|
It seems every day brings news about another large corporation reeling from a massive data breach. Whether through skimmers, malware or the Internet of Things, it’s difficult to feel secure with personal information.
But sometimes security breaches are more mundane. Those are the ones small businesses should worry about, says Ralph Summerford, president of Birmingham-based Forensic Strategic Solutions LLC.
“The most common fraud is still committed by an employee on an employer, ” Summerford says. “The employee takes money or uses assets of the business without permission of people who trust them.”
Summerford, a CPA and accounting malpractice expert, is a happy hunter of irregularities that point to theft on the job.
“Employees steal from employers, ” Summerford says. “When you understand that concept, you’ll be able to investigate.”
Summerford insists fraud has not changed much, despite changes in technology.
“As a fraud examiner, I look for anomalies — changes in behavior, speech, attitude, ” Summerford says. “The typical response is to sweep it under the rug, but if you dig a little deeper, you see what’s going on.”
Crafty criminals can cover their tracks well, but most haven’t thought that far ahead.
“A really good crook makes it harder, ” Summerford says. “Most people don’t do that. If your children do wrong, you can look at them and tell something is wrong. And when you ask them what they have been doing, they stutter and stammer. You recognize those signs, and when employees steal, the way they act changes.”
Recognizing embezzlement is a matter of keeping an eye out for pattern changes, he says.
“Many years ago, a woman working in a company spent a tremendous amount of money on cosmetic surgery, bought herself a new car, bought her husband a new truck, and a boyfriend a new car. She only made $35, 000.”
This woman’s employer thought she had a windfall from a relative. During a 22-month period, she embezzled $550, 000.
“It was obvious something was going on, ” Summerford says. “Sometimes people turn a blind eye to the signs.”
Summerford says identifying a potential embezzler can be as simple as shaking someone’s hand and connecting with a sweaty palm.
“Some people say, ‘Ralph, you’re too cynical.’ Mark Twain said trust everyone, but always cut the cards. Employers should do that. You don’t expect everyone is stealing, but the biggest problem is when employers are too trusting.”
Summerford says people will steal in order to save themselves. He says he’s noticed a pattern of executives turning to fraud when the business is failing and they can’t face the possibility of that failure.
Summerford says that on the employee side, the best form of prevention is to segregate duties. It’s when one person is solely responsible for certain duties that he most often finds fraud.
“The more the duties can be segregated, the better, ” Summerford explains. “Even in a very small organization, employees should swap duties on a regular basis.”
If the person who writes the check is the person who also reconciles the accounts, there’s no system of checks and balances to prevent their succumbing to temptation.
In one instance, Summerford discovered a bookkeeper in a small advertising agency who managed to filch more than $400, 000 because she wrote the checks and reconciled the bank accounts. “She got caught one Sunday when the president of the company saw a bank statement and started thumbing through it, ” Summerford says.
“If controls are not in place, it makes it easy for somebody to commit fraud, ” Summerford says. “Often these are ordinary people who would not cheat or steal. But what would a person do if they discovered a child had a terminal illness and they had no money and no insurance? Sheer desperation will lead them to steal money. When they are backed into a corner, you don’t know what they are going to do. The misconception is that we think others may act the way we do. You cannot have that misconception.”
Summerford says one in three people pushed into a corner by adverse circumstances will commit an act of fraud.
“How do you pick that one in three?” Summerford asks. “You don’t know. That’s why it’s important to have controls in place and look for anomalies.”
Statistics show the average fraud is committed over the course of 24 months. The onus is on the employer to be vigilant.
“An employer that does not do background checks before hiring is stupid, ” Summerford says. “There is so much information available now on the internet. Employers should monitor social media and know what employees are doing. It’s amazing the number of people who get caught because of social media.”
With hacking in the headlines every day, Summerford reminds business owners to protect their companies with guidelines for computer use.
“We live in a digital world. Everyone should be technologically savvy. Fraudsters will change their methods with the changing times. Employers should make sure their employees follow company policy about opening emails and attachments. And no social media should be allowed on company computers.”
Inevitably when Summerford interviews an embezzler, the question of the endgame emerges.
“When I ask, ‘What did you plan to do if you got caught?’” Summerford says, “They get a deer-in-the-headlights look and say they never thought of that. People commit fraud for different reasons and hope they don’t get caught or they can put back the money. It’s a gambler’s mentality. They don’t build big casinos in Las Vegas or Atlantic City because people get even. They build them because the house wins.”
Cara Clark and Cary Norton are freelance contributors to Business Alabama. Both are based in Birmingham.
