Law

The 4 Most Common Employee Theft Schemes and How to Protect Against Them

by Laura Rubenstein, Offit Kurman Attorneys At Law  

When it comes to large-scale employee theft, fraud examiners commonly encounter four major types of fraud schemes: billing, check tampering, expense reimbursement, and payroll fraud. Here are some tips on how to detect and prevent them in your workplace.

Billing Schemestheft

False billing schemes are often used to hide large thefts. There are three primary kinds of billing schemes:

  • False invoicing via shell companies: The fraudster will set up a fake (shell) company that bills for goods or services. Perpetrators are frequently in positions to approve these false invoices and rely on false purchase orders and receiving documents to substantiate the lie. The names of shell companies tend to be similar to existing vendors working with the company.
  • False invoicing via non-accomplice vendors: The fraudster double-pays or overpays an invoice, contacts the vendor, demands one check or payment be returned, and then intercepts the check before anyone else can see it. Perpetrators may alter the name on the check or the payee line, or create a counterfeit copy. These are commonly known as “pay-and-return” schemes.
  • Personal purchases made with company funds: The fraudster authorizes improper purchases using company funds or simply buys merchandise to return for cash. For instance, a perpetrator may buy eight computers when the company only needs four, in order to return the surplus for a “refund” in cash or credit in their personal name.

Though personal purchases may seem straightforward and thus easy to spot, they can go unnoticed for long stretches of time. Companies should be vigilant and look for the following red flags:

  • Unfamiliar vendors
  • Invoices for unspecified or poorly defined services
  • Vendors that only have a P.O. Box address
  • Sudden increases in purchases from a particular vendor
  • Vendor addresses that match employee addresses
  • Unusually quick payment or double payment of invoices
  • Large billings that are broken into multiple, smaller invoices so as to not attract attention

Another indication of billing fraud are complaints from vendors. Take action whenever any vendor mentions they have been over- or underpaid, especially continually. It may be human error, or it could be theft.

Finally, make time to regularly review and verify your vendor list. It is recommended that clients institute approval procedures, at least for new vendors, so multiple employees have to sign off on a purchase before it is made. Some organizations enact these policies for any purchase over $5,000 while others raise the ceiling to $25,000 and above.

Check Tampering Schemes

Check tampering schemes typically occur over a sustained period, rather than a single instance, for two main reasons: the fraudster has to keep the scheme going in order to avoid getting caught and is often enabled to do so due to their unbridled position at the company. A large percentage of perpetrators are also involved in reconciling their companies’ bank statements, meaning they have almost total control over corporate finances with little to no oversight.

Check tampering schemes fall into four main categories:

  • Forged maker: The fraudster forges an authorized signature on a company check and then endorses the check to themselves, or creates a dual endorsement by
    adding their name below the payee’s.
  • Forged endorsement: The fraudster forges the signature of the check’s intended recipient.
  • Altered payee: The fraudster changes the name to which the check was issued.
  • Authorized maker: The fraudster modifies a valid check, e.g., by adding a zero to the end or a one at the start of the payment amount.

Be aware of red flags that indicate check tampering:

  • Voided checks
  • Missing checks
  • Altered endorsements or dual endorsements of returned checks
  • Returned checks with obviously forged or questionable signatures
  • Altered payees on returned checks
  • Customer complaints regarding payments not being applied to their accounts
  • Checks payable to employees, with the exception of regular payroll checks

In order to detect check tampering, companies should listen for customer complaints and take a careful look at their bank statements. Fraudsters often maneuver funds between different entities and may overlook applying payments in a timely manner, prompting customers to speak out when money remains in their accounts. If you receive these complaints, contact your bank to gain access to your statements and recently issued/cancelled checks. Though most corporate banking these days occurs online, companies can still access images and hard copies.

