In a previous article, we touched upon Employee Dishonesty insurance – “protection for your money when it’s stolen by an employee.” Now we’ll take a closer look at the impact of employee theft on community associations, and how the limits on a Crime policy for many associations may come up short.
Let’s first consider the types of employee-theft related cases community associations throughout the country face. There are countless of cases involving fraudulent activities that include the theft of cash receipts; under-the-table payments, bribes or kickbacks from vendors; check tampering; creating and paying fictitious vendors; creating inflated or phony expense vouchers; paying non-existent employees; lapping – the manipulation of accounts receivable to steal cash; and personal credit card usage by employees, among others. Now, look at whether you have the right Crime insurance limits in place to cover the costs of employee theft.
Typically, limits on a Crime policy are determined using the following standard calculation: 3 x monthly assessment + operating fund + reserve fund. Oftentimes, however, this limit has been inadequate. In fact, loss history tells us that nearly a quarter of associations are under-insured when it comes to Crime insurance.
There are a couple of reasons for that:
- Some association and/or agents simply renew, renew, and renew their crime policies with the same limits, year after year.
- The typical loss scenario is not just a one-time event, but instead a theft tends to play out over months or even years. In some cases, we have seen incidents that took place over seven years!
For example, one association treasurer had been writing monthly checks to a third party who was not actually performing any work. The third party looked like a landscaping company to everyone else, but it was actually an LLC the treasurer established. The association and broker bought a Crime policy with limits using the standard calculation, but after three years of the theft, this amount was not sufficient enough to cover the loss.
Another area that community associations should consider is ensuring that their Employee Dishonesty coverage extends to property managers and management companies, as many losses often stem from property managers. Our policy includes this much-needed extension protection under “Agreement 1.”
Community associations should also implement a monthly review of bank statements received directly from the bank (typically received in the form of an email). This in fact is one of our requirements. Loss history shows that a common tool for employee theft is doctoring bank statements. For example, an employee of a property management company will receive a bank statement, make alterations to cover his or her tracks, and pass it along to the association treasurer who thinks everything is above board in their review. Having the bank statement come directly to the association treasurer eliminates this potential risk.
Many other internal controls should be put into place to prevent and detect fraud before it escalates. This involves verifying that the account number on the back of all returned checks matches the association’s account and conducting monthly reviews of the bookkeeping with the property manager, including any credit card statements. It’s also important to ensure the independence of your association’s accounting firm by putting the selection process to a vote by the board as opposed to having the property manager choose the firm. Associations should also consider requiring two board members to sign all association checks.