Small and medium-sized companies are particularly prone to employee theft because they typically do not have the staff available to assign more than one employee to processes to help ensure that fraud does not take place.

Assigning more than one employee to certain tasks, also known as segregating duties, is one of the primary tactics that companies can use to fight internal fraud. The importance of segregating duties can be seen in one fraud case involving a roofing and sheet metal company. Over the course of approximately four years, the company’s administrative assistant and bookkeeper embezzled more than $313,000 using a variety of schemes including the issuance of payroll checks to a fake or “ghost” employee and the theft of company funds via check and corporate card.

To cover her tracks, the 46-year-old employee altered the company’s accounting records to disguise check payments as legitimately made to vendors, according to the FBI. Specifically, she made entries into the company’s accounting software system to disguise checks she sent from the company’s bank account to pay her credit card bills as payments to legitimate vendors. She also secretly set up a connection from her personal home computer to the company computer server so she could make fraudulent entries into the company’s accounting system from home.

She pleaded guilty to mail fraud, aggravated identity theft, and filing a false tax return in connection with the scheme and was required to pay restitution of at least $313,225, according to court documents.

To prevent a similar fraud at your organization, there are a number of steps that your company can adopt:

1. Get a second opinion. No matter how trustworthy an employee may appear, it is rarely appropriate to concentrate multiple functions involving the movement of money without some form of oversight. Consider engaging your CPA to conduct a periodic review of your company’s financial records for accuracy, integrity, and the red flags associated with fraud. Engaging a third party will also heighten the “perception of detection.” In other words, employees will avoid committing fraud because they perceive the chances of being caught are considerable.

2. Checks and balances can help. In the case of the roofing and sheet metal company, the employee had the ability to add a fake or “ghost” employee to the company’s payroll account. For just over four years, the employee caused payroll checks to be issued to a fictitious employee, which she then endorsed and cashed.

Before an employee can be added to a company’s payroll, a manager or supervisor should approve the addition. Further, on a quarterly basis, review the list of employees on the company’s payroll to ensure that no two employees have the same Social Security number or mailing address. In addition, randomly sample newly added employees to ensure the appropriate biographical information has been collated and that the addition of the new employee received the appropriate management approval.

3. Reconcile bank accounts frequently. To prevent check fraud from taking place, it is imperative that your company reconcile its bank accounts frequently. Ideally, all accounts should be reviewed and reconciled on a daily basis. If your company has elected not to receive copies of canceled checks, now may be the time to reverse that decision. Bank reconciliation is far more effective if the endorsements as well as signatures on the canceled checks are reviewed to ensure that they are appropriate.

Note: Although it is convenient to do so, signature stamps dramatically increase the probability that fraud will result. Consider destroying all of your company’s signature stamps and requiring that executives manually sign all checks. In addition to manually signing all checks, executives should also review the documents that support the check payment such as the original purchase order, bill of lading (if applicable), and corresponding invoice, etc.

In the case of the fraud at the roofing and sheet metal company, the employee admitted that she diverted company funds to pay her personal credit card bills, and used a rubber stamp with the name of an authorized company signatory printed on it to sign company checks for her personal benefit.

4. Control access to checks. Check stock should be stored in a locked cabinet or safe that can only be opened when two employees with keys or the appropriate pass code are present. New orders of checks that are received by the company should be logged and ideally remain wrapped in the original cellophane that they were shipped in. In order to request a new batch of checks, two levels of approval must be granted. Finally, the invoice associated with a new check order should be sent to someone within the company that is not involved in the issuance of company checks.

5. Review corporate card charges. To help prevent fraud, mandate that your company’s credit cards are used exclusively for business-related expenses. Before they are able to receive a corporate card, employees should sign a document that explains what the card can, and cannot, be used for. Consult with your company’s legal counsel regarding the wording to include regarding the ramifications for violating the policy. It is never a good idea to allow employees to withdraw cash from their company credit cards. Instead, establish a petty cash fund with the appropriate controls or oversight or reimburse employees for expenses they incur using their personal cash.

6. Institute an anonymous hotline. News travels fast in small and medium companies. Bad news can travel even faster, especially if employees have access to an anonymous hotline to report concerns. Ideally, a fraud hotline should be manned by a third party with a 24-hour call center staffed with people trained to gather anonymous tips effectively. Most third-party hotline services charge per employee and can also provide case management and best practices as needed.

If you want to learn more about how to prevent fraud, access our free internal controls diagnostic to assess the current strengths and weaknesses of your organization. Additionally, our fraud investigation and forensic accounting team includes a CPA who is a Certified Fraud Examiner (CFE), trained specifically to uncover suspicious activities in the areas of financial statement fraud and employee theft. We know what to look for, and we utilize investigative techniques to untangle the mess fraudsters leave behind.

Contact Us

© Copyright 2023 Thomson Reuters. 

Disclaimer of Liability
Our firm provides the information in this article for general guidance only, and does not constitute the provision of legal advice, tax advice, accounting services, investment advice, or professional consulting of any kind. The information provided herein should not be used as a substitute for consultation with professional tax, accounting, legal, or other competent advisors. Before making any decision or taking any action, you should consult a professional advisor who has been provided with all pertinent facts relevant to your particular situation. Tax articles in this blog are not intended to be used, and cannot be used by any taxpayer, for the purpose of avoiding accuracy-related penalties that may be imposed on the taxpayer. The information is provided “as is,” with no assurance or guarantee of completeness, accuracy, or timeliness of the information, and without warranty of any kind, express or implied, including but not limited to warranties of performance, merchantability, and fitness for a particular purpose.




Nonprofit Insights


Valuation Report