According to the Association of Certified Fraud Examiners’ Report to the Nations: 2018 Global Study on Occupational Fraud and Abuse, organizations victimized by fraud lose a median $130,000. But construction companies, in particular, are even harder hit, with a median loss of $227,000. What can you do to protect your construction business? Adopt this checklist.

Ways to tighten controls

An effective strategy for minimizing fraud is to tighten your internal controls. Make sure the following are part of your policies and procedures:

Surprise audits and jobsite visits. These visits can not only help detect fraud, but also send a strong message that combating fraud is a priority — which is a powerful deterrent.

Segregation of duties. Avoid situations in which one person handles multiple financial or accounting tasks. For example, the person who processes cash transactions shouldn’t also prepare the company’s bank deposits.

Bank statements. Have monthly bank statements sent to you or a manager independent of the accounting function. Canceled checks should be reviewed for unfamiliar payees and forged signatures.

Purchase monitoring. Name someone other than the purchasing agent — you or an estimator, for instance — to review vendor invoices, purchase orders and other documents. Use prenumbered purchase orders. Physically check materials and supplies to ensure they correspond to what was ordered in terms of quantity and quality.

Kickbacks and bid-rigging. If your company is suddenly winning bids that you haven’t in the past and that seem like a stretch, verify that your bid processes have been followed. Sometimes employees disguise illegal activities as change orders, so be sure to scrutinize each change order.

Budget analysis. Prepare annual budgets — for your company and each job — and regularly compare actual results to budgets. Scrutinize large or unanticipated discrepancies.

Payroll practices. Have someone independent of your accounting department verify the names and pay rates on your payroll. If you don’t already, pay employees using direct deposit, rather than with checks or cash.

Vacation policy. Require full-time employees to take time off every year. Fraud is often exposed when the perpetrator isn’t there to cover it up.

Many benefits

These are just some of the many internal controls contractors should implement to protect their businesses. In addition to preventing and revealing fraud, solid internal controls can help avoid accounting errors, reduce waste and boost cash flow by making billing, purchasing and other processes more efficient. Contact us for more information at 205-345-9898 and info@covenantcpa.com.

© 2019 CovenantCPA

It should come as no surprise that cash is the most popular target of fraud perpetrators. After all, once stolen, cash itself is virtually untraceable. But that doesn’t mean forensic accounting professionals can’t unearth cash fraud schemes — and the crooks behind them.

3 categories

According to the Association of Certified Fraud Examiners, there are three main categories of cash fraud (which includes checks because they’re easily converted to cash):

  1. Theft of cash on hand,
  2. Theft of cash receipts, and
  3. Fraudulent disbursements.

The last category comprises many of the most frequently executed schemes, such as overbilling and “ghost” vendor or employee schemes. For example, overbilling vendors usually submit inflated invoices by overstating the price per unit or the quantity delivered. A dishonest vendor also might submit a legitimate invoice multiple times. Overbilling may involve collusion with employees of the victim organization, who typically receive kickbacks for their assistance.

Employees also can conduct billing fraud on their own, submitting bogus invoices payable to a fictitious vendor and diverting the payments to themselves. Similarly, an employee might set up payroll disbursements to nonexistent ghost employees.

Tracing schemes

Cash can be difficult to trace once it’s in the hands of a thief. But forensic experts usually are able to trace the path that stolen cash took before the fraudster pocketed it. This includes who “touched” the cash and what prompted its flow out of the organization.

Inflated invoices, for example, often leave a trail of red flags. Experts look for invoices that bill for “extra” or “special” charges with no explanation. Other suspicious signs include round dollar amounts, or amounts just below the threshold that requires management’s signoff, and discrepancies between invoice amounts and purchase orders, contracts or inventory counts.

If forensic experts suspect that fictitious billing has occurred, they often investigate accounts with no tangible deliverables — such as those for consulting, commissions and advertising — and check vendor addresses against employee addresses. Invoices with consecutive numbers or payable to post office boxes receive extra scrutiny.

Returned checks can supply useful information, too. Fraud perpetrators are more likely to cash checks, whereas legitimate businesses typically deposit them and rarely endorse checks to third parties.

To trace ghost employee schemes, experts examine payroll lists, withholding forms, employment applications, personnel files and other documents. The information collected from these sources may provide vital links between actual and ghost employees that wouldn’t otherwise be apparent.

To catch a thief

Strong internal controls are instrumental in preventing cash-type schemes. But even the strongest controls sometimes fail to prevent a determined fraudster. If that happens, we can help your business ferret out the fraud and track down the perp. Call or email us today for help– 205-345-9898 or info@covenantcpa.com.

