Conduct a fraud risk analysis


It’s better to be proactive about security than reactive. That means conducting your own analysis.

Too many small businesses ignore their fraud and theft risks until after they’ve been victimized. While it’s better late than never, being proactive can prevent losses.

The key to successful fraud prevention is to take a systematic, well-thought out approach rather than an ad hoc approach. The resources you can devote to preventing fraud and theft will be limited. That means you need to address your biggest risks first.

  1. First, set up a team to examine the issue. This can include employees, family members, paid professionals, and informal advisors. The only requirement for inclusion on the team is that they have the business’s interest at heart. It makes sense to have team members who know accounting and bookkeeping, customer acquisition, vendor and supplier relations, staffing and management, and operations.
  2. Second, identify all the security risks to your business, even those who have very little chance of taking place. The goal here to identify all your exposures. Here’s a brief list to start with: theft of cash on hand, skimming, cash larceny, billing, payroll, expense reimbursement, check tampering, register disbursements, inventory, other assets, and shoplifting.
  3. Third, assign odds to each of those risks happening. The exact number you choose is less important than the ranking of the risks.
  4. Fourth, categorize the potential damage from each of those risks. Again, ranking is more important than the exact numbers.
  5. Fifth, briefly sketch out what could be done to mitigate each risk. You don’t need to draft a fully detailed plan just yet. Instead, jot down a general step, like “separate bill paying from hiring vendors.”
  6. Sixth, put together a list with the most potentially damaging, and most likely to occur risk on top, working your way down to the least potentially damaging, least likely to occur.
  7. Now that you’ve characterized your risks, determine who among your staff and advisors are best suited to help reduce each risk. 
  8. Have each of those smaller teams address the risks one by one from most dangerous to least. They should take the general step you’d all come up with in the earlier stage and flesh it out so you have a detailed action plan.

Once you finish the exercise you’ll have your comprehensive fraud prevention plan.