Employee theft is clearly one of the most costly, misunderstood and underestimated business problems facing today’s management.
Studies conducted by the Department of Commerce, American Management Association, Joint Economic Committee of Congress, Universities and trade associations all conclude that losses from employee theft have a dramatic effect on the financial stability, profit level and survival of most businesses. Several studies estimate employee theft and dishonesty costs US businesses between $60 and $120 billion per year, not including the billions spent on protecting against theft (guards, security systems etc). One study estimates that, depending on the nature of the business, employee theft costs between 1/2% - 3% of a company’s gross sales. Even if we acknowledge the lower figure, it still means employees steal over a billion dollars a week from their employers. Most studies and security experts agree that nearly every type and size of business is likely to experience some form(s) of employee theft and not realize the existence or extent of it. In fact, small and medium businesses are often more vulnerable to employee theft due to less of a separation of duties, less supervision/more autonomy, lack of controls/procedures/audits and blind loyalty.
What do employees steal? Whether a business is retail, distribution, manufacturing, health care, hospitality, communications, energy, scrap metal, printing, bakery products or cardboard boxes, it has assets someone feels is worth stealing. Employee theft may include stealing product, inventory, supplies or cash. It may be more complex and involve theft of trade secrets, misappropriation of funds or collusion. The fact is employee theft is present in every type of business. To illustrate this point, consider the fact that the American Society of Industrial Security is comprised of over 30,000 security professionals charged with detecting and preventing theft within thousands of companies from Ace Hardware to Xerox. Conversely, there are thousands of other businesses just as vulnerable to crime, but without security professionals to assist them in preventing theft and other internal crimes.
A primary reason employee theft continues to thrive is because management has yet to acquire a realistic understanding of the magnitude and nature of employee theft. Most managers have a tendency to disregard many of the indicators of theft and convince themselves that inventory shortages, loss of business, declining profits, rumors of dishonesty and other potential warning signs are not theft related and unworthy of inquiry. After all, employee theft often consists of extremely unpleasant situations involving executives, trusted employees, customers, vendors, even family members and friends.
While some theories and explanations of employee theft have been validated, substantiated or at least accepted by experts, many remain speculative or unfounded and create more confusion than clarity of the problem.
Some of the more prevalent misconceptions regarding employee theft include:
Management doesn’t need to specifically or formally tell employees where it stands on employee theft because they already know.
Well paid or adequately paid employees are less likely to steal.
Honest and loyal employees will report other employees who steal.
Losses from shoplifting are higher than losses from employee theft.
Newer employees commit employee theft while more senior employees can be trusted.
Employee theft is detected in its early stages.
As long as management embraces erroneous information about employee theft and fails to become educated to the facts, employee theft will remain a major drain of profits and employee morale.
Eliminating myths and misconceptions about employee theft is only half the answer to addressing the problem of management’s inability to understand and effectively deal with employee theft. Once management becomes more educated to the fallacies and misconceptions, it must become aware of the valid facts and accepted theories regarding employee theft. Only then will it be able to develop loss prevention programs and strategies which will reduce risks to theft and prevent losses. Some credible opinions and accepted theories regarding employee theft are:
Opportunity, not need, to steal is the primary cause of employee theft.
A majority of employee theft goes undetected by management.
Less than 10% of the employee population causes over 95% of the total losses from employee theft.
Nearly every business experiences some degree of employee theft.
Employee theft is often committed in reaction to favoritism, unreasonable discipline, inconsistency and other acts of poor or abusive supervision.
A majority of honest employees look the other way regarding employee theft and fail to report it.
Nearly 1/3 of all bankruptcies is caused by employee theft.
Dishonest employees steal to the degree the system allows and don’t stop until they are caught.
A majority of the time, employees know or suspect employee theft is present, but will not report it because the "anti-snitch" attitude prevails over company loyalty.
There is a direct correlation between drug abuse and employee theft.
Based on a 5% net profit margin, it takes $20 in additional sales to offset every $1 lost to employee theft.
The cost for a company to steal a trade secret from a competitor is a fraction of the cost to develop it in-house.
Keep in mind the above points are generally accepted by most security professionals through experience, studies and/or test of time. Based on 30 years of combating employee theft within the private sector, the author firmly believes any manager who understands and accepts the above points would be in a sound position to develop an effective strategy to prevent employee theft within his/her organization.
The primary reason employees steal is more as a result of opportunity than need. At the same time, an employee in need of money generally weighs the risk/consequence of stealing prior to the act. Since the employee suspects or knows he/she may or will be fired or prosecuted if caught, he/she then assesses the chances of getting away with it. If the opportunity to steal is clearly present and risk of apprehension is low, the employee may steal. If the opportunity is minimal and the risk of apprehension is high, the employee is more likely to abstain from theft. Only when this environment is created can management claim it has achieved a true internal loss prevention program.
