Understanding and Preventing Payroll Fraud
Rivka Abramson| Oct 23, 2023
- Payroll fraud poses a significant threat to organizations of all sizes, as it can drain company resources, erode trust within the workplace, and damage reputation.
- Payroll fraud is a form of asset misappropriation, representing 9% of all cases globally, with a median loss of $45,000.
- An automated payroll system can play a crucial role in preventing payroll fraud
- Using multiple measures to safeguard personal payroll information can significantly reduce the risk of payroll fraud
Between March 2014 and May 2017, Adam Cranston, the son of a former deputy tax commissioner, conspired with four others to steal from the Commonwealth of Australia. The syndicate used a payroll services company, Plutus Payroll, and its network of second-tier companies to siphon more than $105 million that should have been paid to the tax office. In August, Cranston was sentenced to 15 years in prison for his role in the Plutus Payroll fraud.
Payroll fraud is a generic term for deceptive practices that occur when individuals within an organization manipulate payroll security processes for personal financial gain. This type of fraud can take various forms and poses a significant threat to organizations of all sizes, as it can drain company resources resulting with payroll leakage, erode trust within the workplace, damage reputation, and lead to compliance issues and legal repercussions.
Payroll fraud refers to deceptive actions taken by individuals to manipulate the organization’s payroll system for personal financial gain. It involves various fraudulent activities related to the payment of employees.
What exactly is payroll fraud?
Payroll fraud is considered a financial crime. Financial crimes encompass a wide range of illegal activities that involve manipulating systems or transactions for personal gain or to the detriment of others.
One of the most costly forms of financial crime is occupational fraud. The Association of Certified Fraud Examiners (ACFE) defines occupational fraud as “the use of one’s occupation for personal enrichment through the deliberate misuse or misapplication of the employing organization’s resources or assets.”
According to the ACFE, asset misappropriation, which involves an employee stealing or misusing the employer’s resources, is the most common type of occupational fraud, with 86% of cases falling under this category. The ACFE divides asset misappropriation cases into nine distinct categories. Payroll fraud is one of them, representing 9% of all incidents with a median loss of $45,000.
Types of payroll fraud you should know
Timesheet fraud refers to the manipulation or falsification of timesheet records by individuals within an organization. Many organizations use timekeeping systems, such as electronic time clocks or software-based solutions, to record employee attendance and work hours. Timesheet fraud typically involves misrepresenting the actual hours worked to receive more compensation or benefits than deserved.
Some common examples of timesheet fraud include:
- Buddy punching: this scheme involves employees punching in or clocking in on behalf of their colleagues, often when the absent colleague is not present at work. This scheme is a form of time theft where one employee falsely records the attendance of another, thereby inflating the absent employee’s hours worked and potentially resulting in improper payment.
- Unearned overtime: employees may manipulate timesheets to show that they worked overtime hours when they did not, leading to unauthorized overtime payments.
- Falsified breaks: some individuals may record shorter or nonexistent breaks to appear as if they are working more hours, potentially increasing their pay.
Ghost employee fraud
In this scheme, a dishonest worker adds an individual to the organization’s payroll, although the company does not employ them. The fraudster – typically someone with access to the organization’s payroll system, like an HR manager or finance administrator – creates a fictitious employee profile in the payroll records. The ghost employee’s information may include a fake name, address, Social Security number, and bank account details.
The ghost employee fraud includes adding the fake employee to the payroll system and assigns them a salary or wage. This salary is regularly paid alongside legitimate employees’ salaries, often via direct deposit or check. Finally, the ghost employee’s fraudulent payments are diverted into the fraudster’s bank account.
In some cases, the fraudster might enlist the help of an accomplice who poses as the ghost employee and receives the funds. To avoid detection, the fraudster may manipulate payroll records to make it seem like the ghost employee is actively working, even though they do not perform any tasks.
Payroll diversion scheme
Sometimes referred to as business email compromise (BEC), a payroll diversion scheme is a type of fraud where cybercriminals trick an employee – often one with access to the organization’s payroll system – into changing direct deposit information. The idea is to divert an employee’s salary or wages to an unauthorized account or recipient.
Payroll diversion schemes typically involve sending phishing emails to employees in the payroll team. These emails often appear to come from a trusted source – such as a company executive or the HR department – and may request the employee to update an individual’s direct deposit information.