© 2019CovenantCPA

While the Tax Cuts and Jobs Act (TCJA) reduces most income tax rates and expands some tax breaks, it limits or eliminates several itemized deductions that have been valuable to many individual taxpayers. Here are five deductions you may see shrink or disappear when you file your 2018 income tax return:

1. State and local tax deduction. For 2018 through 2025, your total itemized deduction for all state and local taxes combined — including property tax — is limited to $10,000 ($5,000 if you’re married and filing separately). You still must choose between deducting income and sales tax; you can’t deduct both, even if your total state and local tax deduction wouldn’t exceed $10,000.

2. Mortgage interest deduction. You generally can claim an itemized deduction for interest on mortgage debt incurred to purchase, build or improve your principal residence and a second residence. Points paid related to your principal residence also may be deductible. For 2018 through 2025, the TCJA reduces the mortgage debt limit from $1 million to $750,000 for debt incurred after Dec. 15, 2017, with some limited exceptions.

3. Home equity debt interest deduction. Before the TCJA, an itemized deduction could be claimed for interest on up to $100,000 of home equity debt used for any purpose, such as to pay off credit cards (for which interest isn’t deductible). The TCJA effectively limits the home equity interest deduction for 2018 through 2025 to debt that would qualify for the home mortgage interest deduction.

4. Miscellaneous itemized deductions subject to the 2% floor. This deduction for expenses such as certain professional fees, investment expenses and unreimbursed employee business expenses is suspended for 2018 through 2025. If you’re an employee and work from home, this includes the home office deduction. (Business owners and the self-employed may still be able to claim a home office deduction against their business or self-employment income.)

5. Personal casualty and theft loss deduction. For 2018 through 2025, this itemized deduction is suspended except if the loss was due to an event officially declared a disaster by the President.

Be aware that additional rules and limits apply to many of these deductions. Also keep in mind that the TCJA nearly doubles the standard deduction. The combination of a much larger standard deduction and the reduction or elimination of many itemized deductions means that, even if itemizing has typically benefited you in the past, you might be better off taking the standard deduction when you file your 2018 return. Please contact us with any questions you have at 205-345-9898.

© 2019 Covenant CPA

Charities typically receive most of their donations during the holidays and at year end. It’s critical for these organizations to be on the lookout for fraud throughout the year, but even more so during the busy season. Here are some fraud schemes nonprofits should watch out for and how they can use internal controls to protect against financial losses.

Culture of trust

Charities generally are staffed by people who believe strongly in their missions, which contributes to a culture of trust. Unfortunately, such trust makes nonprofits vulnerable to certain types of fraud. For example, if managers don’t supervise staffers who accept cash donations, it provides an opportunity for them to skim cash. Skimming is even more likely to occur if a nonprofit doesn’t perform background checks on employees and volunteers who’ll be handling money.

However, skimming isn’t the most common type of fraud scheme in the nonprofit sector. According to the Association of Certified Fraud Examiners, religious, charitable and social services organizations are most likely to fall prey to billing schemes. Falsified expense reports and credit card abuse are also common in nonprofits.

Internal controls matter

Even small nonprofits that consider their employees and volunteers “family” need to establish and enforce internal controls. Such procedures must be followed regardless of how busy staffers are processing donations and completing year-end duties.

Possibly the most important control to prevent occupational fraud is segregation of duties. To reduce opportunities for any one person to steal, multiple employees should be involved in processing payables and receivables. For example, every incoming invoice should be reviewed by the staffer who instigated it to confirm the amount and that the goods or services were received. A different employee should be responsible for writing the check.

And don’t forget to protect electronic records that include data on donors, vendors and employees. Staff members should be given access only to the information and programs required for their job. And all sensitive information should be password-protected.

Caution with special events

Many nonprofits depend on money raised from a big annual gala or other special event at year end. During crowded, chaotic fundraisers, you’ll want to discourage supporters from making cash payments. Instead, presell or preregister event participants to limit access to cash on the day of the event. If you decide to accept cash at the door, try to assign cash-related duties to paid employees or board members, rather than unsupervised volunteers.

For more tips on preventing fraud in your nonprofit, contact us. We can help you reinforce internal controls, as well as investigate suspected theft. Call us today at 205-345-9898.

© 2018 Covenant CPA

Many retail businesses implement careful controls over the use of their cash registers. For this reason, register-disbursement schemes are among the least costly types of cash frauds. Without such controls, however, businesses risk significant losses. Here’s how to make sure your company is doing everything it can to prevent this type of fraud.

Red flags

Issuing fictitious refunds and falsely voiding sales are a couple of common ways employees steal money. Both methods involve paying out cash without a corresponding return of inventory and usually result in abnormally high inventory shrinkage levels.

But high shrinkage is just one way to spot cash register disbursement fraud. Other red flags include:

  • Disparities between gross and net sales,
  • Decreasing net sales (increasing sales returns and allowances),
  • Decreasing cash sales relative to credit card sales,
  • Forged or missing void or refund documents,
  • Increasing void or refund transactions by individual employees, and
  • Multiple refunds or voids just under the review limit.

