As a business owner, your assets are vulnerable to a number of outside threats. There are robbers and burglars, of course, and then there are the cyber criminal who might get their hands on your data or your finances (see Cyber Liability Insurance: Is Your Business Covered? for cyber crime prevention advice).
But what about the people you trust to keep your company running?
Employee theft happens in every kind of business. And it can be difficult to predict which of your employees might steal from the company. You can't constantly hover over ever worker's shoulders, but there are some steps you can take to reduce the risk of theft by members of your workforce.
First, let's define the concept we're dealing with.
It's known as employee dishonesty, employee theft, or embezzlement, and we'll treat these as interchangeable. In the insurance context, employee dishonesty is defined as a fraudulent or dishonest act by an employee who intended to cause loss to the insured or to obtain financial gain for themselves.
The key here is that the act needs to be fraudulent or dishonest. This excludes, for example, losses caused by accidents (such as an employee dropping a box of a fragile goods) or financial gain by honest means (such as doing their job to earn a salary or commission).
With that out of the way, let's get into the meat and potatoes of the subject.
The statistics on employee dishonesty are shocking. According to some researchers, a typical organization loses 5% of revenue each year to fraud and over 40% of employee thefts are committed by employees in finance or accounting departments.
Small businesses are especially vulnerable. Four out of five affected businesses employ fewer than 100 employees. And we're not talking about swiping a box of paperclips from the stock closet – the average size of employee-related losses is $842,403! Large corporations might be able to recover from a loss of that scale, but it's enough to knock out most small businesses.
Since it happens from the inside, and is often committed by someone who is extremely familiar with the company's operations, embezzlement can be hard to predict and go undiscovered for a long time. This is doubly true for smaller businesses, since they might not have policies or controls in place to prevent or detect incidents of employee dishonesty.
And while we often think of employee theft as involving a worker pocketing some product or the petty cash, it comes in many different forms. The most common types are:
- Cargo theft
- Theft of cash, checks, or equipment
- Stealing client property
- Data theft
What You Can Do to Prevent Employee Dishonesty
While the risks are real, there's no reason to go around treating your employees with suspicion. After all, you wouldn't have hired them if you thought there was a good chance they'd steal from you. And there's no quicker way to ruin the company culture than to be antagonistic towards your workforce. But that doesn't mean you shouldn't put measures in place to secure your assets.
Pre-Employment Risk Management Procedures
Your HR department is your first stop. The best way to prevent employee theft is to avoid hiring workers who pose a higher risk. Your HR team can help you set up policies for vetting job applicants and dealing with current employees who are found to have committed employee theft.
When making hiring decisions, there are three steps to go through: application, interview, and verifying references.
Step one is to require all applicants – even the ones that come via referral – to submit an application. This includes a resume, cover letter, as well as additional forms as required by your business in the application stage.
The application is a great way to collect references and employment history that you can check into for applicants who make it to the final stage of the hiring process.
Step two is interviewing the short-listed candidates. This involves more gut feeling than exact science, but it gives you a chance to get a feel for an applicant and ask them questions that might give you a sense of their level of honesty.
Step three is following up on the successful interviewees' references and employment histories. This very simple step can be the most revealing. Speaking to previous employers can give you great insights into the applicant's character and on-the-job conduct.
This step is time-consuming, so it's no surprise that many small business owners who are already burdened with so many daily tasks will skip it and prefer to make a hiring decision based on the interviews. It's important to remember, however, that properly vetting an employee can save you from a lot of time-consuming problems later on. Even if you recover your losses after an employee steals from you, the time you'll spend dealing with the police, the insurance company, and not to mention hiring a replacement will make verifying references seem like a snap.
Post-Employment Risk Management Procedures
You've picked the best candidate and vetted them thoroughly. But the battle isn't over yet. You still need some internal controls and procedures to improve your odds of prevention and early detection.
It should be noted that while these steps are recommended by risk management organizations, not all of them are suitable for every type of business. But even if there are some items here that won't work in your case, it should still give you some ideas you can implement in your company.
Off-Site Data Storage
You should keep backups of your important data off premises. This will help contain the damage if an employee maliciously vandalizes or deletes crucial stored information.
To prevent forgery, you can use checks that require two signatures to be made valid. While this won't totally prevent forgery, it will make it much more difficult for an employee to forge a check.
Blank checks should also be stored in a secure place to prevent theft.
Enforce Vacation Time
This one might sound odd, but requiring employees to take their vacation days instead of banking them up or exchanging them for pay can help you detect embezzlement and other forms of stealthy theft.
It's not because a relaxed employee is less likely to steal from you. It's because you will need someone else to rotate in and take over the employee's work in their absence. That person will be double checking the accounting records and can alert you to any abnormalities in the books.
While the employee is away, they also will not be there to cover up any ongoing theft.
Having a surprise audit every year or setting up an audit committee can help you detect irregularities in your business sooner rather than later.
Most businesses are not large enough to warrant regular internal audits. They can still, however, have employees double check each other's work.
Rotate Bank Accounts
Rotating bank accounts create a sort of moving target for dishonest employees. Again, this is one of those steps that might not entirely prevent theft from occurring, but it will make the thief's job that much harder.
It's important to note that the administrative costs of doing this might not be worth the added peace of mind. It all depends on the size of your business.
Having employees rotate jobs creates a system of checks and balances that makes it harder for an employee to conceal illegal activity. As an added bonus, making your employees familiar with the various jobs in your company can make it easier for you to have someone fill in for absent employees.
If the nature of your company involves a lot of entry level jobs, doing this can be fairly easy. You could, for instance, move someone from the cash register to the stock room. If some of your employees have highly specialized roles, however, this might not be an options – as great as they are at their jobs, you probably wouldn't want your IT specialist and your accountant to do each other's work.
The Cure: Adequate Insurance Coverage
Even if you've implemented all of these loss-control strategies, you may still become the victim of employee dishonesty. When those losses occur, you don't want to be left without protection.
Your standard coverage may not be enough. Most crime policies exclude employee dishonesty. But thankfully, there's another option: a comprehensive dishonesty, disappearance, and destruction policy (often referred to as a 3D policy). For our purposes, it's the first D – dishonesty – that is relevant.
Under the dishonesty portion of the 3D policy, there are generally two coverage options:
- Form A – This option has one overall limit for all employees, regardless of how many employees are involved in the loss. That means you won't need to find the culprit before the claim is paid out (find out How to File a Claim that Gets Paid Sooner).
- Form B – This option assigns a limit to each employee. This is good because you won't have to insure all employees (after all, some are more likely to cause a loss than others). The limits can also stack if more than one employee is involved in defrauding your business. If each employee has a $5,000 limit of insurance but there are five employees involved implicated, your business will have a $25,000 limit.
The decision to go with either Form A or Form B will depend on your particular situation. If most employees are expected to act alone, Form A would be your best bet. But if you do get Form B, it is generally recommended that you go with a big limit, one that is equal to the maximum amount of damage an employee can do.
Manage Your Risks
No one wants to believe that the people who they see at work every day would ever betray them in such a terrible way. But that's no reason not to implement loss control practices. With a good system in place, your business should be able to withstand, or at least minimize, damage caused from within the company.
(For related advice, see 5 Types of Crime insurance Policies Businesses Should Consider.)