Skip to main content
Select Source:

Employee Theft

Employee Theft

Employee theft is a considerable problem for many companies, but its precise extent is poorly documented. The U.S. Census Bureau does not track employee theft as a category but refers researchers to the Annual Retail Theft Survey conducted by Jack L. Hayes International. The U.S. Bureau of Justice Statistics publishes data on larceny, theft, and embezzlement but not in categories that permit inference of the extent of employee involvement. The most recent Annual Retail Theft Survey was based on data from 27 retail organizations employing 1.7 million people. In 2004, 3.7 percent of the employees were apprehended stealing from their employers to the tune of $671 per incident. By contrast, the average "take" of shoplifters in the survey was $149. Employee apprehensions were up 4 percent over 2003the numbers breaking a multi-year trend of declining employee theft.

The Hayes International survey identifies what might be called mid-level cases of employee theft. Minor theft is the taking for at-home use of rolls of adhesive tape or boxes of paperclips, etc., for instance, a very wide-spread practice. Major theft is of the magnitude reported by Leslie Shiner writing for The Journal of Light Construction. Shiner analyzed the case of a high-end remodeling firm where the sole bookkeeper of the organization had embezzled $550,000 during a seven year engagementcaught in the end because the business owner could not understand how, despite very profitable contracts, his company never seemed to have any money. Shiner reported on a small business case. Major fraud by very high-ranking employees of businesses like Enron are the theft-peak of the employee crime pyramid.


Employee theft may be grouped into four major categories: 1) manipulation of company records either to embezzle money outright or to hide the theft of goods; 2) direct theft of inventory, products, or cash; 3) abuse of power in order to aid and abet thievery by partners; and 4) theft of information for sale to others or for direct use (e.g., credit card theft).


Employees directly involved in financial administration and with access to company checks and corporate records may engage in forging company checks for personal use. Creating "ghost payroll entries" and then paying "phantom" employees is another method, sometimes quite elaborate in implementation involving phony time cards. Forged billings by non-existent vendors is another methodwith the accounts payable clerk writing checks to him or herself when paying the fake billing. Employees also destroy paper records so that "lost shipments" cannot be tracedor fake orders to cover items missing from inventory through their own thefts.

Direct Theft

In its simplest form employees simply take cash from cash registers to which multiple individuals have access to dip into petty cash resources generally easily accessible to several employees. Direct theft of valuable products or materials invariable relies upon trust (the employee comes and goes, often with a truck, stashes goods away, is never checked) or opportunity (the employee has access to the warehouse and the warehouse is not effectively guarded).

Abuse of Position

In one form of this abuse, known as "sweethearting," an employee grants a friend a discount or rings up fewer items than are packaged for taking outor rings up a cheaper item than the item that leaves the store actually cost. The goods acquired in this manner may later be shared. Individuals taking inventory may abuse this privileged status by counting fewer item than are present and, if this "mistake" is not detected, later personally "adjusting" the inventory by taking the uncounted items home.


As reported more fully in the Computer Crime essay in this volume, an increasing proportion of attacks on computer systems take place from within the company. The target of this type of thievery is protected personal data, such as credit card information, which, in the wrong hands, can be turned into cash. More sophisticated forms of such theft are conducted in order to sell information to third parties.

Signs of Employee Theft

Managers and small business owners need to be aware of tell-tale signs which, when they frequently repeat, may be the tracks of a thief at work inside the company. A useful checklist to keep in mind mentally includes

  • Missing records (such as shipping and/or receiving bills).
  • Company checks that bounce or someone is surprised that the company is doing business with XYZ and then adds: "Who is XYZ anyway?"
  • Customer complaints about missing, late, or short deliveries.
  • Hefty payments made for "miscellaneous" purposes in employee expense claims.
  • Frequent and puzzling mix-ups in inventory. And
  • Managers who insist on performing clerical duties.


