Businesses across the country have been forced to implement remote work environments in connection with state and federal government mandates for a temporary work stoppage to curtail the spread of COVID-19. With that comes several challenges, including the opportunity for fraud and circumvention of internal controls that are normally in place in the usual workplace setting. These changes require businesses to reevaluate their current control processes to ensure their continued effectiveness in deterring and preventing fraud in a remote work environment.
A well-known tool in understanding fraud is the fraud triangle. As the name suggests, there are three sides or influences for fraud, the most relevant during this pandemic being opportunity. The opportunity for employees to commit fraud arises from the lack of direct supervision and independence that a remote workplace provides. Effective internal controls work to mitigate the risk of fraud in any environment, but they become especially important in a changing workplace environment.
All internal control systems start with the tone at the top. Maintaining a high ethical standard in the workplace is the goal whether employees are in the office or working from home. The tone at the top is implemented via policy, but more importantly the tone at the top stems from the examples set by a business’s leadership team. In a remote environment, interaction between employees and leadership does not occur naturally, making it more difficult to maintain these ethical standards. Regular emails to the entire workforce to stress the importance of communication and maintaining accountability can aid in mitigating this threat. Video calls can be used as a more personal form of communication with smaller groups and to address any concerns employees may have during these uncertain times. Communication in a remote environment is essential to the functioning of any business and helps maintain relationships between leadership and its employees. While the tone at the top will not limit the opportunity for fraud, an ethical workforce is the backbone of any business environment and is the first step in protecting a business against the risk of fraud.
Segregation of duties is an important component of an organization’s control activities that can be affected by a remote work environment. There should be different individuals in an organization with custody of assets, that approve transactions, and that record those transactions in a business cycle such as payroll or cash disbursements. In a remote working environment, this segregation can be difficult to implement with individuals working from home or on alternative schedules. Existing controls and processes should be reevaluated to ensure they are still mitigating and preventing the risk of fraud with the change in workplace. Frequent communication with and oversight of employees can help supervisors evaluate the effectiveness of the controls in place and allow for the detection of deficiencies. Conversations with employees about work and their transition to a remote office can indicate weaknesses in the control structure so they can be properly adjusted to meet the organization’s needs. Supervisors should require the formal approval of records and transactions, even though the bulk of communication may be happening over the phone or on a video call, to facilitate accountability within the organization. These are just a few small adjustments to make that will aid in limiting a business’s exposure to fraud during the pandemic.
Although businesses have started to bring employees back to work, there are still limitations on group gatherings and workplace regulations in place that continue to affect the way businesses operate. It is important to take this time to reevaluate and continually monitor your company’s internal controls to adapt to new regulations as they arise.
If you have any questions or need any assistance reviewing your current processes, please contact Sean Daughton, CPA, CFE, at firstname.lastname@example.org.
For an in-depth discussion on internal controls in the COVID environment, register for Dannible & McKee’s Virtual Fraud Prevention Conference on September 22, 2020. To learn more, visit www.dmcpas.com/events.