There was something suspicious about that charge on the bank statement. The client didn’t remember making that purchase. They just happened to open the statement email and log into their account to see their statement balance. Noticing it was unusually low they–“just out of curiosity”– looked to see what they were spending their money on.
And they found it. And lots more personal employee charges on their statement.
It is so easy– really, really easy for so many people to take advantage of an owner who is otherwise distracted and more than happy to push administrative duties down in the organization.
But it happens all the time. Over 75% of our clients have had an employee steal from them at some point during their company’s existence.
There are plenty of ways it can be done– more than I can list in one post but here are a few ways you can prevent someone with even minimal access stealing from you:
Go primitive— in our digital age it is easy to gloss over the emails from your bank saying your statement is ready. The added step of having to log into your account to see it actually deters people from doing it. Get your bank statements in paper, and have them delivered to your house, not your place of business and let your employees know you are reading them. Make it a point to open them, read through them and be sure you know what the purchases are for. That exercise alone– and the fact that your employees know you are watching– is the single best thing you can do to prevent and catch fraud.
Watch your payroll— Another easy access place to steal is through payroll. Without two-step authorization, it is easy to add fake employees to payroll, or payroll administrators can give themselves or a buddy a raise without you even knowing it. All they need to do is make an adjustment to their pay or set up the direct deposit into their personal account. Set up with your payroll company an authorization process so that you are the final rubber stamp for any changes.
Who is THAT?! Another way employees can steal from you is by setting up fake vendors that look legitimate. It is easy to have their payments sent to a PO box (which happens to be owned by your employee). The dumber ones actually have checks sent to their personal addresses. Have your bookkeeper run a list of checks and ACH payments with the vendor name and see if anything looks unusual. If you really want to control the process, every new vendor must be approved by you before disbursements are made.
Prove it: If you have a bookkeeper recording your transactions, it is easy for them to change the vendor name in QuickBooks so your reporting looks legitimate, but it is even easier for them to change the “pay to” name to be themselves. It’s also not that difficult to take everyday expenses like phone or utilities and hook up their personal charges to your credit card or bank account, especially if you use the same vendors like Verizon and Comcast. Do the exercise periodically of having them produce the bill for checks, disbursements or credit card charges and make sure they are really yours.
Beware of write-offs, voids or deleted invoices: In many companies there aren’t enough people to split the billing and receivables process, which opens the door for a rouge employee to take the customer’s payment, co-sign and deposit into their personal account and write off, delete or void the customer’s invoices. It’s also happened where customers and bookkeepers cut a deal where you provide the service and the bookkeeper gets paid. You need to establish a process where write-offs need to go through you, as well as spot checking your audit trail in your accounting system to see what has changed.
Yes, I want receipts for all your credit card transactions: Every time you give an employee a credit card, you are basically giving them access to your bank account. Force them to produce receipts for every charge with a description and look at them. Charges without a receipt should be considered personal expenses and should be deducted from their payroll. Let that happen once or twice and you’ll find the “I lost my receipt” issue going away quickly.
The thing is, your bank isn’t going to reimburse you for your lack of diligence. They are assuming you are doing these things above and, short of them cashing checks signed by an unauthorized signer, internal fraud is rarely covered.
It boils down to this: an ounce of prevention is worth a pound of cure.
What I listed here are only a few ways that employees can steal from their employers. There are SO many more. You need to take the time and watch your accounts, and let your employees know you are watching over them. Those that have nothing to hide will have no problem with it– those that push back would be the ones I watch.