Employee Fraud

Sector: Acute Care

Employee fraud can be defined as “the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets” (Association of Certified Fraud Examiners, 2012). Employee fraud causes both financial and reputational harm to organizations and can be very difficult to detect. Most fraudsters are influenced by a combination of factors including: opportunity, the quantum of the potential gain; and the perceived risk of detection. It is therefore critical for organizations to be proactive in implementing anti-fraud policies and procedures which reduce the opportunities for committing fraud and creating an environment in which employees and outside service providers know that dishonest acts will be detected and dealt with severely.

Common Claim Themes

  • Typically carried out by employees with authority to approve payments; with access to payment systems; and who claim fictitious or inflated expenses.
  • Schemes include: kickbacks paid to employees by suppliers who overcharge or are not properly qualified; cheque alterations; fictitious vendors; fictitious invoices; and theft of organizational property with the ability to alter accounting records to conceal the theft.
  • Payments made by internet banking or wire transfer where the usual controls over cheque signing are absent and no alternative form of approval has been implemented.
  • Inadequate and/or poorly enforced internal controls often accompanied by: poor “tone from the top”; lack of or poor fraud training for managers; and no code of conduct with annual sign-off.
  • Discovered by: external and internal audit; internal and external tips; budget reviews; and a change in management.
  • Junior level fraudsters discover weaknesses in control systems by accident and take advantage of them. While senior level fraudsters abuse their authority to make inappropriate or inflated payments from which they directly/indirectly benefit.
  • Senior level fraudsters often generate larger losses with more sophisticated schemes, (e.g. kickbacks that go undetected for longer periods of time and are more complex to investigate.

Case Study 1

Over a period of several years, funds were channeled from one healthcare organization to two fake vendors. A senior manager submitted fake invoices for payment when no services were provided and no further approvals were required. The manager had one friend incorporate the companies used as fake vendors and open bank accounts for these companies. The manager and the friend colluded to share the proceeds of the money received. This fraud was only discovered after the manager was transferred to another organization and the new manager questioned the amount of consulting costs and the unusual appearance of the invoices. By the time the fraud was detected, hundreds of fake invoices had been paid. The manager’s and friend’s homes and vehicles were seized and told with the proceeds paid to the healthcare organization.

Case Study 2

An employee was responsible for large sums of cash, (including from petty cash, ATM machine and the gift shop). The employee was solely in charge of custody of the cash, the bookkeeping, (including receipting in the ledger and making bank deposits. Over the course of several years, the employee stole a significant sum of money. Red flags in this case included: no one was cross-trained in this position; the employee did not take more than a few days’ vacation at one time; and the employee was a known gambler. The discrepancy between funds collected and funds deposited was noticed when a new manager undertook a review of accounting and financial practices which ultimately detected lack of effective controls of the fraud.


  • HIROC claims files.
  • Association of Certified Fraud Examiners. (2012). ACFE fraud prevention check-up [self assessment].
  • Bambrough, D. (2013). Emerging trends and current issues related to fraud [PowerPoint].
  • Bambrough, D. (2014). Procurement fraud – Strategies for prevention, early detection and response [PowerPoint].
  • Bennett, N. (2015) Investing in fraud prevention can pay. Toronto, ON: Association of Certified Forensic Investigators of Canada.
  • Competition Bureau of Canada, & Fraud Prevention Forum. (2012). Fraud prevention.
  • Copat, L. (2005, October). Fidelity or not: Employee fraud. The HIROC Connection, 6, 1-2.
  • Crawford Adjusters Canada. (2003, October). When employees steal from the company. Claims and Risk Management Bulletin, 30, 4-5.
  • HIROC. (2008, March). March declared “fraud prevention month” in Canada and around the world. The HIROC Connection, 16, 1.
  • Lukassen, G. (2003, October).Top 10 ways to avoid cheque fraud. Claims and Risk Management Bulletin, 30, 3.
  • McCartney, L. (2011, March). Where there’s smoke, there’s fraud. New York, NY: CFO.com.
  • Patterson, J. (2008, March). Fraud issues for hospitals and other healthcare facilities. The HIROC Connection, 16, 2-4.
  • Szabo, A. (2009, September). Fraud prevention strategies for small organizations. The HIROC Connection, 22, 1-3.

Mitigation Strategies

Note: The Mitigation Strategies are general risk management strategies, not a mandatory checklist.