Setting the opportunity factor aside for a moment, let’s look at other motivating reasons an employee might steal. The following is a widely recognized set of rationale employees often offer in response to being questioned why they stole from their employer:
I was passed over for a raise or a promotion and the company owed it to me.
The company expects some loss/shrinkage – besides it's insured.
Management doesn’t care – they never said anything about it.
Management steals – why can’t we? (This condition often is the result of perceived excessive time for lunch, "borrowing" company property without documentation, padding expense accounts, abusing "perks", failure to set example for honesty, etc)
The company cheated me out some overtime and I got it back.
I am worth a lot more than the company is paying me and I made up the difference.
The company makes a ton of money and doesn’t share the profits with us, so I created my own plan.
Things (controls, procedure, rules) were so lax that they made it easy to steal.
The company angered me and this is how I got even.
Since there are as many signs of theft as there are ways to steal, the list of signs of theft is literally endless. The problem is that management often assumes certain incidents or conditions in the workplace are the result of carelessness, incompetence or inexperience on the part of employees when, in actuality, they are signs of theft in progress.
All irregularities or deviations from normal practices and procedures must be carefully reviewed with an open and perceptive mind. Inventory found near employee exits/loading docks/restrooms, items found concealed in dumpsters, sensitive documents discovered in copy machines first thing in the morning, "xeroxed" control documents used and found in place of originals, refusal of key employees to take even minimal vacation time etc, are all signs which could indicate possible theft and be the only indication you will have to a theft situation. Many companies that dismiss such signs as employee carelessness, incompetence or inexperience often suffer significant losses when these same signs were "discovered" at a later date, to be signs of actual employee theft.
Note: The booklet, How to Identify Dishonesty Within Your Business – The 97 Early Warning Signs of Employee Theft, describes these signs in greater detail. For more information, click "Employee Theft Booklet" here or at the end of this report.
Just having a loss prevention or security program does not guarantee it will prevent losses within your business. In fact, some of the biggest losses have occured within companies with existing programs. There are 3 basic steps a business can take to effectively address its loss exposure.
Conduct a security review or audit of your business operations. Identify and determine the risk (extent of loss/probability of occurrence) factor to each security exposure your business has to potential theft. This technique will enable you to establish a level of priority for each exposure and eliminate it in the most cost-effective manner.
Educate supervision and employees as to the negative impact theft related losses have on company stability, pay increases, promotional opportunities, etc. By soliciting their support up front, subsequent loss prevention efforts will be met with acceptance, rather than alienation and resistance.
Develop a formal loss prevention program to ensure an on going effort to prevent losses and detect existing theft. Such a program will include pre-employment screening, security awareness training, periodic audits, policies and procedures.
Loss Prevention Programs – What Works & What Doesn't
Just having a loss prevention or security program does not guarantee it will prevent losses within your business. Some of the most costly (in excess of $100,000) employee theft losses occur within companies with existing security programs. Of the approximately 200 such cases in which the author has been directly involved, there were a number of similarities regarding the conditions under which these thefts evolved and thrived. These conditions are:
Although management approved of the security program, it failed to openly endorse and support the program, as well as, set an example for honesty and adherence to security policies.
Management failed to provide sufficient funds to implement loss prevention measures and meet goals.
There was favoritism and inconsistency in following security rules and procedures. Supervision was allowed to determine who was affected by and who was exempt from these rules and procedures.
Security personnel performed their function in a "cop" or law enforcement manner and alienated the employee population, thus, weakening their ability to learn of theft through honest employees.
Security personnel failed to develop working relationships with key functions such as Accounting, Internal Audit, Human Resources, thus confining it’s ability to detect actual/potential loss situations to an "island" management style instead of a team approach.
The company failed to achieve employee support and involvement in loss prevention efforts through education and training. Thus, employees considered security as a "Them (management) vs. Us" situation. Also, employees adopted an "anti-snitch" philosophy, which deprived management of learning of the theft at the earliest stage, rather than through huge inventory shortages or other paper trail systems at a later date.
It should be remembered that the above conditions existed because of weak management, poor personnel selection and failure to recognize the need and importance of a key company need – protection of assets.
Achieving effective loss prevention is not an impossible task. However, no loss prevention program can be effective without a serious commitment from top management in every phase and element of the program. Remember, the perceived image of loss prevention/security is often one of necessary evil, unnecessary overhead, inconvenience, big brother is watching and a general "pain in the butt". Consequently, any personnel who administers a loss prevention program, including the owner, designated employee or a security professional, must ensure security measures, policies and procedures must meet the test of reasonableness, need, employee respect, legality and ROI.
Once top management has committed to directly and consistently supporting a loss prevention program, qualified security personnel are in place and it is recognized any security efforts must be proactive and employee relations oriented, the business is now prepared to develop and implement an effective loss prevention program.
