September 1, 2004
by David G. Harris Bcomm, MBA and William R. Hiltz BSc, MBA
While these data are not specific to dentistry, we believe the incidence of dental fraud is higher than small business due to the nature of dentistry compared with other “small” businesses. Small businesses typically have strong internal controls in place and they separate job functions in a way that dental offices cannot. For example, most businesses customarily have two people involved with every cash transaction. The significance of separation of functions is that in order to steal, two employees must collude.
Contrast this to a dental office where often one or two people are running the administration.
Theft is a real and likely problem for dental offices
Health care practitioners are by nature trusting souls. A defining characteristic of a professional is that he or she places their patients’ interest above their own. Unfortunately, many dentists are unable to differentiate between the clinical environment, where purity of motives is expected, and the non-clinical elements of their practice, where perhaps people interact in a more base manner. Accordingly, many dentists lack the skepticism needed to recognize their vulnerability to fraud.
While much of the literature on dental fraud offers platitudes like, “be more involved in the business aspects of your practice,” we recognize that such advice is both impractical and unhelpful.
Our intent in this article is to provide suggestions that every dentist can implement without cutting his or her clinical hours in half to review every financial transaction.
Why do trusted employees steal?
The temptation to steal is driven by greed, desired revenge against the employer, being paid less than the employee feels he or she is worth or just sheer excitement. The need for money is the dominant motivator and may be driven by unmanageable debts, a desire to live beyond one’s means, gambling, alcohol or drug addiction.
The decision to steal occurs when your trusted employee has a shift in ethics. Research has repeatedly shown that severe financial pressures will force normally honest people to reconsider their values. When faced with losing their house, many otherwise honest employees begin to review the weaknesses of your administration and gauge the probability of success. Unless they believe that discovery is probable, the motivated fraudster will take the risk and steal.
While it is hard to define the “typical fraudster,” most people who steal will display warning signs. Some examples are:
An increase in the frequency of patient complaints about billing errors. Normally, the majority of errors should be traced to the patient’s insurance and not to the dentist.
An employee living clearly beyond their means. Our experience has been that this will become apparent to staff before it does to you.
A staff member who refuses vacation. The thief needs to be in the office to track transactions and provide explanations for suspicious activities. Fraud is often discovered when the person stealing is absent and other staff fill-in.
Watch for employees who constantly stay behind to “finish up.” Fraudsters need to spend “alone” time to track transactions and falsify billing and ledger entries. If an employee is regularly working overtime without a sufficient reason, you should investigate. Ironically, while you think this employee is dedicated, he or she is really stealing your money.
Erratic or disruptive behaviour at the office. For various reasons, your employees may see this but not report to you. Other behaviours to look for are preoccupation, withdrawal or inappropriate displays of anger or frustration. Extreme mood changes are common when guilt and stress are present.
These symptoms do not necessarily mean that the staff member is stealing from your practice; but they should alert you to the possibility.
How do they do it?
Most theft involves taking cash and then altering or destroying records to hide it. Some of the common methods used are:
backdating cash payments to make it appear the patient has already paid for treatment,
failing to enter unscheduled appointments into day sheets and pocketing the cash,
applying an insurance or credit card payment from one patient to the account of another who paid cash,
pocketing cash for payment and then writing off the receivable so the patient does not appear delinquent,
deletion of ledger and appointment entries to remove evidence of the patient’s visit.
Once the fraudster steals without detection, the fraud tends to be repeated with increasing amounts. This starts a cycle of theft that can last months or years, leaving a large financial loss and the dentist feeling violated.
Twelve positive steps you can take
Preventive steps have been shown to be the most effective and least expensive way to deal with potential fraud. The following steps will help reduce the probability of fraud, and if fraud occurs, may lessen the severity. The function of these steps is to increase administrative control and to reduce the possibility that staff feel they can pilfer undetected.
Have all bank statements and notices sent directly to your home address. Request that all cancelled cheques be returned. Personally examine cancelled cheques and endorsements and investigate the unusual. Refuse to sign blank cheques or allow the use of signature stamps on cheques.
Implement a computer system. Virtually any computer system, properly implemented, will make fraud less likely.
Make sure that no one can be placed on the payroll without your explicit approval. Fraudsters can create fictitious (part-time or casual) employees and keep the pay cheques.
