3 min read

How to Protect Your Business from Payroll Fraud Schemes

Featured Image

Payroll fraud is a threat to any business that pays employees or contractors. Unfortunately, this type of financial crime can go undetected for months—even years—and inflict significant losses.

Findings from Recent Study

The Association of Certified Fraud Examiners (ACFE) defines payroll schemes as, "A fraudulent disbursement scheme in which an employee causes their employer to issue a payment by making false claims for compensation." According to the ACFE's "Occupational Fraud 2024: A Report to the Nations," payroll fraud incidents generate a median loss of $50,000 (or $2,800 per month) and can take 18 months to detect.

In the study, some industries and geographic regions appeared more susceptible to these schemes than others. Although 10% of worldwide fraud cases in all sectors involved payroll, about 33% in the transportation and warehousing, retail, and technology sectors involved payroll. In the United States and Canada, 15% of fraud cases involved payroll.  

Like many forms of occupational fraud, the impact extends beyond direct financial losses. It can also affect employee morale, attract unwanted media attention and unsettle customers, possibly causing a loss of confidence. Furthermore, payroll fraud can lead to IRS and regulatory fines and penalties for violating tax and labor laws.

Types of Payroll Fraud Schemes

Although employees can commit payroll fraud, so can employers and third parties. Here's an overview of payroll schemes and recommendations for preventing them:

Ghost employees. Perpetrators add individuals who aren't employees and exist in name only to the payroll. Ghost employees' wages are deposited in accounts controlled by fraudsters.

Excessive payments. Here, employees receive overtime pay by inflating the hours they work, their pay rate or their commission rate.

Employer embezzlement. Some employers might withhold income for taxes, 401(k) plan contributions or medical expenses, but fail to remit them.

Payroll diversion. Cybercriminals often use phishing emails to trick employees into providing sensitive information, such as bank login credentials. This becomes a form of payroll fraud when they divert payroll direct deposits to accounts they control. Crooks might also target employers by sending them fake emails from "employees" requesting changes to their direct deposit instructions.

Expense reimbursement fraud. Employees receiving expense reimbursement might inflate their expenses, submit multiple receipts for the same expense, or claim nonexistent expenses. When perpetrated by employees, this type of false compensation is indirectly related to payroll fraud.  

Some Ghosts Are Employers

"Ghost employer" is the term given to employers that issue Forms W-2 to their employees but don't submit those forms to the Social Security Administration. These employers also fail to file employment tax forms or make federal tax deposits, thus widening the IRS's tax gap (which is the difference between tax owed and tax paid).

To help reduce the tax gap associated with ghost employers, the Treasury Inspector General for Tax Administration (TIGTA) recently evaluated IRS data—called the Ghost Employer Project—that included results from 2018 to May 2023. TIGTA's analysis estimated that 162,000 potential ghost employers owe $1.7 billion. TIGTA noted that successfully prosecuted cases have led to average restitution of $1.3 million per case. 

Fraud Prevention Tips

As with most forms of fraud, preventing payroll fraud requires multiple layers of internal controls. Here are some recommendations to fortify your company's defenses:

  • Require at least two employees to approve the addition or removal of employees from payroll records and changes to employee compensation rates—including salaries, overtime, commission rates and contracted hours.
  • Use exception reporting to flag excessive employee pay rates, total compensation, work hours and expenses claimed.
  • Scrutinize employee expense reimbursement requests closely, notify employees of any discrepancies, and require timely amendments and resubmission.
  • Ensure contractors' invoices and expense reimbursement requests are approved by a manager familiar with their role and engagement terms.
  • Perform a monthly or bimonthly audit of a random sample of employee payroll to identify anomalies.
  • Periodically audit automatic withdrawals from employee payroll and ensure the funds are properly transferred.
  • Deploy a robust verification process to ensure any changes to employee direct deposit are authorized. For example, send employees an email to their email address on file stating that a change order was received. In the subject line of emails, say something like, "If you didn't request this change, contact us immediately." When in doubt, don't make changes until employees confirm them.

Also educate employees about payroll schemes, phishing attacks and the importance of not sharing sensitive information via email. The 2024 ACFE study found that the median fraud loss for victim-organizations that provided fraud training to executives, managers and employees was roughly half the median loss reported by organizations without training programs.

Universal Threat

Payroll fraud can pose a threat to businesses of all sizes and industries. Your organization can mitigate the risk by understanding the various forms of payroll fraud and implementing robust internal controls, frequent audits and employee training.

©  2024

4 min read

7 Tax Breaks for Business Buildings

Businesses are returning to their regular work premises in droves. About 65% of U.S. businesses expect to implement...

4 min read

Preserve Your Business Legacy with Proactive Succession Planning

Running a business requires a lot of hard work. As a business owner, you may be so focused on managing day-to-day...