I can tell this story because the basic facts were publicized when the bookkeeper was found guilty of fraud. It happened a while ago, but the lesson is as true today as it was back then. If you have cashiers and bookkeepers, you have theft. Good internal controls will reduce the theft, but will not eliminate it completely.
The Waldoboro supermarket always had high shrink (see prior stories for definition of shrink). It was a crappy little store and the company paid little attention to it. Similar to the drug store story whenever we did a shrink investigation, we found enough general control weaknesses and failures to follow standard procedures and policies that might easily be the cause of the shrink. But the store manager would always promise to redouble his efforts and away we would go. As a matter of fact, this may be the only store where the shrink did NOT go down significantly after a shrink investigation.
Finally, management decided to look a little deeper into the problem. We poured over the documentation for the weekly cash proofs the stores were required to submit to the central office. Generally, the accounting clerks at the central office did a general check, but they did not examine all the detail. What we found was a surprise. Out of about 100 stores that had had front end system upgrades, this was the one store in the chain that had been overlooked. The front end system is the computer system that “runs” the cash registers, pricing database, and cash office accounting system. Prior to the upgrade, a cashier could process a void or markdown or discount transaction without supervisor approval. In addition, the cash office bookkeeper was logged on the system as simply another “cashier” – there was no separate cash office account.
The void sale transaction is the embezzler’s best friend. If the owner or manager is not paying attention, a cashier can ring up an entire sale and hit the subtotal key to show the customer what he/she owes. They then make change, and as the customer is leaving, the void the entire transaction and hit the final total key, ringing up a zero sale. Later, they can pocket the amount of the voided transaction and the drawer will still come out even (or, perhaps, a little over.) Modern systems have come a long way to putting a stop to this with built-in controls, but even these systems may be vulnerable. They likely have settings and options that a crook might be able to use to disable the controls, but they need the system administrator’s ID and password to do it.
Getting back to the supermarket, the new front end systems had the void transaction ability disabled for bookkeeper ID’s, because a bookkeeper doesn’t ring in sales, so they do not need a void key. But in Waldoboro, the bookkeeper had the “keys” to the kingdom, and she used them. We only had to glance through a few bookkeeper register tapes to spot the clearly documented “VOID” transactions for $100, $200 and even $400 at a time. She had gotten away with this scheme for so long, she didn’t eve try to disguise the theft. When we went through the tapes, we were able to document about $60,000 in theft. The bookkeeper admitted to $40,000 and paid restitution of $35,000, the last time I heard.
Here is a good link to identifying bartender theft, but the principles apply to any retail operation:
cash flow, cash skimming, CIA, CISA, CPA, dishonest cashiers, embezzlement, Employee Theft, fraud, grocery store, Internal Audit, internal controls, retail theft, segregation of duties, write off