Healthcare Compliance Perspective – Embezzling:
The Compliance Officer should review business office Policies and Procedures with the Administrator to ensure that they include appropriate checks and balances. Access and control of the provider’s bank accounts and residents’ spending accounts should require two-person accountability. When an employee is terminated or quits, building and office keys should be surrendered, and all passwords and required signatures should be changed to prevent unauthorized access to bank accounts, and to employee and resident information (name, address, social security number, etc.). Office personnel should receive education about office procedures at orientation and annually on how to report 
suspected thefts to their supervisor or through the Compliance Hotline. The provider should have a CPA perform an annual audit of all transactions and accounts to ensure that no errors or thefts have occurred.
A former business manager for a healthcare agency was arrested recently and charged by criminal complaint with embezzlement. The accused woman worked for the healthcare agency for nearly three years between November 2012 and August 2015. As the business manager, the defendant had access to the payroll processing service used by the agency to deposit pay directly into employee bank accounts. She took advantage of her position and used the payroll service to divert funds from the healthcare agency’s bank account to accounts under her control. In August 2015, the defendant was terminated for using the agency’s funds to pay personal expenses.
In mid-2016, although the defendant was no longer employed by the healthcare agency, numerous wire transfers were still being sent from one of the agency’s bank accounts to the defendant. Realizing that the defendant had maintained access to the payroll processing service, the agency’s president eliminated the defendant’s access to the service and stopped the wire transfers.
An investigation revealed that between September 24, 2015, and June 30, 2016, the former business manager had received 139 electronic funds transfers from the agency’s bank account into bank accounts that she controlled. The transfers involved variations of the defendant’s name, bank names, credit card names and names of the healthcare agency’s employees. The total amount that the woman is accused of embezzling is $227,000.
The defendant appeared before an U.S. Magistrate Judge and was released on conditions. The charge in the criminal complaint carries a maximum penalty of 20 years in prison and a $250,000 fine should the defendant be convicted.
