How to Protect Yourself from Employees Who Steal
Unfortunately, it happens. There’s an old saying in retail that goes:
- 10% of employees will always steal from you
- 10% of employees will never steal from you
- 80% of employees might steal from you if they have the opportunity
I’d rather think that 80% will never steal from you and 10% may if the opportunity arises. In any case, by reducing opportunities for people to steal you increase the chances of catching those that do the wrong thing and discourage others from trying.
It’s not only money that employees can steal from you. They can also steal stock, time, intellectual property, clients. Let’s look at some real situations and how you can avoid them in your business.
Detecting Problems, Mistakes and/or Fraud
Making mistakes is not a crime but not detecting these mistakes can have catastrophic consequences for your business. You should always perform the “smell test” – it something doesn’t smell or sound right, then investigate.
Often, fraud is committed by an employee who is operating right under the owner’s nose. Often the fraud occurs over a long period of time before it is detected, if it is detected at all.
What to Look For?
Detecting fraud or mistakes is not easy and requires a strategic plan to go looking for these potential mistakes or fraudulent acts. Here’s some ways you can pick up mistakes or fraud.
Ways to detect mistakes
- Compare supporting reports to Balance Sheet – receivables, stock, payables, payroll
- Compare sales reports to income
- Compare banking reports to Cash Drawer and EFTPOS accounts
- Reconcile bank accounts, Cash Drawer and EFTPOS at least monthly
- Reconcile customer deposits, especially if paid in cash
- Inspect general ledger detail for any accounts with out of balance amounts or unusual balances
- Check sales discounts, rebates, settlement discounts and refunds are valid.
Ways to detect fraud
- Unusual behaviour
- Missing and/or unreconciled deposits
- Excessive voided sales invoices
- Post office boxes as shipping addresses
- Excessive credit notes
- Excessive write off bad debts
- Excessive purchases
- Duplicate payments
- Ghost employees
- Stock shortages
- Employee overtime
- Check cash handling process
Fraud Examples & Strategies to Put in Place
Let’s look at some fraudulent examples and some strategies you can put in place to alleviate fraud.
An employee had extensive dealings with the business owner’s clients. She spoke directly with a client and secured a full time position with that client. Although not fraud, this had a financial impact on the business to the tune of approximately $50,000 per annum.
People play a critical role in all business processes and most can be trusted. However, there are a few that are tempted due to possible gambling, financial pressure, family issues, or they’re just unethical and only interested in themselves.
As much as a business has the utmost confidence in their people it’s still important to ensure that two people are involved in all tasks involving financials. The fraud situations outlined below were trusted employees by business owners.
Strategy for People Management
- Ask who is responsible for each task of the business
- Ask who reports to whom
- Ask who has access to what features of accounting software
- Involve two people in financial processes (especially with cash and making payments)
- Check accountability process of senior people (directors and managers aren’t exempt from fraudulent acts)
- Outline in the financial policy the hierarchy of management and reporting
- Have documented procedures
- Have employee contract and confidentiality agreements
An employee joined a business straight out of school. The person was in charge of reception and invoicing customers. The owner had sometimes queried the lack of cash banking, and the employee always said that people weren’t paying by cash now, but all electronically. The business owner accepted this until one day a customer tried to pay him a large sum of cash directly. The owner said to give to the receptionist for banking. Later when querying the receptionist about the banking, he was told there was no cash to bank. Over ten years the receptionist had been pocketing all the cash and adjusting or deleting invoices to cover her tracks – to the tune of over $100,000!
Strategy for Banking Management
- Cash is always tempting
- Ask who is handling the cash, what processes are in place for cash reconciliation
- Segregate responsibilities – the person who reconciles the daily till is not the same person who banks the money
- Review expected outcomes of money received
- Check regular payments from bank and ensure bank details are correct
- Benchmark from previous banking patterns (look at weeks / months / years as appropriate)
- Involve the business owner in any cash transactions
- Check the Balance Sheet against relevant bank account statements
Areas of payroll have significant privacy and security issues. The use of an employee’s TFN or bank details can have catastrophic consequences for the employee if misused. A trust between business owner and payroll officer is imperative and both parties should be across the employer obligations and payroll requirements for paying people.
