Check tampering schemes can start with an employee’s access to the company’s check stock. Following are some controls that can assist in preventing access to company checks:
- Store blank checks under lock and key with access severely limited. Boxes of blank checks should be sealed with security tape so that it will be obvious when a new box has been opened. On a periodic basis, someone independent of the check preparation function should verify the security of unused checks.
- Look for duplicate or out-of-sequence check numbers on bank statements. Fraudsters frequently steal blank checks from the bottom of the box so that the missing check will not be immediately noticeable. These checks will appear as out-of-sequence checks on the bank statement. Similarly, counterfeit checks often have numbers that are either completely out of sequence or that duplicate the numbers of checks that were already issued.
- Print check stock on watermark paper supplied by a company independent of the check printer. Incorporate security threads or other markers to verify that company checks are legitimate. Counterfeit checks are often printed on inferior-quality paper that will be apparent when compared with company check stock.
- Rotate check printers and/or check stock periodically so that counterfeits will stand out.
Following are some controls that can assist in preventing check forgery.
- Use a distinctive ink or pen for check signing. Signatures in another color, for instance, would stand out as fraudulent.
- Be alert for canceled checks with payees that do not reconcile to accounts payable. Forged checks generally have questionable payees. Also be alert to non-payroll checks payable to an employee.
- Compare the endorsement and bank account information on suspicious canceled checks to other checks that were written to the same vendor. In some cases employees forge checks payable to legitimate vendors then cash the checks themselves. Checks should include year-to-date payment activity. Thus, if a vendor sees that a check was issued but never received, an alert will be sounded.
Altered payee schemes are another form of check tampering that depends on intercepting checks that were previously prepared and signed. In an altered payee scheme, an employee steals a company check that is intended for a third party and alters the payee designation so that the employee or an accomplice can negotiate the check. The fraudster inserts his/her own name, the name of an accomplice, or a fictitious person or company on the payee line of the stolen check. Altering the payee designation essentially makes the check payable to the fraudster (or an accomplice). Incidentally, the amount of the check may also be altered at the same time and by the same method as the payee designation.
Following are some controls to prevent signed checks from getting into unauthorized hands:
- Separate the functions of cutting checks, signing checks, and delivering checks. If a check preparer is also allowed to have custody of signed checks, it is easy to commit a check-tampering fraud. In addition, mail checks immediately after signing.
- Listen to vendors. When a check payable to a vendor is stolen and no replacement is issued, the vendor will likely complain about non-payment. Vendor complaints can be extremely valuable in detecting fraud. Make sure that someone independent of the payables function investigates complaints. In addition, have independent personnel randomly contact vendors to confirm receipt of payments.
- Set up the accounting system to detect duplicate payments. An employee who steals a check may cause a replacement check to be issued so the vendor won’t complain. Paid vouchers should immediately be stamped “Paid,” and computerized systems should automatically flag duplicate invoice numbers. In addition, payables reports sorted by payee and amount should be periodically generated in order to detect duplicates when invoice numbers have been altered for the second check.
Reconciling bank statements is the fourth major function that should be separated. The majority of successful check-tampering schemes are committed by individuals in charge of reconciling bank statements who have access to one or more of the other major check-writing functions.
For small custom building firms with a single person doing the accounting it is often difficult to segregate duties. For these companies and those with multiple accounting personnel, at a minimum, bank statements should be received, opened, and reviewed by a person who does not have authority to cut, sign, or mail checks. For most small custom builders I recommend that this procedure be done by the owner. In my company, I have the bank statement mailed to my house, and I review all checks by looking at signature and payee before giving it to my bookkeeper, who prepares the bank reconciliation.
The financial effect of employee fraud can be devastating to a custom builder. By keeping an eye out for some of the signs identified in this article and by implementing stronger internal control procedures, you can minimize the possibility of being a victim of fraud. In addition to keeping eyes wide open, I suggest that all builders obtain a rider on their business insurance policy to cover employee dishonesty. The premium is usually low and, as in the case of my client (who had this coverage), you should be able to recover a portion of your loss.
