Small businesses can learn from Sarbanes-Oxley
- Do a risk assessment and analyze opportunities for fraud. Sarbanes-Oxley guidelines address the need for internal controls that specifically target opportunities for fraud. Once potential risk areas are identified and prioritized, build appropriate controls to address them. Professional fraud investigators, such as those employed by Asset Control, Inc. can assist small businesses with the risk assessment process.
- Develop audit steps to ensure that the controls you put in place are functioning. If your company does not have a full-time internal auditor, this responsibility can be outsourced. This is a more effective practice than assigning this function to your bookkeeper or Office Manager.
- Review policies and procedures to make sure that company policy supports a climate of honesty. Have a written code of conduct that employees are required to sign at time of hire and yearly thereafter. Your code of conduct should tie in with your written policies and procedures and both should be consistent your expectations of an ethical work environment. When developing a code of conduct it is best to involve employees from various levels within the organization. By doing this you will achieve a better finished product.
- Conduct background checks and exclusionary list (OFAC) searches on all applicants and current employees. Many employers are still unaware that the law requires an OFAC search on anyone with whom you develop a financial relationship. Employment is a financial relationship.