I had a very good lawyer friend who passed away not long ago. He was smart and funny. Over the years, we kind of drifted apart, but we would still talk every now and then. Then, for a long while, I heard nothing. I figured he was busy. So was I. I later learned that he unfortunately had been dealing with very serious substance abuse issues (not uncommon in the legal profession). The problems broke up his family, and eventually led to his death. After I got over the shock of his way-too-early passing, I also learned that he had been paying personal expenses out of his firm’s trust account for several months, and had recently been disbarred as a result. That was another shock.
The truth is that sometimes, good people just fall apart, with terrible consequences. (My friend was in this category.) Other times, people aren’t so good to begin with. Over many years of representing businesses, I’ve often dealt with the mess left behind by company accountants or chief financial officers who felt that they weren’t being paid enough, or who were living beyond their means, or who had problems with drugs or alcohol, and who engaged in “self-help” with my clients’ money. I remember one guy in particular, a chief financial officer, who started paying for cars, hotels, restaurants and groceries on his firm Amex card, and managed to ring up over $550,000 before the company’s outside accountants noticed some strange entries and he finally got caught.
Recently, a New Jersey investment advisor, Gary Basralian, ended up in prison for 6 years after stealing huge sums from his company's clients over an extended period of time. His employer, Royal Alliance Associates, Inc., had to sign a consent order with New Jersey prosecutors requiring, among other things, the restitution of $5 million to Basralian’s victims. You can read more about Basralian’s scam here.
The Basralian fact pattern is simple and relatively common: A basically unsupervised senior employee in a position of trust, with unrestricted access to cash accounts, takes advantage of the situation and starts draining funds to finance his or her personal expenses. Over a period of 8 years, Basralian initiated numerous unauthorized wire transfers from customers’ accounts to the bank accounts of entities that he controlled. He also, on occasion, simply made unauthorized withdrawals to himself.
Royal Alliance had a set of policies in place to protect against fraudulent wire transfers. Third-party wire transfers, for example, were generally prohibited. Unfortunately, the company generally didn’t follow its own rules. In addition, Royal Alliance’s recordkeeping was less than stellar. In one instance, over the period of about a year, Royal Alliance processed at least eight third-party wire transfers from a customer’s bank accounts to offshore bank accounts associated with or maintained by Basralian. Of the eight transfers, Royal Alliance could only produce wiring authorization forms with respect to four.
As I said, situations like this, while not the norm, are also not that uncommon. Since it’s best to prevent employee theft before it happens, here are a few suggestions to protect your company.
First, know your employees as much as you legally can. Perform background checks on all potential hires. (But be careful not to run afoul of “ban the box” laws. In New Jersey, for example, you generally can’t ask prospective employees whether they have a criminal record until after the first interview.) Google the potential employee. Ask for references and call them. (I know, I know, the prospect isn’t going to give you someone who will provide a bad reference. Do it anyway. You may hear something that makes you uncomfortable.) Do you see a gap in their resume? Find out why it’s there.
Second, don’t be an absentee manager or owner. You’re busy. We’re all busy. But if you assume that your employees are doing their jobs and you don’t need to worry, you should start worrying,
Third, secure your computers. If employees don’t need access to certain files or databases, don’t grant access. Not all employees need access to your payroll software, for example. Regularly change passwords. And use a different password for each account. By periodically changing passwords and using unique passwords, you make it more difficult for would-be fraudsters to do their thing.
Fourth, what’s your accountability system? One employee should not have full control of the funds or banking information. By having more than one person monitoring the money, you increase security.
Fifth, conduct audits. Review your business’s financial records to verify that they’re accurate, or, better yet, have your outside accountant do it. Regular audits help spot employee theft. In other words, trust but verify. (When my wife worked on Wall Street years ago, she was required to take a two-week vacation once a year, so that the auditors could go through her office and all her computer files.) Unannounced audits can also be a good thing. If you do your audits on a regular schedule, a thieving employee might know when to hide fraud. An unannounced audit can unexpectedly catch an employee who’s been doctoring your books.
And finally, review your employee theft insurance coverage to make sure it’s adequate. If all else fails, a safety net is a good thing to have.