Employee Theft: Don't Take Chances with Your Practice
At a time when reimbursement rates are being squeezed, what you don't need is someone surreptitiously removing money from your practice. Yet, that exactly what some staff members are doing to the practices that employ them.
Because medical practices are often an easy target, the amount of money that employees steal can quickly cripple the operation. For all industries nationwide, that amount runs into the billions of dollars, according to the Association of Certified Fraud Examiners' 2010 Report to the Nations on Occupational Fraud and Abuse. Fortunately, there are ways to protect your practice.
The risks
According to the MGMA, the most common forms of employee fraud were theft of receipts or cash on hand, altering or forging a check, submitting fictitious invoices, paying personal expenses with practice funds, and payroll or expense reimbursement fraud. These thefts went undetected for a median of eight months ” 36 months when the stolen amount exceeded $100,000.
And, in most cases, employees who stole money worked alone. More than half had been with the practice for three or more years.
Combating fraud
The best way to deal with employee theft is to keep it from happening in the first place. But this requires implementing sound internal controls, including:
Risk assessment. Examine your practice policies, procedures and processes for any faults in the system for protecting integrity and ethics. Conduct a risk assessment every two years or whenever there a major system change (such as new EHR) or personnel change (such as a new billing clerk).
Separation of staff duties. Avoid having a single employee in charge of purchasing and of approving and adding vendors. Although it may be difficult to spread duties among several employees in smaller practices, it critical to implement internal controls that let employees know they'll likely be caught if they steal.
Also, never let a nonphysician employee sign checks, which is perhaps the easiest avenue for fraud. Instead, checks with invoices should be given to the appropriate physician for him or her to approve and sign.
Monitoring employee behavior. Look for telltale signs that an employee is involved with or considering fraud. For example, an employee who never goes on vacation or takes a day off may not want someone else to have access to his or her files. To combat this behavior, require all employees to take scheduled vacations.
Screening employees
First and foremost, get criminal background checks for all new hires as well as current employees. But keep in mind that, according to the MGMA, nearly two-thirds of offenders weren't prosecuted, so their next employer would be unable to learn of their criminal past.
Conducting credit checks on all new hires and periodically on current employees is also a good idea. However, be aware of state law and the federal Fair Credit Reporting Act. You generally need the person permission to run a credit check, and in some states credit checks are allowed only for positions with certain financial responsibilities.
Conducting surprise audits
Employees should know that unannounced audits are possible, but they shouldn't know what data they'll cover. Such audits need not be top-to-bottom reviews of the practice finances. They can focus on specific areas.
Also, periodically reconcile overlapping financial records. For example, compare receipts that are recorded in the billing system to revenues recorded in the accounting system, and then cross-check those numbers with your bank deposits. Make sure someone other than the person who prepares the records conducts the reconciliation.
Training staff
Educate your staff about what constitutes fraudulent, illegal and unethical actions; their role in preventing and deterring fraud; and how to recognize the signs of prohibited behavior. Doing so will not only make them more likely to notice suspicious behavior, but also diminish their ability to defend themselves if they're caught in the act of defrauding the practice.
Ultimately, the practice culture must exemplify high ethics and integrity, from the top down. When that culture is ingrained in your employees, they'll be much less likely to even think about theft.
Bringing in the cavalry
Finally, because computers are often instrumental in committing fraud, restrict employee access to only those computers, programs and electronic data that they need to perform their jobs. And if you haven't done so already, consider purchasing employee bond or employee dishonesty insurance. If theft does occur in your practice, you'll be happy to have this coverage.
And remember: Your CPA or financial advisor can be instrumental in helping you deter fraud and in investigating the crime once it comes to light. So don't hesitate to bring in the cavalry if you suspect fraud is going on in your practice.