Attorneys often prefer to focus on the practice of law, relegating everyday business-related responsibilities to employees. While this may be convenient, it also can expose the firm to theft and fraud. But protecting the firm and its attorneys does not have to be an intimidating or time-consuming task. With some awareness of and adjustments to daily business practices, lawyers can minimize the risks of fraud and theft, from embezzlement to payroll scams to cash larceny.
Reducing a firm’s fraud risk begins with the attorneys in charge getting more involved with the firm’s everyday business affairs. Firms that establish an atmosphere of overseeing employees and finances have the greatest success in preventing fraud. Here are five simple, routine tasks that significantly lower a firm’s fraud risk.
1. The lawyer in charge should receive and open the mail. Otherwise, a fraudster easily can intercept and tamper with bank statements, credit card statements, vendor invoices, and any piece of mail involving accounts or requiring payments. A common way of tampering with a statement includes whiting out fraudulent transactions, making a copy of the statement and then placing the copy into the envelope. Personally receiving the mail assures the attorney that no one in the office has manipulated the statements.
2. That lawyer also should review statements and invoices. Many times, embezzlers set up personal accounts that are the same as the firm’s accounts, such as bank accounts, credit cards and utilities. The attorney needs to check statements for multiple payments on the same account, multiple payroll checks to the same person in the same pay period, checks to unknown people and vendors, check numbers that are out of order, and any unauthorized wire transfers and book debits.
The everyday tasks of receiving and reviewing the mail can help prevent and detect many forms of fraud. Scrutiny of financial statements can reveal schemes like employee embezzlement, credit abuse, invoice fraud and payroll scams. Further, firms that deal with cash need to review bank statements to make sure that cash deposits are being made. Cash larceny, a scheme where someone steals accounted-for cash before deposit, is a common cash fraud.
3. The attorney in charge should check online financial sources to review statements regularly and make sure no one has changed passwords. As the banking and accounting worlds increasingly become paperless, many bank statements, account invoices, payroll programs and accounting software are administered and paid online. All of these online sources contain information about where the firm’s money is needed and where it is going. More than one person needs to know online and software passwords. This enables monitoring.
4. Owners and partners should understand who works for the firm and what every employee’s duties are. At bigger firms, employees can get lost in the shuffle. But knowing who does payroll, signs checks, pays vendors, distributes checks and updates accounting software is essential to minimizing risk of theft.
Attorneys who run the firm should rearrange employees’ duties so no person exercises too much control over financial matters. If one employee keeps the books, pays bills, registers new hires and does payroll, that employee has increased opportunity to commit fraud. Separation of duties, on the other hand, reduces the chance of fraud and theft. For instance, one employee can account and prepare invoices requiring payment, a partner can confirm the invoice and write the check, and another employee can issue the payment. Firms need to find a way to separate tasks.
Knowing who works for the firm and in what capacity greatly can reduce the chances of a firm being a victim of a ghost-employee scam. A ghost-employee scam occurs when the fraudster generates checks in the name of past employees or fictitious employees. The perpetrator then deposits or cashes these checks. This fraud is common in companies that employ contract workers or hourly employees, because it is tough to keep track of who was working and the hours worked.
5. Lawyers should not assume others will detect fraud for them. Banks and certified public accountants normally do not catch thieves. Just because a check is made out to someone other than the fraudster does not mean the recipient can’t deposit it into the fraudster’s accounts. Banks are automated and impersonal institutions. Many checks are deposited through ATMs and accepted by indifferent employees. The fraudster may have a relationship with the bank, preventing suspicion from being aroused.
Further, not all CPAs are forensic accountants. Many firms hire CPAs to prepare tax returns and maybe watch money flow. Forensic accounting is a distinct discipline that requires intense comparison between multitudes of financial sources. If no one at the firm suspects fraud, there is no reason why a CPA would look for fraudulent transactions.
By understanding how a firm is vulnerable to fraud and making proper adjustments to business practices, a firm can minimize its everyday fraud risk. Theft and fraud can devastate a firm, disabling lawyers from focusing on what is most important: serving the client.