Healthcare practices continue to suffer from embezzlement problems. While there is no such thing as a perfect system to prevent embezzlers, there are ways to deter them.
Healthcare practices continue to suffer from embezzlement problems. According to recent statistics, 60% of medical practices experienced or will experience embezzlement. This is a very unfortunate problem for medical practices to suffer in addition to all the other challenges physician owners face in running their medical practices on a day-to-day basis.
Unfortunately, there is no such thing as a perfect system. A determined embezzler always finds ways around any systems designed to deter such fraud. However, there are ways you can deter potential embezzlers.
Here are some basic things you can do to prevent this scourge.
Separation of duties
It is always a bad idea for any one individual to manage the entire bill pay process. In an ideal world you would have one individual responsible for approving purchases, a second individual responsible for confirming receipt of the purchased items, and a third individual who pays the vendor for the purchased item after confirming that the invoice agrees with what was purchased for quantity and rate. It is also important to require 2 signatures for invoices that exceed a certain amount.
The same is true for the cash receipts process. You cannot have one individual receiving the payment, posting the payment against open accounts receivable invoices, and also making the deposit to the bank. Once again, in an ideal world you would want all 3 functions performed by 3 separate individuals. Pay close attention to patients who complain about being harassed for open balances, especially if they insist they made their co-pays in cash.
The bottom line is that there has to be a separation of duties.
Password security management
Electronic systems are everywhere. We rely on them with the false hope that they somehow enhance security, when the exact opposite may be true.
If managed improperly, these systems enable and encourage the embezzler. It is astonishing to note that as systems try to get more secure by requiring sophisticated password, many users of these systems simply choose to ignore the requirement. It comes as no surprise to anyone that the most commonly used password is still “password” or some derivative of the same.
Consider adding enhanced security to sensitive electronic systems. Some examples would be biometric scanners that scan for fingerprints, voice recognition, and retina scanners. Multifactor authentications that require a password and a keycard or some other combination thereof may also deter a potential embezzler.
Watch out for the overly dedicated employee:
As horrible as this may sound, watch out for the overly dedicated employee who refuses to take vacation, does not ever call in sick, or works unusually long hours. Unfortunately, this may simply be the case of an embezzler going out of his or her way to ensure that he or she stays in a position to stymie any potential investigation.
Forcing employees to take vacations allows for the possibility that someone else has to pick up the slack, and this may result in uncovering of the scam perpetrated on the employer.
Trust, but verify
It goes without saying that you have to trust your employees as a vast majority of them do right by their employers. However, it is foolhardy to place blind trust in any individual. It is always a good idea to verify the actions performed by any individual.
The verification process must be handled discretely especially if there is a reason to suspect embezzlement activity. In my personal opinion, it is always better to openly communicate to all employees that all actions are subject to verification and these verifications must indeed be performed in an open and deliberate manner.
There are many ways this can be done. Some examples are spot checks on bills that are being paid or the accounting of cash receipts. Open the mail once in a while. Answer the main line of your business once in a while. You may be surprised by what you find.
In conclusion, it is impossible to devise a perfect system that prevents fraud. You can, at best, put systems in place that deter it. As the saying goes, an ounce of prevention is worth a pound of care.
Sonu Shukla, CPA/CFP®, is the principal shareholder of Sonu Shukla CPA, PA, a boutique tax, accounting and financial planning firm in Orlando, FL. Sonu specializes in working with physician owners who manage their medical practices. Sonu provides, tax, accounting and practice management consulting services and can be contacted at firstname.lastname@example.org.
Sonu Shukla CPA, PA, is a proud member of the National CPA Health Care Advisors Association (HCAA), a nationwide network of CPA firms devoted to serving the healthcare industry. Members provide proactive solutions to the accounting needs of physicians and physician groups. For more information contact the HCAA at email@example.com.