How to protect yourself from business fraud - Katalyst Cloud & Business Services, specialists in Xero and WorkflowMax

What can Business Fraud mean to an SME?

SME’s are very vulnerable when it comes to business fraud. Small losses can result in crippling cash shortfalls as well as losses in productivity, stock, reputation and even the loss of the business itself.

With the high trust level given to staff in small teams, there are often few controls in place that give even basic protection.

I was told a disturbing statistic at the New Zealand Bookkeepers Association Conference:

  • 1 out of every 10 employees would never steal
  • 8 out of 10 would take advantage if an opportunity arose
  • The other 1 would take anything that wasn’t nailed down

The Fraud Triangle

The business fraud triangle

Gambling, drugs and other financial pressures are the main motivators for otherwise good staff taking the step towards committing business fraud.

Can your systems be manipulated in a way that’s not obvious? Do you have tight controls on stock and company resources? Are you making it too easy to take an advantage?

Staff who would never shop lift, or steal a car – and would be horrified on your behalf if yours was broken into, somehow justify to themselves that stealing from work is ok.

Reduce the risk of business fraud

Rational Justification

“I’ll pay it back” – They might start with a little that they intend to pay back, but it soon escalates to being out of control. Overwhelming debt can drive people to make bad decisions.

“Everyone does it” – If prolific, you can get ‘group think’. Other staff take product home from work, so they might as well do it too.

“Why shouldn’t I take it?” – If staff perceive that the business owners are dishonest, then they use it as justification.

“They need to share it around” or “I work hard and they don’t pay me enough” – It’s easy for employees to overlook the businesses expenses and debt and assume that business owners have lots of money.

Early warning signs of business fraud

Your business is the main tell-tale sign – is it performing as well as it should? Are you able to benchmark your performance against others in your industry to see where you rank?

Staff who don’t/or won’t take time off
This can indicate they are ‘managing’ the information you see, they bight be exposed if they take time off. Maybe they paid themselves instead of a supplier, that supplier might phone looking for their payment, or, the supplier invoice might turn up in the inbox with overdue stamped on it.

You ask for up-to-date reports and there is always an excuse, why they aren’t ready or why the accounts don’t balance, or the information simply doesn’t make sense.

Your previously perfect staff member might have fallen on hard times, be going through a break-up or break-down and you might keep giving them leeway?

  • Do you find you are the one making excuses for their behaviour?
  • Are other staff trying to tell you something?

The best way to punish the good is to reward the bad.

This means, that you shouldn’t ignore what other staff are trying to tell you, or they might as well sink in their standards too.

Lack of skill
It could be your staff member simply lacks the skill required to do their job and they are going around in circles trying to cover up their inadequacies. Are they making the progress you expected? Are you getting the results you expected? I heard once that if you have a great employee leave, it can take 6 month before cracks begin to show if they new hire is not up to par.

  • Do they need extra support and training?
  • Do staff manuals show how performance is tested and measured?

How to prevent business fraud and general dumbness…

This is in no way an exhaustive list, but is a good place to start.


Banking and Cash

  • As the business owner, be the authoriser for all bank payments
  • Be conscious of what you are paying
  • If you are using batch payments in Xero, the batch bypasses your bank payee library
    • With Xero you can restrict the ability for staff to edit bank details.
  • Do you take cash? Split roles, the person taking the cash, shouldn’t be the one banking it.
    • What controls do you have in place to detect and manage cash payments?

Fictitious supplier bills

  • Using Xero Files, you can run a paperless business, the source document can be attached to the bill in Xero. If you don’t recognise the supplier, review the invoice and investigate it
  • Keep in mind, an invoice can be easily faked, and so can a website and email address that helps make it look real

Supplier bank details

  • Staff can swap out the supplier bank details with their own, so they get paid instead of the supplier
  • Keep in touch with your suppliers and collect the mail/check the office email now and again to check for overdue bills

Credit Notes

  • The oldest trick in the book is to sell something, credit it, and pocket the cash
  • With Xero It is super easy to see what credit notes were created, when and by whom


  •  The ‘statement’ balance on the Xero Dashboard should equal your online banking balance from last night
    • There are ways to confirm that a genuine bank feed has been used, or if a manual import was done
  • On the Dashboard, click on Manage, click Reconciliation Report – there shouldn’t be any transactions that are in a closed GST period, or any balance errors at the bottom of the report
    • Go to Settings, General Settings, Financial Settings to set period and year end lock dates, this prevents users entering or altering ‘closed’ periods. These dates should be locked when running GST by default
    • You can set the privileges for Xero users so they can’t alter lock dates
  • Keep on eye on the Suspense account and General Expenses account – both can be dumping grounds
  • Select the Accounts tab, then Sales/Purchases, click See All. Click Search, and then tick the box for Include Deleted and Voided – this can be interesting.