Organizational Culture and Ethics

  • Implement a formal ethics policy and a code of conduct outlining expected behaviours related to honesty/integrity (e.g. zero tolerance for fraud) including a process for oversight of fraud risks by senior management and the board of directors.
  • Provide education and training to employees on fraud awareness and expected behaviour.
  • Implement policies with respect to the use of computers and email by employees and monitoring of the same. Prohibit employees from using personal email accounts for business purposes.
  • Enable anonymous, confidential reporting of potentially fraudulent behaviour; ensure mechanisms are known by employees (e.g. whistleblower hotline, procedure for dealing with anonymous letters, including clear direction regarding who such letters should be directed to).
  • Ensure all reported incidents/concerns are investigated and documented in a consistent manner; contact your insurance provider and obtain legal advice prior to any investigation of suspected fraud.

Background Checks

  • Conduct background checks (i.e. criminal record and credit checks, Internet searches, verification of education credentials, professional designations and employment references) on prospective employees (with consent, where necessary), especially those who will be working with cash.

Expense and Payroll Schemes

  • Ensure segregation of duties between:
    • Cash management and statement/ledger reconciliation;
    • Cash and cheque depositing and accounting data entry;
    • Transaction authorization/asset custody and account review and reconciliation;
    • Cheque preparation and cheque signing;
    • Cheque preparation and bank reconciliations;
    • Maintaining stock of continuous forms (invoices, cheques, etc.) and accounting for them.
  • Ensure frequent review of the general ledger, especially for adjustments.
  • Ensure monthly reconciliations of all bank accounts.
  • Ensure all use of corporate credit cards and purchase cards is monitored and that employees who fail to submit proper supporting documents are identified on a monthly basis.
  • Ensure regular review of payroll to identify potentially fictitious or departed employees.
  • Conduct annual and random audits; utilize independent management review of bank reconciliations and payroll (e.g. review should be completed by someone other than the person who completed the transaction).

Billing Schemes

  • Implement policies limiting or prohibiting personal dealings with and accepting gifts from vendors and where allowed, require disclosure.
  • Implement policies regarding approval thresholds/transaction authorization limits.
  • Ensure written contracts or purchase orders are in place for all invoices.
  • Ensure vendor invoices include purchase order numbers and detailed description of work performed.
  • Process all vendor invoices through the accounting system and cross reference with purchase orders created by separate departments.
  • Require the recipients of all goods and services supplied by vendors to sign off in order to approve the payments of all invoices.
  • Maintain a list of approved vendors and routinely review the list for unknown vendors and duplicate entries.
  • Track and regularly update inventory of high dollar value equipment and parts.

Electronic Payments and Cheque Tampering

  • Implement electronic payments wherever possible; ensure use of encryption, authentication and firewalls to secure information.
  • Consider use of electronic fraud detection systems (e.g. email monitoring).
  • If cheques are utilized:
    • Restrict access to blank cheque stock;
    • Implement fraud detection processes by utilizing the healthcare organization’s banking services provider (positive pay or cheque images) to confirm the authenticity of cashed cheques on a daily basis;
    • Verify signatures, payee names, and that cheques are not altered, out-of-sequence, or missing;
    • Incorporate cheque enhanced security features (e.g. holograms);
    • Require a sufficient number of independent management signatories;
    • Ensure all supplier cheques are mailed, not picked up by employees.

Red Flags

  • Investigate behavioural red flags for staff involved in management of finances which may be indicative of fraud, including severe stress, financial difficulties, drug or alcohol abuse, gambling, extreme nervousness, living beyond apparent means, defensiveness when questioned about procedures, reluctance to delegate work, suppliers who insist on dealing with one individual, and employees who take no or limited days off.
  • Ensure mandatory number of consecutive vacation days for staff handling financial transactions and implement job rotation policies.
  • Investigate unknown payees, missing or out of sequence cheques, altered cheques, cheques signed by unauthorized personnel and unusual or repetitive invoice amounts.
  • Investigate procurement fraud red flags such as repeated awards to the same entity, unjustified sole source awards, unusual bid patterns, questionable bidders, changes in scope of work and numerous post award change orders.
  • Review approved vendor lists and investigate unknown vendors, vendors with no physical address or telephone number, vendors with no Internet presence and vendors with names similar to those of employees, relatives of employees or other vendors.