Once the direct deposit information is changed, the employee’s salary is redirected to a fraudulent account controlled by the cybercriminals.
These attacks are designed to exploit human vulnerabilities and trust within an organization. They can be challenging to detect because they rely on deception rather than technical vulnerabilities.
Payroll data manipulation
This fraudulent activity involves altering or falsifying information within an organization’s payroll system for personal gain or to benefit others inappropriately. Some common examples of payroll data manipulation include:
- Overstated hours: employees may deliberately exaggerate the hours they claim to have worked to receive higher compensation than they are entitled to. For example, employees can claim overtime hours or additional shifts they did not complete.
Overstated hours schemes may involve the collusion of multiple employees. For instance, employees may cover for each other by vouching for the fictitious hours worked by their colleagues. Over time, if the scheme continues undetected, it can substantially inflate labor costs for the organization, affecting profitability and budgeting.
- Unauthorized pay rate changes: this scheme involves falsifying one’s hourly wage, salary, or other compensation-related information. Usually, an employee with access to payroll systems or records will make unauthorized changes to their pay rates, either by directly altering the data or through collusion with payroll administrators.
Employees may also falsely claim eligibility for certain benefits tied to pay rates, such as healthcare or retirement contributions, resulting in increased costs for the employer.
- Commission Schemes: in the context of payroll, a commission scheme typically refers to a fraudulent practice where employees manipulate or exploit the commission-based compensation system to maximize their earnings in an unethical or illegal way.
There are several types of commission schemes. False sales reporting, for example, is a scheme in which an employee falsely reports sales or transactions that did not occur. They might create fictitious sales orders, invoices, or customer accounts to make it appear like they have achieved higher sales targets than they actually have.Another type of commission scheme is inflated sales figures, i.e., exaggerating the value or quantity of actual sales to earn a higher commission percentage. For instance, they might manipulate the numbers to claim larger deals, more units sold, or higher-priced products.
Payroll schemes involving external parties
These schemes typically occur when individuals or entities outside an organization target an organization’s payroll system to extract funds or benefits fraudulently. Payroll fraud involving external parties often requires insider collaboration or compromised access to the company’s payroll system or information. Here are some payroll schemes involving external parties:
- Identity Theft: external parties can steal employees’ personal and payroll-related information, such as Social Security numbers and bank account details, to commit identity theft and fraudulently receive payments meant for the employees.
- Social Engineering: fraudsters may use social engineering tactics, such as impersonation or pretexting, to manipulate employees into revealing sensitive payroll information or making unauthorized changes to payroll records. This can result in unauthorized payments or changes to employee data.
- Vendor Fraud: in this scheme, external contractors collude with employees within the organization to manipulate the payroll system. They may bill for fictitious services and get paid for them and get paid, with a portion of the payment being kicked back to the fraudsters.
The consequences of payroll fraud
Payroll fraud can have significant and wide-ranging financial implications for organizations. These implications can negatively affect a company’s bottom line, morale, reputation and overall lead to long-term damages. Here are some of the main consequences of payroll fraud:
Payroll fraud can result in significant financial losses for employers – depending on the extent and duration of the deceptive activity – as fraudulent disbursements or overpayments can add up quickly. The monetary losses from payroll fraud can decrease net income and reduce funds available for legitimate business operations, investments, and growth.
The financial strain caused by payroll fraud can also create cash flow problems. Fraudulent payments can drain cash reserves, making it challenging for the organization to meet its financial obligations, such as paying bills, suppliers, and creditors on time.
Finally, addressing payroll fraud often requires conducting internal investigations, hiring forensic accountants or legal counsel, and potentially engaging in litigation. These expenses add to the overall financial loss.
Payroll fraud can tarnish an organization’s reputation, making it challenging to attract and retain top talent. Talented employees may be hesitant to join a company with a damaged reputation, and current employees may seek employment elsewhere if they lose trust in their employer.
In addition, reputational damage can affect an organization’s relationships with customers, suppliers, and business partners. These entities may become hesitant to do business with a company known for unethical practices, leading to a loss of contracts, customers, and potential growth opportunities.
Shareholders and investors can also lose confidence in a company linked with payroll fraud. That can impact the company’s stock price and market value, potentially hurting the organization’s ability to raise capital. Even after the immediate issue is resolved, the stain on the company’s reputation may linger, making it difficult to rebuild trust.
