The red flags of employee and management fraud – is your business protected?

Published by Jodie Jones on 15 June 2023

Share this article

In 2020/2021 a whopping 875,622 frauds were reported to Action Fraud, with the reported losses totalling £2.35bn.

KPMG’s fraud barometer, released earlier this year, stated that in 2022 219 alleged fraud cases were heard in Court, indicating that the vast majority of reported frauds are not brought to court. We have been engaged to investigate at least one of the relatively few cases that will be heard in Court. While the number of cases actually reduced from 2021 (298 cases), the total fraud increased from £444.7m in 2021 to £1.12bn in 2022.

After professional criminals, employee and management fraud are the most common types of fraud.

It is expected that Covid-19 has had an impact on the level of employee fraud on the basis that many businesses were forced to relax control procedures to facilitate employees working from home.

Red flags

We have dealt with numerous fraud investigations and there are a number of key traits that are consistently seen, case after case.

A key factor is trust – in almost all cases the perpetrator is someone who has been with a business for a period of time, sufficient for them to have built a trusting relationship with their colleagues. This leads to a lack of questioning and scepticism in relation to behaviours and actions.

A lack of segregation of duties goes hand in hand with the trust issue – do any employees have too much control? Are there sufficient control and authorisation procedures in place within a business? Implementing robust control procedures can be particularly difficult for smaller firms, where there are few staff members.

A lavish lifestyle is another key indicator, particularly when compared to the earnings of the perpetrator. We often see spend on luxury holidays, material goods such as new cars, and gambling, although fraudsters will often go out of their way to cover their tracks and avoid raising suspicion.

How to prevent

Employee frauds can be particularly complex in nature and so may be very difficult to identify, particularly where there is collusion.

A few examples of employee fraud, and how to spot them, are as follows:

    • Changing of the company’s bank details on sales invoices to that of the perpetrator – this is then typically hidden within the financial records by credit noting the sale so it appears as though it never occurred. The legitimacy of credit notes should therefore be reviewed, particularly where there is an increase in the frequency of credit notes raised.


    • Similar to the above, changing supplier account details to that of the perpetrator is a common employee fraud. Reviewing the supplier bank details to that of the employees (which will typically be held for wage payments), as well as reviewing any changes in supplier account details will help to identify any such manipulation.


    • Fake suppliers can be set up with dummy invoices and then payment is sent to an account under the perpetrator’s control. Reviewing new supplier accounts set up on accounting systems and researching the supplier or contacting them to confirm their payment details will assist in identifying a fraud of this nature.


    • While the use of cheques has reduced significantly in recent years, we have recently been involved in a significant (in excess of £3m over a 10-year period) cheque related fraud whereby the company’s finance manager was the sole signatory on the bank and wrote cheques out to themselves, recording the payments in the company’s books and records under various profit and loss and balance sheet accounts. Requiring two cheque signatories or implementing a robust payment authorisation process would have prevented this fraud.


  • We commonly see instances where either fake employees are set up (less common in smaller firms where all employees will be known) or employees that have left the business continue receiving wage payments, but payments are sent to the perpetrator’s account. Verification of new employees included on the wages and checking that departed employees no longer feature on the payroll BACs payment listing will identify this particular fraud.

The above list is certainly not exhaustive but provides examples of the more common ways businesses can be defrauded internally.

Ensuring your business has sufficient control and authorisation procedures in place will go a long way to deter and detect fraud. It is a misconception that a “clean” audit report means that a company’s control procedures are adequate and no frauds have been perpetrated by employees.

We would strongly recommend that the risk of employee fraud is mitigated by regular review of control procedures and Kreston Reeves will be pleased to assist in that regard.

Similarly, if you identify or suspect a fraud, our Forensic team would be happy to assist you – by undertaking an investigation we can assist in both quantifying the fraud and provide recommendations where any weaknesses in control procedures exist.

Get in touch with us today and our Forensic team can discuss your situation in more detail.

Share this article


Email Jodie

    • yes I have read the privacy notice and am happy for Kreston Reeves to use my information

    Related people


    Email Richard

      • yes I have read the privacy notice and am happy for Kreston Reeves to use my information

      View teamSubscribe

      Close Expand

      Subscribe to our newsletters

      Our complimentary newsletters and event invitations are designed to provide you with regular updates, insight and guidance.

        • Business, finance and tax issuesPersonal finance, tax, legal and wealth management issuesInternational business issuesCharity and not-for-profit issues
        • Academies and educationAgricultureFinancial servicesLife sciencesManufacturingProfessional practicesProperty and constructionTechnology
        • yes I agree I have read and accept the privacy policy and am happy for Kreston Reeves email communications I have selected above

        You can unsubscribe from our email communications at any time by emailing [email protected] or by clicking the 'unsubscribe' link found on all our email newsletters and event invitations.