by Carol Esselink
December 14, 2007

Can your company afford to lose 5 percent of its revenues?  Can it afford to lose $500,000?

The 2006 Association of Certified Fraud Examiners (ACFE) "Report to the Nation on Occupational Fraud & Abuse" reports that the average company loses 5 percent of its revenues to occupational fraud. In addition, the report reveals that construction ranks as the second highest industry in median losses per scheme, with a median loss per scheme of $500,000.

Payroll fraud is one type of occupational fraud. This type of fraud can also be classified as asset misappropriation-cash that is disbursed in a fraudulent manner. There are several schemes associated with payroll fraud and the most prevalent include ghost employee schemes, falsified hours and salary schemes and commission schemes.

 

Ghost Employee Schemes

 

The ghost employee refers to an individual on the company payroll who does not work for the company. The ghost may be real or fictitious. The perpetrator of the scheme may add a friend or relative to the payroll or invent a "new" employee. Several steps are needed to successfully carry out this fraud:

  1. The perpetrator adds the ghost or facilitates the addition of the ghost to the payroll.
  2. Timesheets or other timekeeping documents are created and submitted by the perpetrator.
  3. A paycheck is generated for the ghost.
  4. The check or electronic deposit is received by the perpetrator or an accomplice and converted to their use.

Steps to Carry Out Ghost Employee Fraud

 

  1. The perpetrator adds the ghost or facilitates the addition of the ghost to the payroll.
  2. Timesheets or other timekeeping documents are created and submitted by the perpetrator.
  3. A paycheck is generated for the ghost.
  4. The check or electronic deposit is received by the perpetrator or an accomplice and converted to their use.

Adding the ghost can be accomplished by different means. Depending on the internal controls in place, the ghost could be added by an employee within or outside the payroll department. Any payroll department employee with access to the payroll records and/or payroll software could potentially create ghost employees. In many companies, payroll clerks enter new employee information and distribute paychecks. Managers outside the payroll department may have hiring authority and may also distribute paychecks to their respective departments. Both scenarios create a climate that is conducive to creating ghost employees.

A recently publicized payroll fraud used ghost employees who had the same name as real employees; however, the social security number or gender had been changed. Another case in the news detailed the use of ghost employees as young as two years old. In this case, the workers filed timesheets for their sons and daughters to enable the children to earn a union card so they could earn higher wages when they became adults. A "new" worker would work at least once a year to keep the union card active. Finally, in a scheme using a former employee as the ghost employee, the fraud was discovered when the former employee received her W-2 showing higher wages than the former employee had been paid.

Internal controls that would help mitigate ghost employees range from simple precautions to detailed procedures. For the payroll fraud mentioned earlier involving children of the perpetrators, simply requiring the employees to show identification when picking up their paychecks could expose ghost employees. Frequently changing passwords for payroll access can help prevent fraudulent entries as well as requiring payroll employees to take an annual vacation. Additionally, print a list of all new employees each week, and have a person not responsible for initiating new employees confirm those names with the employee's supervisor. More sophisticated controls can be implemented in a computerized payroll system by customizing the module to reject duplicate bank accounts for direct deposit payroll.

 

Falsified Hours and Salary Schemes

 

Hours worked by construction employees are usually tracked by the employee using a time clock or submitting a timesheet. Both methods can be used to report fraudulent work hours. The employee can use either method on his own or in collusion with another employee or supervisor.

On worksites with a time clock, the perpetrator may arrive early and punch in, leave the worksite and then return later to punch out. The employee has not worked any hours, but will be paid a full day's wages. In another scenario, the employee may collude with a fellow employee-the perpetrator does not show up at the worksite, but his timecard is punched by the other employee. The other employee may demand reciprocation or some type of kickback as compensation. Not only does the perpetrator receive fraudulent wages but could receive additional compensation, which is sometimes based on the number of hours worked (i.e., vacation and sick time, benefits, etc.).

Worksites using timesheets are also vulnerable to fraudulent time reporting. Workers are required to complete a timesheet with the hours worked during a specified time period. If the hours worked by each employee on each job are not tracked by the supervisor, the perpetrator may overstate hours worked on the timesheet. The supervisor may sign the timesheet in collusion with the perpetrator or in ignorance due to poor memory or recordkeeping.