Government agencies may conduct investigations into payroll fraud allegations. If any violations of payroll compliance legislations or tax regulations are discovered, employers may face fines, penalties, and even imprisonment. Legal actions related to payroll fraud can also trigger increased regulatory scrutiny and audits, potentially leading to more legal issues.
In some cases, employers may need to repay employees for losses incurred due to payroll fraud. This could involve reimbursing employees for stolen wages, benefits, and other financial losses or compensating them for emotional distress.
Non compliance under GDPR data processing agreement
Any unauthorized or fraudulent manipulation of employee data , such as altering salary figures or employee details, not only violates the principles of accuracy and integrity but also breaches the GDPR’s requirement for employee data protection. This manipulation can lead to severe legal consequences, including fines and penalties, and could undermine the trust and compliance essential for maintaining a valid data processing agreement under GDPR.
Low morale and reduced productivity
Payroll fraud can have a detrimental impact on employees’ morale and overall work performance. When employees perceive that their colleagues are engaging in fraudulent activities, it can lead to a breakdown of trust in the workplace. Employees may view leadership or management as complicit in or indifferent to payroll fraud, resulting in a lack of confidence in their ability to protect employees’ interests.
A lack of confidence in leadership and an erosion of trust can contribute to disengagement. Employees who are disengaged, demotivated, or distrustful of their organization are less likely to perform at their best. This can result in lower work output, missed deadlines, and a decline in overall productivity.
Negative media coverage
Many payroll fraud cases make headlines. News stories, articles, and reports about unethical or illegal activities can subject the organization to intense public scrutiny. This scrutiny may extend beyond the specific payroll fraud incident and lead to investigations into other aspects of the company’s operations, including its corporate culture, financial practices, and compliance with laws and regulations.
Additionally, employers often must allocate resources to address negative media coverage, including hiring public relations firms, crisis management teams, and legal counsel to manage the fallout with clients, investors, and other stakeholders.
How to prevent payroll fraud: a step-by-step guide
Invest in an automated payroll system
Automated payroll systems have various fraud detection capabilities and robust security features. For example, automated payroll systems allow organizations to restrict access to payroll data and functions based on job roles and responsibilities. Only authorized personnel can access and change payroll information, reducing the risk of unauthorized alterations.
In addition, many automated payroll systems integrate with time and attendance tracking systems. This integration ensures that the hours worked by employees are accurately recorded and automatically used for payroll calculations, eliminating the chance of fraudulent overtime claims or time manipulation.
Finally, automated payroll systems can generate alerts and notifications for unusual payroll activity or patterns. This allows payroll administrators to take action promptly and investigate irregularities or potential schemes.
Collaborate with a certified fraud examiner
As part of a company’s payroll risk management, collaborating with a certified fraud examiner (ACFE) can be a proactive and cost-effective approach. CFEs are professionals with expertise in fraud prevention, detection, and investigation. They can assess an organization’s payroll processes to identify potential vulnerabilities, evaluate existing controls, and provide recommendations for strengthening them.
CFEs can leverage data analytics tools to monitor payroll data for anomalies or irregularities. They can develop customized monitoring programs to detect patterns indicative of fraud, such as duplicate payments, unusual overtime, or unauthorized changes.
In cases where suspicion of payroll fraud arises, CFEs are skilled in conducting thorough investigations. They can gather evidence, interview relevant parties, prepare reports for legal actions, and provide expert testimony in court if necessary.
Regular payroll audits
A payroll audit is a periodic review of a company’s payroll processes and records to verify that it’s paying employees accurately, timely, and compliantly. Regular payroll audits are a crucial component of an effective payroll fraud prevention strategy, as they can identify discrepancies or inconsistencies that may indicate fraud.
Payroll audits involve comparing payroll data, such as hours worked, wages paid, and benefits, against employee records to ensure they are accurate and up-to-date. This includes verifying the existence of employees, their employment status, and other relevant information.
Additionally, auditors assess whether proper segregation of duties exists within the payroll process and examine the approval process for payroll transactions. They also verify that payroll changes, such as salary increases, are authorized by the appropriate personnel and supported by valid documentation.
The findings of the audits are documented in detailed audit trails. These audit trails help track changes to employee data and payroll transactions, making it easier to detect suspicious changes. Plus, they serve as evidence in case of investigations and legal actions.
