2010 Legal and Finance Series:Employee Dishonesty in Times of Recession:

Safeguards and Proper Handling

Tuesday, March 16, 2010

Employee Dishonesty in Times of Recession:

Safeguards and Proper Handling

Presented By:

Chris Fereday, CRMTechnology Practice LeaderTelephone: (319) 234-8888E-Mail: cfereday@midwesttechinsure.com www.midwesttechinsure.com

The Cost of Fraud

The U.S. Chamber of Commerce estimates that companies lose 1-2% of revenues annually due to fraud–mainly by employees

The Association of Certified Fraud Examiners estimate companies lose up to 6% of revenues annually through fraud

The cost of fraud comes straight off the bottom line–What is your profit margin?

Estimates of Losses Due to Fraud in 2009

$10,000 to $50,00010%

$100,000 to $500,00025%

$500,000 to $1,000,0008%

Unknown4%

Over $1,000,00029%

$50,000 to $100,000 4%

Under $10,00020%

According to Association of Certified Fraud Examiners “Fraud Focus Poll” 200937% of respondents estimated losses over $500,000

Vendor Fraud

39% of asset misappropriations are the result of billing schemes, which are most often vendor fraud

Payroll Schemes17%

Register Disbursements

1%

Check Tampering26%

Billing Schemes39%

Expense Reimbursements

17%

Why are Losses Increasing?

– A decline in employee loyalty– Existing frauds being uncovered as systems are

integrated– Increased opportunity for fraud when systems are

not properly analyzed for the adequate segregation of controls

– Management focusing on growth, margins, and new markets, not adequate control functions

Why are Losses Increasing?

Downsizing and Restructuring– Uncovers fraud when perpetrators can no longer

hide their actions– Can result in an inadequate segregation of duties– Increases the moral hazard and decreases loyalty

Rapid Expansion and Globalization– Maintaining strong internal controls in remote

operations has proven to be difficult at best– Auditing of international operations occurs at a lower

frequency allowing losses to grow where controls are the most difficult to implement and monitor

The Impact of Computers on Fraud

The expansion of computers has:– Drastically changed the speed with which financial

transactions and fraud can occur– Increased reliance on computers, thus reducing

headcount and potentially impacting the segregation of duties

– Made it difficult to detect fraud and abuse due to reliance on computers

– Led many experts to associate increased reliance on computers with additional fraud expense

According to AMSEC International

What Do the Surveys Say?

80% of respondents thought that a significant incidence of fraud could occur at their organization*

87% of respondents thought the incidence of fraud would increase or at best remain static over the next five years*

67% of Certified Fraud Examiner (CFE) respondents think fraud is worse today than five years ago**

According to Ernst & Young Fraud Survey* and The Association of Certified Fraud Examiners**

The Reality of Fraud

In the last 12 months more than two-thirds of respondents had suffered a fraud

82% of all frauds were committed by employees, nearly 25% had been with the organization for over 10 years

Fraud is not limited by country or industry. 23 out of the 30 industries surveyed experienced losses in excess of $1,000,000

According to Ernst & Young Fraud Survey

Examples of Crime Losses

ComputerWorld, 4/18/00:HSBC: Data theft incident broader than first thought

Milwaukee Journal Sentinal, 12/21/2009Controller Embezzles $21 Million over 3 Years from Technology Firm

Des Moines Register, 10/21/2009:

Clive man arrested for fraud after alleged $1M

embezzlement

Examples of Crime Losses

The Courier-Journal, 5/20/00:University of Kentucky Employee Admits to Embezzling More Than $1.5 Million

Wall Street Journal, 9/20/00

Starbucks Accuses Employee, Husband Of Embezzling

$3.7 Million From Firm

Examples of Crime Losses

The Associated Press, 6/1200Executive Pleads Guilty to $6.9 Million Wire Transfer Fraud

The Associated Press, 6/8/00:

Consolidation of Payroll Reveals $7 Million Fraud at Prominent

Large Manhattan Law Firm

What Can Companies Do?

Have senior management set the tone– Implement a written code of ethics policy– Have employees sign a conflict of interest

statement– Actively support the internal audit process

Create an internal hotline for reporting fraud and abuse

Monitor management and owners through audits and internal hotline leads

What Can Companies Do?

Complete reference and background checks Establish written guidelines for:

– Verifying the existence of new vendors – When competitive bids are required– Verification that services were provided prior to

payment Audit the implementation of corporate

policies and guidelines

Investigating Employee Theft

and Fraud

Becky S. KnutsonDavis Brown Law Firm

Paperwork and Procedures1. Initial procedures. For any handling of funds - cash, check, credit, electronic transfers, or other forms

of funds - at least two people should regularly review and check the records. Reviews should be conducted independently. Outside reviewers, such as auditors, should review and check records periodically.

2. Employee absences and departures. For many reasons, employees should take vacation and leave time. This is a good time to have another employee perform funds functions, and check for irregularities and compliance with rules. When an employee departs, a check or audit should be done of fund handling matters, as well as any other functions performed. Many times, problems - whether deliberate or accidental - are discovered after an employee departs. Prompt review, especially while a departing employee is still present, may enable an employer to identify issues.

3. Record checks. Transactional records, reports, internal accounting and similar records should be provided and reviewed both internally and externally. Such records should be provided to management regularly, such as in monthly balance sheets, income and expense statements, departmental budget reports and similar reports.

