The risks of employee fraud

As an employer, having eyes in the back of your head may not be possible, but it’s important to have sound fraud prevention measures in place. By Adam Bernstein

How could someone employed by a friend defraud their business? To most of us, this would be unthinkable, but that’s what happened when bookkeeper Darren Mackenzie stole more than £1.3 million from Max Punni’s chain of pharmacies over an eight-year period.

From the evidence, Mackenzie took the money and spent it on more than £300,000 of construction work on his home, a £10,000 sound system, luxury holidays to New York and Las Vegas, high end watches, designer clothes and shopping trips to Harrods. He transferred money directly into his personal accounts and also gave himself an unsanctioned pay rise.

The impact on Punni and his business was drastic. Beset by stress and anxiety, Punni cut staffing hours, didn’t pay dividends for two years, doubled his working hours and often worked seven-day weeks.

The fraud was only discovered when a fellow employee came across invoices relating to Mackenzie’s home. He was sentenced in November 2022 to five years and eight months, and faces a Proceeds of Crime Act action.

Rising risk

Mackenzie’s activity is surprisingly common. According to statistics collated by London recruitment platform The Circular Board, employee theft costs UK businesses around £190m every year and accounts for 22 per cent of retail shrinkage. It usually takes around 14 months before a fraud case gets discovered, with 43 per cent of fraud schemes detected by a tip. 

Businesses are more clued up on the risks of fraud than they were in the past, says Andrew Northage, a partner at Walker Morris LLP. “It is certainly the case that companies are now more mindful of the policies and procedures they must have in place to raise employee awareness of fraud and to deal with it if it occurs,” he says. “Businesses are increasingly taking a similar approach to aspects of corporate governance, such as fraud, in order to identify the risks to the business, to determine appropriate mitigation strategies.”

Unseen impact

Despite this rising awareness, few recognise that what goes unseen is just as damaging – possibly more so – than that which is found.

Dave Kearns, managing director of the Expert Investigations Group, believes reported figures are “generally not a true reflection as they are based on what is discovered, allowing a small tolerance for unknown losses”.

He says that in most retail businesses, “stock control and recording measures are not always accurate and therefore the starting point can be wrong.”

That said, Kearns thinks that while theft and fraud should be much easier to control in a micro business, “once you increase the number of employees, staff, sites, locations, procedures and outsourced services then that risk begins to rise more significantly”. And where the theft or fraud is carried out by more senior individuals, or by more than one employee, he says that “the median loss is higher and the time to identify or detect the theft or fraud is longer”.

Are there typical fraud behaviours that firms should look out for? Philippa Dempster, managing partner of law firm Freeths, lists a number of examples which include requests to pay a ‘fake’ bank account, fictitious invoices, invoices paid in one currency but posted in another, finance department employees abusing a system, ex-employees abusing a system, and the overstating of accounts. Of course, there are plenty more.

As to the motives, Kearns says it may be to gain monies that will allow a family in the short-term to eat, heat their homes and enjoy Christmas. But because of “the materialistic world in which we live”, it may be that employees “do not wish to make personal cuts, savings and alter their lifestyles to maintain their current status quo” so “turn to employee deviance to keep their existing lifestyle.”

Advice on prevention

As with the Mackenzie case, most instances of major fraud are uncovered by chance. When Amanda Steven, a family friend and bookkeeper for trade magazine publisher Redcat Marketing stole £210,000 over six years, she was only caught because a VAT bill couldn’t be paid.

The owners had to make four staff redundant, sell cars and business premises and take out a secured overdraft to keep the firm alive.

Fraudsters do make mistakes. According to Northage: “One of the biggest frauds the UK has ever seen began to unravel when six seemingly unconnected companies responded to an audit letter on the same single fax.”

Prevention is invariably better than cure, however. It’s for this reason that Dempster recommends that employers “create an open culture with regular awareness training and vigilance – sending examples around of latest scams, ensuring good cyber security and also basic IT hygiene with regular password changes are part of best practice”.

To this list she adds considering potential risk areas and being vigilant. She recommends watching for unusual behaviour, such as an individual living beyond their means, installing CCTV, and maintaining suitable stock control systems in warehouses.

But despite corporate changes being implemented, Kearns has seen crime evolve to bypass security measures put in place. This has included family-based shoplifting with an employee assisting in the theft – something that can be “extremely difficult to prevent, even with new technologies” because “simple theft of product, materials and associated merchandising is easy to dispose of once it’s out of the retail business”. He notes that some crime is just a matter of leaving stock in the correct place for removal.

One solution that Dempster advocates is the enforcing of staff holidays. “Often,” he says, “this is the time when things are discovered.” He adds that accounts teams should have “particular vigilance and an open culture so that people question and spot check”.

But there’s one tell-tale sign, says Northage, and that’s employee behaviour. “Look for domineering or bullying management, obsessive secrecy and close or closed relationships with suppliers; there may be an unwillingness to delegate menial tasks, or you may notice a significant change in an employee’s lifestyle.”

He also feels that different kinds of fraud warrant different approaches. “For instance,” he says, “if facing push payment fraud or the risk of any kind of fraudulent transaction, email must be closely monitored.”

He suggests guarding against similar frauds from inside a business by introducing checks beyond emails from supervisors before payments can be authorised. “Email chains can be easily edited to make it look as though the payment has been authorised when it hasn’t,” he notes.

Major events usually involve senior management, especially those with the authority to override controls. However, employee fraud schemes can involve theft by exploiting systemic weaknesses, such as stealing cash before it has been recorded, fictitious expense reimbursement claims and/or stealing company property. 

A classic example of systemic abuse is offered by Northage – and it seems so simple. “We acted on behalf of a global food and drink manufacturer bringing a claim against an individual in its accounts department who spotted a weakness in the way in which payments of rebates were authorised [so that he could] amend the bank details of legitimate customers to his own account. This meant that rebates of around £650,000 were transferred to the employee’s account.”

It shouldn’t be a surprise that employees are the key to detection. On one hand, employees that see solid policies will be deterred from engaging in criminal acts. On the other, honest employees will become critical allies in the fight who, with suppliers, can become key sources of tips and information.

Others can play a role by chance too. As Kearns highlights, employee activities can be discovered by accident, by other employees, by situational crime measures and by tip offs.

One such case he investigated involved a neighbour who contacted a retailer stating there was ‘significant product’ in the garage of an employee. For him, having a whistleblowing policy and procedure is an essential tool, “but only if the credibility of the process is maintained”.

The ‘Wild West' 

If suspicions are raised, and an investigation is on the cards, Kearns says it makes sense to bring in experts. However, he adds: “The private investigation industry is ‘the wild west’; it is an unlicensed and unregulated industry and less than 25 per cent of investigators have insurance and even less are GDPR compliant.”

It bothers him that most investigators do not have a legal or law enforcement background so “do not understand the details in proving a criminal offence, such as relevant points to prove and case law”.

Proving a case requires evidence. Without this, Kearns says employers won’t have the option of dismissing and claiming back from an employee via a civil prosecution or seeking police help to prosecute and bring a ‘proceeds of crime’ case for recovery of funds.

Ultimately, he says: “Once you have the evidence, you are in a strong position for prosecution.” And for that, you need to seek good advice. 

In summary 

Fraud and theft are everywhere, often hiding in plain sight. It’s impossible to stop it, but employers can take steps to keep the risk of an incident occurring to a minimum. Considering that fraud can be so destructive, it’s an issue that should not be ignored.