An employee had been with a company for several years and worked in a previous business with several of her current colleagues, so she was well known and trusted. She routinely went on business related events that required travel interstate and overseas. She would submit expense claims to the CFO for approval, and because he knew and trusted her, he was not in the habit of checking all the documentation, the validity of the claim or whether the travel had in fact taken place She would then go to the accounts person for reimbursement, which was either in excess of the actual claim or a totally fabricated claim. This went on for some time before it was accidentally learned that she had been pursued by a former employer for embezzlement of funds, at which point the company investigated and discovered the fraud.
Strategy for Payroll Management
- Check payroll cycle and number of employees
- Check no additional ‘dummy’ employees have been added
- Check split bank accounts for employees
- Check employee advances are paid back
- Check hours on timesheet (unauthorised hours on timesheets is common)
- Who is responsible for changing Award rates?
- Secure TFN information
- Secure bank details
- Employee reimbursements require supporting receipts and management approval
- Implement a Business Payroll Management Procedure
- Involve the business owner in any payments made from the bank
- Involve the business owner in staff requests for leave, reimbursement, overtime, advances, etc.
Employee had full access to banking and authority to pay suppliers. The suppliers invoices were paid in full but the employee would add a little extra to each bill, and the payment was split between two accounts. The supplier would be paid in full and she would also receive her amount. The supplier entries in the software were changed to reflect the actual amount paid, and presumably the owner never saw an original supplier invoice nor thought to check the invoices against the bank. This went on for years and amounted to over $300,000!
Strategy for Suppliers Management
- Check suppliers for duplicate cards with different bank details
- Check suppliers with split bank accounts for payment
- Check suppliers payment cycle and ad-hoc payments throughout the month
- Check ABN in ABN Lookup (checking for invalid ABN)
- Check process to review supplier statements – are there additional invoices being added?
- Check purchase orders and pre-payments made to orders
- Involve business owner in any payments made from the bank
Employee was sending out sales invoices, some of which had been altered – the invoice for the business actually had her own banking details on the invoice. The owner of course wanted to chase up the customers for payments and instructed the employee to send out statements for all the unpaid accounts, which she always said she did. Eventually the business owner sent the statements himself and of course had customers replying that they had paid and provided proof of payment – except that the payment had gone elsewhere. This went on for years before it was picked up and the fraud was over $500,000!
Strategy for Customer Management
- Check outstanding customer invoices
- Check customer terms
- Check frequency of producing statements
- Implement controls at end stage of the invoicing and receipt process
- Segregate duties – one person to invoice, another to send statements, another to receipt payments
- Implement and follow a debt collection policy
- Regularly review outstanding invoices
- Check sales discounts, rebates, refunds and settlement discounts are valid
Employee had hired a shed and was siphoning off stock from the owner and sending it to her shed. She then sold those goods for full profit. This went on for years before it was detected, because stocktake was not done and the owner had no insight into what he was buying vs what he was selling.
Strategy for Stock Management
- Check stock levels regularly
- Who has access to stock?
- Frequency of stocktake
- Review process of missing stock
- Check items list in accounting software matches real stock (and stocktake software if used)
- Check stock write offs to promotion, marketing, samples, obsolete stock, research and development are valid
The resounding similarity between all of these situations is the business owner was very trusting. Yes, it’s important to have trust in your employees otherwise you’d be forever micro managing, and probably burn out due to the stress. But do have systems in place to protect yourself. You need to go looking. Develop systems and procedures, and review them regularly.
- Perform regular review of Balance Sheet and Profit & Loss
- Compare bank, debtors and creditors to ‘same time’ last year
- Review Gross Profit margin as budgeted to compare to actual gross profit margin
In summary, it’s imperative that every business has a Policy for Financial Control that all staff can follow. Don’t be complacent. Key points to remember are:
- Who has access to what
- Track users actions
- Build in ‘authority controls’ for making payments
- Reconcile suppliers and bank statements regularly
- Segregate duties when cash is involved
- Review Balance Sheet and Profit & Loss regularly
- Compare with prior years
- Build Financial and Payroll Policies