Image

Bank account security

January 31, 2012
Image


Bank account security


Don’t leave the keys in the door to the safe!  Theft from businesses is happening more than you think…….

If you are a businessperson and you own your own company, have you got enough security over your bank account?

Three recent cases in the press have highlighted examples of the shocking abuse of the trust placed in employees in owner-managed businesses.  In all three cases, trusted and long-term accounts staff had siphoned off large sums of money from their employers – in two of these cases, the discovery of the losses was only apparent after the companies had got into serious financial difficulties and gone into liquidation.  Newspaper reports highlighted that the staff at fault had used the stolen loot to prop up their lifestyles, by paying off debts or on extravagant lifestyle spending.

I am sure the similarities in the cases do not stop there.  Whilst it was only specifically reported in one of the cases, I can confidently speculate that in all cases the modus operandi was via the ELECTRONIC BANKING.

As a background point, it should be noted that the directors of a company have the legal duty to protect the assets of the company from fraud or irregularities (including an honest error which might nonetheless lead to a loss to the business).  They should ensure that processes are in place that prevent or detect such problems.  Often the simplest measures can be used to make fraud and errors much less likely.

In the case reported on in detail, the theft was perpetrated by a long-term employee who the directors trusted implicitly.  Thus, the employee had sole authority over electronic bank payments and the accounting for the resulting transactions.  I imagine it was all too easy for the employee to hide entries for the missing cash in large expense accounts such as “purchases”.

Over the last twenty years the rise in electronic banking and the reduction in the use of cheques have led to erosion in the old system of control whereby the directors would usually sign every cheque.  However, even with the system of cheques, frauds and errors could happen in cash handling and recording, or in accounting for fictional cheque payments to existing suppliers.

Nowadays, all too often the directors have passed on banking PIN codes or set up sole signatory authority over the electronic banking to the internal accountant or bookkeeper.  In the case reported the director saw nothing wrong with this as “it was the accountant’s job to do the payments”.  This means that there was no second sign-off on payments which might prevent or detect fraud or error.

In a recent client case, I explained to the bookkeeper that the level of authority they had over the bank put them at risk of undetected errors and said I would bring this up with the directors.  The bookkeeper was actually pleased with this as they felt somewhat exposed if an honest mistake was made – after all it would be 100% their responsibility.  A happy compromise was agreed where the online authorities were altered so that the director was needed to sign off electronic transactions over a certain threshold on the online banking and they could leave the bookkeeper with signatory below that threshold value, however the bookkeeper was to present the director with weekly summaries of their sole authorised transactions and the director would review and initial them as approved with hindsight.  Thus the director was not unduly bogged down in all the administration, but was kept fully involved.

It almost goes without saying that not all businesses will want to apply their systems the same way, but there will always be an appropriate level of internal controls for a business.

If you have any questions on this subject then speak to your Barnes Roffe LLP contact.  After all, prevention is best.

Image