OH and Partners CA

11/11/2020

Payroll audit - also known as a compliance audit - is conducted by many multi-employee businesses to ensure compliance for "a contributing employer’s records to verify that the employer has contributed to the plan as required by a collective bargaining agreement." according to C&P Advisors, LLC.

In addition, internal auditing is often conducted to ensure that records are accurate and properly maintained, and to identify problems before they become issues. In this post we will look at five of the most important reasons for conducting regular internal payroll audits.

Payroll Audits Should be a Regular Function of Your Payroll Process
According to an article by Grace Ferguson in AZCentral.com,
"Conducting periodic audits at least once or twice per year helps you maintain compliance and strengthen your company’s financial controls. The audit enables you to verify that payroll records are correct and to spot and fix issues that could have led to an external audit. A qualified member of your staff or a third-party auditor can perform the audit."
What this means for you and your business is having a documented process for scheduling and conducting an annual - or semi-annual - payroll audit. Whether you do it yourself, delegate it to certain staff members, or outsource the task to a third-party auditor, creating a system and procedure around it will ensure that it actually happens.

In addition, a regular audit will mean adjustments and corrections.

No one is perfect, and no system is perfect. And if your company is growing and adding employees, the complexity of the payroll process multiplies accordingly. Audits can also provide for a second set of eyes to look over your business’s accounts. In fact, an annual audit of your business may be a requirement of lenders as a condition of loaning their money for your business.

Unfortunately, for many smaller businesses, a professional audit can be costly. According to Dummies.com,

It’s hard to do an audit of even a small business in less than 100 hours. At $100 per hour (which is probably too low an estimate), the audit fee would be $10,000. Instead of a full-fledged audit, which they can’t realistically afford, many smaller businesses have a CPA come in regularly to look over their accounting methods and give advice on their financial reporting.
But the good news is that you can easily conduct your own audits, especially if you delegate aspects of it and structure the process to take place regularly and consistently.

Need to quickly estimate employee take-home pay? Access free payroll calculators for all your computing needs.

azcentral.com is the digital home of The Arizona Republic newspaper, with breaking news and in-depth coverage of sports, things to do, travel and opinions.

23/01/2020

OH and Partners

01/09/2018

The 5Cs of Fraud Prevention


By Tracey Panek
Trade Credit Content Marketing Manager
Dun & Bradstreet
29 June 2018
Tips to combat business identity theft
Business-to-business fraud is nothing new, and companies of all sizes should know by now the importance of safeguarding themselves from fraud, which is perpetrated in many forms. Criminals are constantly changing tactics, and data is all too readily available – the result is that companies are more vulnerable than ever to having their data, business identity, or information stolen by fraudsters. According to Dun & Bradstreet, instances of business identity theft were up 46% year-over-year in 2017.

While there are many methods of business fraud, including cybersecurity attacks and employee theft, business identity theft is of particular concern to business owners and finance professionals such as credit managers. Criminals who steal a business’s identity work to obtain new or take advantage of an existing line of credit, allowing them to order goods they never intend to pay for. When companies fall prey to this type of fraud, the victims can include the reputation and financial standing of the business whose identity was compromised, the supplier that is not going to get paid, and other companies overall that in turn make up for the losses by passing higher prices to other businesses and consumers.

Credit and risk professionals who receive suspicious orders or requests for credit can help stop their companies from becoming victims of business identity theft through targeted prevention and detection by following these fraud-prevention tips:

The 5Cs of Fraud Prevention
1. Confirmation: Is the business who it says it is? Is the person placing the order even who they say they are? It’s important to remember that companies do not commit business-to-business fraud, but rather people take steps to commit malfeasance. This can include individuals who start out with the intent to defraud, but also cases where the individual evolved to committing fraud. Therefore, when you receive a new application for credit, it’s common sense to perform due diligence and identify signals or what are often called red flags. So, while a quick check of a state’s Secretary of State business registration database used to be the go-to source to confirm if a business is registered, in good standing to operate in the state, or has a valid address, it has been reported that some Secretary of State databases have weak verification protocols and have had their records compromised in the past. These days, performing what can be best described as multi-sourcing is a best practice. This can include searching for a business license, professional license (if the business is in a regulated industry), real estate property records, and website domain registries. In addition, reviewing a business credit report from a bureau such as Dun & Bradstreet that leverages tens of thousands of multiple sources and has developed predictive signals can be helpful in confirming background information on a company.