Check tampering prevention methods are relatively uncomplicated. Make sure your checks come printed with physical tampering prevention and security features such as chemical stains, erasure protection, and microprinting. Checks should never be pre-signed and should never be cut by someone who is not a signatory on the recipient’s account. It is also recommended that bank statements be sent to the owner’s home precluding the fraudster from having the opportunity to open the mail and alter the statement prior to someone else reviewing it.

Expense Reimbursement Schemes

As with check tampering, there are four common and distinct forms of fraud through expense reimbursement:

  • Mischaracterized expenses: The fraudster requests reimbursement for a personal expense by claiming it is related to the business.
  • Overstated expenses: The fraudster requests reimbursement higher than what they paid by altering receipts or over-purchasing equipment.
  • Fictitious expenses: The fraudster claims expenses through a fabricated or blank vendor receipt.
  • Multiple reimbursements: The fraudster submits the same expense more than once.

These perpetrators aim to achieve their offenses by counting on “rubberstamp managers.” So the best - and perhaps only - recourse companies have to identify expense reimbursement fraud is through a thorough review and analysis of expense accounts and reports. Companies should also enact clearly defined expense reimbursement policies and procedures to deter potential fraudsters from relying on others’ follies.

Payroll Schemes

Employees engaged in payroll frauds disburse funds to themselves or other employees rather than external parties. The most common payroll frauds are:

  • Ghost employees: Names of individuals added to the payroll who do not actually work for the victim company, or even exist. The fraudster falsifies personnel or payroll records, generates a “ghost,” and an accomplice collects the paychecks. Ghost employees may be fictitious or a real friend or relative of the perpetrator.
  • Falsified hours and salary schemes: Overpayment of wages. The perpetrator may fraudulently inflate an employee’s work hours or wage rate, or increase an employee’s salary—sometimes changing facts all the way back to day one.
  • Commission schemes: Falsified or exaggerated sales, or increased commission rates. The fraudster may lie about or overstate the results of a sale, thus collecting a higher commission. When commission is based on gross rather than net sales, employees can sometimes earn fraudulent pay by conspiring with customers on bogus deals.

Payroll schemes are extremely common and widespread throughout many industries. There are several ways to stop payroll schemes in the tracks. Companies can manually distribute paychecks rather than issuing payments automatically. The same goes for W-2 forms, which when distributed by hand can help employers identify the ghost employees. Look for duplicate Social Security Numbers, which can also point to fictitious employees.


Laura L. Rubenstein

Laura L. Rubenstein

Offit Kurman Attorneys At Law, Baltimore, MD, Washington, MD, Frederick, MD, Philadelphia, PA, Woodbridge, NJ, Wilmington, DE, New York, NY, USA
E: This email address is being protected from spambots. You need JavaScript enabled to view it.; W: www.offitkurman.com


Published: January 2016 l Photo: Rawpixel.com - Fotolia.com

GGI Logo 70x50px

GGI Geneva Group
International AG

Schaffhauserstrasse 550
P.O. Box 286
8052 Zurich
Switzerland

Contact

T: +41 44 2561818
F: +41 44 2561811
This email address is being protected from spambots. You need JavaScript enabled to view it.
www.ggi.com

Disclaimer

Legal Disclaimer & Privacy Statement

Legal Disclaimer

This website is managed by Geneva Group International AG Zürich (hereinafter referred to as "GGI") on behalf of the member firms of GGI, a worldwide organization of independent Law, Accounting and Consulting Firms. GGI provides information and documentation on World Wide Web sites, such site(s) being known as the GGI Internet (hereinafter referred to as the "Website"). If you make any use of this Website, you confirm that you agree to each of the terms and conditions set forth below. You shall not be authorized to use this Website if you do not agree with any of the terms and/or conditions set forth below.

GGI, a company incorporated in accordance with the laws of Switzerland, provides no legal, audit or other professional services to clients. Such services are provided solely by GGI member firms in their respective geographic areas. GGI and its member firms are legally distinct and separate entities. They are not and nothing shall be construed to place these entities in the relationship of parents, subsidiaries, partners, joint ventures or agents. No member firm of GGI has any authority (actual, apparent, implied or otherwise) to obligate or bind GGI or any other GGI member firm in any manner whatsoever.

