Many small businesses do not think they are vulnerable to cyber crime and employee theft (sometimes the 2 go hand in hand). Below are some of the reasons for compliancy and the attitude “it can’t happen to me”:
- My business isn’t big enough for hackers to bother – since most small businesses lack proper controls over security of data they are easy targets.
- I can’t afford to invest in expensive internal controls. I’m so involved with my business I’d know right away if something was wrong and internal controls don’t apply since I have so few employee’s.
- I trust all my employee’s because they are family and/or friends.
Let’s go through each of the above –
#1 is a fallacy since most small businesses are easier targets than their larger counterparts.
#2 is most unfortunate as 1 incident of theft can bring down a business. Such incidents are really bad PR. Current customer’s will lose confidence that the business is properly managed. Loss of cash flow from the theft itself and the reduced customer base. The first is immediate the latter subtler but can creep up over time.
#3 It’s the opportunity that creates the temptation. Time and time again the assumption that you can trust your family and friends has proven false. In addition to theft costly mistakes made by “trusted” family and friends can wreak havoc over time if not detected and corrected. Even the most trusted employee can get into financial trouble and if given the opportunity (they see no controls in place for theft or mistakes to be detected) they take advantage.
What’s the solution without breaking the bank.
#1 If you are really serious about your business you need to invest in proper data security. Ask an IT professional for some alternatives some of which you will find are surprisingly affordable.
#2&3 Some solutions are surprisingly simple and affordable. For example, if the same employee handles receivables (cash collections, invoicing, etc.) payables AND reconciles the monthly bank/credit card statements (reconciliation monthly is critical and many don’t bother) the opportunity exists for theft and mistakes to go undetected. If hiring another employee isn’t feasible or doesn’t make sense; review the bank/credit card reconciliations each month. Review your accounting records for accuracy and discrepancies, trends that don’t make sense, etc. The last step assumes your accounting records are accurate to provide the necessary information. An incorrect/inefficient set-up can create the false impression things are going better (or worse) than you thought. Speak with your accountant about alternatives to tighten up your internal controls. Most of us can recommend solutions that will fit your business. If your accountant can’t assist you with this find another one who can!
For most of us who own a small business this is our livelihood. The income pays the bills (or it should) and will be one of our main retirement assets if managed properly. Why not protect it as you would any other asset?
