Many small business owners worry that they are susceptible to fraud and the potential impact it could have on their businesses.
In a recent survey by Deloitte, only 6 percent of respondents thought fraud was uncommon in private enterprises, and nearly half of the participants thought that the internal controls at private companies were insufficient to decrease the risk of fraud. In addition, many business owners are highly pessimistic about the current economic situation and their businesses’ short-term financial futures. A recent survey by Wells Fargo and Gallup found that small business owners were especially pessimistic about the future of their businesses, with 42 percent expecting it to be “somewhat” or “very” difficult to obtain credit, and 22 percent expecting their companies’ financial situations to be “somewhat” or “very” bad a year from now.
“Small business owners are being affected by two significant forces, each of which threatens their current and future profitability, as well as their prospects for survival: poor business environment and susceptibility to fraud,” says Harry Cendrowski, CPA, ABV, CFF, CFE, CVA, CFD, CFFA and managing director of Cendrowski Corporate Advisors. “However, comprehensive operational and risk assessments can help managers unlock value within their organizations and also preserve value through fraud deterrence.”
Smart Business spoke with Cendrowski about how to approach operational and risk assessments, and the steps that business owners can take to reduce fraud.
What are the key components of an operational assessment?
Operational assessments examine five areas of a business:
- Business environment
- Risk assessment
- Control activities
- Information and communication
- Monitoring
An assessment of each of these factors is required for publicly traded companies but is less frequently performed for privately held firms. Each of these components is interrelated, and together they describe a business’s internal control environment.
How does a risk assessment differ from an operational assessment?
A risk assessment is really a deep dive into one component of operational assessments and involves the identification and analysis of potential risks that may impede an organization from achieving its strategic objectives. These include both internal and external risks to the organization.
Through risk assessments, organizational managers can develop plans to mitigate the risks an organization may face, helping to preserve their firm’s strategic and operational goals from potential threats and, hence, its value. Actively identifying internal risks can also help organizational managers remove the opportunity for fraudulent activity.
Moreover, while operational assessments may help an organization unlock, as well as preserve, shareholder value, risk assessments primarily focus on the latter activity.
