which you can make prudent business decisions, mistakes will be detected and the ramification of those mistakes minimized.

Click here for a Fraud control checklist and whistleblower hotline considerations issued by the
AICPA Anitfraud programs and controls task force

Review your policies and procedures regularly:
Identify who has access-
Who is responsible
How are records kept
How have work responsibilities been segregated
Determine if assets are adequately insured
Review manual processes to see if it can be automated
Identify areas where a weakness can encourage fraud