Many business owners prefer to think the best about their employees and assume that they would never knowingly steal from them or commit fraud. However, this kind of thinking can be dangerous.
In fact, employees embezzle more than $50 billion from their employers each year according to data on employee theft. These embezzlers often turn out to be long-time employees who owners trusted implicitly and would never have suspected of stealing from them.
Internal Controls: Limit Theft Opportunities
Implementing a system of internal controls is one of the best ways to guard against embezzlement and fraud. A strong internal control system will limit the opportunities employees have to commit fraud and embezzlement, thus preventing dollars from being siphoned off the bottom line. In effect, internal controls establish the mechanism to stop fraud and embezzlement before they start.
The most effective internal controls are built into the practice’s daily operations, implemented by the people who work in the system, and adaptable to changes in the business. Having the right controls in place can help you avoid the pitfalls of a weakened system, which include such risks as business losses, fraud, poor employee morale, tarnished brand image or financial misstatements.
Internal Controls: Create A Solid Foundation
Creating a strong internal control system requires some research and due diligence on your part to establish a solid foundation for your internal control program. Key elements include establishing a control environment, performing a comprehensive risk assessment, identifying control activities, implementing a robust communication system, and clearly defining monitoring activities.
1. Control Environment
- Demonstrate a commitment to integrity and ethical values
- Exercise oversight responsibility
- Establish structure
- Demonstrate a commitment to competence
- Enforce accountability
2. Risk Assessment
- Specify suitable objectives
- Identify and analyze risk
- Assess fraud risk
- Identify and assess significant changes
3. Control Activities
- Select and develop control activities
- Select and develop general controls
- Deploy thorough policies and procedures
4. Communication System
- Use relevant information
- Communicate both internally and externally
5. Monitoring Activities
- Conduct ongoing and separate evaluations
- Evaluate and communicate deficiencies
Ultimately, No Business is Immune…
Every business, including healthcare practices, should have an internal controls system in place that is regularly tested, monitored and updated. We can help you no matter where your organization stands in the process. For more information, contact our expert advisors.