4. Electronic and computer records. Employers should notify employees in their policies that anything on a company computer, and anything coming through any electronic communication - computer, hand held device, PDA, or any other equipment or account - is subject to monitoring. Prohibit inappropriate content and messaging, and check for transmissions or storage of employer information to or at another source.

When Something Seems Wrong1. If something seems wrong - cash flow not as projected, bills unpaid, complaining creditors or

clients, employees being overprotective of electronic records or computers, unusual emails out of a system - it is time to start checking. Don’t stop with only one question. Look into the records far enough to determine if there is only one problem, or if something more is at issue.

2. Ask questions of all involved. Have a person outside of the regular process contact customers or clients, vendors, bankers and similar persons to determine the complaints and their history. Have a person outside of the regular chain of command talk to employees. Be aware of your competitors and the prospect for employees leaving, and leaving with records or clients.

3. Get the records. Search for records - correspondence, statements, electronic records, invoices, and other records that should have been generated or may have been generated. Look in places where you might not expect to find records. Ask outside sources for copies of their records. Good recordkeeping, gathering and organization is essential to showing a chain or pattern of events, and tracing funds. The more that an employer can find, the more accurate the ultimate findings can be.

• All records may not be available immediately. Sometimes, individual employee records, such as bank records or credit card records, will be required. This may require the assistance of outside sources, like law enforcement.

Identifying the Cause of the Problem

1. If an employee is suspected - keep that person out of the investigation and record search. Depending on the nature of the issue, and degree of proof, reassignment or suspension may be appropriate.

2. Consult your outside sources for investigative help. Attorneys, accountants, information technology or others who are independent, and can assist with legal or technical advice are essential.

3. Determine whether the issue is one of procedure, mistake or deliberate action. This may be a very subjective determination, and care should be taken to be accurate in making any conclusions.

Dealing With Employees1. Keep all investigations confidential. As with any employee matter that may result in

discipline, keep information confined to those persons with a need to know.

2. Review employee disciplinary policies. Most should treat theft and fraud as offenses resulting in immediate termination.

3. As allegations of deliberate dishonesty, rather than inefficient, ineffective or incompetent performance, are very serious, be certain of the facts before confronting the employee or reporting dishonesty.

4. Follow good investigation procedures. Be clear, thorough, and complete. Give an accused employee the opportunity to explain. Interview all persons who may have relevant information.

5. Security. Make certain that all relevant records are preserved. They may be needed for unemployment compensation hearings or future lawsuits. Keep suspected and accused employees from access to electronic or other records that may be taken, altered or destroyed.

Reporting1. When the problem has been identified, determine who must be notified.

For theft issues, or fraudulent claims, the employer’s insurance carrier should be notified promptly. Most insurance policies require that claims be made during the policy period in order to be covered, so prompt action is essential.

2. Depending on the nature of the problem, law enforcement authorities may be notified. Depending on the nature of the issues, law enforcement authorities may also conduct an independent investigation.

3. Be careful in making allegations of employee dishonesty as untrue accusations may be considered defamation.

Covenants Not to Compete and Severance

Agreements

Becky S. KnutsonDavis Brown Law Firm

Covenants Not to Compete and Severance Agreements

What are they? • They are contracts between employer and

employee• They define conduct and obligations both during

and after employment ends

Covenants Not to Compete and Severance Agreements

What do they require? • Written agreement – clear and designed to meet

purpose• Consideration for contractual agreements

Covenants Not to Compete and Severance Agreements

What do they protect? • “Protectable interests,” • Confidential information, trade secrets and

proprietary information,• Competition by persons with a competitive

advantage.

Trade SecretsTrade secrets are protected by Iowa Code Ch. 550, the

Uniform Trade Secrets Act and by common law. • Trade secrets can range from customer information, to financial

information, to information about manufacturing processes to the composition of products. There is virtually no category of information that cannot, as long as the information is protected from disclosure to the public, constitute a trade secret.

• We believe that a broad range of business data and facts which, if kept secret, provide the holder with an economic advantage over competitors or others, qualify as trade secrets. US West Communications, Inc. v. Office of Consumer Advocate, 498 N.W.2d 711, 714 (Iowa 1993) (citations omitted).

Trade Secrets

Common law elements of such a claim are:

…“(1) existence of a trade secret, (2) acquisition of the secret as a result of a confidential relationship, and (3) unauthorized use of the secret.”

Trade SecretsFactors considered:

(1) the extent to which the information is known outside of [the] business;

(2) the extent to which it is known by employees and others involved in [the] business;

(3) the extent of measures taken . . . to guard the secrecy of the information;

(4) the value of the information [to the business and its competitors]; (5) the amount of effort or money expended . . . in developing the

information; (6) the ease or difficulty with which the information could be

properly acquired or duplicated by others.

What Should A Covenant Not to Compete Contain?

• Reasonable restrictions related to the business• Recitation of reasons supporting the

restrictions• Definite terms of restriction

Covenant Not to Compete

How are they enforced?• Voluntary Agreement – with employee, future

employers• Injunction – act quickly when violation is

known.• Consider enforcement as written• Consider re-writing covenant if needed

Severance Agreements

• Think about them at the time of hiring if restrictive covenants are to be used

• Make them consistent with restrictive covenants

• Be careful about exceptions• Conform them to your policies

Legal Considerations

• Do you need a release?• “Global releases” and dismissals, covenants

not to sue• Consideration• Confidentiality clauses• Consistency

Additional Q & A