Owners Will Sleep Better With These Internal Controls

Sep 5, 2013

PC Security - freedigital“Internal Controls” are an organization’s structure of work and authority flows, people and management information systems, designed to help the organization accomplish specific goals, and which provide a foundation for preventing and detecting fraud and protecting the organization’s resources.

In the search business our primary assets are: cash, accounts receivable, database, client base, and our people. Internal controls around each of these assets will allow you to sleep at night. Without them or other similar controls you are at risk.

Our cash is going to mostly be held in our checking and savings accounts. As such, the primary control is to ensure limited access to those accounts. Where necessary, make sure any authority to sign checks is NOT combined with the activity of reconciling the account or receiving the monthly bank statements. Segregation of these duties will allow any fraud or theft to be detected. Also:

  • Close out the books timely on a monthly basis;
  • Reconcile all cash accounts to the bank statements when they come in.

Accounts receivable can be a significant asset in a search firm, and as an owner you may take for granted they are safe. Because of the potential dollar amounts involved, I recommend you have specific procedures in place to ensure accounts receivable are both valid and safe. “Fake” placements to stay on payroll is just like stealing the accounts receivable itself, and remember, employees desperate of a deal will do just about anything.

Protect Your Valuables

Here are some suggested activities to protect your receivables:

  • Dual attended closing calls;
  • Centralized production of invoicing other than the producer;
  • Centralized collections of Invoices other than the producer;
  • Courtesy calls to the client; you must be the one to say thank you and check on their satisfaction with the service.

One of the primary assets of the search business is the database of clients and candidates developed over time.

After my first year in the business I had an employee leave. I went to their old desk and found piles and piles of leftover notes and information, unusable do to the lack of organization. I threw my one year investment of information in the trash. The next day I came into the office and made one of the best decisions of my career. Every email that came into the house was to be duplicated, one copy going to the employee one to the office manager. I’ve never lost a resume or contact information again. I have also implemented these procedures:

  • Daily server backups of the database;
  • Offsite storage of the backups on a weekly basis (minimum);
  • Limited access to the server and backup tapes;
  • Monitor the amount of printing from each work station;
  • Prevention of offsite printing;
  • Consider providing cell phones (you maintain ownership of the phone number should they ever leave);
  • Valid non-solicit / non-compete employment agreements where legally acceptable.

Within the database is our client base. We can protect our client relationships with some simple procedures. First I would recommend that the office administrator be responsible for creating every service agreement that goes to a client. I would also password protect those sent electronically to ensure changes don’t go unnoticed. As we hire and grow we must be able to control what terms are being sent to our clients and to make sure our firm’s name and contact information goes on those agreements. Also, make sure you:

  • Make courtesy calls to the clients on every placement;
  • Make client visits with your employee when appropriate;
  • Dual attend closing calls.

Employee Restriction

Our people are at risk. At some point you will lose employees, after all that is our business — career transition. What could be worse is when one leaves and tries to take others with them. We can help put roadblocks up to prevent that:

  • Restrictive covenants within the employment agreement prohibiting opening a search business within ___ (number of miles) of your office;
  • Include non-solicit wording to prohibit the solicitation of other employees where legally allowed;
  • Long-term incentive plans with vesting periods over multiple years;
  • Provide services and benefits to your employees difficult to replicate by a start-up;
  • Valid non-solicit / non-compete employment agreements where legally acceptable;
  • Watch for and monitor unusual behavior including unusual billing activity.

The above recommended practices and procedures are not all inclusive, but I hope I have you thinking about your procedures. The trick is to maintain control without the procedure or practice becoming too burdensome. Obviously there should always be a cost – analyze the risk when implementing internal controls. But now is the time to implement controls. Our firms are about to start growing even more rapidly and it’s best to teach new dogs these tricks from their start dates. Good luck and enjoy sleeping more soundly.

Image courtesy Stuart Miles /