Employee Cheque Fraud
Employee Fraud, Cheque Fraud, Internal Controls, Segregation of Duties
A hospital employee diverted hospital funds into their personal account. Lack of segregation of duties and lax internal controls surrounding cheques contributed to the fraud.
While employed at a hospital, an employee within the facility’s finance department intercepted cheques payable to a group of healthcare providers. Subsequent investigations revealed that the employee had then preceded to deposit the cheques into an automatic banking machine located within the facility, which had enabled the employee to divert the funds to their personal account.
Medical Legal Findings
Expert review of the case was critical of the policies and procedures of the involved hospital, noting that the fraudulent activities had been possible as a result of the hospital’s failure to standardize the internal process of reimbursing a select group of healthcare providers.
Prior to the fraud incident, the hospital had given the healthcare providers the option to have their funds disbursed via direct deposit, mail, courier, pick-up from mail slot, or delivery by the involved employee. The employee had intercepted cheques marked for internal delivery.
Reflecting on your practices as well as your facility’s policies, procedures and processes:
- Does your organization have an anonymous, confidential reporting of potential fraudulent behaviours? If so, is this mechanism known by all staff and volunteers (e.g. whistleblower hotline)?
- What is your organization’s process for handling an anonymous tip of a suspected internal fraud? Who should be (and should not be) notified before conducting an internal investigation and why?
- What are some of the behavioural red flags for employees and volunteers involved in the management of finances/donations which may be indicative of fraud?
- Describe some of the typical means that healthcare organizations identify internal fraud?
- Segregation of duties for small organizations is particularly challenging. What steps/internal controls should be taken to minimize internal fraud due to poor segregation of duties?