Workers may also increase pay rates to receive fraudulent pay. Obviously, falsifying hours worked does not benefit salaried workers; however, entering a higher rate of pay into the payroll system will generate higher pay for both hourly and salaried workers. This could be accomplished by accessing the computer system and changing the pay rate or by falsifying documents that cause the pay rate to be increased by the payroll department. The perpetrator could obtain the computer passwords of payroll employees either through theft or collusion or forging a supervisor's signature on payroll change documents.

One of the cases mentioned earlier also employed a strategy where employees who had reached the maximum accrual level for vacation "donated" their hours to other employees. This scheme not only allowed some workers to earn fraudulent vacation pay, but it also benefited employees who needed additional hours to receive health benefits at an earlier date. In another news story, a perpetrator was literally caught in his pajamas. He had punched in for the afternoon shift, spent the evening at home and was returning to work-in his pajamas-to punch out.

As with ghost employees, internal controls that would help mitigate falsified hours and salaries also range from simple to complex. The same controls for ghost employees, such as frequently changing passwords for payroll access, as well as requiring payroll employees to take an annual vacation, can help prevent fraudulent entries or schemes. Simply requiring a supervisor to stand near the time clock at the beginning and end of a shift could make employees think twice about falsifying their hours. Some companies have fought fraud with technology by incorporating a finger-print scanner into the company's time clock, hoping to eliminate what is referred to as "buddy-punching" payroll fraud. Having supervisors maintain logs of employees and hours worked-to compare to the timesheets before authorizing-may be time consuming, but it is an effective way of verifying the proper amount of hours are paid.

 

Commission Schemes

 

In addition to hourly or salaried employees, some companies also have employees whose main component of pay is based on a percentage of sales. This type of compensation, known as commission, is also vulnerable to fraud. A commission has two components: the commission rate and amount of sales. As the commission rate is set up in the payroll system similar to an hourly rate, fraudulent pay can be obtained by accessing the computer system and changing the pay rate or by falsifying documents that cause the pay rate to be increased by the payroll department. Again, the perpetrator could obtain the computer passwords of payroll employees either through theft or collusion or forging a supervisor's signature on payroll change documents.

 

The amount of sales can also be fraudulently inflated. By falsifying sales documents, such as sales orders, purchase orders and invoices, the perpetrator can increase sales, which increases his commission. Although commission sales are not as prevalent in the construction industry, internal controls should be implemented in the sales area when this compensation method is used.

 

Payroll Service Providers

 

Don't be lulled into thinking that your company is immune to payroll fraud because it employs an outside payroll service provider. The service provider doesn't know whether the new employees are real or fictitious, if the wage rate is too high or if the hours submitted were actually worked. However, most payroll service providers can generate a "payroll audit" report that details employees added to the system each pay period and wage rates or overtime hours that significantly exceed a specified average rate or amount, among other data. Pay attention to employees listed as "inactive." Before going on vacation, one perpetrator would mark the ghost employees as inactive so the employee's fraudulent activity would not be discovered during her absence. Employers should also be suspicious if additional payroll packages are delivered by the service provider. To avoid detection, ghost employees or additional wages for current employees could be submitted as a separate payroll run.

In addition to your own controls, make sure your external payroll service provider is subject to its own internal controls. The larger service providers usually have an SAS 70, an independent report on controls in place at the service provider, which can detail the controls, the tests performed on the controls and the results of the testing of controls. Also, the report typically details Client Control Considerations, which are controls that you, as the client, are responsible for implementing and evaluating. For example, the SAS 70 for ADP states that the client is responsible for "establishing proper controls over the use of IDs and passwords that are used to access and transmit payroll information..."

Unfortunately, the most trusted employees using the most sophisticated payroll systems are often the perpetrators of the most costly frauds. Heed the warning of the proverbial saying: "An ounce of prevention is worth a pound of cure." When appropriately applied to your payroll function, this practice could result in substantial savings.

 

Construction Business Owner, March 2007