Law firms, with their collaborative and trusting environment, may be more vulnerable to fraud than other businesses. Establishing internal controls might appear unnecessary among legal professionals. However, this complacency can be taken advantage of by occupational thieves.

The accounting department of a law firm, including payroll and accounts payable and receivable, is especially at risk. To protect against financial loss and potential public embarrassment, hiring a CPA to help you implement these five fundamental controls, at a minimum, is a wise decision:

1. Screen employees. Require all job applicants, regardless of position, to complete an employment application with written consent for your firm to verify the provided information. Then, contact references and conduct background checks (or hire a service to do so). These checks review criminal and court records, access applicants’ credit reports and driving records, and verify their Social Security numbers.

2. Use fraud-resistant documents and SharePoint sites. The design of financial documents can help ensure proper transaction authorization, complete transaction histories, and adherence to other control elements. For example, use prenumbered payment vouchers that a designated partner must approve and have your CPA reconcile these at month-end.

3. Require authorization. Authorization procedures can prevent unauthorized transactions. In the example above, the designated partner is the authorizing party. This control is effective because the partner knows what transactions are and how they relate to your firm’s clients. Similarly, restrict access by maintaining current signature cards at your bank and by protecting accounting and billing systems with strong passwords.

4. Segregate duties. Some smaller firms assign one person to open mail, make bank deposits, record book entries, and reconcile monthly bank statements. In such a setup, fraud is not only possible — it is likely. It is crucial that your firm distribute these tasks among two or more people and, ideally utilize a CPA Firm for these tasks.

5. Provide independent oversight. A designated partner should open all bank statements. Even if the partner does not review every item individually, employees will understand that transactions will be verified. Someone outside the accounting department, such as your firm’s CPA, might also review transactions as they are processed and financial statements at the end of accounting cycle reconciliations.

Even if your firm feels like family, you need to minimize fraud opportunities by strengthening internal controls. If you are unsure if your policies are adequate, or if you have experienced a fraud incident, contact us.

Remember, the fraud triangle is a framework used to explain the reason behind an individual’s decision to commit fraud.

• The fraud triangle consists of three components: (1) Opportunity, (2) Incentive, and (3) Rationalization.

I strongly suggest you hire an independent, 3rd party CPA to assess your firm's risk of having a so-called fraud triangle as well as a game-plan to eradicate the 3 components.