No action should be taken or omitted to be taken in reliance upon information contained in this Website. The information contained and accessed on this site is provided by the member firms of GGI for general guidance and is intended to offer the user general information of interest. The information provided is not intended to replace or serve as substitute for any accounting, legal (in those jurisdictions where GGI member firms are permitted to practice law), tax or other professional advice, consultation or service. You should consult with a professional from a GGI member firm in the respective legal, accounting, tax or other professional area. Based on specific facts or circumstances, the application of laws and regulations may vary.

Based on the fundamental universal condition of the electronic communication process, GGI does not guarantee, warrant and/or offer any assurance that this Website (including its functions, contents, downloadable files, software etc.) will be uninterrupted, without delay, error-free, omission-free, or free of viruses, free of Trojan horses, similar destructive software and/or free of harmful codes which may impair the proper functioning of any software, hardware or other equipment and/or materials of the user. GGI does not guarantee, warrant and/or offer any assurance that this Website is compatible with any user's computer equipment (hardware and/or software) or network through which access to this Website is gained. GGI does further not guarantee, warrant and/or offer any assurance that the use of this Website will not lead to viruses, Trojan horses and/or similar destructive software accessing any user's computer equipment.

Access to this Website may be interrupted or unavailable at any time, in particular during maintenance or upgrade procedures. Therefore, the information is provided "as is" without warranties of any kind, express or implied, including accuracy, timeliness and completeness. In no event shall GGI or partners, executives, principals, agents or employees of its member firms be liable for any direct, indirect, incidental, special, exemplary, punitive, consequential or other losses and/or damages of any kind (including, but not limited to, liability for loss of use, data, profits, other intangibles, the costs of procurement of substitute goods and/or services), without regard to the form of any action, including but not limited to contract, negligence or other tortuous actions, arising out of or in connection with this Website, any content on or accessed by use of this Website, or any copying, display or other use hereof even if GGI has been notified of the possibility of such loss and/or damage. All statements, information, downloadable data and files etc. on this Website are made available without liability or guarantee for their correctness, completeness, accuracy, durability, assurance of features, reliability, workability, merchantability, quality, fitness for a particular purpose, achievement of results, non-infringement of proprietary rights, absence of any deficiencies or something similar. GGI shall not be liable for any damage which a user may suffer as a result of any errors in content or arising from any virus or other destructive software. Users are responsible for ensuring that their computer equipment has appropriate security and virus protection features.

All intellectual property rights (in particular copyrights, trademark rights, design rights and patent rights) to the contents of this Website shall be reserved. As content on the site is protected by intellectual property laws (such as for instance copyright, trademark, patent laws) as well as by unfair competition laws, any unauthorised use of any materials on the site may violate copyright, trademark, patent and other laws. Pictures, texts, graphics, computer software etc. which are contained, featured and/or downloadable on this Website may not be copied, downloaded or used in any other way unless indicated otherwise on this Website. Should a user download and/or print the materials on this Website for personal or non-commercial use, the user must retain all copyright and other proprietary notices contained in the original materials on any copies of the material and the source must be indicated completely. The complete and/or partial reproduction, transmission (electronically and/or otherwise), modification, public display, performance, distribution, linking, framing or other use of this Website for any public and/or commercial purposes shall not be allowed without the prior written consent of GGI and the complete indication of the source. GGI does not grant the users of this Website any rights (in particular no intellectual property rights), except for the rights that are necessary to use this Website for purposes permitted under these conditions.
Some links on this Website refer to other websites which have been set up and are operated by third parties. Such links are provided only as a convenience to users. GGI does not control and is not responsible for any of these sites or their content. GGI explicitly disclaims any endorsement or recommendation of and guarantee or liability for such websites of third parties.
This Website is not intended for persons who are subject to a jurisdiction that prohibits the publication of and/or access to this Website (be it because of the nationality, their age, the domicile or for any other reason). If you are affected by such restrictions, you may not access this Website.

