While the misfires in clear thinking called cognitive biases often pop up in business, it was still really surprising to hear attorneys from the firm Fredrikson & Byron talk about them in relation to the problem of employee embezzlements.
An inability to really get the risk was one of Fredrikson partner Joe Dixon’s explanations for why executives often don’t buy insurance that covers embezzlement costs. The managers skip insurance coverage because they know the employees, so of course they are all trustworthy. There seems to be a greater risk of being hit by lightning.
“It’s a persistent problem,” he said of employee theft. “And people are always shocked when it happens.”
In one way the managers are right about how much trust there is in their workplaces. The only kind of employee to ever pull off a long-running embezzlement scheme is somebody well known and completely trusted, Dixon said.
Dixon and his law partner Dulce Foster have both often cleaned up after embezzlement messes, so the firm decided recently to share some lessons with business owners and managers in a seminar, and earlier this week in a conversation at the firm’s Minneapolis office.
A basic cognitive bias we all have to watch out for is ignoring information that doesn’t seem to fit what we firmly believe about the world. That is what seems to be happening when managers overlook odd or even pretty suspicious behavior, quickly talking themselves into the conclusion that there must be an innocent explanation. And then they move on.
Foster likened it to noticing a troubling spot on your skin and convincing yourself that the spot is just a harmless new freckle, so no need to have it checked by a doctor.
The right approach for management is not to completely give up on trusting employees, Dixon said. Instead it’s to trust and verify.
By far most employee embezzlements hit organizations of 150 or fewer employees — at least eight out of 10 according to one recent study by an insurance brokerage. One explanation Foster has is that employers that small are likely managed by informal processes.
A larger organization is far more likely to have adopted practices such as requiring two signatures for checks, regularly auditing expense reimbursement reports and so on. Bigger companies can also split job functions between staffers, leaving no one with too much personal control over the employer’s money. Foster and Dixon made a point of saying, however, that employees can steal money from big and sophisticated companies, too.
One of the common-sense things to look out for in any organization, even when there’s no cause for suspicion, is somebody who seems to have an awful lot of control over some kind of job that has access to money.
Most days at relatively small organizations it probably seems just fine for the boss to let one employee take over work that nobody else seems eager to do anyway, like preparing to pay the monthly bills. That is when the business owner needs to ask, “Doesn’t it seem curious that our head bookkeeper hasn’t taken a vacation in years, and that no one has been trained to take over that desk for even a week or two?”
“I have worked in several investigations of embezzlements when there was an employee who wouldn’t let anybody else open the mail,” Foster said — another pretty clear red flag.
By one estimate, four out of 10 cases involve an employee working in finance and accounting, but a lot of employees who don’t work around the checkbook can still be in a position to rip off their employer. All they need is some control over any money spent by the organization.
That’s why one classic embezzlement scheme, appearing in various forms, is approving payments to a “supplier” that not only didn’t provide much of a service but may not even exist. Instead the employee ended up with the money.
Foster described having once been brought into an organization for another reason, only for the team to find out that the head of information technology had been directing payments to a fake vendor and splitting the money with a buddy.
One of the ways to keep from getting ripped off is signing up for the fraud-prevention services offered by a bank, including a service that matches checks later presented for payment with the company’s list of approved checks. But of course that kind of control gets undermined when the employee who took charge of setting it up with the bank is the very person who shouldn’t have been trusted.
One simple tip Foster has for business owners is to have the bank statements come to somebody besides the bookkeeper or controller. Another is to spot check vendors that have recently been paid, occasionally calling a few to confirm that the amount of the last invoice is what is really owed.
Of course employers also need to follow up on any other red flags as they pop up. When there’s real reason to think money has gone missing, managers have to move fast. All the records need to be preserved and, as Dixon added, the bleeding has to be stopped by cutting off any access to the employer’s money.
Employers will find out after the crisis passes that they shouldn’t count on recovering much of what was stolen, Foster said. Stolen money rarely goes into a passbook savings account. Instead it likely goes up in smoke, spent on things like casino gambling or visits to luxury resorts.
Not getting much of the money back is one reason these kinds of crimes can be devastating for many employers.
“Unfortunately in a lot of cases it is a once-in-a-lifetime experience” for an employer, Foster said. “That’s because the embezzlement kills them.”