New Year is a great time to check your trust accounting processes and controls. Carol Riley, one of Australia’s most experienced trust accountants, gives Leased readers some of her top tips for avoiding Fraud.
Real estate agencies, like most businesses, are not immune to employee fraud. The property management departments of real estate agencies are particularly vulnerable as they often have large numbers of transactions, including rent or bond monies paid to them, sometimes using the dreaded cash! Couple this with some weak procedures or minimal supervision, and you have a door open for potential fraud.
Here are some suggestions for areas of your business where you may wish to review your existing procedures to measure them for their strength in preventing fraud.
Often smaller businesses with fewer, but more trusted, employees are the most at risk. Despite our highly regulated environment, it is sometimes the case that a real estate agent might not always report fraud, with the employee then simply leaving one agency and taking a role at another. Make sure you:
- take the time to thoroughly reference check any new employees
- if possible, perform a police check for all roles, not just those that may require it as part of licensing, for example Victorian Agents Representatives
- ensure you have a documented procedure that includes segregation of duties where possible, and at the very least someone to authorise or check another employees work
- are alert for signs of control weaknesses or failures in your procedures and take immediate action to plug them. One simple example is cash monies not banked because they were left in the safe overnight or, accidentally taken home, or purposely taken home for safekeeping. While this example in itself is not evidence that fraud has occurred, it is an indication that control weaknesses exist, and procedures should be immediately reviewed and tightened up.
ACCEPTING AND LODGING BONDS
Bond processing can be an area with a high risk of costly fraud, so use this as a checklist for best practice in accepting and lodging bonds:
- Never accept or request bonds paid in cash. Ensure your documentation supports this
- In states where allowed, have tenants make their cheques in favour of the States Bond Authority
- Ensure your bond lodgment procedure is strong, and that it involves more than one person. Ensure that each new tenancy firstly has their bond lodged and secondly it is lodged for the correct property address
- Record all bond numbers, preferably in your property management software
- Ensure your bond claim process involves more than one person, and that verification of the tenant vacating is produced, and the correct property address and tenant is used
- Ensure valid supplier invoices are produced for every bond claim
- Perform a bond audit at least every year; preferably more often. This involves requesting or printing a report from your state’s bond authority, and matching them to the bond number data held by you, usually in your property management software. If you can obtain both sets of data in Excel format, a simple data match can reveal any discrepancies.
ACCEPTING AND RECEIPTING CASH
The handling of cash is a key area of fraud risk in any business. Where at all possible, refuse to accept cash from tenants.
It is also possible for rent payments made directly into your trust account to be allocated to incorrect ledgers, either deliberately to cover existing fraud or inadvertently by a simple mistake.
Provide tenants with payment methods that do not involve individual processing by agency staff, e.g. B-Pay or any of the rent card solutions available. The details of these payments are provided in a single file, and again with strong procedures around file processing this is a further step to preventing fraud.
If cash must be accepted:
- ensure that all cash monies are receipted directly into your property management software. Minimising the use of Interim Receipt books is a fraud prevention basic
- have strong procedures in place to ensure that at least two people are involved in the receipting and banking of cash
- be alert for any banking discrepancies reported, in particular shortfalls, or any missing cash as detailed above
- Thoroughly check arrears. Sometimes the first indicator of missing cash is when tenants fall behind in their rent.
CHANGING BANKING DETAILS
Owners and suppliers who accept EFT payments will have an initial set-up of their EFT details, and they will also occasionally change them.
- Always have banking details provided in writing
- Ensure there is more than one person involved in your procedure for adding or changing banking details. If possible, have the second person verify the details directly with the owner or supplier
- If possible, restrict the number of employees who have access to change banking details.
- If possible, have an audit trail or similar report from your property management software to show changes to these fields and check it at least monthly.
SUPPLIERS & INVOICE APPROVALS
Payments to fictitious suppliers can be a key fraud risk.
- Ensure that you have a strong procedure for supplier approvals, and that at least two people are involved. All supplier details should be thoroughly reviewed and verified by the second person, including details such as ABN and EFT details.
- Where possible avoid using family or friends as suppliers. If you decide to use them, make sure that the employee who introduced them keeps an arms length from any transactions, where possible.
- Ensure that your procedure for issuing jobs and approving invoices involves more than one person and those duties are segregated. For example, one person may order the work from a supplier, and another person may check and approve the invoice from the supplier. The second person may even contact the supplier or the tenant to verify the extent of the works performed. A third person may make the payment by EFT to the suppliers’ verified account.
All payments should be made using dual authority. In most States, this is a Legislative requirement. What it means is that every cheque is signed by two signatures, and two separate users each with a confidential password verify every EFT file.
Surprisingly, in some agencies, the Licensee will insist on signing every cheque that goes out the door, but will allow one of their employees to hold two passwords for the immediate transfer of the larger EFT files.
- Never allow one individual to hold two passwords to banking software for electronic transfer (EFT) of files. Never.
- If possible, the Licensee should be the second authoriser on all EFT files
- EFT files should be authorised only after reviewing the supporting documentation
- The Licensee should be one of the signatories on all Trust Account cheques issued
It is important that a Licensee not only reviews the bank reconciliation to ensure that it balances – but also to check the reports that support the bank reconciliation match. For example, one report will usually be unpresented cheques, check that this report has been produced and that the balances on the report match to the balances on the Bank Reconciliation. There will be between four and six reports to support the bank reconciliation, depending on which trust accounting software is in use.
- Check that there are no large balances being held within the trust account in any individual ledger.
- Check the balances and transactions in any “unidentified monies” or “suspense” accounts and ensure they are researched and cleared promptly.
- Check the Journals report to ensure all Journals made were properly authorised and that at least two people are involved in the procedure to create and process Journals.
- Spot check 6 to 12 individual Sales ledgers each month to verify transactions.
After you have taken every possible step to minimise your risk of fraud – the final step is to make sure you have adequate insurance cover!Fidelity Insurance cover can be obtained from most insurance companies. Talk to your insurance broker to get professional advice about your individual insurance needs.