Privacy Statement

Geneva Group International AG Zürich, a joint-stock company incorporated under Swiss law with Swiss company registration number CH-170.3.020.433-0 whose registered office is at Schaffhauserstrasse 550, CH-8052 Zurich, Switzerland, (hereinafter referred to as "GGI") is in charge of the data supplied to this Website and the processing of such data. This website is managed by GGI. The goal of this target group is to develop additional sustained and diversified business opportunities on the basis of these relationships.

For the purposes of this Privacy Statement, member firms, correspondent firms, associated firms of GGI and other companies assisting GGI in running and maintaining this website are together described as Partners.

GGI provides information and documentation on World Wide Web sites, such site(s) being known as the GGI Internet (hereinafter referred to as the "Website"). This page contains the information gathering and use policies adopted by GGI in connection with the Website. These policies are subject to periodic review and any changes will be included within this section of the Website.
GGI is not responsible for the privacy policies of third party sites to which links are provided (including sites of Partners of GGI). The privacy policies on these sites should be checked before providing any personal information to these sites.

GGI is committed to the protection of personal information supplied by clients and prospective clients and other users of this Website. GGI provides further support and specialised services for Partners most of whom are situated outside Switzerland in countries which may not afford an adequate level of protection for personal data. Personal information submitted to the Website may be transferred to other Participant Firms outside of Switzerland to the extent necessary to meet the purpose for which the information was submitted. In submitting personal data to this Website in connection with a request for support and specialised services, the individuals concerned consent to the transfer of their personal data outside Switzerland to the extent necessary to comply with the request.

Collection of information

GGI will only collect and use personal data voluntarily and openly provided to this Website. Authorised users are able to browse the Website without disclosing any personal information. An authorised user of this Website may choose to provide GGI with limited personal data as required in order to register for certain services; once registered the information will only be used for the specified purpose(s). If you provide any data by completing the appropriate spaces on this Website or by sending a message to GGI by any means (particularly e-mail) you confirm that you agree that GGI may save, analyze and/or use the date for any purposes, including, but not limited to sending information and brochures to you. You may revoke your consent to the further use of the transmitted data by GGI at any time by sending an e-mail to GGI.

GGI reserves the right to save information regarding the domain name and/or IP-address of users of the GGI Website or their providers' for administrative, statistical and/or other purposes. The IP address indicates the location of the authorised users' computer on the Internet. GGI does not require registration for access to the Website.

It will normally be clear when personal information is being collected. The information required is the minimum necessary to enable GGI to deal with the services requested, but additional information may be requested in order for GGI to provide the most appropriate response. If such additional information is requested it is highlighted and its provision is voluntary.

We do not solicit sensitive personal data through the Website except where legally required to do so, e.g. for the purposes of retaining information for inclusion in the GGI directories of Partners, their principals and their professional expertise. We would suggest information of this nature is not provided except where such data is for inclusion in GGI directories of Participating Firms, their principals and their professional expertise.

At the present time, the standard technology known as "cookies" is not used on the GGI Website. Cookies are small text files placed on the authorised user's hard drive that allow the Website to store tokens of information in connection with use of the Website by allocation of an identifier to an authorised user while the Website is in use. However, GGI reserves the right to start using cookies at any moment without prior notice. Use of cookies would enable GGI to analyse the operation of the Website, thus permitting continuous improvement of the service that it provides.

Use of information

Information is used only for the specific purpose for which it was provided except where there has been an explicit selection to receive other information from GGI. Personal data provided through the Website will be made available to the provider of the information on request as any individual whose personal data is held on the Website is entitled under the Swiss Privacy Act to the information constituting his or her personal data. Personal information may be deleted from the Website at any time. Requests for copies or deletion of information may be made by e-mailing the Geneva Group International Head Office in Zurich at any time.

