Internal control/anti-fraud program design for the small business : a guide for companies not subject to the Sarbanes-Oxley Act

A how-to guide to small business anti-fraud protection and internal control Internal Control/Anti-Fraud Program Design for the Small Business is a practical guide to protection for businesses NOT subject to the Sarbanes-Oxley Act. Written by an expert with three decades of forensic investigation experience, this book is geared specifically toward private, non-public small businesses and their unique needs in the realm of fraud protection. Covering all elements of an internal control structure applicable to the small business community, this guide provides a step-by-step roadmap for designing and implementing an effective, efficient internal control structure/anti-fraud program tailored to your business's particular needs. Case studies are used throughout to illustrate internal control weaknesses and the fraud that can result, and follow-up analysis describes the controls that would have reduced the probability of fraud had they been in place. You'll learn how to analyze your company's internal control issues, and implement a robust system for fraud prevention. Guidance toward Sarbanes-Oxley compliance is readily available, but there is little information available for the many businesses not subject to the act -until now. This book is the step-by-step guide for instituting an internal control program tailored to your small business. Understand the five elements of internal control Avoid gaps in protection with relevant controls Design the ultimate anti-fraud program Implement internal control tailored to your needs The majority of small business owners simply do not know the elements of or implementation process involved in internal control, and Sarbanes-Oxley guidelines don't necessarily scale down. Internal Control/Anti-Fraud Program Design for the Small Business helps you design and install the internal control/anti-fraud protection your business needs.

Preface: Maybe It's Time We Get Back to the Basics xi Acknowledgments xvii PART I: THE ANTI-FRAUD ENVIRONMENT: THE BLUEPRINTS, THE FOUNDATION, THE GROUND FLOOR Chapter 1: The Architect's Blueprint: Establishing the Framework 3 The Elements of Anti-Fraud Program Design 3 Anti-Fraud Environment 4 Fraud Risk Assessment 4 Control Activities 5 Information: Program Documentation 6 Communication: The Company Fraud Training Program 6 Monitoring and Routine Maintenance 7 Chapter 2: Foundational Policies: The Fraud Policy 9 Foundational Policies 10 The Fraud Policy: The Essential Elements of an Effective Fraud Policy 10 Case Presentation 17 Chapter 3: Foundational Policies: The Fraud Reporting Policy 19 The Essential Elements of an Effective Fraud Reporting Policy 20 Chapter 4: Foundational Policies: The Expense Reimbursement Policy 29 Case: "No Questions Asked" 29 Case: "It Will Never Be Missed" 30 Case: Larry the Chief Financial Offi cer 31 The Elements of an Effective Expense Reimbursement Policy 32 Appendix 4A: Expense Report Form 39 Appendix 4B: Supplemental Business Meal and Entertainment Charges Form 40 Chapter 5: The Ground Floor: The Fraud Risk Assessment Process 41 Ground Rules for Fraud Risk Assessment 42 An Example of Risk Assessment 43 Procedural Steps for Performing a Fraud Risk Assessment 44 Cash in Bank 48 Case: The Trail Is Gone 50 Case: Friends in Low Places 51 Asset Misappropriation 52 Corruption 53 Financial Statement Fraud 53 PART II: ANTI-FRAUD CONTROL ACTIVITIES: RAISING THE WALLS Chapter 6: Control Activities: The Absolutes 57 Critical Principles of Control Activity Design 57 Foundational Control Activities 59 Case: The Mail Drop in Las Vegas 64 Appendix 6A: Confl ict of Interest Form 67 Appendix 6B: New Vendor Establishment Form 68 Chapter 7: Control Activities: The Segregation of Duties Dilemma 69 But I Only Have Two Employees 69 Prevention versus Detection Controls 70 The Necessary Review Processes 72 Chapter 8: Control Activities: General Processes 75 Two Operational Questions 75 Common Control Activities 81 Case: The Cell Phone Reimbursement 91 Chapter 9: Control Activities: Specific Control Areas 95 Financial Statement Line Item Control Activities 95 PART III: COMPLETING THE ANTI-FRAUD PROGRAM: THE CEILING, THE ROOF, AND ROUTINE MAINTENANCE Chapter 10: The Ceiling: Documenting the Anti-Fraud Program 103 Information 103 Documentation-Keeping It Simple 104 The Elements of High-Quality Documentation 104 Chapter 11: The Ceiling: The Company Fraud Training Program 111 The Elements of Effective Communication 112 The Company Fraud Training Program 114 Chapter 12: The Roof: Monitoring and Routine Maintenance 119 Monitoring and Routine Maintenance Defi ned 120 The Monitoring and Routine Maintenance Structure 120 Chapter 13: The Sample Anti-Fraud Program 129 Appendix 13A: Fraud Risk Assessment Framework Form 137 Appendix 13B: Control Activities Form 138 Appendix 13C: Documentation of Control Activities 139 Appendix 13D: Compliance Audit Programs and Related Compliance Audit Working Papers 154 Appendix A: The Fraud Policy 171 Appendix B: The Fraud Reporting Policy 175 Appendix C: The Expense Reimbursement Policy 179 Appendix D: Forms 185 About the Author 193 Index 195