Business owners tend to think no one can steal from them, however fraud occurs every day.
“Businesses are folding for one or two bad decisions,” says Michelle Thompson, a merchant fraud/risk officer at FirstMerit Bank. “You thought that sale going to Africa was going to be good. Well, guess what -— now you’re bankrupt.”
You can’t afford to just take it for granted that a transaction is legit, that your controller is not stealing from you or that your employees are telling you the truth about not having felony charges. Now more than ever, executives must take ownership of their businesses and take the necessary steps to prevent fraud.
Smart Business spoke with Thompson about how to protect your business from internal and external fraud.
How do criminals target merchants for external fraud?
Merchants can open themselves up to external fraud unwittingly. Many merchants force themselves to believe a transaction isn’t too good to be true. Lo and behold, two months later they get a call that says they have a $12,000 chargeback. They are out the product and out the money.
Criminals focus on U.S. merchants quite often to fraudulently ship products all over the world. Merchants need to learn fraud awareness. Their bank should teach them how to recognize and spot those types of situations to prevent them from occurring.
How does internal fraud happen?
Most merchants have a terminal for processing credit card transactions. You swipe your card and the money moves within seconds. That means employees can use the terminal to process a fake return instead of a sale and swipe their own credit card, ‘returning’ as much money as they choose to their personal account. In the old days, bank tellers would come to work, clean out their drawer, go to lunch and never come back. Now there’s an electronic way to do it.
If you don’t have controls in place and if there is no oversight, that transaction is done with no questions asked.
It takes more work than issuing fraudulent transactions, but creating fake invoices is a major way for those in positions of authority to commit internal fraud. Someone who has the motive and opportunity can find a template online for invoices and create a company. They might even create a fake checking account, or even register with the state to make it look legitimate. Then they’ll submit the fake invoice for payment at their own company and approve it.
How can businesses reduce the possibility of internal fraud?
Typically, if a company has one person doing the accounting. Without a second set of eyes to review what has been done, you have a huge gap and an opportunity for embezzlement. You can see why: there is no oversight.
You don’t have to spend a nickel to correct this gap. If you just add another set of eyes to certain tasks, the perception that you’re watching for embezzlement is a deterrent. Create a check and balance of some sort without hiring additional staff.
The prime suspect in situations of internal fraud is typically someone with longevity: senior, tenured people, because they know where the holes are. They know who pays attention and who doesn’t, and what they pay attention to. Just remember that your employees are ultimately human beings and some might not hesitate to take an opportunity when it presents itself.
One way to help prevent internal fraud: if you’re getting a bad feeling about an employee, do a Google search on them. You’re not invading their privacy; this is your company. It can prove to be invaluable down the road. There is a fine line with privacy, however don’t just assume that nothing has changed during the 10 years since you hired someone.