  • Go to the Accounts tab in the Command Centre, select Reconcile Accounts and pick the main cheque account, then others. What date is entered there? How long ago was the account reconciled? It should be no later than the end of the last GST period
    • Enter the real bank balance at the date last reconciled, this should = $0
    • Set lock dates, under preferences

Lack of Skill

  • Debtors control is a huge issue if not given the right priority. It should be the number one priority in your bookkeepers/accounts person’s mind
    • Have weekly meetings or discussions with your bookkeeper to find out how your debtors are looking, who hasn’t paid, why and what is being done about it. Make sure they are following up late payers promptly
    • One issue we uncovered for a client was that the staff were being paid for 0.5 of an hour, but the client was being charge 0.3 of an hour. Their accounts person didn’t realise the payroll system used minutes and job system used decimal. So entering 0.3 in the payroll system was 30 minutes, but in the job system, it was 18 minutes.
      o Watch decimal vs minutes, ensure your team are conscious of the difference and are trained appropriately

Paying for unproductive staff is as troublesome as theft. As Lisa Mackay from HRtoolkit says – “10 minutes a day = 40 hours in a year”


Ghost Employees

  • Do you know everyone on your team? Small businesses might not suffer this one too often, but once you start growing and stepping back a little, it can be hard to keep track.
    • Check payroll records against employment and induction records
    • Check timesheet software against your payroll data
      • Can your job management software and payroll software be controlled by different staff members – therefore splitting roles and adding a layer of protection


Sales Rep’s Stock

  • How often do you check the inventory in reps cars?
    • Stock should be charged to a Rep’s account, like it is to a client. When stock is returned, it is credited. If stock is not accounted for in a random stock take, then they should be charged for it personally.

Warehouse Stock

  • Do you have regular stock takes and who controls them?
  • Do you have motion detector cameras in place?

Company Resources

  • Staff use of motor vehicles should be managed also – this can have accounting and tax implications if not managed correctly.
    Can your staff member be taking jobs on the sly and using your companies resources to complete them? Maybe working weekends or afterhours to service your clients with your gear, and keeping the money?


Kick Backs

  • Do any of your team have particularly close relationships with suppliers – are they getting back handers, or goods supplied to them for free, that you are ultimately paying for?
    • Check invoices randomly, where is the stock/who was the consultant and what job did it go on. Was it on-charged?

How would you, rip yourself off? It’s kind of like trying to break into your own house:

Yes, that rickety deck chair leading against the house will give you the foot hold required to get to the bathroom window…

Real Life Examples of Business Fraud

A great example of a fraudster is Stephen Versalko from ASB. He was quiet, hard working and certainly not considered as a threat. The total he got was $18 million; all he got was six years. On a SME level, you have all sorts of people with P habits, gambling problems; it starts with small amounts and quickly gets out of control.

Jenny, the wife of the business owner got cancer, they asked their friend’s wife, Sue, to cover the bookkeeping function while Jenny was off trying to get better. They didn’t realise that Sue had a gambling problem and had taken around $50k out of the business over a number of months. She had never set out to steal, but her gambling had gotten out of hand. This was someone well know to them on a personal level.

Joe, an existing acquaintance of Sally, the business owner offered to invest some funds, only condition was that Sally had to use Joe’s accountant. Joe and his accountant invented loan documents, saying the Sally owed them money, not to mention all sorts of other dodgy dealings, the business couldn’t be saved and the Sally has had bankruptcy served. Also, the accountant phoned Sally’s bank and said she was no longer capable of decision-making and so the bank refused to deal with Sally when she finally phoned to find out what was happening.

Bob, the owner, was told by many of his staff that they were concerned with the accounts person, Jean. Bob kept making excuses for Jean, she had a breakup and her ex-partner was
abusive. Ultimately she took $78k from the business account. Jean was lovely, but she also had a P addiction.

We can discretely check some key areas in Xero to identify possible problem areas, and we can do a much more in-depth search for issues. But, we can only do so much, if you think you need to call out the big guns, you can use a company like Rodgers Reidy who are expert Forensic Accountants.

Shopping Cart
Scroll to Top