Spotlight on Employee Theft
Fraud costs the typical organization about 5 percent in revenue each year, and the median loss from employee theft overall is about $280,000. That amount is roughly equivalent to what a small company (less than 500 employees) earns in net profit.
“For these smaller employers, [employee theft] has the potential to knock them out,” said Doug Karpp, senior vice president and national underwriting leader, crime and fidelity, at Hiscox.
And smaller employers are the most likely targets, according to a report recently released by the specialty insurer, “A Snapshot of Employee Theft in the U.S.”
An analysis of federal actions involving employee theft in 2014 showed that 72 percent of cases occurred at companies with fewer than 500 employees. Within that subset, 80 percent of incidents occurred at organizations with fewer than 100 employees, and more than half of those had fewer than 25 on staff.
“Smaller companies just don’t have the resources to have robust internal controls,” Karpp said. “They run lean. Losses tend to be more devastating to them.”
Fifty-eight percent of the cases surveyed for this report recovered none of their losses.
That finding isn’t surprising, but even larger entities with more protections in place are not immune. The financial services sector, for example, constituted 21 percent of employee theft incidences. The second-most targeted industry was real estate and construction at 13 percent.
Despite reporting the largest share of employee thefts, however, the median loss for financial services institutions was less than the overall median at $271,000.
“The financial services sector has more resources to detect and deter fraud,” Karpp said.
While the retail industry suffered only 5 percent of total fraud cases, it sustained the highest median loss of $606,012. That may partially be due to “idiosyncrasies with the way the study was done,” Karpp said.
Federal Court Cases Studied
The report examined only federal court cases, and retailers may very likely encounter many smaller thefts — especially outright theft of funds — that are handled at a local level and thus would not be counted in this study. Those that do get federal attention are more likely to be very large, more complicated losses.
The most common types of theft were outright funds theft (38 percent of losses) and check fraud (34 percent) — when a fraudster alters, forges or makes checks payable to himself.
Or rather, herself. Women were the perpetrators in more than 60 percent of cases, especially outright funds theft and payroll fraud. However, the median loss from schemes carried out by women was about $243,447 — 30 percent less than their male counterparts, who typically committed vendor fraud. Hiscox’s report defines vendor fraud as “a perpetrator diverting employer funds through the creation and submission of false invoices issued by fictitious companies.”
The typical thief was also around 50 years of age and worked in a senior level position in an accounting or finance role, typically with a long tenure.
Many employers miss signs of fraud because they believe their employees to be content in their jobs and generally trustworthy. In fact, according to Karpp, upticks in fraud — or at least its discovery — tend to happen during poor economic times, which may drive employees to divert extra funds to themselves, and also motivate employers to look more closely at their accounting processes
“One goal of the report is to raise awareness of fraud prevention techniques” during good times and bad, Karpp said, explaining that even companies with tight margins can adopt simple practices to mitigate the risk of employee theft.
Best practices include keeping certain tasks separate, such as record-keeping, issuing checks and reconciling bank accounts; no individual employee should be in charge of an accounting process from start to finish. Any checks written or wire transfers should receive approval from two senior managers or executives before completed.
Small business owners can also have all statements sent to their homes to be personally reviewed before any accounts are reconciled.
Many companies also wrongfully assume that traditional business and property policies cover internal theft. Fifty-eight percent of the cases surveyed for this report recovered none of their losses.
Having a crime policy in place that includes coverage for losses caused by through cyber deception, social engineering, vendor theft, funds transfer fraud, computer fraud, telephone toll fraud and other types of theft is the best way to ensure that road to recovery exists.