rsRolesWithAccess DOES NOT exist
InDevEnvironment=false
rsRolesWithAccess numRows = [0]
IsInternalUser=[false]
InDevEnvironment=[false]
IsSectionSecure=[false]
Authorized=[false]
LMSAccess=[false]
HasNeuroHCP=[false]
UserLoggedIn=[false]

Reimbursement and Practice Management

Fraud Proof Your Practice

In a recent survey by the Medical Group Management Association (MGMA), 82% of respondents revealed that they had worked for a medical practice that was the victim of employee theft or embezzlement. Would you know it if someone was stealing from your practice?


In this article, you will learn to:

  • Understand the potential impact of internal fraud on your practice
  • Identify potential perpetrators and common embezzlement schemes
  • Take actions to foil internal fraud

View related pearls


The risk of employee theft and embezzlement is an unfortunate fact of life for every business. While experts estimate losses from fraud at approximately 5% of revenues for a typical company, small businesses including medical practices – which usually cannot afford elaborate systems to prevent and detect internal theft and embezzlement – are likely taking an even greater revenue hit.

Can your practice afford to lose five or more percent of its revenues to embezzlement? Before internal theft plagues your practice, put a few key controls in place to help you prevent and detect embezzlement – starting with how to spot potential perpetrators and the schemes they commonly employ.

Background Checks. A necessity in today's litigious environment, background checks, including reviews of credit history and references, establish the framework for preventing embezzler access to your practice. According to the MGMA survey, 57% of respondents who had experienced fraud did not perform pre-employment background checks, and more than 76% did not perform credit reviews.

Be especially cautious whenever background checks reveal inconsistencies with candidates' stories – or when you get only cell phone numbers for the references provided. Simply handing a background check release form to a candidate who is a potential embezzler will likely scare him or her away from your practice. He knows that there are many easier marks to be found elsewhere.

Coverage. Like any type of insurance, it's a wise idea to obtain employee crime (often called "dishonesty") insurance, and possibly fidelity bonds, particularly for employees who handle money. Purchase a policy that offers adequate coverage not only for a loss, but also for the cost of the investigation. Check with your insurance agent to determine his or her recommendation for the policy and coverage.

Telltale Signs. After an embezzler is caught, anecdotal evidence reveals that the physician affected almost always had a suspicion that something was wrong. These employee behaviors should raise red flags in your mind:

  • Refusal to take vacation days
  • Unwillingness to train another employee in his or her job
  • Always being the first to arrive and the last to leave

Since these characteristics might also describe your most loyal employee, it's important to observe employees carefully in order to distinguish between the two. Many perpetrators are also suffering from some type of personal crisis, so be on the alert for extenuating circumstances that may motivate even a good employee to steal.
Perhaps,

Cash Watch. According to MGMA survey respondents, about 54% of the theft or embezzlement schemes they experienced involved cash receipts or cash on hand. To reduce the risk of payments walking away, issue receipts to every patient, including those who pay with credit cards, and keep a copies of receipts for your records.

To foil the common embezzlement strategy of collecting payments from patients while destroying the record of the original visit, use pre-numbered encounter forms and file them sequentially at the end of each day. Note any missing forms (e.g., no-shows). Require manual or electronic reconciliation of all encounter forms provided to patients. Have employees batch the encounter forms and total the amounts of charges and payments. Require a daily written reconciliation of those forms to the billing system's daily activity report. If you've replaced your paper forms with electronic ones, meet with your vendor to discuss how to effectively monitor all encounters.

Immediately stamp checks with a restrictive endorsement; that is, one placing limits on the check such that it can be paid only to the practice's account. Consider subscribing to an on-site remote deposit service through your bank. Keep all cash in a secure safe, and make daily deposits to avoid keeping cash on site overnight or on weekends. Require that the petty cash drawer be balanced every day, and never tolerate staff being off by money here and there.

