Cash Flow & Forecasting Finance Insolvency Turnaround

Sharp rise in personal insolvencies in 2018 – what might it mean for your SME?

Personal insolvencies - counting the penniesClearly many individuals are finding it hard to cope with rising prices, low wages and ongoing austerity given the latest personal insolvency figures published by the Insolvency Service this week.
Personal insolvencies in 2018 totalled 115,299, a 16.2% rise on 2017 and the highest level since 2011, according to the Insolvency Service.  The majority of these were IVAs (Individual Voluntary Arrangements) which hit 71,034, a record level and an increase of 19.9% on 2017.
Company insolvencies also continued to rise; at 16,090 in 2018 they were their highest level since 2014. The majority, 63.9%, were CVLs (Creditors Voluntary Liquidations).
The top three business sectors for insolvencies were construction, wholesale and retail trade, accommodation and food services.

What does the rise in personal insolvencies mean for SMEs?

The knock on effect of personal insolvencies is consumers reining back on their spending, as they have clearly been doing for some time and most noticeably for retail over the Christmas period. Other types of business will also be impacted.
Given the dire warnings about prices depending on the outcome of Brexit, consumers’ confidence is looking unlikely to improve any time soon.  This is not helped by the week’s announcement by Tesco of a possible cut of 9,000 jobs and worries in parts of the country about the future of employment such as in the automotive industry and for SMEs within its supply chain.
It is also likely that the changes in retailing will continue with more High Street shops closing.
For SMEs, especially those dependent on consumer spending, the likelihood is that they will have to not only scrupulously manage their cash flow and planning but also ensure their invoices are paid on time. They may also be well advised to strengthen their marketing initiatives and those “extra services” that serve small, independent businesses so well by retaining loyal customers.
In these difficult circumstances, to borrow a well-known phrase, “every little helps”.

Finance General Uncategorized

Use the Fraud Triangle to understand Business Fraud

is your company vulnerable to business fraudBusiness fraud can do massive damage to a SME, not only financially but also to its reputation. It can be defined as a knowing and wilful act of dishonesty by a perpetrator designed to bring them some benefit, usually financial.
Perpetrators can be customers, suppliers, employees, contractors and, of course, the various email and internet-based attempts to extract money or information, such as its database of customers, from a company by activities generally known as phishing and hacking.

What is the Fraud Triangle?

The Cressey Fraud Triangle was devised by American criminologist Donald Cressey and explained the three factors that need to be present to make a business vulnerable to fraud: Opportunity, Pressure and Rationalisation.
Opportunity is about weaknesses in your business processes that lead a potential fraudster to believe there is a low risk of being caught.
Pressure can come from such things as a financial or emotional source, such as debt, a gambling habit, addictions, or overwhelming bills, or perhaps a sense of injustice in the perpetrator, such as an employee who does not believe they are treated fairly.
Rationalisation is about the perpetrator finding justifications for their fraudulent behaviour such as “just borrowing” money or items for a short time, or that it is acceptable to take money from a big corporation.

Use the Fraud Triangle to protect your SME from business fraud

You can use the Fraud Triangle as a tool to establish whether, and where, your SME may be vulnerable to business fraud and to then establish protocols to minimise the risk.
The elements needed for your business to minimise the risk of business fraud are not only about personal behaviour but also about separating various functions – who is responsible for carrying out various elements of the business process. It is not uncommon in a small business for people to have to multi-task, but wherever possible tasks should be separated and assigned to different people and especially those that relate to money.
For example, having a single person responsible for administration, book keeping, order processing and invoicing, or to have the same person responsible for managing accounts payable and accounts receivable will make your business vulnerable to fraud.
A business fraud protocol is also about defining expectations for excellent record keeping and checking mechanisms and making it clear that should be actually acted upon, not simply written down somewhere.
Once clear guidelines are set about how people are expected to behave and are provided in writing to everyone in the business, you should also require a written signature to ensure they have been read, understood and accepted.
If a fraud is subsequently identified the perpetrator will not be able to rely on the defence that they were not informed that such action was a problem.
You should be alert to any “alarm bells”, such as a change in a person’s behaviour where they have otherwise seemed to be reliable. This can include misplacing files, regularly working late, paying undue attention to a specific customer, never taking holidays or owed time off and refusing help with projects.
You should also have a system of checks in place, this isn’t about reconciling the pennies but monitoring and regularly checking cash payments and receipts, purchase orders, invoices, discounts, credit notes and write-offs, and using ratios to track margins and trends.
Having a business fraud protocol is not enough on its own.  You should also build regular scrutiny of records and transactions into your business processes.

