How small businesses can reduce the risk of fraud

Every year in Australia the small to medium business segment loses millions of dollars to fraudulent activity.  Sometimes the perpetrator is unknown to the business using sophisticated technology to extract funds. In many cases the fraud is committed by a staff member who is operating right under the owner’s nose.  Often the fraud occurs over a long period of time before it is detected, if indeed, it is detected at all.

The good news is that you don’t need to hire an expensive SWAT team to rifle through your books and audit every transaction.  There are some reasonably simple and low cost measures you can implement to reduce the risk of fraud.  To make things easy, many cloud accounting systems have exciting features to help time-poor business owners which we believe are currently under utilised by small business.

1. Separate critical functions

Certain key functions should be separated and performed by different staff, and if they are not then fraud becomes easier for a person to commit.  If you are a really small business, granted this can be a challenge to achieve.  The most common separation is that of bank reconciliation from bank payments.  An equally critical task to separate (which many small businesses don’t) is the setting up and editing of bank account details for suppliers and employees.

So let’s focus on bank details for suppliers:

  • Xero slipped in a new feature allowing you to select whether a user can have permission to edit bank data for suppliers and customers, making it easier to lock out users from this task.
  • ‘Grunt-ier’ cloud accounting software such as J Curve (utilising the Netsuite platform) who serve larger small businesses also has isolated user permissions for supplier information but go a step further to provide additional features such as credit limits for suppliers.
  • Almost all cloud accounting software gives you the ability to track actions by user with easy-to-read history reports – handy when the size of your business restricts you from segregating duties in the most optimal way.

Keep in mind you’ll still need to be comfortable that the person with permission to set up supplier bank details gets the information reliably from the supplier.  A case came across our desks recently where a fraudster edited bank details on many invoices!


2. Automated bank reconciliation reports

You’d be forgiven for feeling confused by this topic before we get started.  Accountants use the word ‘reconcile’ often and it can mean different things under different circumstances.

Essentially, it’s the process of matching one set of records to another and making sure you understand the variances. Let’s assume your bookkeeper tells you he/she has ‘reconciled’ the bank account.  To some bookkeepers this means they’ve correctly allocated bank statement items into the ledger.  But is this enough?  Certainly not.

A vital control in any business is to understand variances between your bank statement and accounting ledger (profit & loss statement and balance sheet); including items in your ledger that may not be reflected in your bank statement.  This is typically achieved by the preparation of a bank reconciliation report.

Surprisingly, many businesses do not run such reports. Understandably they may have been put off by the administration time involved in its preparation.

Cloud accounting systems have now made this process instant and pain-free:

  • Full bank reconciliation reports can be run at the click of a button.
  • Exception reports are available identifying unusual transactions such as imported bank statement lines that have been deleted by users.


3. Anywhere, anytime access to review your numbers

Reviewing your profit & loss and balance sheet on a regular basis might seem like such a high-level approach that it’s unlikely to help you identify issues.  Not so. It’s a vital part of your tool-kit.

‘Analytical review’ is a commonly used technique by auditors to identify unexpected trends warranting further investigation.

If your accounting data is on a computer back at the office, with paper filed on the shelf, this doesn’t sound like a task you’d be rushing to do on a frequent basis right?

So how does cloud accounting make this fast and easy to do?



  • With access from any device with internet connectivity simply click into a transaction and see pictures of receipts, contracts and bills within seconds.
  • Speed up your document scan and load through use of low cost software that takes pictures of your invoices.  A short time later your bill data, with document attached, lands in your cloud accounting file.  Nice.


4. Controlling time theft

It’s common to think about theft in terms of something tangible like cash, stock or a fixed asset that has been taken from the business. A trickier fraud concept for some business owners to get their head around (and do something about!) is theft of time by employees.  Time theft occurs when an employer pays for work that an employee has not done, or for the time the employee has not put into work. Identifying and rectifying even severe cases of time theft can be difficult if your processes are manual.

So what are the facts?

  • Research has shown that time theft costs Australian businesses in excess of $12 billion annually.
  • According to the folk at Tanda, cloud-based time and attendance software, 2 to 2.5 minutes can be saved per clock in/out per employee on average.

Time and attendance software subscriptions are available at low cost that integrate nicely with cloud accounting systems.

They capture a picture of staff at clock off and on times and ensure that only logged time integrates to the payroll section of the accounting system.


5. Approval of supplier invoices made easy

Don’t assume your accountant or bookkeeper has an intimate understanding of the legitimacy of the charges on bills from suppliers.

Supplier invoices should be approved by a staff person who is familiar with the operations of your business and understands what was ordered.  That person may indeed be the owner, but for larger small businesses you'll have to think about your delegations.

With cloud accounting approvals can be effected on the run without the need to be in the office, and, user profiles can be established that restrict access to invoice and bill approval only.



No owner likes to think they can’t trust their team but this is time to be personality agnostic.  Take a balanced view of managing the performance of your business and safeguard your assets.  If you’re currently using cloud accounting, take a brief moment to think how you can make a few small low-cost changes that can substantially reduce your fraud risk.  If you’re not on cloud accounting, maybe it’s time.

Contact me for more information or view our CFO Advisory Program


View More Blog Posts