Backdoor Payroll Theft of Withholdings

This relatively unknown fraud can be dangerous

The Theft

Gertrude, the payroll clerk, intentionally overpays state withholding taxes by $25,000. She then amends her own W–2 so that it includes the excess payment (the $25,000 is added to her state withholding total). Once Gertrude files her personal state tax return, she receives an extra $25,000. In effect, she is using the state government as a funnel for theft.

In this business, Gertrude processes payroll, files all related payroll tax reporting information, makes payroll withholding payments and records payroll entries in the general ledger—not uncommon in a smaller organization. Also, no second person reviews the W-2s before mailing.

Backdoor Payroll Fraud

Picture is courtesy of

The Weakness

One person is performing all payroll functions, so her actions are not visible to anyone else. Also, no second person–in addition to Gertrude–is reviewing the W-2s before filing.

The Fix

Have someone outside the payroll department review and mail the W-2s. (If the W-2s are returned to the payroll clerk, she could change them.)

Auditing Payroll: The Why and How Guide

Here's an overview of how to audit payroll and related accounts

What are the keys to auditing payroll correctly? While payroll is often seen as a low-risk audit area, it’s a place where considerable damages can occur (such as the $800,000 theft I witnessed last year). Today, we’ll answer questions such as, “how should I test payroll?” and “when should I perform fraud-related payroll procedures?” 

auditing payroll

Picture from

Auditing Payroll — An Overview

In many governments, nonprofits, and small businesses payroll exceeds fifty percent of total expenses. Consequently, it is often a significant transaction area. 

In this post, we will cover the following:

  • Primary payroll assertions
  • Payroll walkthroughs
  • Directional risk for payroll
  • Primary risks for payroll
  • Common payroll control deficiencies
  • Risk of material misstatement for payroll
  • Substantive procedures for payroll
  • Common payroll work papers

I Get By with a Little Help from my Friends: Payroll Fraud

Day 17 of 30 Days of Fraud

The Theft

One Friday evening, Jimmy and Rachel are sitting on the back porch drinking a cool lemonade and chatting about how long it’s been since the business gave them a raise–three years and counting. And everyone knows the owners just bought a beautiful cabin in Aspen. The cost: $10 million. Meanwhile Jimmy and Rachel (cousins) are wiling away their time discussing what they could do to make more money.

Picture is courtesy of

Picture is courtesy of

“Don’t you control what people make,” Jimmy starts. Rachel laughs and says, “I may be in payroll, but I can’t give anyone a raise.”

Jimmy pauses and says, “I didn’t ask if you give raises? I mean, can’t you change pay rates, like you could increase mine. You know, quietly.” He grunts “After all, the owners sure don’t need the money.”

Rachel ponders the request and replies, “I think I could. No one ever reviews what I do. I doubt anyone would ever notice. Come to think of it, I could do the same for myself. With over 300 employees, no one would know. The supervisors never look at the computer payroll files, only the physical personnel files.

The next day Rachel increases the pay rates for her and Jimmy by 10%, just to test the waters. If anyone notices, she’ll say it was a mistake. But no one does, and after six months, she moves the rates even higher–another 30%. Easy money.

The Weakness

No one is comparing–on a test basis–the pay rates in the payroll master file to the approved rates in the personnel files.

The Fix

Have someone in internal audit or an external CPA or CFE randomly select employees, comparing the master pay rates for each person to the personnel files. Let the payroll and human resources employees know that this test will be performed once a year. The knowledge of the test will be a deterrent to fraudulent increases in the master pay rate file. In particular, pay rates for payroll personnel should be reviewed.

Are Ghosts Lurking in Your Payroll?

Day 4 of 30 Days of Fraud

The Theft

Last year I received a phone call. The payroll clerk of a local business had been monkeying around with the company’s direct deposits. As employees left the business, the payroll clerk left them in the system. Auditors commonly refer to these as ghost employees–they are in the system, but they are not real.

Payroll fraud

The picture is courtesy of

Knowing no one was paying attention, the clerk changed the prior employees’ direct deposit bank account numbers to her own. She received multiple direct deposits each payroll. By the time the fraud was discovered, she had taken over $800,000. Ouch!

In addition, the payroll clerk had not filed tax returns, so the Internal Revenue Service rubbed salt into the wound by levying fines.

The Weakness

The owners trusted the payroll clerk too much and did not monitor her work. She alone performed all payroll services with no supervision. Since this is a small business, it was believed that it would cost too much to segregate duties.

The Fix

Export all direct deposit bank account numbers along with employee names into an Excel spreadsheet and sort the bank account numbers. (The bank account numbers should be in one column and the employee name in a separate column.) When the bank account numbers are sorted, duplicate numbers will appear in adjacent rows. So once you sort the bank account numbers, see if there are any duplicates. Normally there should be none. If there are, see why.

Another fix is for the owners to review a list of all employees paid (just request a list of all employees paid for one or more payrolls). Since the owners normally know which employees have left, they will know if payroll payments are made beyond the departure dates.