Internal Fraud Committed by Employees

Employee fraud

When an employee is recruited, there is a duty of mutual trust and confidence implied into the contract of employment. This means that there is a duty of trust placed on the employee – including trust that they will not involve themselves in fraudulent activity in the workplace.

Whilst most employees are undoubtedly people of trust and integrity, employee fraud is, unfortunately, not rare – and can cost companies huge sums of money.Employee fraud pervades all sectors to some extent, with financial services considered to be at the greatest risk.

What is meant by employee fraud?

Employee fraud can take many forms. It can be relatively trivial (embellishing an expenses claim, for instance) or it can be serious fraudulent behaviour such as wrongly writing cheques to the employee’s own name; diverting company assets without authorisation; and commission fraud (inflating sales figures to gain a bigger commission that is deserved).

Other types of serious employee fraud include:

  • direct theft of the company’s intellectual property
  • passing on business information for personal gain to competitors
  • passing customer details to third parties to facilitate attacks against that organisation (for example, organised crime targeting financial institutions)

Can fraud take place during the recruitment stage of an employee?

Yes, it is not uncommon for job applicants to inflate their credentials when applying for positions, and statistics show that this is an increasing trend. Many people include material falsehoods on their application form or on their CV, for example, making up or lying about important qualifications, and lying about their employment history.

The risks of doing so are serious. For employees, they risk being uncovered; and for employers: they risk unwittingly recruiting someone who cannot be trusted – potentially putting the business at risk.

A job applicant’s sole purpose in inflating their qualifications, or lying on their job applications, is to persuade the employer to recruit them for a position they may well not otherwise be qualified for. This is fraud, and is in breach of the mutual duty of trust and confidence. If the lies are uncovered, and they are serious – the employer may be entitled to dismiss the employee for gross misconduct with immediate effect. However, if it is uncovered some years after the employee was recruited, it can be more difficult for the employer to dismiss them – they will have to show dismissal is a reasonable response. In any event, the correct disciplinary procedures must be followed by the employer to avoid any potential unfair dismissal claim.

Note that knowingly making a false statement on a job application for the purpose of securing employment is a criminal offence under the Fraud Act 2006, punishable by up to 10 years’ imprisonment and/or a fine.

What can employers do to minimise employee fraud?

Employers need to be vigilant, particularly with their recruitment checks and procedures, so that they are better able to spot potentially fraudulent or dishonest applications and CVs. Once an employee is recruited, employers should have robust management procedures in place to ensure employees are adequately monitored – though balance, of course, is necessary. Accounts departments should particularly be run in a robust manner so that any type of internal financial fraud is promptly detected.

In addition, CIFAS, the UK’s fraud prevention service, runs a data-base sharing scheme which employer members can access.

How the data-sharing scheme work?

Employers who join this scheme can access cases regarding internal fraud. It means they can check whether an individual has previously been recorded for committing fraud. Members can also create a case if they have been the victim of internal fraud by an employee – but there must be a clear and demonstrable burden of proof to do so.

Isn’t this in breach of data protection laws?

Potentially, yes. An individual may claim that if information relating to them is being held in this system and made available to an employer, this is in breach of the Data Protection Act 1998.

However, although the database and the members of the system are subject to the Data Protection Act 1998, anyone applying for a role in a company that is a member of a staff fraud database will be informed by that company as to how their personal data will be used. Notice of this is called a ‘Fair Processing Notice’ and will be included on application forms, employment contracts, etc. These notices act as a powerful deterrent to fraud, but also safeguard individuals from incorrect use of their personal data.