The president of ZZZ Sheet Metal sometimes wondered whether the firm had grown too quickly. When he walked through the office, there were more and more unfamiliar faces, and he had given up on knowing all of his people by name. Turnover of employees, previously a non-issue, was now a fact of life. However, the workforce was busy, and new projects were regularly appearing on the horizon. Life was good.
That all changed one Friday afternoon. A call came from ZZZ’s bank indicating that a large ZZZ check to a subcontractor had bounced. An angry call from the subcontractor followed closely thereafter. The president of the subcontracting firm immediately called in his controller, and they jointly reviewed the bank records. The records indicated that the particular account should have had a balance of over $100,000 even after the payment to the subcontractor. The controller asked that the bank immediately forward its record of all account transactions for the prior 30 days.
The report arrived on Monday morning, and the controller’s jaw hit the table when he saw its contents. During the prior two weeks, five checks not reflected on the company’s ledger had cleared the bank account. The checks, in amounts of $20,000 to $70,000, had been cashed at banks up to 200 miles away. The check numbers were non-sequential, and up to 100 numbers higher than the checks currently being issued by the subcontractor. The controller called the bank immediately, and asked that no further transactions be processed through the account. Calls went out to other vendors, who had received checks from the account, to tell them that their checks would not clear and that substitute checks would be sent. The controller tried to provide as few details as possible, but he could not hide his nervousness and agitation. Those third parties with ZZZ checks on their desks were left to wonder if the subcontractor was collapsing financially, and whether they would actually see substitute checks. Phones began ringing all over town among customers, suppliers, and competitors. The consistent message was that “ZZZ is in trouble.”
While the company’s reputation was taking a hit out in the marketplace, ZZZ management was doing its best to address the financial crisis itself. The checks had obviously been stolen by someone with access to the check blanks. The bank suggested that the subcontractor get the police involved. When the controller asked the bank representative whether the bank would cover the loss for the stolen checks, the banker was non-committal. He stated: “We will have to figure out what happened first.” ZZZ began its own investigation, and obtained copies of the stolen checks. The controller breathed a sign of relief when he saw that the names on the checks were not the names of any ZZZ officers. The checks also clearly stated on their face that two signatures were required for amounts over $5,000, but that only one signature appeared on two of the checks. Certainly, the banks that cashed the checks should not have accepted them, and ZZZ’s bank should not have honored them. While ZZZ felt some regret as to the bank’s looming loss, its sense of relief was far greater. At the same time, the subcontractor’s management was disappointed with the attitude of the local police (“It is tough to get resources to prosecute these white-collar crimes.”). In any case, a positive resolution seemed near at hand.
The bank’s representatives arrived the next day. They inspected the offices, and spoke with the controller and several members of the office staff. It came to light that the check blanks were kept in a file cabinet in the central office area that was frequently unlocked. No one could state with certainty whether the cabinet was always locked at night or on weekends. The company had also changed janitorial firms in the prior 30 days, and there were a number of relatively new hires working in the office area. It became apparent that dozens of people, including non-ZZZ employees, could have had access to the check blanks.
A bank letter (obviously authored by its attorney) arrived several days later stating that the loss was the result of ZZZ’s sloppy business practices, and apparent negligence in protecting the check blanks. Under such circumstances, the bank was not prepared to accept responsibility for reimbursing the stolen funds. The bank recommended that ZZZ pursue recovery of the funds from the party who committed the theft and/or the parties that had cashed the checks. Out of a desire to be helpful, the bank provided the phone number for the FBI office. After his anger died down, the president of ZZZ found his only remaining emotion to be panic. How would they catch the thief? Wouldn’t the money be long gone? How were they to pay their current bills? Why wasn’t anyone else stepping up to assume responsibility for what seemed to be a whole litany of errors by everyone involved?
ZZZ saw no option other than to call its attorney, and describe what was occurring. A meeting was immediately convened. The attorney grew more somber as he reviewed the facts, and the bank letter. He shook his head at the controller’s suggestion that perhaps FDIC insurance could come into play. The attorney pointed out that such insurance protected only against bank failure, and not funds stolen from the borrower. The attorney indicated that there might be some prospect of recovery against ZZZ’s bank for paying such large checks without confirming the number, and identity of the signatories or notifying ZZZ of the unusual account activity. He also suggested that the company’s own liability insurance might provide an avenue for recovery. While the attorney was skeptical about any recovery from the actual thief or his (or her) co-conspirators, the company was also urged to press the investigation.
An exchange of heated letters with the bank’s counsel produced a settlement (with the bank) equal to the sum of a couple of smaller checks that had not been endorsed with two names (approximately 20% of the total stolen). In concluding the settlement negotiations, the bank also indicated that it no longer wished to do business with ZZZ. The insurance company denied the claim, and forwarded a copy of a ZZZ letter in which it had specifically declined employee theft coverage. The janitorial contract was cancelled, but no settlement was forthcoming from the cleaning firm (which asserted the innocence of all of its employees). The theft investigation produced no answers, and ZZZ’s president was left to wonder whether the thief was still walking in their midst waiting to strike again. The checkbook was locked in a safe in the controller’s office, and only three people had the combination. Before his last day on the job, the controller was observed mumbling to himself, while he flipped endlessly through company check blanks, checking and re-checking the numbers.
This story would hardly seem believable if it was not true (although the victim was obviously not the long-suffering ZZZ). While in the real-life version of the story, the company’s bank ultimately made good on the full amount (approximately $175,000) of missing funds although it had no absolute legal obligation to do so. (Along with avoiding the risk and cost of litigation, the bank wished not to jeopardize its relationship with a major customer). There were also certain facts specific to the bank’s handling of the checks that increased its potential legal exposure. However, the principal lesson from the experience is that any business can be victimized by financial theft. With the advent of electronic commerce, the threat of such theft has only increased.
Entire courses are devoted to this topic, and comprehensively addressing the problem of financial theft is far beyond the scope of this Bulletin. However, here are some basic suggestions to protect your business:
- Strictly limit access to company financial instruments, both incoming (receivable collections) and outgoing (company checks for payables).
- Consider adding a crime insurance endorsement to your general liability insurance policy or purchasing a separate policy covering employee and third party theft.
- Divide responsibility for financial matters among various people in your office with some overlap of responsibilities so that you have reasonable internal checks and balances.
- Periodically (but not on a predictable cycle) review internal financial records, including check ledgers. Consult your company accountant to develop a focused approach for your review. Annual audits can also “flush out” questionable activities.
- Strictly limit the number of parties that can sign checks, and require multiple signatures on larger checks.