Compliance typically focuses on external risks. But sometimes, “the call comes from inside the house.” Embezzlement is an area that may seem unrelated to compliance, but compliance can, and arguably should, attempt to prevent it.
Embezzlement is a tough topic. One may not wish to profess expertise about theft. That is merely one reason people often steer clear of discussing it.
My introduction to the concept of theft by employees occurred when I was asked to present on it. Since I enjoy public speaking, I rarely turn down such an invitation. However, I am a strong proponent of the principle “never fake it.” If you don’t know something, don’t claim to know.
Adhering to that axiom, I emphasized my ignorance. The group insisted that I try. Crowd-sourcing seemed like a good idea, so we sent an email to members of the trade group asking for embezzlement stories.
The results were astounding. Nearly everyone had a story, and some had several. I quickly learned that theft is a norm within the healthcare industry.
This is an atypical compliance risk. The government isn’t going to be mad at you if you are the victim of an embezzler, but it certainly hurts your organization, and there is a risk that an embezzler may figure that government has deeper pockets, making it the next victim. It’s in your interest to stomp it out at the first opportunity.
Perpetrators often vary their approach based on the type of the organization. Some schemes work in either the hospital or the clinic. For example, whoever checks a patient in may pocket the copayment, then deep-six the charge ticket so no one will notice anything missing. The result is that the thief gets about $20, but costs the practice several times that because of the lost bill for the visit.
How can this be prevented? Make sure that there is a list of every patient who comes in, and that the list is reconciled with cash receipts. If someone was scheduled and there is no charge ticket, figure out why. The list must be kept by someone other than the person taking the cash. In fact, the best risk management strategy is having two or more people involved in all financial transactions.
A common scheme in all settings, but more common in larger organizations, is the fake vendor. Invoices are submitted for items that never existed. Fake technology companies are also particularly popular. You pay for 20 nonexistent computers, for example. To lower the risk, you have invoices approved by someone in addition to whoever ordered the product, and that person needs to see the goods.
Dummied-up expenses are another approach. This can involve fake receipts, or real receipts for expenses that aren’t related to work. In a clinic, say a ne’er-do-well presents a physician with a check made out to American Express. But the check is paying both the bill for the practice and the employee’s personal account – or maybe even just the employee’s account. The best strategy here is to make sure that there is an invoice attached to the check request, but fake invoices are becoming increasingly easy to create.
Some warning signs of trouble may include patients complaining of double-billing or vendors asserting that they haven’t been paid. An increase in writeoffs or bad debt may be a result of an embezzlement scheme as well. One common trait of embezzlers: they like to be in the office when no one else is around to be able to cover their tracks.
I want to offer a personal observation. I have discovered that most of my clients who are victims of embezzlement opt not to report it. Whether due to embarrassment or a desire to avoid the hassle, they often fire the person and move on. That does a disservice to society.
While I concede that the police often fail to prosecute embezzlement cases aggressively, we are all better off if individuals who have their hand in the till face some sort of comeuppance, rather than moving from job to job with no warning to future employers.
We will never end embezzlement entirely.
But with some care and attention, we can reduce its frequency.
About the Author
David M. Glaser, Esq., is a shareholder in Fredrikson & Byron’s Health Law Group. David helps clinics, hospitals, and other healthcare entities negotiate the maze of healthcare regulations, providing advice about risk management, reimbursement, and business planning issues. He has considerable experience in healthcare regulation and litigation, including compliance, criminal and civil fraud investigations, and reimbursement disputes. David’s goal is to explain the government’s enforcement position and to analyze whether the law supports this position. David is a popular panelist on Monitor Mondays and is a member of the RACmonitor editorial board.
Contact the Author
Comment on this Article