Maintain payroll records
Maintaining well-documented payroll records is a critical measure against payroll fraud. Payroll records allow companies to track all payroll-related transactions, including wage payments, benefits, and deductions. When payroll records are detailed and accurate, it becomes easier to spot any discrepancies or unauthorized changes.
Payroll records should include documentation of the organization’s payroll policies and procedures. For example, payroll records can show who approved salary adjustments, overtime hours, or benefit changes. This helps ensure that only authorized individuals can make such adjustments.
This strategy involves providing ongoing education and training to employees, managers, and relevant stakeholders to raise awareness about fraud risks, develop anti-fraud skills, and foster a culture of vigilance.
Continuous education ensures employees learn to identify unusual patterns or discrepancies in payroll data, timekeeping, or personnel records. The idea is to equip them with the necessary knowledge to recognize red flags within the payroll process – and encourage them to report any suspicious activities.
Employee education should address typical payroll fraud schemes and guide how to identify and report them. This includes educating employees on different types of payroll fraud, the latest fraud techniques, and new ways to counteract them.
It also includes system and technology training. Employees should receive training on how to effectively and securely use relevant technologies, such as payroll software or time and attendance systems, with an emphasis on their fraud detection capabilities.
Safeguard personal payroll information
Payroll fraud often involves obtaining sensitive employee data, such as Social Security numbers, bank account information, and salary details. By taking measures to safeguard personal payroll information, organizations can significantly reduce the risk of payroll fraud, protect employee privacy, and maintain the integrity of their payroll processes.
Safeguarding payroll information means limiting access to authorized personnel only. Implementing strict access controls ensures that only individuals who need payroll information for legitimate purposes have access to it. This prevents unauthorized employees from viewing or altering sensitive data.
In addition to strict access controls, safeguarding payroll information includes measures such as secure storage of payroll records, encryption of digital payroll data, employing firewalls and intrusion detection systems against external threats, and an incident response plan to address potential data breaches quickly and effectively.
The ecosystem of payroll fraud prevention
Securing your peace of mind
Payroll security is the foundation of the trust between employees and employers. At Papaya Global, the world’s leading payroll and payments platform, making payroll processes more secure is a top priority. We pride ourselves on having the highest standards for payroll data and developing the perfect technology to safeguard it. Schedule a demo to learn more.
What are the 3 main categories of payroll fraud?
The three main categories of payroll fraud are ghost employees, timesheet fraud, and payroll diversion schemes. While these types of payroll fraud are prevalent across various regions, the specific methods employed may vary based on local laws, regulations, and cultural factors.
Who handles payroll fraud by employers?
Payroll fraud by employers can be handled by several entities, depending on the circumstances and severity. Internal payroll fraud investigations are often conducted by a company’s human resources or compliance departments, aiming to address misconduct within the organization.
In cases involving significant fraud or criminal activity, law enforcement agencies such as the police, state law enforcement, or federal agencies like the IRS may become involved to conduct investigations and pursue criminal charges.
Why are small businesses more susceptible to payroll fraud?
Small businesses typically have limited resources and personnel, which can result in less segregation of duties and oversight in payroll processes. In smaller organizations, a single individual may handle multiple payroll functions, increasing the opportunity for fraud.
Additionally, small businesses may lack sophisticated payroll systems and controls, making it easier to manipulate records without detection.
Which type of information includes personal payroll?
Payroll data includes personal information related to an individual’s employment and compensation.
This information typically encompasses details such as the
- employee’s full name,
- Social Security number (or equivalent national identification number),
- compensation details (including salary, bonuses, and overtime pay),
- direct deposit details (bank account numbers and routing numbers),
- deductions and contributions (such as retirement plan contributions and health insurance premiums),
- time and attendance records, including hours worked and leave balances.
- Additionally, payroll data may include year-end tax statements (e.g., W-2 or 1099 forms).
How many years must payroll information be kept?
In the United States, the retention period for payroll information can vary depending on federal and state regulations. Generally, federal law, as specified by the Fair Labor Standards Act (FLSA), requires employers to keep payroll records for at least three years.
In the European Union, under GDPR, there is no specific retention period prescribed for payroll information. However, organizations are obligated to retain personal data only for as long as necessary for the purposes for which it was collected.
In the context of payroll data, this typically means retaining it for as long as an employment relationship exists and for any additional period required by local labor laws or tax regulations.
It’s essential to consult with legal counsel or compliance experts to ensure compliance with specific regional and industry requirements when determining retention periods for payroll information under GDPR.