Common Schemes. While cash represents a significant share of fraudulent activity, embezzlers looking for a big payout often use other strategies. Beware of these tried-and-true approaches perpetrators commonly use:

  • Issuing patient refunds made to the employee under a fictitious name, or to friends and family. Because refunds don't turn heads – they're commonplace in a medical practice – this scheme often goes undetected
  • Making payments from someone with check-writing authority to pay personal bills that look like practice expenses. Checks to the power company or a telecommunications vendor may look legitimate until someone recognizes that the services weren't for the practice, but rather for the embezzler's home. Making fictitious disbursements, such as submitting personal or false invoices, as well as forging checks, is a popular fraudulent tactic.
  • Payments to fictitious vendors – a temporary staffing agency owned by the embezzler or a friend, for example – fly under the radar screen because they appear legitimate. Embezzlers create companies for everything from office and medical supplies to building repairs, often in exchange for no product at all or a massive markup. If the embezzler is in charge of ordering, as well as paying, the scheme is rarely detected
  • Creating fictitious withholds from your paycheck. The withholds may look legitimate – you do have to withhold a lot of money for taxes, Social Security, etc. – but they are a means for embezzlers to slowly but surely transfer money from your paycheck to theirs. This scheme is not the only one perpetrators use to steal money via your payroll system: embezzlers can also pay unauthorized bonuses, issue themselves inflated pay rates or overtime pay or even create a fictitious employee

Prevention Pays. Deploy multiple strategies to halt an embezzlement scheme (or ideally, avoid one in the first place). In addition to being attentive to suspicious employees, make sure that duties are segregated such that there are checks and balances in all aspects of the financial process. Establish policies and procedures regarding internal controls, and evaluate compliance at least annually.

Periodically call in your accounting firm to perform an audit: According to the MGMA survey, it took an average of 16 months to detect respondents' theft and embezzlement schemes, and the majority of respondents said that they had not had a CPA firm conduct an external audit or review of the victimized practice in the 24 months before the scheme was discovered.

Mandate vacations – and ask another employee to take the vacationer's place. Remove the signature stamp, review all credit card statements and be sure to have the bank statements sent to you or your accountant. Watch for missing documents, unusual patterns of deposits, an inability to balance your checking account and missing sequential checks. Finally, always investigate any complaints – no matter how minor – from patients regarding missing payments.

The amount of cash handled in medical practices and the complexity of the revenue cycle make practices prime targets for employees intent on theft and embezzlement. Selecting employees carefully, identifying areas of vulnerability, implementing internal safeguards and conducting annual reviews of financial processes reduce the probability of your practice suffering damage from internal financial fraud.

Pearl 11/29/2012

Compliance Testing

While about 57 percent of MGMA survey respondents said that their victimized practice had a code of conduct and/or compliance plan that covered employee theft and dishonesty matters, only 26 percent conducted random tests of employee compliance with financial policies and processes at least annually. In addition, only 14 percent of respondents conducted fraud-prevention training for managers and executives at least annually. If you train employees on your policies and procedures regarding fraud and make them aware that they’ll be periodically tested on their application, you’ll help create an environment inhospitable for embezzlers.

Pearl 11/26/2012

Limit Opportunities

For an employee to embezzle, experts agree that three elements need to be in place: a motive to perform the crime, the opportunity to do so and a rationalization after the deed is done. While there’s little you can do to affect motive and rationalization, the ability to reduce opportunity is within your control by segregating financial duties, cross-training employees in key financial roles and reviewing internal control processes annually.

Pearl 11/15/2012

Check-Ups

Perform background checks, including credit reviews, on all employee candidates. Contract with a web-based service or hire a private investigator in your community to perform the checks for you (the services typically cost less than $100). Asking the candidate to sign a legal release form (which you should do before running the check) often scares away a potential perpetrator.

Pearl 11/08/2012

Loyal to a Fault?

You might think that an employee who never wants to take a vacation is your ideal employee. Don’t be so wishful: Failure to take a vacation is actually one of the signs of an embezzler, as is the employee who is first to arrive at work and the last to leave, won’t train anyone else to perform their job, and refuses to cross-train with another position. Given these signs, it’s no wonder that physicians who have been victimized by an employee report that the deceptive employee is often the most trusted, loyal one. Forty-four percent of perpetrators profiled in the MGMA survey had worked for four or more years for the practice they victimized.

Pearl 11/01/2012

Be Prepared

The Medical Group Management Association’s 2010 Medical Practice Employee Theft and Embezzlement Survey revealed that the average value of the assets stolen by an internal perpetrator was nearly $140,000. Sadly, less than half of the practices received any restitution from the perpetrator. That’s not unusual, however, considering that most practices never bring a suit against the thief. Embarrassment kicks in, along with the high cost normally exacted by the investigation. Talk to your insurance agent about adequate coverage for loss due to embezzlement, as well as the cost of the investigation itself.

United States