2. Condition: Is the business (and/or its executives) active? After you’ve confirmed that the business exists and is in good standing, the next step is to find out its status or activity, and see if it matches what you expect. For example, does it post regularly on social media, and should it? (Don’t put too much trust in social media, which can be easily manipulated, but it supports the multi-sourcing process.) Does it have credible and valid contact information on its website or an “About Us” section that names the company’s owner or executives, and lists its address? (Again, be careful, as websites can also be easily produced). It’s true that some smaller businesses may not want to list their address or other identifying information on their website, but that has fast become the exception. The balance between brand, recognition, marketing, and credibility has overruled, in most instances, the fear of having data compromised. Remember - if a company wants to do business with you, it should be willing to provide reputable references and legitimate confirmation of its condition, as well as references from its bank, accountant, attorney, etc.

3. Consistency: Are stated facts consistent with other sources or what you expect? If you’ve confirmed that the person is real, is whom they say they are, and the business exists and is operating legitimately, the next step is to look for consistency – or a lack thereof. For example, does the company president also run a dozen other businesses registered at the same location? If so, does that make sense? Does the credit applicant’s email address match the company’s website? Or are they using a personal email address? If it’s not a first-time credit application, has the “ship to address” somewhat mysteriously changed? Does the credit application state the company has been around for five years, but you notice on a domain registry the website was registered six months ago? These can be an indication of misrepresentation at the least, and fraud at the most. These minute details can be easy to overlook especially in today’s fast-paced environment, but if you receive an unusual order from what (at first pass) appears to be a legitimate company, at a suspicious or inconsistent physical or virtual address, it is a definite red flag that is worth the time to research.

4. Character: Are there any past issues that could make current or future transactions risky? It’s important in the quick-adapting fraudster environment to gain situational awareness and understand trends. Remember, companies are made up of people. When it comes to character, things such as online complaints, adverse news stories, civil and criminal cases, and other unfavorable information in a business credit report can reveal notable skeletons in the closet. However, many businesses have faced tough times and have good intentions, though, so having unfavorable information from a while ago doesn’t necessarily mean that the owners have poor character or are a potential fraud risk. Still, someone who begs their salesperson for an order to be placed ASAP to try and bypass the usual due diligence steps, and or is willing to accept what are normally unfavorable terms (i.e., net 15 when your norm is net 30) may be posing as a dream customer to put one over on you.

5. Continuity: Not all fraudulent acts are one-and-done. Some fraudsters default on the first payment; others may pay within terms the first two or three times to establish credibility, then ask for higher credit limits only to commit fraud after they’ve gained your trust. (But keep in mind, a customer who stops paying isn’t necessarily a case of fraud.) If a company’s status changes and it now poses a risk, you need to know about it to judge this case as well as inform your future decisions. Monitor your customer accounts to get alerted the moment negative conditions are evident as well as understand aging receivables, especially trends. You just might save your company some grief if you flag the account as high-risk to prevent any fraud from occurring. It’s important to maintain a series of checks and proper controls to address and combat business identity theft and business credit fraud. Remember the game is not in your favor, even counting the number of orders that do pay, to make up for the ones that skipped out on the bill.

Combating fraud requires both a proactive and detective approach. The 5Cs of fraud prevention, used by many organizations and offering insight and guidance on how to address and combat fraud, can provide companies with a strategic framework to guide their risk management efforts.

