In this third installment of our three part series on fighting business fraud, we are covering the “M” and “E” of the acronym CRIME, which stands for the five components of a successful system of internal controls.
Once you have implemented your control activities, run risk assessments, and optimized your information and communication systems – you need to make sure that your internal control system is running properly. The last two components of a complete system of internal controls involve monitoring and reviewing environmental controls.
Reducing fraud through C.R.I.M.E
- Control Activities
- Risk Assessment
- Information Systems and Communication
- Monitoring
- Environmental Control
Monitoring
Once you’ve put forth the effort to build a system of controls, it’s only natural that you want to see how it is performing, right? Unfortunately with controls, it’s very easy to overlook the need to review the rules and processes regularly. Many times, a review is only done in reaction to an instance of fraud, in which the company loses a significant amount of money. While monitoring is an important task that needs to be done with consistency, it can be simplified by utilizing tools for review and establishing protocols for the review process.
Reconciliation of accounts is one way to check the books for fraudulent transactions. Ideally, businesses should reconcile accounts at the end of each day, but at the very least, companies need to make it a weekly or monthly occurrence. There are numerous tools that can be used to help identify fraud within your accounting system. For instance, audit trail reports can be run within many popular bookkeeping systems. Some banks offer fraud monitoring as part of being their customer. For example, corporate credit cards will alert you if frivolous or uncharacteristic spending happens on your account.
Moving past the books – other systems also need to be reviewed; ones that don’t directly involve transactions. Businesses need to run reviews of which employees have access to which systems. Passwords should be changed on a regular basis (in some states, it is required by law to do so), and there needs to be a system in place in regards to changing information when an employee leaves the company to make sure proprietary information such as passwords and trade information doesn’t leak outside of the organization.
Environmental Control
Stretching across departments so that it is incorporated into every aspect of the business, the control environment sets the tone for the entire organization. From human resources, to finance, to even marketing and sales, setting up the environment to reflect the internal controls ensures that no one individual or process within your company is exempt from the system of controls. Establishing the control environment is made easier once you have established and optimized the information and communications systems.
Whether it is through internal documentation, digital information, staff training, one-on-one discussions between employees and their supervisors, or better yet, all of the above – educating the entire organization on the controls and procedures is what establishes the control environment. This way, all staff is aware of the consequences for fraudulent activity as well as ways to report fraud or reduce the risk of occurrence.
For further information, learn how GrowthForce protects businesses from fraud, or schedule a free consultation to learn if your business is ready for outsourced bookkeeping.
The post Fighting Business Fraud with CRIME – Part 3 of 3 appeared first on GrowthForce.