Provision of Information to Third Parties

GGI will provide personal information to third parties in the following circumstances:
 
  • where the transfer is necessary to fulfil the requirements of the operation for which the information was provided, and the third party is a Partner;
  • in order to fulfil a request which involves other Partners;
  • so as to assist GGI's professional advisors regarding matters referred to them concerning the operation of the Website:
  • where requested explicitly by an authorised user of the Website;
  • or as required by a court order or any other legal or regulatory requirement.
GGI does not collect or compile personal data or information obtained by the Website for dissemination or sale to outside parties not Partners for the purposes of marketing or mailing by or on behalf of third parties. GGI does not undertake marketing activities for third parties.

Accuracy of information

GGI assumes responsibility for keeping an accurate record of personal data once it has been submitted, but not for confirming the ongoing accuracy of the personal information. If GGI is advised that the personal data is no longer accurate, it will be amended (where practical).

Retention of information

Information collected from authorised users of the Website will be kept in order to provide the required services as well as for statistical purposes. Once the service has been completed all information will be destroyed in accordance with GGI's data retention policies. Where the information has been collected in connection with an expression of interest in working for GGI or a Partner it is agreed that GGI may use, hold and destroy personal data supplied in connection with the initial expression of interest in accordance with GGI's standard recruitment procedures:
 
  • details may be retained for up to the next twelve months for the purpose of notification of suitable vacancies that might arise;
  • details may be used for the purpose of research and analysis designed to improve recruitment and human resources policies and practices.
Where the authorised user of the Website has provided additional information, personal details will be retained for a period of time reasonable in the context of the nature of the request.

If these conditions are not acceptable the site should not be further used.

Security of information

GGI has implemented accepted standards of technical measures and security policies that are aimed at protecting the personal data it has under its control from:
 
  • unauthorised access;
  • improper use or disclosure;
  • unauthorised modification;
  • unlawful destruction or accidental loss.
All GGI personnel are required to keep personal information confidential and only authorised persons have access to such information.

Please note that the Website contains links to other sites (including sites maintained by Partners) which are not governed by this privacy statement.

Additional general conditions governing the Legal Disclaimer and the Privacy Statement

The rejection of any liability and/or responsibility regarding the Website and its content and other terms and/or conditions contained in this legal information are also applicable to all companies associated or affiliated with GGI, particularly GGI member firms (Partners).

GGI reserves the right to change all and/or any of the regulations mentioned above at any time without any prior announcement. Unless explicitly indicated otherwise, the new regulations shall immediately apply to all information, indications etc. featured on the GGI Website. By continuing to use the GGI Website, you accept all changes of such regulations.

The invalidity or unenforceability in any jurisdiction of any of these terms shall not affect the validity or enforceability of any other of these terms. If any term is held to be invalid or unenforceable it shall be deemed to be amended to the minimum extent required to render such term valid or enforceable, such amendment to be determined by GGI.

The Legal Disclaimer and the Privacy Statement indicated above shall be governed by and are construed in accordance with Swiss substantive laws (excluding the rules of the conflict of laws) and the courts of Zurich, Switzerland shall have exclusive jurisdiction in any possible dispute.


Copyright pictures
 
The copyright of the photos is published here or under the articles.

