At a glance
Despite increased sophistication in payroll systems, people continue to find new ways to commit fraud. In 2018, a global study of occupational fraud found that payroll scams accounted for 7 per cent of all cases, with a median duration of 30 months and cost of US$63,000.
The damage can be even more significant, as evidenced by multiple high-profile cases in Australia, such as Clive Peeters and Hassell Services, who were defrauded a combined total of almost A$20 million by former payroll managers.
According to Nick Southcombe, chief executive officer of Frontier Software, the cost to a business’s reputation can be just as detrimental as the financial drain.
“People want to work with – and for – organisations that aren’t only ethical, but also have good controls in place to ensure that high standards are maintained,” he says.
According to Southcombe, the best way to deter payroll fraud is to set up stringent internal controls across three areas: people, processes, and technology. Here are some of the steps he suggests.
1. People: set the tone at the top
Instituting ethical behaviour within a business starts at the top. When upper management projects positivity and integrity, it produces a ripple effect among employees – either reducing the prevalence of fraud or making its detection more probable.
Creating an honest and ethical culture also means implementing quality standards, says Southcombe. He recommends organisations establish – and constantly reinforce – payroll policies and processes to ensure accountability and transparency.
2. Process: segregate duties
No single person should be wholly responsible for the payroll process. Instead, businesses can protect themselves from fraud by assigning different people to key duties – ideally rotating these tasks at least once a year. Regular accounting reconciliations of payroll to general ledger should likewise be conducted by a person not engaged in payroll preparation. This makes it difficult for perpetrators to act alone, with Southcombe explaining: “When you segregate duties, malicious behaviour requires collusion.”
3. Technology: review security access and reporting
Payroll systems offer a number of anti-fraud solutions, chief among them security access controls. “Make sure there are controls in place to prevent the payroll team – or anyone else – adding ghost employees or changing pay rates,” Southcombe says. “People should only have access to information that’s relevant to their roles and responsibilities.”
Ensure your technology offers sophisticated reporting tools. These can include details reports, variation reports, audit reports, headcount reports and master file details reports.
With such information at their disposal, auditors can filter out notable changes in any pay period and compare them to historical data.
“This gives managers or other third parties the opportunity to perform sanity checks of payroll and make sure it’s all legitimate,” adds Southcombe.
While artificial intelligence and machine learning can now identify payroll anomalies automatically, Southcombe says businesses need to understand how to adapt their governance accordingly before they implement them.
As critical as preventative measures may be, Southcombe also urges businesses to watch for early warning signs of fraud.
“Beware of the payroll staff that never take holidays, or those who look like they might be living beyond their means,” he suggests. “If the worst-case scenario does happen, make sure you have a response plan ready, so you can get on the front foot and take control of the situation.”