Payroll fraud schemes can be costly. According to a 2024 Association of Certified Fraud Examiners (ACFE) study, the median loss generated by payroll fraud incidents is $50,000. It’s essential to know the payroll schemes making the rounds and how to prevent them – or at least catch them before they go on very long.
Common Threats
Here are brief descriptions of some common payroll fraud threats:
- Ghost employees. Perpetrators add made-up employees to the payroll. The wages of these “ghost employees’ are deposited in accounts controlled by the fraudsters.
- Excessive payments. Here, employees receive overtime pay by inflating their work hours.
- Payroll diversion. Cybercriminals use phishing emails to trick employees into providing sensitive information, such as bank login credentials. This becomes a form of payroll fraud when they divert payroll direct deposits to accounts they control. Crooks might also target employers by sending them fake emails from “employees” requesting changes to their direct deposit instructions.
- Expense reimbursement fraud. Employees receiving expense reimbursement might inflate their expenses, submit multiple receipts for the exact cost, or claim nonexistent expenses. When perpetrated by employees, this is related to payroll fraud because reimbursements are often added to paychecks.
6 strategies for preventing or uncovering payroll fraud.
Preventing payroll fraud — and uncovering it quickly if it still occurs — requires strong internal controls. Here are six strategies to strengthen your defenses:
- Require two or more employees to make payroll changes, such as pay rates or adding or removing employees.
- Closely monitor employee expense reimbursement requests. Notify employees when discrepancies are found and require corrections.
- Using exception reporting, flag excessive or unusual pay rates, hours, or expenses.
- Regularly conduct payroll audits to detect anomalies.
- Audit automatic payroll withdrawals to confirm proper transfers are made.
- Allow changes to direct deposits only via email confirmation, requiring employee approval before processing. For example, ask the employee to verify that he or she requested the change.
In addition to employing fraud prevention strategies, educating employees about payroll schemes, phishing attacks, and the importance of not sharing sensitive information via email. According to the 2024 ACFE study, the median fraud loss for victim organizations that provided fraud training to executives, managers, and employees was roughly half the loss reported by organizations without training programs.
Payroll fraud is widespread.
Payroll fraud threatens businesses of all sizes and industries. Your organization can mitigate the risk by understanding the forms of payroll fraud and implementing robust internal controls, frequent audits, and employee training.
Need Help?
Our team can help you identify payroll fraud and help you create a process for uncovering it before it starts. Contact us today.