Any of these warning signs may warrant investigation. A fraud expert can help you determine whether discrepancies have innocent explanations or indicate a more serious problem.

Prevention measures

Your business can prevent cash register theft by taking preventive measures. These include having written ethics policies and providing employees with antifraud training. In many cases of register theft, several employees are aware that it’s happening. So be sure to provide a confidential hotline or other means for employees to report unethical behavior without fear of reprisal.

Your fraud detection and deterrence program should also include training internal auditors to regularly perform horizontal analysis of income statements. Horizontal analysis — which compares financial statement line items from one period to the next — can identify suspicious trends, such as an increasing number of cash refunds.

Professional help

Taking these simple steps can prevent significant losses. But signs of extensive cash register theft usually indicate bigger issues. Contact us. We can help you nip theft in the bud by strengthening internal controls and, when necessary, assemble evidence for criminal prosecutions and civil lawsuits. Call us today at 205-345-9898.

© 2018 Covenant CPA

To head off employee theft, businesses need to know what crooked employees are most likely to steal. The number one preference is cash. But if that’s off limits, the next choice is something expensive that they can use outside work. And, of course, the most costly and useful items in most offices are laptop and desktop computers and other technological devices.

Mark equipment

How can your company protect its technology assets from theft? First, consider adding security plates and indelible markings. These additions can help you track stolen equipment, inhibit resale and discourage thieves from ever trying to steal.

Security software also can track a stolen computer online. As soon as the thief connects to the Internet, its software contacts the security firm’s monitoring system, which traces the machine’s current IP address. To locate a physical address, firms use GPS and Wi-Fi tracking. However, there can be legal obstacles to obtaining the actual address of a thief.

Most computers and mobile devices can also be tracked by sites and apps such as Google, Facebook and Dropbox, which capture the IP addresses of users when they log into their accounts. Apple products can be tracked using iCloud.

Fasten it down

To keep laptop and desktop computers where they belong, you can lock them down with cables and attach motion sensor alarms. If you store numerous laptops on your premises, consider locking them in heavy-duty cabinets or carts when not in use.

To deter desktop computer theft, consider a locked steel case bolted to the desktop. If you prefer not to drill holes in furniture, you can attach super-strength adhesive security pads to desks or other furniture to prevent thieves from lifting the equipment off the surface.

Keep it safe

It’s worth the effort to add extra security and keep your company’s assets where they belong. Also make sure that your business insurance provides adequate coverage for computer losses. Contact us for more information at 205-345-9898.

© 2018 Covenant CPA

Tax identity theft may seem like a problem only for individual taxpayers. But, according to the IRS, increasingly businesses are also becoming victims. And identity thieves have become more sophisticated, knowing filing practices, the tax code and the best ways to get valuable data.

How it works

In tax identity theft, a taxpayer’s identifying information (such as Social Security number) is used to fraudulently obtain a refund or commit other crimes. Business tax identity theft occurs when a criminal uses the identifying information of a business to obtain tax benefits or to enable individual tax identity theft schemes.

For example, a thief could use an Employer Identification Number (EIN) to file a fraudulent business tax return and claim a refund. Or a fraudster may report income and withholding for fake employees on false W-2 forms. Then, he or she can file fraudulent individual tax returns for these “employees” to claim refunds.

The consequences can include significant dollar amounts, lost time sorting out the mess and damage to your reputation.

Red flags

There are some red flags that indicate possible tax identity theft. For example, your business’s identity may have been compromised if:

  • Your business doesn’t receive expected or routine mailings from the IRS,
  • You receive an IRS notice that doesn’t relate to anything your business submitted, that’s about fictitious employees or that’s related to a defunct, closed or dormant business after all account balances have been paid,
  • The IRS rejects an e-filed return or an extension-to-file request, saying it already has a return with that identification number — or the IRS accepts it as an amended return,
  • You receive an IRS letter stating that more than one tax return has been filed in your business’s name, or
  • You receive a notice from the IRS that you have a balance due when you haven’t yet filed a return.

Keep in mind, though, that some of these could be the result of a simple error, such as an inadvertent transposition of numbers. Nevertheless, you should contact the IRS immediately if you receive any notices or letters from the agency that you believe might indicate that someone has fraudulently used your Employer Identification Number.

Prevention tips

Businesses should take steps such as the following to protect their own information as well as that of their employees:

  • Provide training to accounting, human resources and other employees to educate them on the latest tax fraud schemes and how to spot phishing emails.
  • Use secure methods to send W-2 forms to employees.
  • Implement risk management strategies designed to flag suspicious communications.

Of course identity theft can go beyond tax identity theft, so be sure to have a comprehensive plan in place to protect the data of your business, your employees and your customers. If you’re concerned your business has become a victim, or you have questions about prevention, please contact us at 205-345-9898.

© 2018 Covenant CPA