Use pre-numbered cheques, invoices, and receipts so that you have a proper number sequence to audit. If you use a computer to generate these items, check with your software vendor to ensure that restrictions and auditing functions are in place.
Force people to take annual vacation. The thief needs to stay close to the action and will resist taking time off.
Implement the security features of your Interacmachine. Staff should not be able to refund money to a credit or debit card without supervisor authorization. Print out the Interac machine transactions each day and personally review. Refunding money using the Interac machine is quick and easy. In many practices, the Interac machine sits on the front desk where visitors can refund money to their account in the time it takes staff to go to the washroom.
Configure your software to have “supervisor” and “restricted level” access. Restricted access users cannot write off or delete transactions without authorization. Front desk staff should NEVER have supervisor-level access — staff should not be able to write off or write down accounts, delete invoices or delete appointments without your approval. Ask your vendor to turn on the security features in your software. Personally review the daily audit log to identify users who have made adjustments.
Implement separate alarm access codes for each staff member who accesses your building. Fraud often requires after hours access so you should know who is coming in after hours.
Create separate computer passwords for each employee. This will assist in identifying who entered suspicious transactions. Contact your vendor to determine if you can have “time of day” access accounts for your systems. We suggest you restrict staff access to 30 minutes before and 30 minutes after normal scheduled office hours.
When you hire staff, conduct a thorough, sceptical, background check, even for employees who will not be involved in handling money. Investigate apparent gaps in work history, as dishonest people may be selective in presenting their experience. Ask each former employer for the name of the previous and subsequent employer and the dates of employment and reconcile this against the resume. Check ‘secondary’ references as opposed to those listed on the rsum. A condition of hiring should be to do a personal credit check. Ask your bank to assist you with this matter. Look for a history of unpaid de
bt and previous civil judgements.
Ensure that your insurance policy covers outside crime, employee theft and computer fraud. It won’t stop theft, but it will help if your preventive measures don’t work.
Each month, personally review the computer transaction history report. This report shows the count and dollar amount of each transaction for the month. It includes transaction totals for credit cards, cash, patient cheques, insurance cheques, write-offs, discounts, adjustments, fee reversals, NSF cheques and direct deposit. Each practice will have different transaction trends but in general, the trends established in a fraud free practice should be consistent.
What if you suspect fraud?
If you suspect fraud, do not confront the employee, do not call the police and do not take any action against the employee without the advice of a professional. Follow these three steps:
(i) Seek professional advice:
When you suspect fraud immediately contact a dental fraud specialist who will involve your lawyer and accountant.
(ii) Lock down:
Immediately implement the appropriate steps recommended in this article. If you have sufficient staff, change their job functions so that the cash is handled by a different person. If fraud is occurring and you implement these steps, continued stealing will be difficult.
(iii) Gather evidence:
When it is established that fraud did occur, ask your advisor when to involve the police and how to terminate the fraudster. As soon as you terminate the employee change all building locks, alarm codes and computer passwords.
If you are using a computer system, call a qualified technician and have them make a copy of your hard drive and remove the original hard drive from service. If you have to do a forensic audit of your computer system, this will preserve temporary files that may be useful during the audit. If you leave the original hard drive in service, you risk overwriting these files and perhaps losing needed information, or having the employee sabotage the computer to destroy evidence.
Once fraud has been established your advisor should lead and co-ordinate the investigation.
To recover your losses, you will need a prosecution and recovery strategy. Your lawyer can advise you on whether criminal or civil proceedings will be the preferred route. In an attempt to benefit from your streak of human decency, some perpetrators will offer to make restitution in exchange for an agreement not to seek legal remedies. Although you may feel tempted to accept, you must take this course of action only on the basis of legal advice.
Vulnerability to fraud is clearly a problem for dental offices. We suspect that virtually every reader of this article will know a dentist who has been victimized. This is the tip of the iceberg because there are many frauds that go undetected and many more that, for various reasons, are not made public. The good news is that virtually every dentist can lessen his or her vulnerability by taking some basic steps.
David Harris, BComm, MBA, CMA, FICB, CD, CSC, TEP and William Hiltz, BSc, MBA, CET are senior advisors with Harris Beattie MacLennan & Company, a Halifax-based dental advisory firm, who have unfortunately been consulted on many cases of dental office fraud.