The sensational frauds surrounding companies such as Enron and WorldCom may be behind us, but the “talk of fraud” endures. Research performed by the Association of Certified Fraud Examiners (ACFE) shows that the typical organization loses 6 percent of its annual revenues due to fraud. The accounting profession and the federal government have responded with acts such as Sarbanes-Oxley and standards such as the AICPA’s Statement on Auditing Standards No. 99. But for many companies, the answer of more accounting, more professionals, and more duties for already overworked employees is not an option.

How can you protect your organization without breaking the bank — or your staff? Below are some ways your organization can decrease its susceptibility to fraud by maximizing your existing resources.

Adhere to a Strict Code of Ethical Conduct — At All Levels

Ensure the rules of conduct apply equally to everyone within the organization. Often, especially in smaller organizations, controls aren’t followed at the higher levels of management. Undesirable conduct can fall into many categories, from circumventing internal controls (e.g., not requiring approvals on certain transactions) to seemingly harmless behaviors such as personal use of the telephone for long distance phone calls or use of company supplies and postage for personal shipments. Employees are keenly aware of upper management’s adherence (or lack thereof) to policies and procedures. Leading by example is an excellent way of showing your workers what conduct is expected.

Good Hiring Practices

Fraud prevention is facilitated by good employees, so ask an outside service to perform background checks on potential candidates. Contact references and verify educational degrees to ensure that the person showing up for work is the same person who looked so good on paper.

Tighten Computer Security

No employee should have access to areas in the system that aren’t part of his or her job responsibilities. Establish security to limit access appropriately.

Search for Red Flags

As part of their normal duties, management should periodically review documents and data to uncover potential warning signs and follow up with the appropriate staff regarding unusual or irregular transactions. This will accomplish two objectives: First, it may enable management to uncover small errors or irregularities before they become big problems. Second, the process will alert employees that you’re watching, which is an important fact that should not be underestimated. Research performed by the ACFE suggests that increasing the perception of detection is the most effective means of deterring fraud.

Make Your Staff Accountable

Remember, many frauds are discovered through tips from other employees. If you can create ownership of responsibility for misconduct, you’ll have many watchdogs in your organization. A great way to empower individuals at all levels of your organization is to create a mechanism, such as an anonymous hotline, to facilitate the reporting of misconduct.

Employ Your Bank’s Fraud Prevention Tools

There are a number of tools offered by banks that can assist in preventing fraud. These include Positive Pay and password-protecting wire transfers.

With Positive Pay, banks will only pay on company checks when the check number, date, and amount have been previously provided to the bank in an electronic transmission submitted by the company. Exception checks will be paid by the bank only with management approval.

Technology is also available at most banks whereby one person has a password/security to set up a wire transfer and another person has a separate password/security to release the funds, all via the Internet.

In addition, make sure you understand your bank’s responsibilities to the company. It’s common for company owners to have a false sense of security because they don’t realize what’s required by the bank. For example, is the bank required to check for dual signers on checks over a certain amount? If you print on the face of the check that it shouldn’t be cashed if it’s over a certain amount, is your bank adhering to these instructions? Is your bank responsible for alerting you to suspicious activity in your account? Who needs to be contacted if another account is opened in your company’s name? Clarify with your bank who has responsibility for the controls you think are in place. This same logic can be applied to investment houses holding a company’s financial assets.

Ongoing Commitment Is Key

It’s crucial to continually think about how to improve your internal control environment and your organization’s ability to detect and deter fraud. Remember, the typical organization loses 6 percent of its annual revenues due to fraud—and that’s typically much more than most organizations can bear.