By Julian Dozier, CPA, ABV, CFF, CFE, Thomas Howell Ferguson P.A. CPAs
You work hard in your practice, enjoy spending time with your patients, and do your best to manage your office staff and bookkeeping. While you’d rather be spending time on the medical side of your practice, you understand the importance of being involved in the business side of your practice. No one wants to think their employees would steal from their company, but every organization faces the risk. So, do you have a sound system of internal controls in place to mitigate the risk?
Here are five simple steps you can take to reduce your risk of employee embezzlement:
1. Conduct background checks. Your employees may have access to your financial information, bank accounts, prescription pads and expensive medical supplies. Be sure to conduct background checks before hiring any employee, and make it your policy to update those checks at least every two years for financial personnel.
2. Segregation of duties. Financial tasks should be assigned so that no single employee is responsible for authorizing transactions, maintaining custody of assets and resources, recording transactions and reconciling accounts. While it’s best for all four of those functions to be segregated, be sure no single employee is responsible for more than two of them. As an example, if an employee can authorize payments to vendors, they should not be authorized to add vendors to the accounting system, print and sign checks, or reconcile the bank account.
3. Oversight is important. The perception of detection can be as important as any other internal control your practice puts in place. If employees know their work is being checked, and that the bank accounts are being reconciled and verified, they are less likely to embezzle.
4. Know your bank account. For assets like cash that — when there are poor internal controls — can be embezzled quickly and easily concealed, you need to do more. Receive each monthly bank statement directly (unopened) and review it for unusual or unexpected activity. Ask questions. Know where your practice spends its money and who is authorizing those transactions. Quickly spotting unauthorized bank activity is critical to minimizing your risk of embezzlement.
5. Get outside help. Find a local certified public accountant (CPA) to conduct periodic checkups at your practice. Your CPA can help you design internal controls, implement best practices and conduct random checks to see that your employees are following approved policies and procedures.
Julian Dozier is a CPA with the accounting firm Thomas Howell Ferguson P.A. He specializes in forensic audits and litigation support related to for-profit and governmental enterprises. His certifications and designations include Certified Fraud Examiner (CFE) and Certified in Financial Forensics (CFF). For more information, please visit www.thf-cpa.com/what-we-do.