Basically, the size and type of business dictates the extent and depth of a security program. Another key consideration is whether the business will select an existing employee or hire full time professional who will assume the responsibility for preventing losses. A word of caution in adding the security responsibility to an existing employee is to be sure the employee is able and willing to accept the responsibility. Assigning security responsibilities to an already "maxed out" employee is a fruitless effort. Also, assigning the responsibility to an individual with little or no knowledge of security/loss prevention will be a wasted effort. Ensure the candidate has the skills to develop and implement a business and employee oriented program or make sure the individual receives the training to do so.
Whether your program is designed to prevent losses in a small business or a major corporation, the following are basic elements generic to any security or loss prevention program:
Mission Statement. The mission statement lays the groundwork for a loss prevention program by defining, clarifying and formalizing the overall purpose, direction and philosophy management will take in protecting the company's assets and preventing crime. The mission statement embodies the philosophy of the organization and is the source for uniformity and consistency between goals, procedures, policies and training.
Goals and Objectives. Setting realistic goals and objectives are crucial in developing a plan that focuses on achieving effective loss prevention for all areas needing protection in a timely and cost effective manner. Although goals must address all the asset protection needs of the business, they must be concise, reasonable and attainable.
Security Policies and Procedures. Employee theft is costly, occurs within any part of the company and often results in major administrative or legal action against the company. Consequently, it is simply good business sense to follow definitive guidelines in dealing with the many aspects of employee theft such as prevention, investigation and action against those who commit such acts. Failure to have sound and comprehensive security policies and procedures often result ongoing and periodic loss situations, adverse employee morale, legal liability and other equally costly consequences.
Pre-employment Screening. In today’s business environment, pre-employment screening is a standard in the hiring process. From a security standpoint, businesses that fail to screen or inadequately screen candidates for hire expose themselves to potential theft, violence, workers compensation fraud, liability and a litany of other problems. The more undesirable applicants are rejected from businesses that screen, the more likely those individuals will be hired by a business that has no screening program. When a business hires an undesirable or previously rejected employee that person will likely recommend a similar type of person for employment and so on. In addition, the more dishonest employees there are on the payroll the less effective any security measures are in preventing losses. Simply put, dishonest employees will undermine and destroy the integrity of even the most stringent loss prevention program.
Compliance and Security Audits. Employee theft is unique in the fact that it will reoccur unless existing loss prevention measures are continually audited and new measures are developed/implemented to counter impending exposures that surface during an audit. If a program is not reviewed on an ongoing basis, policies/procedures will gradually deteriorate and dishonest employees will eventually circumvent them to their advantage.
Security Awareness and Training. Keep in mind that all employees in a work environment have the same opportunity to recognize ways to steal. The problem is the dishonest employees are recognizing the openings for theft and stealing billions while honest employees exposed to the same security risks are not bringing them to the attention of management beforehand. When employees are trained to immediately report security risks or exposures, it gives management the chance to take preventive measures and eliminate the opportunity. Effective security training and awareness programs educate the employee as to the adverse impact theft has on job stability, raises, benefits etc.; thus, giving them a personal reason to assist the company in preventing losses. Until management implements effective training that creates employee awareness of, concern for and involvement in preventing losses, its time will be consumed in reacting to costly and unrecoverable losses.
Anonymous Tip Programs. In most employee theft situations, honest employees know about the thievery, but withhold the information from management until compelled to reveal it. Why? Since our childhood, being called a "tattletale" meant humiliation and ostracism by our peers. On TV shows, a "snitch" is depicted as a distasteful and disreputable individual. This environment has a conditioning effect that has been carried into the workplace and is most apparent in employee theft situations. Make no mistake about it, this "anti-snitch attitude" is very real and must be dealt with, not by intimidation, but by educating and convincing the employee that unreported theft hurts everyone. The anonymous tip program provides the concerned employee with a means to report theft and maintain anonymity when he/she would not normally do so.
It is often stated, "Employee theft exists to the degree to which management allows and budgets". This report may not enable you to determine the actual extent of existing theft from employee theft within your business, but it does provide the reader with the means to reduce or eliminate actual, suspected and/or potential loss situations by addressing current opportunities for theft. In some instances, the opportunities you eliminated will have been the means by which some employees were already stealing from you. In any event, keep in mind employee theft occurs as a result of an opportunity, starts small and grows to the extent allowed by management. Normally, it does not stop until management stops it, guilty employees leave or the company goes out of business.
HRJohn Case, CPP, is a Certified Protection Professional with over 25 years of hands on experience in assisting management in the detection and prevention of employee theft in a wide variety of business environments. Prior to forming his security consulting firm,
John Case and Associates, he was employed by three Fortune 100 firms and held management positions in security, internal audit and human resources. He holds a BS degree in Security Administration from Michigan State University and is a speaker for the American Management Association, major trade associations and professional organizations. He is a founder, past president and current board member of the International Association of Professional Security Consultants.
