Employee fraud comes in many shapes and sizes. Once you’ve identified where the weak points in an organizational structure are, you can work to reinforce those areas against statistically-likely instances of fraud. Six well-documented ways employee fraud occurs include:
• Purchase Order Fraud
• Payroll Fraud
• Theft of Data
• Company Credit Card Abuse
• Sales and Receivables
• Improperly Managed Asset Access/Dissemination
Purchase Order Fraud
There are usually two ways this takes place. The first involves an employee initiating purchase orders for goods or services ultimately used by that employee in a personal way unrelated to the business. The second way involves said employee putting together a phantom vendor account. He then makes up fraudulent invoices which are paid to this account. Those funds are eventually diverted to the employee.
Three primary strategies silhouette this form of fraud: phantom employees, excessive overtime, and employees who are no longer working for your organization who still collect their “paychecks.” Internal auditing of payroll divisions can really help catch fraudsters here; when it comes to payroll, there isn’t always as much of an opportunity to catch the dishonest employee at work. Keeping a taught record of finances can definitely help. It makes sense to establish a practice of regularly running the numbers on the payroll department to ensure everything is accounted for.
Theft of Data
This can happen in many ways and may take a while to catch. An employee will steal information and use it to their ends fraudulently. Stolen information can include:
• Trade Secrets
• Personal Identification Information
• Client Credit Card Information
• Client Lists
When it comes to information like client lists, the employee is making money by selling that information to third parties, unless they’re trying to scrape a little off the top themselves. It’s the same with trade secrets. When it comes to credit card information or personally identifying information, such things can be harder to trace. The employee is, in effect, stealing the “personality” of the individual whose information they’re using, so it appears as though that individual is making the questionable purchases. Using modern IT encryption and the like to protect data is advisable here, and can help curtail a great deal of such fraudulent activities.
Company Credit Card Abuse
Oftentimes, employees who are using a company credit card in ways which the company doesn’t intend involve smaller purchases for things like creature comforts. Entertainment, food, vacations— these are usually going to end up on the final bill. Such purchases can be a nightmare if you’re audited externally, so it makes sense to keep close track of company credit card purchases and ensure on a regular basis that whatever is bought with them conforms to the limits you’ve set.
Sales and Receivables
If you catch an employee in this, you may have a fraudulent network operating under the auspices of your vendor. Oftentimes, sales and receivables fraud involves an employee working with a vendor to make payment for products or services which were never received or rendered. Say you’ve got some repair work that’s necessary, the repair guys make it on-site, see there’s nothing to fix, and are ready to go, but the employee in charge of the problem says: “Hold on, fellas; this is already fixed, I’m going to pay you like you fixed it. You keep half, give me half, we’ll do it again in a month.” Or if there’s a product involved, especially a consumable one, this could happen when an employee finds somewhere consumption doesn’t match traditional numbers, so instead of reporting an area where the budget is over-inclusive, they just personally absorb the excess.
Unchecked Asset Access/Dissemination
This happens when an employee who receives money is also in control of spending that money, signing checks, facilitating ACH payments/purchases, or working with company credit cards. All that access to assets can easily push an employee into a position where they become morally elastic. One of the most successful preventative measures against this is to have one employee do the asset reception, and have another control the spending. Then you’ve got two points of data which can be compared and contrasted over time to ensure what’s coming in and going out matches budgetary design.
Curtailing Fraud and Maximizing Profitability
When you consider employee fraud, you want to remember that the human element predicates a “when” rather than an “if” scenario. You’re going to be stolen from, and if the theft goes on long enough, it could put your company in legal troubles. Sites like ACFE.com offer information that can help you identify where fraudulent “leaks” may be undermining your company. With over 2,410 cases reported from some 114 countries in 2016 alone, this site is a treasure trove of data. For example: did you know the median loss from one case of occupational fraud was $150,000? There’s more at play than just the money stolen. If an employee must be fired, the investment in his or her training is lost, and then a replacement predicates additional educational costs. Partnering with IT groups who understand common areas of loss and how to identify them can help you find fraud and retain assets while restraining damages.
Most of your fraud detection will come from tips. According to a detailed report from ACFE.com, approximately 43% of fraud detection in 2012 came from tips. Data collected in 2014 and 2016 reflected similar statistics. Other actionable methods included internal audits and management review. Some applicable fraud detection measures include:
• Account Reconciliation
• Document Examination
• External Audit
• Law Enforcement Notification
• IT Controls
Of all these methods, tips represented the greatest actionable means of fraud detection. You can’t entirely control who will or won’t tip, but if you have an IT division that has a special purpose which revolves around detecting and preventing employee fraud, this is a great way to help curtail losses in many of the well-known areas where fraud has been repeatedly documented.
Brent Whitfield is CEO of DCG Technical Solutions, providing IT support in the Los Angeles area since 1993. DCG exists to help clients choose, implement, and manage IT and cloud solutions that are cost effective and reliable. DCG’s pro-active approach to IT is ideally suited for companies who depend on reliable IT infrastructure, but don’t want to spend a lot of money to keep it that way. DCG was recognized among the Top 10 Fastest Growing MSPs in North America by MSP mentor. Brent has been featured in Fast Company, CNBC, Network Computing, Reuters, and Yahoo Business.