Fraud Risk and Detection in Small Business
Name of Student
Systems Auditing – ACC569
November 21, 2010
The idea of fraud in a small business covers every part of the business; an article written in SmartPros Ltd says that “Five percent of a typical businesses revenue is lost to fraud each year.” (Corley, 2010). The cost of fraud can be measured in dollars, business position within the industry of operations, and trust of the owners in their employees. The measure is not the point of discovering, stopping, or prosecuting those that conspire to commit the act of fraud. The main reasons in taking the steps to prevent, uncover, ...view middle of the document...
Controls must be put into place in order to ensure that the policies and procedures put in place by management are carried out properly. Segregation of duties is one control that should be put in place by management. Segregation of duties is put in place by giving responsibility of specific tasks to different individuals in an organization and clearly having this documented in the company’s organizational manual by job descriptions and the duties they are expected to perform.
When it comes to the processing of incoming and outgoing cash one of the best controls that can be set up is dual responsibility or dual control. By any name this is done by having any transaction from merchandise or cash processed thru more than one person or department in theory this will reduce the chance of fraud going undetected. By making the transaction require more than one person to physically process the invoice or voucher would need two or more separate approvals. By doing this there is always someone checking and verifying what the other person is doing and requesting. If this control was not in place then someone for example could set up a vendor account that would get paid to them, create and invoice, process it for payment and have themselves paid. With the controls, there is someone to verify the validity of the vendor being set up, someone to approve the invoice for payment, and when being processed for payment someone to verify that this invoice has not already been paid, the vendor information matches the information on the invoice to that in the system and so forth.
Having quarterly reconciliation by an either internal or external auditors will limit the time period even if there was a way for two people to work together to defraud the company. The audit needs to be performed on the information system and not just one department. “The audit’s focus should be on the information system itself and on the validity and accuracy of data processed by the system.” (Bodner & Hopwood, 2004 p.406).