A recurring pattern of fraud and embezzlement peaks at the end of each year. What practices must be aware of, both internally and externally.
As you prepare for the holidays including your shopping, vacations and hopefully, hosting a safe and lawsuit free office holiday party, there are some issues you and your team need to be aware of to keep your hard-earned profits.
Internal Financial Fraud Schemes:
1. Overpaying. Employee intentionally overpays legitimate invoices to generate refunds. Refunds from vendors are then diverted back to an account controlled by the employee.
2. Paying false invoices. Employee at your practice issues payments for invoices to a company that that does not exist or that they or a partner created. Variations may include those with shipping and receiving authority that verify receipt and inventory for an accounting department that then, intentionally or unintentionally, pays these "confirmed" bills.
3. Over-ordering. Employee at your practice orders materials that are billed to you and are actually delivered but used and resold somewhere else, while you receive no value. We've seen this happen with medical supplies, drugs, office supplies and electronics, to name just a few.
4. Kickbacks and undue influence. Employee with purchasing authority diverts purchases or even referrals to they get something in return, often at the expense of the employer. In some cases, conspirators are awarded with cash payments, in others it may be gift certificates, sports tickets, elective medical procedures (one thief "earned" breast implants this way) for what they refer to the third party, including in the worst cases, specialty physicians, labs, and imaging centers. Are your patients being "diverted" this way to people you ordinarily wouldn't trust with your reputation?
5. Wage Theft: This is another very common form of fraud; mid-sized and larger providers must continually be alert to attacks on their payrolls with padded hours, false pay rates, and even phony employees, where one employee can punch two or more time cards. Watch for overtime and holiday pay issues in particular.
6. Plain Old Theft: Not every scheme is complex. Failing to record cash payments and pocketing the money or simply stealing from the cash register is common. Patient payments can also be intercepted and stolen from the mail before you ever see them so be mindful of patterns of unusual discounts and credits. This also creates a data breach exposure as patient payment info can be exposed; a stolen check for $100.00 could create a six-figure liability. Inventory controls are obviously important as well, we've seen a variety of expensive things stolen by or with the help of an employee.
Common External Threat – Invoice Fraud:
At year end, the volume of incoming bills and invoices may actually more than double, as annual renewals, regular recurring bills and even bills for services, rents or materials to be incurred in 2017 will be mailed early to allow you the opportunity to pay before December 31st to take advantage of possible 2016 deductions (check with your CPA). These criminals bill your business for expenses you would logically incur including printing, insurance, licensing, supplies, memberships, subscriptions, insurance, and even taxes, and fraudulent "fair labor standards violations" and other official sounding but fake government agency administrative fees.
Some invoices are overtly fraudulent, billing you for goods and services you never received or ordered with vendors you don't actually deal with, but the more sophisticated ones may use the actual names (or lookalike names) of vendors you actually deal with and substitute their own addresses, websites or phone numbers for payment.
Specific Red Flags To Look Out For
1. Invoices from known or unknown vendors and bills from out of state or out of the country for goods and services delivered locally.
2. As series of invoices with consecutive numbers from the same vendor (are you the only client?), as well duplicate invoices or invoices in amounts or frequency outside your regular spending pattern.
3. Bills, correspondence and websites with serious grammatical and spelling errors, photocopies or otherwise unprofessional looking markings.
4. Calls, emails or letters asking for updated payment or credit card info, especially if the card isn't expired. Most conmen get credit card numbers just by asking.
5. Fake websites, malicious links in emails, and "invoice attached" attachments from unknown vendors or creditors. A simple PDF can let scammers get a look at everything in your computer, including patient information.
6. Phone numbers and addresses that are wrong or unverifiable.