Geneva Group International; Rieder Media - Uwe Rieder
Fotolia.com: Kurhan; lagom; Abou Jaoude, Siegmar; Jürgen Effner; magcom; Maksim Šmeljov; Gilles Paire; david hughes; clayllama; robynmac; Dan Marsh; daphot75; Suzanne E.; Pierre-Yves Babelon; QQ7; Fotokon; reinobjektiv; cienpies; Alterfalter; Mark Yuill; Flying-Tiger; Katja Wickert; sk19; fazon; Andy Dean; Immo Schiller; Pavla Vanicka; jamesdavidphoto; sysiphus; Kirill_M; Herbert Esser; djama; Rafael Ben-Ari; ollirg; bruder jakob; soleg; Kobby Dagan; Chris Boswell; Hagit Berkovich; Ruzanna Arutyunyan; lilufoto; zybilo; Esther Wagner; pixelfux; Jim Parkin; Zacarias da Mata; Martina Berg; Konstantin Yuganov; Gail Johnson; maudanros; auremar; swisshippo; tobago77; rudi1976; tagstiles.com; detlef menzel; Luftbildfotograf; FotolEdhar; Temistocle Lucarelli; ErnstPieber; synto; ZINQ Stock; Tupungato; Barbara Helgason; Aleksey Khripunkov; Lucian Milasan; Gabriela; JonaSanpo Tokyo; Leonid Tit; Sven Hoppe; sborisov; denys_kuvaiev; G.J. Prozee; Andrey Burmakin; Digitalpress; gemenacom; arsdigital; deusexlupus; travelwitness; Alison Cornford; gena96; anyaivanova; spiritofamerica; G. Mönks Photografie; Moreno Novello; Picture-Factory; Galyna Andrushko; endostock; Thomas Röske; carlos; Mezzalira Davide; griangraf; laur7410; simon gurney; sborisov; ChantalS; th-photo;kbuntu; maudanros; apops; JR Photography; Josemaria Toscano; luanka; Tyler Olson; Jörg Hackemann; drubig-photo; AlfaSirius; arenaphotouk; vvoe; rolffimages; Ross Kummer; dabldy; silver-john; Wimbledon; nitroshoprod; Moreno Soppelsa; piccaya; Hawkeye; Horváth Botond; motodan; fazon; Minerva Studio; Digishooter; Mapics; TMAX; Fanchy; JFL Photography; kichigin19; Nmedia;  fotofuerst; Henri FRONTIER; Marcin Kubiak; pitrs; goldencow_images; habrda; nattanan726; dmitrydesigner; PackShot; swisshippo; michaeljung; Friedberg; Rawpixel; bluedesign; Ralf Gosch; Forgiss; Frankix; Jörg Hackemann; Gilles Paire; JaimeP; peresanz; lumen-digital; Stefano Garau; AlexF76; industrieblick; sborisov; chris2766; mitifoto; kamonrat; Rainer Plendl; peresanz; Vojtech Vlk; scabrn; Luftbildfotograf; Andrew Kazmierski; bruno135_406; pressmaster; vandertens; Tom-Hanisch; Alexey Stiop; Patrik Stedrak; Jiri Foltyn; kosmos111; Tomfry; S.Alias; beerkoff; Peter Marble; forcdan; Henryk Sadura; TTstudio; samott; Nordreisender; QQ7; imagineilona; 072618; aroberlin; lunamarina; whitelook; Pavel Parmenov; Jeff; jcfotografo; Jiri Foltyn; JS; Robert Wilson; SNEHIT; Sergii Figurnyi; mandritoiu; tilialucida; rabbit75_fot; IRStone; stockphoto mania; saiko3p; zoltangabor;  E. Adler; lovegtr35; kiravolkov; davidevison; Kruwt; alexandro900; Rafael Ben-Ari; Frédéric Prochasson; Halfpoint; fotoherkules; eddygaleotti; mandritoiu; Mik Man; ALCE;  LUNYANSKIY; Sondem; heyengel; forcdan; IRStone; gianliguori; Henryk Sadura; .shock; SNEHIT; alex9500; mpodrucki; KarenDMartin; mimadeo; SNEHIT; IRStone; lena_serditova ;  Friedberg; pixelABC; peshkov; Klaus Heidemann; photofang; frakala; Beboy; vacant; Noppasin; : Leonid Andronov; surangaw; dennisvdwater; Chris Lofty; Robert Kneschke; Gajus; chrisdorney; samografy; DOC RABE Media; vichie81; everythingpossible; Rafael Ben-Ari; Eisenhans; bakerjarvis; stokkete; hankimage9;