In the well-run small business employees are trusted to be honest but sensible policies and practices will be in place to detect the loss of product and closely to monitor financial and administrative transactions. Some of the tools include the following:

  1. Clear Policy and Good Example. The company will have and will publish its ethical stance and its managers will be seen to adhere to it strictly in spirit and in action, inside and out, with customers, vendors, and employees alike.
  2. Hiring Orientation. Newly hired employees must leave their orientation session fully aware that the company has zero-tolerance for any kind of irregularityand the dire consequences that will follow pilfering, never mind theft.
  3. Adequate Controls. Controls will be in place so that physical goods are locked up, protected at night, and closely checked on paper. In a small business particularly, where time is difficult to find, the owner will, nonetheless, show a keen interest in accounting details, probe into them occasionally, and not simply let the "number crunchers" drift unsupervised. Financial controls will include some of the following:
    • Checkbooks will be locked up, and access to cash and checks will be given only to authorized employees.
    • Few individuals will have the authority to write a check, by preference one writing and one signing the check.
    • More than one person will have insight into the total finances so that "lone wolf" strategies are forestalled.
    • Handling of cash will always be accompanied by documentation.
    • Books will be audited at intervals not necessarily known to accounting people in advance.
    • Cash will be rapidly and immediately deposited rather than accumulating in cash registers.
    • All invoices will be formally checked against deliveries before vendors are paid.


Berta, Dina. "Toomey: Ward off employee theft with internal checks and balances." Nation's Restaurant News. 12 December 2005.

Brandman, Barry. "Inside Job: Many food distributors find themselves victimized by internal theft. Most are guilty of committing at least one of the Seven Sins of Distribution Center Security." Food Logistics. 15 September 2005.

Fishman, Neil H. "Signs of Fraud." CPA Journal. December 2000.

McTaggart, Jenny and Joe Tarnowski. "Employee Theft, Shoplifting Prevail at Retail." Progressive Grocer. 1 November 2005.

"Mojoes Coffee House." Specialty Coffee Retailer. December 2005.

Niehoff, Brian P., and Robert J. Paul. "Causes of Employee Theft and Strategies that HR Managers Can Use for Prevention." Human Resource Management. Spring 2000.

17th Annual Retail Theft Survey, 2004. Jack L. Hayes International. Available from Retrieved on 14 March 2006.

Shiner, Leslie. "Protect Yourself from Employee Theft." The Journal of Light Construction. October 2005.

                                Hillstrom, Northern Lights

                                updated by Magee, ECDI

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"Employee Theft." Encyclopedia of Small Business. . 11 Dec. 2017 <>.

"Employee Theft." Encyclopedia of Small Business. . (December 11, 2017).

"Employee Theft." Encyclopedia of Small Business. . Retrieved December 11, 2017 from

Forensic Accounting

Forensic Accounting

Over the years, the role of the certified public accountant (CPA) has changed dramatically, with some of today's CPAs becoming quasi-private investigators in order to keep up with demands for fraud examinations. These specialized individuals use investigative procedures in an effort to uncover fraudulent activities being perpetrated on a business. Forensic accounting is a term used to describe the work being performed by accountants in advance of litigation and may include bankruptcy, valuation, fraud, and a variety of additional services. It is estimated that each year approximately $400 billion is lost due to employee fraud. To determine the depth and scope of the crime, a fraud examination is conducted in order to find where it is being perpetrated and by whom. Often the auditor must delve into the psyche of the suspect to find a motive for the crime. There are three main reasons why an employee generally steals from his employer, making up what is termed a fraud triangle.

The key elements that comprise most every fraud triangle include opportunity, pressure, and rationalization. The first and most important segment of a fraud triangle is opportunity. Often, companies unknowingly and unwisely offer their employees the opportunity to commit fraud. Typically it is a lack of adequate control and monitoring of employee actions that afford the chance to steal. An example to demonstrate opportunity would be a cashier or accounts receivable person being responsible for the daily collecting and depositing of payments. Without adequate control measures to authenticate the employee's accuracy, funds could easily be embezzled without notice.

