One of the most common forms of employee fraud that we have been seeing for quite some time involves access to internet banking. Businesses often have two signatories for company cheques but allow full single user access to their internet banking. The result is an accident waiting to happen.
An internet banking fraud of $20 million was reported today in the Sydney Morning Herald involved the payroll manager of listed white goods retailer, Clive Peeters. Full story : http://business.smh.com.au/business/employee-admits-stealing-20m-20090811-eh02.html
In that case, the payroll manager invested in proceeds of her fraud in real estate and cars, so the company is hoping to recover some or all of their monies. However in most cases that we have seen, the money is spent or gambled and their is very little or nothing to recover.
Other similarities to the cases that we have seen:
- the amount of the fraud is always larger than expected. The estimates of the Clive Peeters fraud went from $2 million to $7 million to $20 million.
- the fraud was conducted over a longer period than expected. The current estimate is that the fraud was operating for 18 months.
It is vitally important where a business is using internet banking that a two signatory approval for any payments or transfers is put in place. The standard internet banking software provided by the banks is inadequate for business use because it lacks the necessary internal controls.
Speak to your bank about obtaining the higher security, multiple signatory version of internet banking. Unfortunately, in our experience, it is not easy to obtain and you have to speak to many people in the bank before you get someone you knows anything about it.
More about fraud by Dolman Bateman: