One of your worst nightmares is discovering that someone within your practice has been stealing from you.
Chances are very good that some practitioners reading this article have had this gut-wrenching experience. The culprit could be an office manager, billing personnel, cashier, receptionist or even a fellow associate. The most shocking aspect is that the thief is often one of the most trusted, long-standing, beloved employees in the practice.
Doctors who have experienced this will tell you that the trauma such an event inflicts on a medical practice extends far beyond the discovery of the theft. Personal grief, loss of productive time, litigation costs, employee morale problems, and administrative burdens can overshadow the loss of funds stolen.
This is the first of two articles on reducing the risks of and detecting embezzlement losses.
Why do Employees Steal?
The reasons for embezzlement vary but may include any one or a combination of personal problems such as drug addiction, alcoholism, gambling, financial hardship, resentment of the doctor’s earnings or lifestyle, feelings of being unappreciated, or anger.
Sometimes it’s just a simple matter of temptation and greed.
Why Medical Practices?
Medical practices are easy targets for embezzlement. Most have few if any internal controls to safeguard cash and patient receivables. This is attributable to the following:
• High volume of small transactions;
• Significant amounts of cash receipts;
• Little or no segregation of duties;
• Limited personnel;
• Unsophisticated record keeping;
• Relatively little oversight by owner
• Absence of financial management
Administrative support staff usually know more about billing, collections, disbursements, and recordkeeping than the doctor does, which puts the practitioner at a disadvantage.
Who is Responsible?
The most common misconception of doctors is the assumption that their outside independent accountant is watching the checkbook and safeguarding their assets. This is simply not the case. Accountants are not responsible for the prevention or detection of fraud. This is written in every engagement letter that documents the terms and limitations of the accountant’s engagement.
The fact is, the infrequency of visits, the limited amount of time the accountant spends at the doctor’s office and the limited scope of the services the practitioner is willing to pay for does not allow for the accountant to perform the tasks necessary to safeguard against or even detect employee theft on an ongoing basis. However, the practice’s accountant can be helpful in identifying system deficiencies and recommending corrective action.
The primary responsibility for the prevention and detection of fraud rests with doctors. It is not only a responsibility, but an obligation to themselves, their associates, and their employees. Obviously doctors will not hire someone with a criminal record or someone they don’t believe they can trust. However, like many small businesses, doctors have to entrust many critical financial tasks to a small number of support staff. If too many functions are assigned to one person without adequate checks and balances, the temptation to take advantage of the situation can be too much for some people.
Steps to Minimize Embezzlement Losses
If someone in your organization is set on stealing from you, they probably will. Your objectives should be to remove temptation, make embezzlement as difficult as possible, and increase the probability of early detection to limit the amount of loss. It is easier for larger organizations to implement an elaborate system of internal controls; however, there are several policies and procedures that even a single-physician practice can institute that can significantly reduce embezzlement losses. The following steps will help you minimize losses. Implementing any one or any combination of these may keep you from being victimized.
• No one other than the doctor should have check-signing, account-transfer or borrowing authority;
• All checks presented for signature to the doctor should be accompanied by an invoice or other supporting documentation;
• All checks should be printed and processed through the computer. Any exceptions must be approved by the doctor/owner;
• All checks received in payment should be immediately endorsed “for deposit only” to the account of the practice upon receipt;
• All mail receipts should first be listed and a deposit slip prepared and deposited by someone other than billing, bookkeeping and collections personnel. The payment information should then be forwarded to the personnel responsible for posting to patient accounts with a copy of the deposit slip given to the bookkeeper;
• The bookkeeper or other appropriate person should reconcile the daily deposit to cash received, as shown on the daily transaction report (day sheet) generated from the billing and collection software. Any reconciling items should be brought to the attention of the practitioner;
• All encounter forms should be pre-numbered, accounted for, and filed sequentially after processing, including voided forms (i.e. for no shows). Any missing forms should be brought to the attention of the practitioner;
• No patient accounts receivable should be written off or sent to collection without prior approval of the doctor.
• All computer access codes and passwords should be written and secured in a location known to the practitioner;
• The medical practice should obtain an employee-dishonesty bond to cover potential losses.
In the next issue we will outline steps for detecting and deterring embezzlement schemes.
James B. Calnan, CPA, is partner-in-charge of the Health Care Services Division of Meyers Brothers, P.C. in Longmeadow; (413) 567-6101