Payroll fraud is both an internal and external threat to companies. One of your employees, for example, could doctor time sheets to increase the number of hours worked — and thus inflate his or her paycheck. And a hacker halfway around the world could access your payroll records and steal personal information to commit identity theft. Both schemes attack the payroll function.
According to the Association of Certified Fraud Examiners, payroll fraud schemes cost a median loss of $65,300 per incident and usually last 30 months. Although some types of companies are more vulnerable to fraud, virtually every business that doesn’t protect its payroll records and processes incurs risk of financial losses. In addition to having strong internal controls, it helps to know common payroll schemes and take specific steps to address these threats.
1. Workers’ Compensation Fraud
Workers who are legitimately injured on the job generally are entitled to receive workers’ compensation benefits. But some employees fabricate injuries and make fraudulent compensation claims. Such fraud can result in higher insurance premiums and out-of-pocket losses for self-insured companies.
To help prevent fraud and abuse, establish a detailed policy for handling workers’ compensation claims — including how to report injuries. Installing surveillance cameras to capture any workplace injuries may also help.
2. Buddy Punching
This term is used to describe when one employee improperly punches a time clock for another employee to inflate hours on a time sheet. For example, a worker might leave early and ask a “buddy” to punch out for him or her several hours later. Alternatively, employees could fraudulently manipulate timekeeping devices themselves or simply falsify time sheets.
Post clear guidelines about recording time worked. If buddy punching is a common or recurring issue, require workers to verify their identities with ID cards, face recognition or fingerprints, before providing access to time records. Managers should review and sign off on time sheets each payroll period.
3. Bonus and Commission Fraud
Companies that provide bonuses or commissions for meeting sales and other goals may inadvertently tempt dishonest employees to fudge numbers. The temptation can be particularly great in stressful environments where competition is fierce and goals are tough to achieve.
Providing a level playing field and making goals achievable generally helps tamp down the kind of resentment and desperation that may lead workers to commit this type of fraud. Also, monitor the bonuses and commissions paid every payroll period. If any amount seems unusual or excessive, investigate it for potential fraud.
4. Expense Account Fraud
Expense reimbursement fraud is extremely common. Some employees may not even think of falsifying expenses for business trips as unethical because they believe “everybody does it.” If you don’t have a detailed expense reimbursement policy that requires, for example, employees to substantiate claims with receipts and obtain manager signoff, establish one immediately.
Review the IRS’s rules regarding expense account requirements. And if you have any questions, contact us. Expense account fraud is serious and can get companies — not just their employees — in big trouble.
5. Ghost Employees
Accounting department staffers — or anyone with access to payroll records — can create “ghost” (or nonexistent) employees and start issuing paychecks to them. The checks typically are deposited in accounts set up by the perpetrators. Although these criminals usually invent names for their fictitious employees, they sometimes use identities of former employees to collect wages illegally.
You should regularly review payroll records to ensure there aren’t any ghosts on the books. Pay attention to unfamiliar names who share personal information with other employees, such as having the same home address or phone number.
Ideally, you’ve already educated employees about the danger of phishing schemes. When successful, phishing can trick users into giving up personal information and providing access to your company’s network. Cybercriminals who hack payroll records could use them to change direct deposit arrangements, steal from employees’ bank accounts and file fraudulent tax returns.
To prevent these dire outcomes, work with IT security specialists to install and maintain effective security software. If you discover a breach, report it to law enforcement and notify any employees (and other stakeholders) who may be affected.
7. Worker Misclassification
Employers generally benefit if workers are classified as independent contractors rather than employees because it exempts them from paying payroll taxes and providing fringe benefits. But misclassifying workers as independent contractors is a form of payroll tax fraud and can result in IRS penalties, back taxes and legal expenses.
Generally, independent contractor vs. employee boils down to control — how much control you have over when, where and with what tools a worker performs the job. We can help you navigate the rules so you don’t mistakenly call an employee a contractor.
Payroll fraud has been around for as long as fraud perpetrators have thought to exploit payroll systems. Unless you take steps to prevent abuse, employees and outsiders can easily find ways to steal. Contact us for help putting strong antifraud controls in place.