Employees Working Remotely Can Increase Your Fraud Risk
Between 2008 and 2020, remote work has grown 159%. When employees are working remotely, it’s harder to detect and prevent all types of fraud. An unsupervised work environment is ideal for some fraud schemes in particular. This article details four of those fraud schemes and how to protect your company from each one.
Data Theft
With unsupervised, enhanced access to systems and files, employees working remotely could easily steal company data. Breaches of customer data or proprietary secrets could lead to lost funds at best and legal issues, lost customers and reputation damage at worst. Employers who work with especially sensitive data, such as healthcare and financial services, should be especially careful when allowing employees to work from home. Employees aren’t the only ones who could commit data theft. Partners, roommates, family members and visitors pose a risk to your company’s sensitive information. Even if devices and files are password protected, fraudsters might hack into them, sneak a peek when the employee is typing or gain access when the employee leaves their computer unlocked for a moment. Employees working remotely from unsecured networks (such as at coffee shops) also make your data more vulnerable to cybercrime.
Mitigate risk by:
- Requiring remote employees to work only on secure networks (no public WiFi)
- Using firewalls and virus scanners for remote employees using the company network
- Issuing company-owned devices to remote workers instead of letting them work on personal computers
- Asking IT to manage software updates and changes remotely rather than giving remote employees administrator credentials
- Requiring all employees to read and sign an acceptable use policy for electronic devices, social media and company data
- Providing annual security training to all employees
Time Theft
Remote employees are on the honor system for meeting or logging their work hours. While most employees are honest, some might be tempted to take advantage of the reduced oversight. Time theft covers a range of behaviors. It could mean logging in to work but watching a movie instead. An employee could run errands during work hours and not make up the time. Hourly workers might simply log more hours than they spent working. Time theft leads to lower productivity, which in turn leads to financial losses for your company.
Mitigate risk by:
- Only allowing high-performing or long-serving employees to work from home
- Requiring employees working remotely to sign a set of telecommuting guidelines and expectations
- Adding time theft to your fraud policy, including a clear definition and consequences, and requiring employees to read and sign it
- Asking managers to check in with remote employees throughout the day
- Using time tracking or monitoring software
- Offering flexible work hours so remote employees don’t feel the need to commit time theft if they have other commitments during traditional work hours
Payroll Fraud
In smaller companies, remote work makes monitoring payroll tasks more difficult. For instance, it’s harder to verify that paychecks were sent out on time, for the right amounts and to the right people. Separation of tasks such as writing and signing checks is also more difficult when employees work apart. As a result, payroll fraud is much harder to detect when employees are working remotely. Schemes could include:
- Ghost employee schemes
- Timesheet fraud
- Advance fraud
- Paycheck theft
Mitigate risk by:
- Reconciling balance sheets and payroll accounts more frequently (i.e. monthly instead of quarterly)
- Rotating financial tasks
- Restricting access to payroll records as strictly as possible
- Requiring manager approval of all payroll records, including timesheets and overtime
Worker’s Compensation Fraud
When an employee’s home is also their workplace, it can be hard to distinguish what injuries and illnesses should be considered for worker’s compensation (WC). For example, one saleswoman who worked from home for a department store tripped over her dog while carrying work supplies to her car, breaking her wrist. The court ruled that she was eligible for worker’s compensation. While grey areas are hard enough to deal with, remote employees might also commit outright worker’s compensation fraud. This means claiming that they suffered an injury “on the job” so they can claim WC when, in fact, they sustained it during personal time. Workplace injuries, even for remote workers, can harm your reputation as an employer. As a result, it’s important to promote a safe and healthy lifestyle and work environment for employees working remotely.
Mitigate risk by:
- Helping remote employees set up a safe work environment, then documenting it in photos
- Ensuring remote workspaces are sufficiently ventilated, sized and lit
- Offering ergonomic equipment (e.g. wrist rests, desk chairs) to employees working from home
- Including home office safety guidelines in your remote work policy
- Encouraging healthy habits (e.g. healthy diet, frequent stand/stretch breaks, and regular exercise)
Let Us Help
The easiest way to reduce fraud risk when employees work from home is to keep them informed and accountable. A strong fraud policy with descriptions of “right” and “wrong” behavior, along with consequences for violating the policy, can deter potential fraudsters. If you would like assistance developing a strong fraud policy for your company, please contact Steph Stohon (sstohon@wesselcpa.com) or Evan Sokira (esokira@wesselcpa.com), or by calling 814.536.7864.