Business Development & Marketing General

Are we being naïve about the powers of technology?

stormclouds over the power of technologyThere is no doubt that using various IT systems offers scope for huge time savings and efficiencies but at what cost and how do you cope with the expectations of technology that many companies and users are not familiar with, not least about its performance and reliability?
There seems to be an ever-growing list of IT failures and meltdowns. They include the problems TSB has had in installing its new system, which locked people out of their bank accounts, made several thousands vulnerable to their accounts being hacked and money stolen and, it seems, have still not been completely resolved eight weeks later.
Then the VISA payment system failed for a day, making it impossible for customers to pay for purchases in countless shops.  The London Stock Exchange recently had to open an hour late “due to a technical issue” and, as I recently reported the Government’s business rates appeal website has been castigated by SMEs as being less than user-friendly. Those are just examples from this year.
It is not uncommon for Government-commissioned websites to go way over budget or to be delayed, such as the roll-out of Making Tax Digital, parts of which will not now be implemented for several more years.
Yet we are constantly being advised, or even pushed, into using technology and in many cases businesses cannot function without it.

How much should SMEs rely on the powers of technology?

It is all very well for banks to be closing rural branches and encouraging everyone to bank online, but this can be frustrating, time consuming and therefore costly for the rurally-based SME in a location where the broadband service is less than reliable.
Indeed, the FCA has just revealed research findings that consumers in rural areas of the UK are far less likely to use their smartphones for banking than their urban counterparts, largely due to patchy mobile and broadband coverage.
In a recent Guardian Article James Bridle argues that “We have come to believe that everything is computable and can be resolved by the application of new technologies” about which he says we understand less and less.
He cites the example of the Cloud, which we use for working in and for storing often crucial business information.
As he says: “the cloud is not some magical faraway place” but actually a “physical infrastructure consisting of phone lines, fibre optics, satellites, cables on the ocean floor, and vast warehouses filled with computers”.
Any physical infrastructure is likely to have vulnerabilities and weaknesses, and this is something that you should take into account when developing IT systems for your business.
Essentially this means that wherever possible you should get the best possible advice when choosing any system to install, taking into account your location and the reliability of the infrastructure.
You should ask questions about its capabilities, and above all you should both understand the limitations of the powers of technology and should always have data back-ups, whether it be paper records or external and locally-based hard drives to avoid your business being unable to function in case of a failure.
You should also have fall-backs if the system is down but I shall deal with business continuity in another blog.
Ultimately the powers of technology are huge but exploiting them requires vision, reorganisation, planning, training and considerable investment.

Finance General

Does your business have robust cyber security?

cyber securityRansomware attacks are a lucrative market that have netted cyber thieves an estimated £19 million in the last two years, according to Google research. I am sure the real figure is much larger.
Cyber-security company Malwarebytes researched more than 1000 businesses in US, UK, France, Germany, Australia and Singapore, and found that UK businesses are the worst at dealing with ransomware with almost 20% believing they had no chance of preventing a malware attack.
In April 2017, the UK’s Department for Culture, Media and Sport, published the Cyber Security Breaches Survey 2017. It revealed that only 37% of businesses had segregated wireless networks, or any rules around the encryption of personal data and a mere third (33%) had a formal policy that covers cyber security risks. Just 32% documented such risks in business continuity plans, internal audits or risk registers and only 29% have made specific board members responsible for cyber security.
Scary stuff and it’s not going to go away given how lucrative cyber theft can be with an estimated loss of £1,570 to an “average” business and around £20,000 loss to larger companies – not something to be ignored especially in the current difficult UK economic climate.
Not only this but imagine the risk to businesses’ reputation if its system is hacked and its client database is stolen, especially when new and more stringent protections are due next May when EU’s General Data Protection Regulation (GDPR) comes into force.

The elements of a robust cyber security set-up

According to the April Government survey the most common types of breaches are related to staff receiving fraudulent emails (in 72% of cases where firms identified a breach or attack). The next most common related to viruses, spyware and malware (33%), people impersonating the organisation in emails or online (27%) and ransomware (17%).
So, the potential weak spots are therefore people, technology vulnerabilities and processes.
People: lack of communication between teams and lack of training can make a business vulnerable. Reduce risk by making sure everyone is cyber security aware, can identify suspicious communications and regularly updated on the latest scams. Every employee should know how to check the email address of a sender to confirm it is really the same person as named in the sender box. Employers should limit employee access to only those parts of the system and databases relevant to their work and install secure authentication procedures before they can access sensitive data. Ideally data should be encrypted, particularly if using cloud-based storage.
Technology vulnerabilities:  remember the recent WannaCry ransomware attack that decimated UK hospitals still using the Windows XP system? Keeping systems up to date and rigorously installing patches as soon as possible is a must. Open-access Wi-Fi is also foolish, even though many hospitality businesses offer access as a service to customers.  If you do, make sure it is password protected and change the passwords regularly. Also ensure servers are protected by a firewall, usually one in a dedicated computer that doesn’t have any data stored in it so that sniffer ware can’t see data in the computer and can’t access the protected servers.
Processes: security contracted out to third party providers, such as website hosts, can introduce a dangerous complacency, in assuming that security is being taken care of. Make sure you check regularly that updates are carried out promptly and if the company offers remote 24-hour monitoring and backup it is worth paying for.
While it may not be possible to make a business 100% cyber-secure, there is a lot that can be done to minimise the risks.