26/08/2018

Burden to buddy: how process mining can turn internal audit into a key partner for CFOs
Data analytics can play an important role in internal audit processes. Bastian Nominacher explores how CFOs can enable this.

by Bastian Nominacher - April 26, 2018
For years, auditors have used interviews and workshops to conduct successful company assessments. However, as more businesses become digitised, CFOs are having to consider more efficient approaches.

In the face of higher expectations for accuracy, they need to realise that big data is changing the way that organisations operate, and internal audit departments can’t afford to be left behind. In practice, this means that auditors need to blend traditional techniques with a more data-led approach. Despite this, PwC’s 2018 State of the Internal Audit Profession study showed that only 14% of audit professionals are advanced in their adoption of technology – clearly there is still progress to be made.

Unrivalled access to the organisation’s data provides internal auditing with a unique opportunity to support CFOs. However, with great power comes great responsibility; as business processes involve greater volumes of information and become more complex, auditors are under pressure to use analytics to turn assets into insights. This means understanding the inner workings of those processes instead of basing audits on a small data sample. But how can internal audit teams capitalise on the wealth of data available – from their own business activities as well as external sources – to increase efficiency and help CFOs understand emerging business risks?

Helping auditors drive business change

Despite the promises of data-driven methods, integrating technology into the audit process has traditionally proved difficult, given that it still relies on obtaining relevant information. However, internal teams should theoretically have the information more readily to hand than external contractors tasked with collating requests from around a business. CFOs have a vital role to play in enabling this access, by encouraging a strategy defined by continuous auditing. Therefore, analytics has become a key facet of internal audit strategy, by freeing up auditors to manage risk more proactively, rather than focusing on data aggregation.

Traditional methods have helped audit teams eliminate many manual errors. However, conducting an audit based on more accurate, real-time information can help streamline approvals, timelines, exceptions and violations in order to improve processes and avoid risks. As more advanced tools such as automated data capture enter the arsenal of the auditor, internal departments can analyse swathes of unstructured data such as contracts and trading information.

Notably, this can help identify fraudulent activity that needs investigating. More generally, it enables a focus on higher risk areas rather than arbitrarily sampling areas of a business. The increasing complexity of the modern business environment, however, requires a still more advanced approach.

It’s all in the process

The technology used in cutting-edge solutions such as process mining use the digital event logs in a company’s existing IT system to create a visual reconstruction of the business processes across an organisation. In the context of auditing, this allows the department to visualise and analyse aspects such as purchase-to-pay, order-to-cash, production and logistics, giving CFOs complete transparency into how these processes are working.

Machine learning and AI algorithms are also playing an increasingly important role in this, by guiding the auditor through the analysis and pointing out compliance issues and inefficiencies along the way. Simply put, the combination of analytics and AI acts like a personal MRI machine, providing unbiased visibility and diagnostics of an organisation’s processes.

This level of advanced analytics can support the internal auditing process from preparation through to reporting, as it helps benchmark process ex*****on to set the right focus for the audit upfront. For example, a system containing a significant volume of un-approved purchase orders can experience real problems in the purchase-to-pay process. As the approval of purchase orders is key from a compliance perspective, visibility over all purchase orders is vital for an efficient auditing department.

Examining processes under a microscope in this way can uncover hidden bottlenecks and reduce compliance costs, as well as the cost of auditing itself. This level of visibility can also help CFOs tackle broader business challenges, such as integrating multiple systems following a merger or acquisition.

Creating a vision for audit

CFOs shouldn’t be afraid to move beyond traditional analytics to transform their internal auditing strategy. Simplifying processes, automating routine tasks, and transforming operations are just the beginning. With the ability to proactively monitor issues that could result in significant business risk, auditors can position themselves as digital leaders within their organisations and become a key strategic partner to financial leadership.

The complexity and rapid evolution of modern business require equally capable solutions. There’s no denying it – big data has transformed the way organisations operate, and finance cannot afford to neglect internal audit departments as other teams innovate. Ultimately, it is the responsibility of the CFO to turbo-charge internal audit and facilitate its empowerment with the best tools to achieve high precision and full process transparency.