Cookies on BBB.org

We use cookies to give users the best content and online experience. By clicking “Accept All Cookies”, you agree to allow us to use all cookies. Visit our Privacy Policy to learn more.

Manage Cookies
Latest News

Risk Management Series: Protecting Your Small Business from Internal Fraud

By BBB of Greater Maryland. August 14, 2019.

, (,)

 

By Angela Murphy, Chief Operating Officer of Sontiq 

Small Businesses often have the same challenges as their enterprise counterparts. From hiring to financial management, technology preferences to brand building, every business works through these decisions as they grow and compete in a market. However, operating with fewer internal and financial resources takes a toll, causing one challenge to really rise to the top for smaller businesses — proactively mitigating risk.

Risk management encompasses both awareness and analysis of potential risks, while having standardized procedures to minimize the threat. In this three-part series, we’ll examine the internal and external risks facing small businesses and provide actionable steps to developing a risk management plan for your business.

 

The Inherent Risk of Being Human

To err is human, so it’s no surprise that most internal risk is the result of employee error and negligence. Whether it’s inattention to detail, unfulfillment of responsibility, or general unawareness, these failures can all comprise an internal risk for a business.

Employee error and negligence commonly reveals itself when faced with cyber threats, such as phishing, malware, and business email compromise (and these types of cyber risks are the subject of the second part of this Risk Management Series.) As reported in Shred-it’s 2018 State of the Industry Report, 84 percent of C-suites admit that employee negligence is one of their most significant security risks. For most employees, reducing error is just a matter of awareness, vigilance, and being taught what to do (or what not to do) in certain situations.

However, occupational fraud, the kind of internal risk that involves employees and finances, can be more challenging to defend against without specific risk strategies.

 

Not All Fraud is Created Equal

Small businesses (those with less than 100 employees) are the hardest hit by occupational fraud. They suffered a median annual loss of $200,000 in 2018, according to the Association of Certified Fraud Examiners (ACFE), almost twice the median loss for larger companies. That’s a significant chunk for any small business budget, and many owners would find it difficult to recover from such devastating financial setback. This is why a risk management plan that includes internal fraud triggers is a critical component of any business operation.

Occupational fraud can take on countless forms, yet all can be classified into one of three categories: asset misappropriation, corruption, and financial statement fraud.

  • Asset misappropriation involves the theft or misuse of cash and assets. It is the most common form of occupational fraud, occurring in 89 percent of cases. However, it is the least costly, with a median loss of $114,000.

  • Corruption may be viewed as the middle ground in this type of fraud, occurring in 38 percent of cases with an average loss of $250,000. Corruption involves conflicts of interest, bribery, extortion, and illegal payouts, such as bonuses, perks, or donations.

  • Financial statement fraud is a stark contrast to asset misappropriation. You may think of it as “cooking the books”, or overstating assets while understating expenses, so the thief can slyly get away with the excess funds. While only 10 percent of fraud cases involve financial statement fraud, the median loss is an astonishing $800,000.

Could your small business afford the financial harm or stress involved from such an incident? Filing paperwork and dealing with the IRS, receiving negative publicity, losing employee engagement, and experiencing damages to business relationships can all take a hefty toll. Small business owners must maintain a watchful eye on all company activities to ensure that something as serious as tampering with finances doesn’t occur. This is where preparation for risk with a plan for mitigation can reduce the impact of occupational fraud.

 

Being Proactive Pays Off

In its 2018 Report to the Nations, the ACFE found that internal control weakness was the primary cause linked to fraud, accounting for more than 41 percent of small business fraud cases. Overall, an estimated one-fifth of occupational fraud incidents could have been avoided if organizations had done a better job of reviewing transactions, accounts, or processes.

There are five fraud detection methods associated with reducing the occurrence and monetary impact of fraud: surveillance monitoring, account reconciliation, IT controls, internal audit, and management review. All of these methods involve businesses actively seeking out fraudulent activity rather than taking more passive approaches, which allow damages to mount.

While no small business is entirely immune to the threat of fraud, it is possible to reduce the risks of fraud damages. Being proactive in your anti-fraud efforts by crafting a risk management plan that helps identify warning signs and provides actionable, mitigating steps is critical.

Next Month: Risk Management Series: Guarding Your Small Business Against Cyber Threats

Angela Murphy is Chief Operating Officer of Sontiq, an award-winning provider of secure, digital identity protection and cybersecurity solutions, through its brands EZShield and IdentityForce. Learn more at Sontiq.com.