After Suelyn Farel got an email alert that someone had downloaded her entire customer database, she learned that two former employees had conspired to steal from her beauty products company.
Farel had allowed the staffers to keep working after they each gave notice in late 2017; when they left the New York-based Julien Farel Group, their passwords for its system were still active. The theft led the company's database provider to block Farel's access for four months while the incident was being investigated, costing the firm an estimated $70,000 to $80,000 in business. Farel felt betrayed.
"It was a huge eye opener. I'm someone who's very trusting and I love our employees," she says. "It really reminded me that I have to be careful, that possibly my judgment of the character of people around me is wrong."
Employees may steal from companies of any size, but small and mid-sized businesses can be more vulnerable because they lack practices and systems designed to prevent wrongdoing. Their technology may not be as secure as at a larger company, and they may not have the staffing to provide the kind of checks and balances that make it harder to steal. The more familiar atmosphere at some companies may make it easier for employees to plan and conceal a crime and keep on committing it.
Farel has since changed her policies. The day staffers give notice is usually their last and they lose their access to company email and the rest of the computer system. She keeps a list of everyone's passwords and makes sure they are disabled.
Farel has taken steps that should be standard operating procedure at all companies, says Shira Forman, an employment attorney with Sheppard Mullin in New York. If a current staffer is suspected of stealing, bosses should still "cut off access and stop the bleeding," Forman says.
"One approach might be to put the employee on leave while you investigate, and have any kind of data access frozen while you do that," she says.
It's a good idea, whether an owner suspects or knows for sure that a staffer has stolen, to get legal advice on how to proceed, Forman says.
In the case of a theft via computer, owners need an electronic paper trail. The initial email from Farel's database provider said the download was made from an internet service provider in Brooklyn, so Farel knew the theft didn't take place at her office. She was also able to find out that the download occurred at the new employer of one of the ex-staffers. Farel reported the theft to the district attorney's office; the case has not yet been resolved.
There aren't definitive statistics showing how many companies have experienced employee theft because many cases go unreported. Owners may feel embarrassment and shame, and don't want to bring negative attention to their companies. But insurer Hiscox, which analyzed nearly 400 employee theft cases in federal courts in 2016, said 68 percent occurred at companies with fewer than 500 employees. Those companies lost a median $289,864.
Misplaced trust can be a problem for business owners who find it hard to imagine that a staffer, especially one who's been with the company for years, would steal, says Doug Karpp, a senior vice president with Hiscox.
"When you have five or 10 people in an office, you trust each other like family members," he says. Owners may feel so secure that they focus too little on what staffers are doing — allowing thefts to continue over an extended time, Karpp says.
The bookkeeper for Deb and Kevin Durken's store, The Boot Shack, forged checks and stole an estimated $225,000 over 10 years starting in 1999, Deb Durken says. The bookkeeper was able to keep stealing because she was trusted to do her work unsupervised. Deb Durken wasn't working at the St. Cloud, Minnesota, store during that time, but she noticed discrepancies when she checked invoices and bank statements. However, the couple disagreed about what to do, and they didn't investigate further. It wasn't until 2009 that the bank called, questioning a check that had no payee.
Deb Durken, a paralegal, played detective and figured out that the bookkeeper had written a series of checks without payees and then altered copies of checks in bank statements to look like they had vendors' names.
"I dreaded telling Kevin when he came home," Deb Durken says. "He was literally sick, felt betrayed."
The Durkens pressed charges and their former bookkeeper has made partial restitution. The couple has insurance against employee theft that has given them about $50,000. And the situation won't happen again, Deb Durken says. She's now handling the company's books.
Two employees have stolen from Leslie Saul's Cambridge, Massachusetts, architectural firm over a 30-year span. One was an intern who bought merchandise and used a car service, paying with company accounts; his parents made restitution for the $3,000 to $5,000 he stole. The second was a designer who downloaded images and client information and used them without permission to help launch a new firm. Saul doesn't believe her firm suffered any financial losses in that case.
Saul wonders if she needs to be more careful in hiring to ensure this doesn't happen again — although she has hired dozens of staffers who didn't steal. But she keeps in mind something a mentor told her years ago:
"'You can always teach skills but you can't teach who the person is — look for the person first and then the skills,'" Saul says. "I do think that's the greatest advice."
For more small business news, insights and inspiration, sign up for our free weekly newsletter here: http://discover.ap.org/ssb
Follow Joyce Rosenberg at www.twitter.com/JoyceMRosenberg . Her work can be found here: https://apnews.com