Fraud perpetrated against a company can result in significant damages and recent data suggests that fraud losses at manufacturing companies can be particularly devastating. According to the 2018 Report to the Nations published by the Association of Certified Fraud Examiners (ACFE), the median fraud loss incurred by a company in the manufacturing sector was $240,000, almost double the median fraud loss for all industries.

Too often, risk assessments and internal control evaluations are not given a high priority by management until losses are incurred. Having a comprehensive risk assessment and an effective internal control system designed to mitigate significant risks identified is a company’s first line of defense in preventing and detecting fraudulent activity. Whether completing a long-overdue assessment or looking to establish or revamp control processes, below are the four areas proactive managers should take when evaluating the strength of their company’s internal controls.

1. Restrict access to assets

Restricting access to company assets is a key control to ensuring both physical and intellectual assets are protected. Management should conduct a thorough review of restrictions on physical access to assets:

  • The ability to sign checks, even electronically, should be restricted to individuals that cannot add vendors to the system or adjust the general ledger. Wire transfers, ACH and EFT transactions should be set up in a way that requires a check signer, independent of the initiator of the transaction, to approve the transaction within the system prior to the disbursement taking place.
  • Physical access to inventory, operating and maintenance equipment and other supplies can be restricted by segregating assets into secured areas and granting access to those areas only to specific individuals. Security cameras placed conspicuously throughout the facility can deter employee theft. Other technologies such as RFID tags and inventory tracking systems that integrate with ERP systems can track inventory movements in real-time and help safeguard inventory in the warehouse.
  • Access to intangible and intellectual properties should also be evaluated and restricted to prevent such information from falling into the wrong hands. Encryption software and passwords should be used to limit access to accounting and ERP systems and protect sensitive employee personal information and customer data.

Whether considering access to physical or intangible assets, employees should be able to access only those assets that are necessary to perform their jobs. Formal written job descriptions can help to define appropriate levels of access, and written policies and work instructions, as well as periodic review and revision of such documents, will help to identify issues with segregation of key duties and process duplication.

2. Place emphasis on review and supervision

Significant fraud risks can be mitigated through effective supervision and review by management. In smaller companies and/or when staffing resources are limited, it is important to establish a thorough review and supervision process, especially when there is an inability to segregate job duties.

  • Regular review and reconciliation of cash activity is the first play in the internal control playbook. Monthly reconciliations should be a given; however, for companies that are cash-strapped or under restricting lending arrangements, daily monitoring of cash positions and availability may be appropriate. Short-term cash forecasting, while often considered to be a strategic function, can also provide insights on current spending and collection trends that restrict cash availability.
  • Regular physical inventory counts – either annually or quarterly – can help identify control gaps and inventory shrink. Operational controls, such as periodic independent test counts and regular review of operational metrics (e.g. throughput, scrap adjustments, etc.) can also be helpful in timely identification of inventory waste or shrink.

3. Protect against management overrides

Frauds perpetrated by executives produce a median loss of $850,000 — nearly six times larger than the median loss caused by managers and 17 times higher than the median loss caused by low-level employees, according to the latest ACFE report.

  • Hiring policies should include background checks and possibly supplemental screening, such as drug testing or psychological evaluations.
  • Executive expense reimbursement requests also warrant scrutiny and should be subjected to the same review process as reimbursement requests submitted by non-executive employees.

4. Establish a continuous improvement mindset

Monitoring and making adjustment controls where needed ensures that the control environment remains effective in preventing or detecting fraud or error. Management and other in key employees should be aware of their role in the control environment and have the ability to objectively evaluate and improve the process on a continuous basis.

  • Leverage your audited financial statements to gain feedback on potential weaknesses or opportunities for improvement on the design or effectiveness of controls. It should be noted that an audit is not designed to identify all control related issues and may not identify immaterial deficiencies.
  • Implement an internal audit function with the primary purpose of conducting a risk assessment, documenting an understanding of the internal control environment, designing and executing tests of key controls and reporting findings and recommendations to management. Internal audit functions can be developed internally or outsourced to your CPA firm.

Manufacturers with an effective control environment can proactively reduce the frequency and duration of schemes and minimize losses due to fraud. While not all manufacturers have the resources internally to conduct regular risk and internal control assessments, partnering with your CPA firm can provide you with valuable insight into your current control processes, as well as offer guidance on best practices to mitigate the risk of fraud.

Our qualified CPAs and Certified Fraud Examiners can help with identifying significant risks in your organization and assist in implementing effective controls to reduce your exposure to loss.

About the Authors

Kristian R. Barr

CPA, MSA
Senior Manager, Assurance and Advisory

Subscribe

Stay up-to-date with the latest news and information delivered to your inbox.

Subscribe Now