Do you have a question? Want to learn more about our products and solutions, the latest career opportunities, or our events? We're here to help. Get in touch with us.
When it comes to trusting someone with your payroll, you need to be confident they're not just 'nice people'. They need to be professional, competent, and have secure systems and appropriate controls in place.
Small business owners in the north-east of the United States recently learned this lesson the hard way. Their trusted long-time bookkeeper, who handled their payroll and tax obligations, was accused by authorities of failing to make tax payments on behalf of her clients and made multiple unauthorised withdrawals from clients’ accounts.
Clients already dealing with the impacts of the COVID-19 shutdown are learning they owe huge amounts of state and federal tax, which could lead to a number of business failures. Many of these small businesses who have used the company’s payroll services over many years are astounded that the “nicest person they have ever spoken to” could be behind the alleged thefts.
A little closer to home, a former rest-home office administrator in New Zealand was caught stealing $20,000 from her employer, throwing the rest home into severe financial difficulty. As the sole person in charge of payroll, it wasn’t long before she increased her own hours and pay rate, with some payslips showing she had worked more than 100 extra hours each fortnight without authorisation. Her actions have devastated her former colleagues and destroyed the trust they had in her.
These are but a few examples of payroll fraud occurring by people who are trusted and well-liked. Many will be long-serving employees or business partners who are very competent at their jobs. However, the problem can also be attributed to a level of complacency amongst businesses who may not be doing enough to protect themselves against potential threats — threats that are all the more intensified in the current economic environment.
The uncertainty caused by the COVID-19 crisis has created a perfect storm for fraud to occur. The well-known fraud triangle explains that for fraud to exist there are three principal drivers: pressure, opportunity, and rationalisation.
What motivates someone to commit fraud varies during times of economic crisis. Financial pressure and reduced job security tend to rise and departing employees may be tempted to copy sensitive data, like customer lists and intellectual property. Personal addictions, such as gambling and alcoholism, are also aggravated during times of stress, which adds to the pressure.
To manage the impacts of the crisis, businesses are focusing on adopting cost-cutting measures. This can mean less investment in compliance and fighting fraud and leaves little or no time to monitor key risks. This can lead to weakened defences in business processes, creating greater opportunities for individuals to exploit.
The uncertainty also creates an easier environment for individuals to rationalise their actions. For example, they may tell themselves, “I will pay the money back once I’m more financially secure,” or, “I better pay myself first in case the company folds.” By ensuring appropriate controls are in place for your people, processes, and policies, businesses can mitigate the risks of payroll fraud from occurring.
Payroll is one of the major costs for businesses, which is why it’s crucial that your trust in a payroll supplier is well-founded and supported by evidence.
If you use an external supplier for payroll processing, then you need to know that your supplier’s systems and processes are up to the task as the risk remains with you, the employer.
You need assurances that your payroll supplier has software that can't be hacked, hardware that can't be accessed, processes that can't be compromised, and the people who have the required skills. You need to know that processes include assessment and reassessment of all security risks, ongoing monitoring of the risks, and a continuous improvement plan for overall security.
Here at Datacom, we can prove we have the required expertise, systems, and controls in place through the independent external audits of our software and against the internationally recognised ISO27001 and ISAE3402 standards.
A payroll supplier with a strong financial position, local experience, and a demonstrated history of providing payroll services is unlikely to put their business at risk by committing large-scale fraud. Ask for your payroll suppliers’ annual report to determine they are a viable and sustainable business, they aren't under any financial pressure, and they have the means to address anything that might arise. You can find Datacom’s annual review here.
Although businesses are currently navigating a period of increased uncertainty, it has never been a better time to review your internal risk controls and processes. Speak to your payroll supplier about how they're ensuring their own systems and controls are set up appropriately to minimise risk. They should also be able to provide you with an independent layer of assurance to support their assertions.
Disclaimer: the content of this article is general in nature and not intended as a substitute for specific professional advice on any matter and should not be relied upon for that purpose.