The Fight Against Employee Theft

November 4, 2013 by

Fraud remains a big threat to businesses, and new technologies are creating new ways for employees to embezzle and rip off their company.

“The 2012 Marquet Report on Embezzlement” shows that the number of major embezzlements in the past year is staggering, up 11 percent in 2012 compared with 2011. The average size is also increasing at an alarming rate, $1.4 million in 2012 compared with $750,000 in 2011. This is happening not just to large companies and financial institutions, but also at a variety of Main Street businesses. What qualifies as a major theft depends on the size of the company. A relatively minor theft could be enough to take down a small firm. Firms can help themselves by knowing what to look out for and having a policy that will cover them in case things go wrong.

Fraud is responsible for an average loss of 5 percent of revenues annually across the U.S. economy, according to the Association of Certified Fraud Examiners. Employees across the country are actively stealing from their employers right now. If an employee started to steal from a firm today, on average it would take 18 months for the theft to be discovered. A major embezzlement can go undetected for nearly five years. And it could be even worse. Rita Crundwell was stealing from her employer, the city of Dixon, Ill., for 24 years to fund her show horse business, and she ended up with a whopping $53.74 million. What can companies do to find out if an employee is taking money from the firm?

What to Look Out For

One of the traditional measures to weed out potential damage is the pre-employment criminal background check. But what about a mid-employment background check? If an employee is arrested after being hired, this could be the only way for management to find out. This is how one company found out its employee had been arrested for assault – the employee continued to show up in the office while serving his time on the weekends.

Reference checks are another perennial risk management technique to protect against hiring unsavory characters in the first place. But, sophisticated reference scam websites are now providing anyone (willing to pay the price) with contact numbers where operators will confirm that somebody previously “worked for them” and provide official-looking reference letters. How strong are your background and reference checks? Is your due diligence vendor aware of these scams, and is the vendor taking the required steps to ensure it does not fall prey to such scams?

What You Can Do

There are simple measures to check for fraud before it happens or becomes a habit for employees, starting with some simple data analytics.

Benford’s Law (also known as the First-Digit Law) has shown a normal distribution of the first digit in any data set. Any particular figure will start with 9 about 5 percent of the time, but is six times more likely to start with 1 (30 percent of the time). Reviewing financials with this in mind can help spot irregular figures in vendor payments.

In a case recently where an employee was writing checks to cash or himself, every one of the checks was for a round figure ($25,000, $500, etc.). Data analytics software can catch this kind of trend. By the way, this brazen employee was originally making the checks out to “cash,” but when he didn’t get caught, he started making them out to himself. Before being caught, he was including his full name and address as the payee (maybe his bank was getting suspicious when the business checks didn’t include his address). He had taken advantage of a known glitch in a popular accounting software package that many small businesses use and that allowed him to enter a transaction to the ledger and change the payee name before printing the physical check. This could easily have been caught if the business had been matching the payee on the canceled checks with its general ledger.

More specifically, review employee expense reports with an eye out for any duplicates in amounts, vendors, dates or other key fields. If you limit this to a single employee’s expenses, you could miss duplicate expenses from multiple employees (two employees submitting the same expense for the same date and vendor). Also be aware that there are websites out there peddling phony expense receipts. There is even a site that will let you request a total dollar amount (say $1,500) and it will give you a single sheet with valid looking receipts that add up to that amount. Other sites offer an entire fictional travel itinerary with flights, car rental receipts, and hotel invoices – anything for a price.

Verify Vendors and Account Numbers

One of the more “effective” embezzlement techniques is vendor fraud.

The Marquet Report shows that in 2011, vendor fraud accounted for only 5 percent of major embezzlements but 13 percent of the amounts stolen – meaning that the average per incident was much higher than other fraud techniques.

Vendor fraud is where an employee sets up a phony vendor in the accounts payable system and begins submitting invoices for this vendor. Most often the invoice is for “consulting services.”

For instance, a company recently had an invoice for more than $20,000 for “consulting services” to create a PowerPoint presentation. Can you imagine seeing this PowerPoint presentation that cost $20,000? It must have been truly amazing.

Watch out for vendor names that are identified only by initials or provide a P.O. box as the only address. Both are common tricks employed in hiding fraudulent payments.

Data analytics also may help identify vendor fraud. In one recent example, an employee changed bank account information for the vendor to his own account. It turned out he was having his payroll sent to the same bank account. Employers should review vendor files and payroll records to look for duplicate account numbers, phone numbers and street addresses.

Insurance Coverage

There’s a wide variety of crime coverage available on the market, but it’s important to get coverage that matches the needs of your client’s business or that of your agency. A policy that doesn’t cover computer and funds transfer fraud, vendor theft or the theft of clients’ property for a professional services firm will leave you exposed to some of the fastest-growing financial crimes. You also need to have the right limits – it can take time for a fraud to be detected and your losses will keep growing.