Kickbacks, payroll fraud, false reimbursement claims and the use of company credit cards and accounts for personal use are all issues of employee embezzlement that employers are faced with on an all-too-frequent basis. As employees try to become more creative with their schemes for embezzling company money into their own pockets, employers can fight back and put up internal “road blocks” to help deter employees from getting their hands on money that is not theirs.
One of the harshest realities about employee embezzlement is that it’s usually conducted by employees who have gained significant levels of trust from their superiors. Embezzlers usually begin by taking small sums of money, and if they realize they have yet to be caught, can continue taking money for many years, equating to significant losses to your company.
SIGNS OF EMBEZZLEMENT
There are many different signs that signal the presence of embezzlement. Sometimes it can even be company policies and the roles and responsibilities outlined in employee job descriptions that make it easier for embezzlement to take place. The organizational conditions that create an open door for embezzlement to occur include the inadequate segregation of duties, lack of employee training and understanding regarding company policies and the consequences for violating them, high turnover rates, failure to consistently enforce standards and policies or punish violators and operating in an environment that frequently acts in “crisis” mode.
Aside from the organizational conditions that increase the opportunity for embezzlement, you can also observe changes in employee habits and discrepancies in financial reporting and accounting statements to identify embezzlement. In the FindLaw.com article “Embezzlement Warning Signs”, they state that other key signs that point to the occurrence of embezzlement within the workplace include:
- Untimely and unorganized financial statements and reports.
- Unbalanced accounts, altered check amounts and the occurrence of duplicate payments.
- Creation and payments made into false accounts that have matching addresses to that of an employee.
- Unexplained losses of company funds.
- Missing documents related to account, payments, etc.
- Unexplained or unauthorized charges to company accounts.
- An employee refuses to take vacation, works long hours.
- Alterations in an employee’s lifestyle- high medical bills, divorce, gambling problems, living beyond means for salary level, etc.
- Bank deposits delayed or made on an inconsistent schedule.
There are a number of measures that employers can take to reduce the number of opportunities within the workplace that allow embezzlement to occur. The chance that you can prevent embezzlement altogether is a bit of a stretch. The separation of duties and task rotation are some of the best measures an employer can use to reduce the opportunity for employee embezzlement. When rotating tasks, if an employee is guilty of embezzlement, chances are, they will protest and try to remain in control of any process that involves access to or the handling of money, so that another employee cannot uncover their scheme.
When creating job descriptions, outlining employee responsibilities, company codes of conduct and ethics, as well as any other policy governing your workplace, you will want to conduct a risk assessment that identifies vulnerabilities that may expose the company to to embezzlement, pressures or tasks that could motivate an employee to turn to embezzlement, money handling procedures that do not require enough checks throughout the process, compliance with legal guidelines and any other weaknesses that increase the risk of embezzlement.
Another way to help detect and prevent embezzlement is through the use of internal reporting systems. Internal reporting systems allow employees to report any issues of observed misconduct or awareness of financial fraud that is occurring within the organization. Sarbanes-Oxley requires financial firms to have an anonymous reporting system in place, making employees more comfortable when reporting misconduct, since their name isn’t attached to the allegations. Internal hotlines and reporting systems are the number one tool for identifying misconduct within the workplace, as it is usually an employee’s peers who are aware of any forms of misconduct before they make their way up to top level executives to deal with.
The article “Embezzlement Prevention and Detection” by Vincent Ruocco, LLC, CPA, advises management to conduct the following steps when establishing policies to make embezzlement difficult for employees to conduct:
- Adopt a policy of mandatory vacations and mandatory duty rotations. It is not uncommon for the embezzler to interfere with the customary workflow to effect the embezzlement. However, if your policies require the embezzler to give up control of his/her work, he/she will recognize that the fraudulent scheme might be more easily detected, and thus be detoured from committing the illegal act.
- Don’t hire thieves. This means that if you intend to place an individual in a position of trust, you should conduct a background check. The typical background check involves employment and education verifications, reference checks, criminal conviction checks, drug screenings and a credit check. You may need the candidate’s consent prior to conducting some components of your background check, so you should seek the advice of a qualified attorney.
- Conduct periodic surprise internal audits. These are most effective after identifying high risk areas and designing procedures to achieve the desired objectives. It is not uncommon for management to engage a qualified CPA to help them plan the audits and perform the procedures. It is important to note that simply knowing that the organization has a policy of conducting surprise internal audits can act as a deterrent to the would-be embezzler.
- Double Signatures, Authorizations and Back-up Documentation. Multiple layers of approval will make it far more difficult for embezzlers to steal from the organization. For expenditures over a predetermined amount, require two signatures on every check and two authorizations on every cash disbursement. Where the professional staff of an organization is too small to effectively implement a double authorization policy, consider having a (volunteer) officer or director be the second signatory or authorization required (generally, an officer will be preferable to a director). Similarly, all check and cash disbursements should be accompanied by an invoice or other document showing that the payment or disbursement is appropriate. If the size of your organization allows it, the invoice or disbursement request should be authorized by a manager who will not be signing the check. Never pre-sign checks. With credit cards, require prior written approval for costs estimated to exceed a certain amount. Again, the person using the card cannot be the same person authorizing its use.
- Segregation of Duties. Hand in hand with multiple authorizations goes the segregation of duties. At a minimum, different employees should be responsible for authorizing payments, disbursing funds, and reconciling bank statements and reviewing credit card statements. If the organization does not have enough professional staff to effectively segregate duties, a (volunteer) officer or director should be tasked with reconciling the bank statement and reviewing credit card statements. Because embezzlement also can occur when funds are coming into an organization, no single individual should be responsible for receiving, depositing, recording, and reconciling the receipt of funds. By the same token, all contracts should be approved by a manager uninvolved and personally uninterested in the transaction (i.e., it will not impact his or her bonus or salary) and, wherever possible, contracts should be the product of competitive and transparent bidding.
- Fixed Asset Inventories. At least yearly, the organization should perform a fixed asset inventory to ensure that no equipment or other goods are missing.
- Audits and Board Level Oversight. The control measures discussed above only work if someone is checking. In addition to management, who should be ensuring that the measures discussed above are followed, organizations should also undertake regular external audits to ensure that these measures are effective. Organizations also should establish audit committees on their board of directors, containing at least one person expert in accounting that would serve as the primary monitor of these anti-fraud measures. In lieu of an audit committee, smaller organizations should consider putting a CPA or other financially-knowledgeable person on the board of directors to serve a similar function.