A how-to guide to small business anti-fraud protection and internal control Internal Control/Anti-Fraud Program Design for the Small Business is a practical guide to protection for businesses NOT subject to the Sarbanes-Oxley Act. Written by an expert with three decades of forensic investigation experience, this book is geared specifically toward private, non-public small businesses and their unique needs in the realm of fraud protection. Covering all elements of an internal control structure applicable to the small business community, this guide provides a step-by-step roadmap for designing and implementing an effective, efficient internal control structure/anti-fraud program tailored to your business's particular needs. Case studies are used throughout to illustrate internal control weaknesses and the fraud that can result, and follow-up analysis describes the controls that would have reduced the probability of fraud had they been in place. You'll learn how to analyze your company's internal control issues, and implement a robust system for fraud prevention.
Guidance toward Sarbanes-Oxley compliance is readily available, but there is little information available for the many businesses not subject to the act until now. This book is the step-by-step guide for instituting an internal control program tailored to your small business. * Understand the five elements of internal control * Avoid gaps in protection with relevant controls * Design the ultimate anti-fraud program * Implement internal control tailored to your needs The majority of small business owners simply do not know the elements of or implementation process involved in internal control, and Sarbanes-Oxley guidelines don't necessarily scale down. Internal Control/Anti-Fraud Program Design for the Small Business helps you design and install the internal control/anti-fraud protection your business needs.
STEVE DAWSON, CPA, CFE, is president and founder of Dawson Forensic Group, a firm devoted to the investigation of fraud and the education of the small business community in internal control/anti-fraud program design and implementation. For the past thirty years, he has performed forensic investigations and related forensic services for various businesses and agencies. He is a nationally recognized speaker in fraud detection, prevention, and internal control design methodologies. He is a graduate of Texas Tech University with a Bachelor's of Science degree in Accounting and holds a certified public accountant certificate in Texas as well as a certificate as a certified fraud examiner.
Preface: Maybe It s Time We Get Back to the Basics xi Acknowledgments xvii PART I: THE ANTI-FRAUD ENVIRONMENT: THE BLUEPRINTS, THE FOUNDATION, THE GROUND FLOOR Chapter 1: The Architect s Blueprint: Establishing the Framework 3 The Elements of Anti-Fraud Program Design 3 Anti-Fraud Environment 4 Fraud Risk Assessment 4 Control Activities 5 Information: Program Documentation 6 Communication: The Company Fraud Training Program 6 Monitoring and Routine Maintenance 7 Chapter 2: Foundational Policies: The Fraud Policy 9 Foundational Policies 10 The Fraud Policy: The Essential Elements of an Effective Fraud Policy 10 Case Presentation 17 Chapter 3: Foundational Policies: The Fraud Reporting Policy 19 The Essential Elements of an Effective Fraud Reporting Policy 20 Chapter 4: Foundational Policies: The Expense Reimbursement Policy 29 Case: No Questions Asked 29 Case: It Will Never Be Missed 30 Case: Larry the Chief Financial Officer 31 The Elements of an Effective Expense Reimbursement Policy 32 Appendix 4A: Expense Report Form 39 Appendix 4B: Supplemental Business Meal and Entertainment Charges Form 40 Chapter 5: The Ground Floor: The Fraud Risk Assessment Process 41 Ground Rules for Fraud Risk Assessment 42 An Example of Risk Assessment 43 Procedural Steps for Performing a Fraud Risk Assessment 44 Cash in Bank 48 Case: The Trail Is Gone 50 Case: Friends in Low Places 51 Asset Misappropriation 52 Corruption 53 Financial Statement Fraud 53 PART II: ANTI-FRAUD CONTROL ACTIVITIES: RAISING THE WALLS Chapter 6: Control Activities: The Absolutes 57 Critical Principles of Control Activity Design 57 Foundational Control Activities 59 Case: The Mail Drop in Las Vegas 64 Appendix 6A: Conflict of Interest Form 67 Appendix 6B: New Vendor Establishment Form 68 Chapter 7: Control Activities: The Segregation of Duties Dilemma 69 But I Only Have Two Employees 69 Prevention versus Detection Controls 70 The Necessary Review Processes 72 Chapter 8: Control Activities: General Processes 75 Two Operational Questions 75 Common Control Activities 81 Case: The Cell Phone Reimbursement 91 Chapter 9: Control Activities: Specific Control Areas 95 Financial Statement Line Item Control Activities 95 PART III: COMPLETING THE ANTI-FRAUD PROGRAM: THE CEILING, THE ROOF, AND ROUTINE MAINTENANCE Chapter 10: The Ceiling: Documenting the Anti-Fraud Program 103 Information 103 Documentation Keeping It Simple 104 The Elements of High-Quality Documentation 104 Chapter 11: The Ceiling: The Company Fraud Training Program 111 The Elements of Effective Communication 112 The Company Fraud Training Program 114 Chapter 12: The Roof: Monitoring and Routine Maintenance 119 Monitoring and Routine Maintenance Defined 120 The Monitoring and Routine Maintenance Structure 120 Chapter 13: The Sample Anti-Fraud Program 129 Appendix 13A: Fraud Risk Assessment Framework Form 137 Appendix 13B: Control Activities Form 138 Appendix 13C: Documentation of Control Activities 139 Appendix 13D: Compliance Audit Programs and Related Compliance Audit Working Papers 154 Appendix A: The Fraud Policy 171 Appendix B: The Fraud Reporting Policy 175 Appendix C: The Expense Reimbursement Policy 179 Appendix D: Forms 185 About the Author 193 Index 195