Avoid Accounting Fraud with ERP Controls
Accounting fraud can be a costly problem for business owners. A recent study from the Association of Certified Fraud Examiners estimated that, on average, organizations lose 5% of their revenue to fraud each year, with a median loss amount of $140,000.
The same study revealed that internal controls for fraud prevention, including proactive data monitoring and analysis, are directly correlated with large reductions in fraud losses, but that only 37% of organizations have put those controls into play.
The great news is that ERP software makes it easy to develop processes that can eliminate potential fraud opportunities. These are just a few of the ways you can easily leverage ERP features to reduce fraud and keep stakeholders honest.
- Implement multi-employee workflows for Accounts Payable
Avoid giving a single employee responsibility for your entire payables cycle, which introduces an opportunity to create fraudulent AP invoices or divert legitimate vendor payments.
Instead, use workflows and role permissions to ensure that different employees are responsible for entering invoices, approving them, and creating payment batches. This will ensure that management has an opportunity to review invoices for legitimacy after they’re entered, and that payment can only occur once the invoice is approved.
If possible, it’s also beneficial to have a separate employee responsible for signing paper checks once generated. This ensures that a legitimate invoice can’t be marked as paid in your system, with the actual check stolen and written to a different payee.
- Maintain a “need-to-know” policy for system permissions, and audit them regularly
These days, most ERP solutions provide a wide variety of security permissions that can be extended to users across the implemented modules. But unfortunately, far too often users are extended more permission than they need to do their jobs.
It’s important to regularly audit your users’ permissions periodically to ensure that they don’t have access to system functions they don’t need. System administrators should work with department managers to determine what’s necessary, and pare down access based on those essentials – particularly to sensitive options like deleting or modifying accounting information.
- Audit Adjusting Journal Entries (AJEs) on a regular basis
In most ERP environments, the majority of general ledger entries are system-generated, by applications such as accounts receivable, accounts payable, inventory control, and cash management. As a result, manually-created Adjusting Journal Entries (AJEs) should be relatively rare.
Make a point of running reports regularly to audit and review your AJEs to ensure they’re accurate. And don’t fall into the trap of assuming that all fraudulent entries are rocket science. Many high-profile fraud cases have been carried out by writing simple journal entries between cash accounts and expense accounts.
- Don’t rely on your bank or credit card statements to inform your financials
In smaller businesses – especially ones without dedicated accounting personnel – it’s unfortunately all too common for employees to rack up expenses on company credit cards throughout the month without recording them in the ERP system, relying on their bank or credit card statements as a summary of expenses.
Accounting professionals strongly recommend against this practice, and for good reason! Entering your expenses weeks after they are incurred means your accounting reports will be inaccurate until the statement is reconciled. But much more importantly, it eliminates a cross-reference with actual business activities.
Company credit cards are a common vehicle for smaller-scale fraud. Employees simply make purchases for themselves at a commonly-used vendor (perhaps the post office or office supply store) and assume that nobody will dig through the stack of paper receipts to cross reference it. This possibility can be eliminated by ensuring that expenses are entered in the software when they’re incurred, preferably with a digital copy of the receipt.
- Treat inventory shortages as an anomaly
If you’re using an older system with poor inventory control, you may be used to inventory counts that don’t quite line up with what’s on the shelf. And certainly in many industries, some amount of shrinkage or damage is par for the course.
But with a solid ERP solution and adoption of proper business practices (such as verifying quantities of received inventory and recording bin locations in the system), erroneous stock levels should be anomalous – and treated that way!
When you discover that a stock level doesn’t match, always take time to investigate, attempt to locate the cause, and take action to prevent the problem from occurring in the future. Doing so will send a message to employees that missing inventory won’t simply be treated as a cost of doing business.