Fraud. It’s an ugly thing and it’s everywhere, the medical industry is no exception. When most people think about fraud, they think about white collar criminals stealing millions of dollars from big name companies, or the “dark web” where most of our social security numbers and credit card numbers are floating around just waiting for a buyer. The truth is most businesses will experience some type of fraud during their operation. It is so important for owners and business managers to be constantly vigilant to protect their practices.
I like to give real world examples when I talk to clients about preventing fraud. In my 20 years of experience I have found that, unfortunately, there is no one size fits all profile for a fraudster, which makes defending your business against fraud that much harder.
One example is that of outside fraud, or fraud committed by someone who is not an employee. Today, digital communications are king. The amount of e-mails I both get and send in a day are staggering. This is the way we communicate, bottom line. Guess what? Criminals know that. In this example a new business manager was presented with an e-mail from an owner while they were out of town to wire money to an outside vendor. The business manager replied to the e-mail verifying the wire, and the e-mail was responded to yes, please wire the money. The money was wired, the bank calls to verify the wire, it is verified end of story. A few days goes by and the owner comes back into town and realizes a large transfer from the bank account. When the new business manager was questioned about the withdrawal, the fraud is revealed but unfortunately it is too late. The money is long gone, and because the wire was initiated by the company, there is no recourse with the bank. The practice’s general liability policy will also not cover this type of loss (unless you have specific cyber security protection).
Prevention: Everyone in your organization needs to know the procedures for instructions sent electronically. I suggest making it an office policy that all wire transfers are to be verbally confirmed with the person requesting the transfer. A simple phone call would have saved this company thousands.
The next example is that of inside fraud. Unfortunately, this one stings… a lot. It’s always the people you least expect. It’s the longtime employee whom you trust. It is the person who writes the checks, reconciles the bank account, and in some cases even signs the checks. They have access to all the computer systems including the accounting and billing systems. They are in charge of issuing refund checks. They basically run your office. This is what us CPAs like to call “lack of internal controls” or “no separation in duties”. There are several versions of inside fraud. One example is writing a check to themselves, either using a signature stamp or forging the owners signature, then entering the check into the accounting system as a check to Office Depot. They reconcile the bank account, check it off as cleared and no one is the wiser. Another version of inside fraud I have seen is with refund checks. Refund checks are an easy target because they are generally small in value and a patient is not necessarily on the lookout for them. In one instance, the practice was crediting refunds back to the credit cards the patients used to pay. The person in charge of refunds simply charged that refund back to their personal credit card instead of the patient then wrote off the balance in the billing system. This went on for months and months until finally a patient called about a refund check, it was researched and the fraud discovered. Similarly, manual receipts can be a vehicle for fraud. The patient is provided with a manual receipt for payment but the actual payment is never entered into the billing system. Another example is payroll fraud, the same person that processes payroll reconciled the bank statements and reviewed payroll reports. That person decided to give himself a raise 5 times in one year. By the time the fraud was caught he had paid himself over $50,000 in wages over his original salary.
Prevention: I cannot stress enough how important it is for someone who does not reconcile the bank account to review the bank statements monthly, as well as payroll reports. As for the refund charges, the same person that authorizes write-offs in your billings system should not be the same person who issues the refund checks. Another good practice is requiring a five-consecutive day vacation for all key personnel.
If you feel like something is wrong, trust your instincts. Have a professional come in and do an audit of your processes and procedures. An independent review of your billing and accounting systems may turn up inconsistencies that can be researched.
In conclusion, be vigilant, review invoices, sign checks, look at bank payroll records regularly, make sure all employees know the office policy when it comes to transferring funds. Because at the end of the day, the owner/s of the practice get to take home what’s left and the losses from fraud will come out of your paycheck.
You may not be getting all you can out of your browsing experience
and may be open to security risks!
Consider upgrading to the latest version of your browser or choose on below: