By Debbie Tam
A recent report released by the Association of Certified Fraud Examiners (ACFE) revealed that payroll fraud schemes make up 15% of all occupational fraud schemes in the United States and Canada. Payroll fraud schemes generally last 18 months before detection, averaging a loss of $2,800 per month. The study also revealed that while no industry was immune from payroll fraud, incidences of payroll fraud were greatest in the construction industry and in government and public administration.
Common Types of Payroll Fraud
Payroll diversion. Recently, the State Department issued an alert of a payroll fraud scheme making the rounds. As if payroll was not already among the most popular targets for fraud, the latest alert warns that fraudsters are using phishing tactics to siphon funds from employee accounts. The alert warns of payroll diversion, which is a method where cybercriminals pose as employees via phishing emails, email account takeovers, and to request changes in account information, diverting funds to their own accounts.
Ghost employees. This fraud scheme generally involves creating a non-existent employee who receives wages accessed by the fraudster. The fraudster must have access to create an employee file, generally such as a manager, human resources or payroll professional. Shavonda Johnson, a general manager of a Wendy’s in Pennsylvania, made headlines by creating an employee named “William Bright” who “worked” 128 shifts over 22 pay periods. Johnson would clock the phantom employee in and out. A forensic audit revealed the ghost employee earned a gross pay of $19,898.15. Johnson deposited Bright’s wages to her Cashapp account.
Overpayment schemes. A Boston police captain was found guilty of an overtime fraud scheme, a common overpayment scheme in payroll fraud. Among his duties, Captain Richard Evans approved his unit’s overtime. Evans inflated the overtime worked by splitting the overtime shifts, so officers were paid twice as much. Evans earned over $120,000 in overtime payments over 3.5 years. Overpayment schemes involve creating or inflating higher pay rates, overtime, commissions or bonus pay. While employees may submit inflated timesheets, the ACFE report noted that executive or upper management positions were responsible for 16% of payroll fraud occurrences.
Embezzling withholding. This scheme involves pocketing legitimate withholdings from wages. A Michigan operator of an insurance agency stole payroll deductions earmarked for IRA contributions. Further, the employer matching contribution was never made. This type of fraud may lead to not only criminal charges for embezzlement but also wage and fringe benefit violations under state laws.
Expense reimbursement fraud. Expense reimbursement fraud may be committed by padding expense, submitting fictitious expenses, or submitting expenses multiple times. A former payroll manager of a New Orleans law firm embezzled more than $2.5 million over the course of six years by paying out expense reimbursements to herself. It is interesting to note that the law firm filed a civil suit against not only the employee, but also ADP, the payroll processor, and the bank, J.P. Morgan Chase, regarding misappropriated funds.
Ways to Prevent Payroll Fraud
Payroll diversion. The FBI offers tips for preventing schemes such as payroll diversion. While the FBI speaks of a scheme that involves targeting employees directly to steal their login credentials to employee portals, the recommendations are valuable to help thwart cyber fraudsters.
Tips include:
- Educating all employees regarding the possibility of phishing threats and providing information on what to do if a breach should occur.
- Teaching employees to hover over URL links to determine if the link is from the alleged source.
- Warning employees that login credentials should not be shared through email.
- Directing employees to forward suspicious emails to information technology, human resources, or another appropriate department.
- Having separate employee login credentials for payroll purposes from other business purposes.
- Carefully examining any direct deposit change requests.
- Monitoring employee logins that occur outside of business hours.
- Implementing two-factor authentication to access systems that contain sensitive data.
- Permitting only required processes to run on systems with sensitive information.
Ghost employees. Entering a new employee or terminating an employee should involve more than one individual or department. For example, duties may be split between human resources and payroll. Further, the direct report of the new employee should also be involved in the onboarding or termination process to prevent phantom employees.
Overpayment schemes. Segregation of duties may also be used in preventing overpayment schemes. Also, if there is only a single contact for submitting and approving timesheets, consider having another individual involved in the process. Another detection method would be to run exception reports that flag unusual shift lengths or excess overtime.
Embezzling withholding. Separate individuals should handle the tasks of entering the deductions for various contributions and withholding and remitting the contributions to allow for review and reconciliation. This may reveal any discrepancies. Another prevention method for this scheme would be to require employees to sign a form or submit a request for a payroll deduction to ensure the change came from them. If an embezzling of withholding scheme occurs that involves withholding tax, employers will be informed by the tax agency when tax deposits are not made or if there is a discrepancy between deposits and filed returns. Businesses should investigate these issues immediately to prevent further fraud.
Expense reimbursement fraud. Some ways to prevent expense reimbursement fraud may include:
- Requiring original receipts prior to reimbursement.
- Limiting expenses for entertaining and travel expenses.
- Requiring approvals of expenses by supervisors and managers.
- Reviewing past year to current year expenses for anomalies.
The Future of Technology Solutions
While technology has made payroll fraud easier in some ways, technology may also be used to prevent fraud. The ACFE’s 2024 Anti-Fraud Technology Benchmarking Report revealed that the use of AI and machine learning for fraud detection is expected to nearly triple over the next two years. It can’t come soon enough as 83% of organizations reported they’re counting on implementing AI solutions in the next two years.
Even when these solutions become available, employers and their accounting professionals should remain vigilant. As technology offers solutions, technology also offers new tools for perpetuating fraud.
Sources.
Get all the latest tax, accounting, audit, and corporate finance news with Checkpoint Edge. Sign up for a free 7-day trial today.