Of course, not all employees will seize the opportunity to steal, so what additional factors also figure in to a fraud triangle? Succumbing to pressure is very often the reason why someone chooses to steal when others do not. Financial pressure can arise from a myriad of sources such as personal debt, business losses, and lifestyle standards. Therefore, employees with known financial trouble should not be placed in positions involving money transactions or other duties that would offer a chance to commit fraud. Even peer pressure can be a factor in an employee choosing to steal.

Rationalization is the third element of the fraud triangle. Regardless of the reason for taking money, the thief must then try to rationalize why he or she committed the fraud. The employee who steals often attempts to justify the crime psychologically. Such rationalizations might include thinking the company has so much money that the theft would not be noticed, or the money is for a worthy endeavor such as college tuition or emergency medical expenses. In this way, the perpetrator often attempts to ease a nagging conscience about stealing. In most cases however, the employee makes a mistake or error that places a cloud of suspicion upon them. This is when the fraud examination is conducted.

A fraud examination generally consists of four successive segments: analyzing the available data, developing a fraud theory, revising it as necessary, and confirming the theory. The first step is analyzing financial information culled from the books and records. The particular type of fraud that is being investigated will determine which documents, files, records, and other information are needed for studying. Once the information has been gathered, sorted, and processed, the examiner begins to review and analyze the data in order to develop a theory of what could have happened and who was the perpetrator.

Usually the theory addresses one of three types of internal or occupational fraud: asset misappropriation, corruption, or fraudulent financial statements. The examiner goes through a series of tests and retests in order to determine if there is sufficient evidence to proceed further. The evidence must be substantial enough to stand up in a court of law. If the examination is sound and has merit, then the corporate legal counsel is apprised of impending litigation, interviews are ordered, and third-party and corroborative witnesses are questioned. The examination must be detailed, in depth, and substantiated with indisputable evidence in order to move to the next stage, which entails confronting the suspect or target. This procedure is called an admission-seeking interview, and involves a deliberate process that lays out the evidence to the target in a specific order. The questions must be precisely phrased and the answers correctly interpreted so as to avoid any confusion or misunderstanding. While these procedures help detect and find fraud, the more practical solution would be to prevent fraud from occurring.

The problem with prevention is that certified fraud examiners and forensic accountants cannot affect the internal and external controls that tend to lead to fraud. The problem of company fraud is a social issue, not an accounting issue, and without effective punishment measures, the practice is expected to rise. Punishment is often neither swift nor certain when is comes to fraudulent crimes. It is also difficult for courts and judges to determine the punishment when an accounting crime ended with the destruction of a company that had employed many individuals who lost pensions and retirement investments as well as jobs.

The idea of prevention would seem like the correct response to an ever-increasing crime wave. However, given the current methods of detection of fraud, the fraud examination, and employing the methodology of the fraud triangle, prevention suddenly becomes closer to invasion of privacy and targeting of persons. If the manager of a clinic tells his employer about his spouse being laid-off from work, should the employer then keep a close eye and ear on the manager in order to prevent the possibility of an opportunity to defraud the clinic by the manager? The idea of profiling an employee for any potential of defrauding a company is not consistent with ethical standards of business.

Fraud examination and the fraud triangle are two of the most effective and important procedures a CPA or auditor can use when determining the existence of fraudulent behavior or activities in a company. Both of these concepts constitute the science of forensic accounting and help to uncover any illegal activities. The modern day accountant must have working knowledge of forensic accounting in order to be a success in the field. The government binds an accountant by various laws and statutes in order to obligate them to report any financial mishaps or miscues on the part of the company.

see also Document destruction; Document forgery; Evidence; Federal Rules of Evidence.

Cite this article
Pick a style below, and copy the text for your bibliography.

  • MLA
  • Chicago
  • APA

"Forensic Accounting." World of Forensic Science. . 11 Dec. 2017 <>.

"Forensic Accounting." World of Forensic Science. . (December 11, 2017).

"Forensic Accounting." World of Forensic Science. . Retrieved December 11, 2017 from