QuickBooks Fraud Prevention & Detection

QuickBooks is by far the easiest program to use with the most complicated and diverse applications in it that never get used by most business owners. Fraud happens every day and as I have said before, small businesses lose more money every year due to fraud than some of the largest corporations. Individuals who succumb to fraudulent tendencies fail to realize is that QuickBooks software ‘watches’ every step/change made and these actions are traceable.


  • The key to preventing fraud of course is making sure that it is not the same person who handles more than one accounting function in a business. You don’t want the same person who is opening the mail, being the one who sends the checks. You don’t want the same person who can sign checks being the one determining the amounts to put on the checks.
  • Upon setup, QuickBooks allows the business owner to set up users. The owner should always be the Administrator, not the bookkeeper, not the CPA or accountant, but the Administrator. Anyone else using the program can be limited to the parts of the program that they can access by the Admin. Sales persons needing to enter sales can do so, but they don’t need access to the bank account information. Purchasers need to be able to create purchase orders and invoices, but not able to adjust inventory on hand or create checks to pay for invoices. Only the admin should be able to make these adjustments. Name the users of QuickBooks so you know who is doing what and when. This will give you an eagle eye on the security of the QuickBooks transactions.


  • There is a little known feature of QB that is called the Audit Trail. The Audit Trail records any changes made to original transactions, any deletions of invoices, checks, etc. You’ll want to do this when the place is closed or when you have plenty of time because this report can take a very long time to generate. Go to the Reports tab on the menu bar and click on it. Find the Accountant’s Reports and you will see the Audit Trail as one of the options. Click on it and apply the dates you wish to check, (the longer the period of time and more transactions, the longer the report will take) and wait.
  • In the audit trail, if an entry has been altered or deleted there will be two or sometimes three lines for one transaction. The one on the bottom is the original entry, the one(s) above it have been altered or deleted and the report will give what was changed, the payee, the amount, or an account and tell you which user entered the original, which user changed it and the day and time it was done.
  • So how do you tell if it’s fraud or just someone making changes? First, deleting an invoice should rarely be done, if there are a large number of deleted invoices then chances are, your company is not using the Estimates icon. The invoice should only be created when you know for sure a customer is going to go through with the arrangement, if you are using the invoice feature to send estimates, those estimates are posting to your accounts receivable account which should not be done.
  • So how would someone commit fraud by altering an invoice? If the same person that prints the invoices also sends the checks, it is very easy to print the invoice for your approval at $200 or more than what was actually invoiced for. Once you’ve approved what should be a $5000 invoice for $5200, the clerk will change the $5200 to $5000 and send the vendor the right amount, and at the same time issue themselves a check for $200 which would be written off to another account somewhere in the books. The bank reconciliations would always match and no one would be the wiser. This is one reason that you cannot print an invoice without saving it first.
  • Another common method of fraud is altering the payee of existing invoices to benefit the relatives, friends, etc., of the crooked clerk. So an invoice may come in that has been created at home and submitted to you for payment by the person creating the invoice. Or, you may be cutting a check for a legitimate expense only to have the funds redirected to the crooked clerk.
  • You might also be on the lookout for checks being issued for identical amounts, during the same period every week, every month, etc. Sometimes the fraudster will send two checks to the same vendor and call up a day later and ask the vendor to return the check ‘mistakenly’ sent. If the fraudster is the same person who opens the mail, he will take the check and ‘wash it’ and make himself the payee. (If your bookkeeper seems to be continually doing her nails, you smell nail polish remover constantly, your company is at risk as that is what is used to remove ink off of checks) You can catch this by exporting the check detail to Excel and sorting it according to amounts, if you have one or two more checks a month for identical amounts, call your bank and ask for a copy of the cashed checks, front and back. The back of a check tells you which bank cashed it, and often, the name of the person who cashed it as well.
  • If you get your bank statements already opened by your bookkeeper, watch for checks that have cleared but that aren’t placed into the envelope with the statements. Compare your bank register to the images of the checks on the statements and confirm that the person or company you wrote the check to is the actual person or company that cashed the check.