Have you ever wondered how and when your employees are stealing from the company? Did you ever wish that you were a fly on the wall, hearing all of the conversations that led up to a group theft? Have you considered secret cameras throughout your workplace to catch employees in the act? Have you wondered what employees are discussing with one another via your internal messaging system? Are you curious about how often employees are playing on the Internet?
It’s no secret that employees routinely steal from their employers. Whether it’s the office supplies taken home for the kids, the extra break while still on the clock, or stealing customer payments, they all constitute theft. Possibly even worse may be the instances of employee disloyalty, such as badmouthing the boss or encouraging good employees to leave the company.
Management is generally willing to overlook the small things until they get out of hand. Missing office supplies or a short shopping spree on the Internet might be just under the boss’s radar. On the other hand, using the company credit card for expensive personal items or taking unearned vacation time may exceed what a manager is willing to let an employee get away with.
So how can employers become aware of what their employees are doing on company time and on the company dime? Technology gives companies a variety of options for monitoring activity and analyzing data. These options can be implemented at a reasonable cost to the company, and often just the knowledge that the company is monitoring employees has a deterrent effect for would-be thieves. When employees know that the company is watching, they’re less likely to engage in unethical behavior on the job.
Simple cross-checking of computer data can yield important information, especially in large companies where it is impossible to know personal details about each employee. Management can select the measures that are most important to monitor, and the software can be set up accordingly.
For example, systems can be set up to cross-check addresses of vendors and employees. This could tip the company off to a fake vendor whose payments are being sent to an employee’s home. It could also reveal a ghost employee whose paycheck is being sent to a real employee’s house.
The software might also be set up to look for post office boxes or other addresses that don’t match the vendor’s address in the master file. This might signal a check that was sent to an alternative address by a dishonest employee or outsider, rather than the legitimate vendor.
It is also important to cross-check vendor names, looking for similar or related names. Employees have been known to duplicate a vendor in the accounting system, misspelling the name so the system doesn’t flag it as a duplicate. Checks issued to this vendor probably won’t draw any scrutiny from supervisors since it is a “known” vendor, but the employee using the duplicate name is free to take the check for personal use.
The software can also be set up to monitor the accounting system for unusual data. Such things might include an unusually high number of checks written for an amount just below the company’s threshold for additional authorization. The system could flag a high level of activity for a new vendor. The company may also be interested in seeing how often manual checks are cut instead of using the proper accounts payable procedures. Simple data analysis techniques can flush out a variety of suspicious items and transactions.
In addition to analyzing computer data, companies can easily monitor the activities of employees. Catching employees in the middle of theft or other misdeeds isn’t as difficult as one might expect. It is important, however, that any covert monitoring of employees be done legally and ethically.
Commonplace monitoring done by employers includes security guards, strategically located security cameras. andkeycards that restrict access to certain areas of the company and log employees coming and going from those areas. Additional options include computer software that mines data such as emails, instant messages, and computer files for keywords and other suspect activities.
Computer systems commonly maintain logs regarding access of computerized records. Those logs usually contain information such as who is logging in, what time she or he is logging in, where the login is coming from, what was accessed while logged in, and what time she or he logged off.
Information such as this can be important to help detect fraud. What if an employee attempts to log in from his home, but he is trying to use the login and password of a co-worker? This might indicate an employee who is attempting to access records without authorization or make nefarious changes to records.
Software is also available to monitor the computerized communications of employees and outsiders. For example, a company with significant intellectual property and trade secrets may wish to monitor outbound emails for keywords related to those items. Outgoing emails containing those words might constitute an inappropriate communication of secret information to people outside the company.
Companies may also wish to monitor who is exchanging email, both internally as well as externally. Significant email activity between two employees in unrelated departments might signify an inappropriate relationship at work or a collusive fraud scheme. Repeated emails to outsiders with no obvious relationship to the company may signify use of company resources for personal reasons, such as job hunting or online dating.
While companies hope that these various types of communications are innocent coincidences, it is still valuable to monitor them in order to protect the company, its employees, and its assets.
Notification of Employees
Labor and employment attorney Jennifer Walther, partner at Mawicke & Goisman, S.C., advises that court decisions generally give private employers substantial latitude in monitoring employees’ usage of electronic transmissions involving e-mail, the Internet, and computer file usage on company-owned equipment. Federal and state privacy laws that might otherwise limit a company’s ability to monitor their employees’ communications will not apply if the employees do not have a reasonable expectation of privacy in the usage of the computer equipment.
Therefore, Walther says employers should create and disseminate a written policy informing the employees that:
- The equipment and information created and accessed from a company’s computer system is the property of the company.
- Use of the company’s computer systems is subject to monitoring.
- Employees should have no expectation of privacy on their employers’ systems.
The policy should differentiate between appropriate and inappropriate use of company, and it should advise the employees of the consequences for violation of the policy.
Employers should be cautious about intercepting employees’ telephone calls, as the employer is obligated to cease listening as soon as the employer determines that the call is personal, regardless of the content. Employers also should be cautious about using security cameras in a unionized work environment, as they may have to discuss that first with the union.
While monitoring employees and their communications can be perfectly legal, there may be a point at which a company creates a “Big Brother” type of atmosphere.
Such an atmosphere would be overkill, and surely would negatively affect employee morale and performance. It is important that companies track the most important information, while still affording employees a certain level of trust.
Whatever monitoring systems are in place, it is important that the systems be discreet. While it’s necessary to inform employees that the company may be monitoring activities and communications, it doesn’t have to be carried out in an “in your face” fashion. There is no need to continuously remind employees that someone is watching them, although a general awareness of monitoring activities can deter employees from unethical behavior.