Jenny Was Caught Stealing from You
FINANCIAL MANAGEMENT
Miles Bodzin
Theft from employees is a common problem that businesses face. Statistics show that more than $50 billion is stolen annually from US businesses by their employees, and that the average time office fraud lasts before it’s detected is two years!1 Not only do I have my own experiences with theft, but fellow chiropractors have shared their horror stories with me.
Let’s introduce a troublesome staff member named Jenny. Even though she is fictional, these aie real, true stories that can and do happen. So, how does Jenny steal from you in your practice? Here aie four common ways:
1. Jenny Caught Pocketing Cash
The Theft:
With the increase in cash collected in many practices, more cash is being used to pay for services. If there aie not strict policies on handling cash, it becomes easy for the cash to “disappear.” This is common for any cash business. Fortunately, most practices don’t collect a ton of physical cash, so the losses aie not that great. In my opinion, though, any loss is too big.
The Recommendation:
The practice needs to have a strict policy on all physical cash collected. Every transaction must have a receipt produced. Like any retail store, the receipts ai e used at the end of the day to balance the cash in the drawer. You should have a two-person checks-and-balances system, where a second staff member has to sign off on the cash being balanced. That way someone else must approve that the drawer was balanced.
This is easy to do. As part of y our end-of-day reporting, simply make a copy of all of the cash receipts and have both people sign next to the total. This report, along with the cash, is then placed in a safe or hand-delivered to the doctor. I also recommend that if the doctor does not do a daily check on the cash balancing or leaves it up to an office manager, that the doctor does a random check at least three or four times per month. This will reduce the likelihood of Jenny stealing your cash.
2. Stand-alone Credit Card Terminals
The Theft:
Let me ask you a question. Would you be willing to give someone your company ATM card with free access to being able to withdraw money from the account? Well, of course not. That is exactly what your stand-alone credit card terminal is; though, in this instance, they can use their own card. It’s essentially an ATM machine that requires NO PIN to withdraw money from your bank account. I know of one office that had more than $100,000
stolen exactly this way over the course of several years.
Here’s how the theft happens. First, Jenny either is in charge of reviewing your credit card merchant statements or simply knows you (the business owner) don’t bother to reconcile them. With that knowledge, Jenny is confident her boss won’t notice if there aie refunds. Why? Because the refund is deducted from the deposits being made by the merchant bank. For example, the practice collected $1,988 in credit card transactions for the day. Jenny then runs a refund on either her credit card or a coconspirator’s card for $50. The merchant bank deposits $1,938 to your account. As long as the doctor sees the deposit in the bank account, all is good, while not realizing $50 is missing from the deposit.
Jenny now has $50 of credit on her credit or debit card that she can use any way that she wants. What’s more, if she simply goes to an ATM to withdraw the cash, the funds aie no longer available, and you can’t get the money back. Jenny is now using your terminal as a personal ATM machine.
You may wonder why the doctor would not catch this. Well, are you going through the details of your merchant account
deposits, comparing them to what your practice collected for services, and confirming what was actually deposited in your business bank account?
The Recommendation:
I recommend that you get rid of your stand-alone credit card terminals and only use those connected to software that prevents the ability to run independent refunds. So the software will only allow a refund to be processed against an original transaction. This is exactly how the big box stores do it. Think about the last time you got a refund from Home Depot, Target, or some other big store. They did not ask for your card to swipe for a refund. Instead, they scanned the barcode on the receipt and placed the credit back on the original card used for the purchase. If you did not have a receipt, they would give you a store credit. No refund was placed on an arbitrary credit card. I also recommend using credit card processing software that produces a report, which makes it easy to compare what was processed to what was deposited in your bank. In addition, the software should allow you to set the pennission for who is allowed to make refunds.
3. Jenny Got Square
The Theft:
No doubt, Square has become a very popular product. It’s convenient and easy to use, but did you know that it’s becoming a common way for theft to occur? Let’s pretend the name of your practice is “Jones Family Chiropractic.” I can go on Square and get an account to process payments with the business name of “Jones Family Chiropractic” with absolutely no verification of business name or identity. Jenny knew this, so she set up her very own Square account with the business name of “Jones Family Chiropractic.”
When patients needed to pay, they would give her their credit card, and instead of using the office’s credit card terminal, she would use her Square account. Patients thought nothing of it since it’s become so commonplace for payments to be processed this way, and when the patient got his or her e-mailed receipt, it says “Jones Family Chiropractic.” As far as the patient is concerned, all is good. Jenny just pocketed that payment and the patient was completely unaware of it. The patient’s billing statement also shows “Jones Family Chiropractic.” Scary, I know!
Another challenge with products like Square is the fact that the merchant account is not really your own merchant account. They use what is called a “payment service provider” merchant account where you share the merchant account with hundreds of other businesses. This is a fine approach if your monthly credit card volume is around $1,000. When you’re collecting tens of thousands per month, it is very risky for your business. Why? If
^Statistics show that more than $50 billion is stolen annually from US businesses by their employees, and that the average time office fraud lasts before it’s detected is two years! 5 5
any of those other businesses on your shared merchant account aie flagged for any reason, the entire merchant account may be flagged and your deposits delayed.
The Recommendation:
I recommend you post in your office’s financial policies about how you process payments, and that if patients aie asked to use any other format or services (for example, Square), to please report it.
If you do need the convenience of accepting payments with a Square-like product, there are plenty of alternatives. I recommend you use a mobile credit card processor that integrates with software you use at the front desk to process payments. It should work with your own merchant account and allow you to control whether staff ai e allowed to login to process payments and/or whether they can then can process refunds or voids.
4. Counterfeit Checks
The Theft:
Jenny got ahold of my business checkbook and wrote fraudulent checks by forging my name. That’s right. She actually wrote herself checks, signed my name, and deposited them in her account. Fortunately, we caught it, but this is something that does happen.
The Recommendation:
Don’t leave your checkbook lying around your office and keep a record of every time you write a check. Issue your checks sequentially and ensure that there is some sort of reconciliation process with your bank account and the check signer that is taking place.
Now all of this assumes you have a Jenny in your oftice who wants to steal from you. I think it would also make sense to address your hiring practices. Are you doing background checks? Aie you sure the people you entrust to work for you are tru stworthy? If you do your due diligence when hiring so that you aren’t hiring a Jenny, you shouldn’t have to worry about any of this. However, keep these recommendations in mind so that you don’t suffer the same fate.
References:
1. Association of Certified Fraud Examiners, Easy Small Business HR, Institute for Corporate Productivity, Jack L. Hayes International, Inc.
Miles Bodzin,DC is founder and CEO of Inc. 5000-listed company, Cash Practice® Systems Learn more at www.CashPractice.com or call 877343-8950. To book Dr. Bodzin for interviews and speaking, call 877-343-8950, ext. 201.