In 2004, an Edmonton banker was sentenced to seven years in prison for embezzling $16.3 million from the branch where he was manager over more than five years. The bank has said that it expects to recover $5.2 million of the stolen money, but more than $10 million had already been spent by the employee when his crime was discovered.

In Toronto, a bookkeeper and finance manager at the Cardiovascular Surgical Association at Toronto General Hospital was charged with forging documents and stealing nearly $500,000 from the association over several years.

A church bookkeeper in Newmarket, north of Toronto, confessed to stealing nearly $200,000 from her church. An employee and member of the church for 19 years, the bookkeeper skimmed off money raised by fundraising events, padded transactions and even stole from the collection plate. She is now serving a conditional sentence of one year, including house arrest and community service, and was ordered to make restitution to the church.

In each of these situations employees, breached the trust that had been placed in them by their employer. Their roles required honesty and integrity. And what they did is not uncommon.

Surveys have shown that one in five employees in Canada has stolen from his employer or witnessed other employees doing so. This suggests that management must be vigilant of fraud by employees at all levels of the company, especially employees in finance roles.

Beyond the obvious financial loss when an employee defrauds a company and its clients, the company loses something more: its reputation.

Canadian courts have recognized the devastating effect of a finance employee’s fraud on a company’s reputation. In Rowe v. Royal Bank of Canada, for example, the judge stated, “[a]s a branch manager, the plaintiff was in a position of responsibility and trust. Banking is a business where caution is the norm and where trust and confidence by the employer in the employee are essential.”

The court affirmed the need to maintain public trust in financial institutions in Takoff v. Toronto Stock Exchange. When the stock exchange fired a securities investigator for cheating on his securities exam, the court found that “the plaintiff's position at the Stock Exchange was one in a reasonably sensitive area, requiring a person of high moral character and integrity, whose record was beyond reproach. . . Public disclosure of a cheating incident would be very embarrassing to the Exchange.”

How can employers reduce the risk of fraud? One way of doing so is to perform employee background checking or screening of job applicants. Hiring the right employees is widely agreed to be a cost effective way to prevent internal theft and fraud.

There are many ways to perform background checks, but perhaps the most important for a finance employee are reference and résumé checks, criminal record checks and credit checks. The employer should also check the accuracy of the applicant’s representations regarding his education, experience and qualifications.

In some cases, courts have imposed a legal duty on employers to perform background checks to avoid causing harm to third parties. For instance, in Sydney Cooperative Society Ltd. v. Coopers & Lybrand, the Sydney Cooperative Society attempted to sue its auditor for failing to discover the fraud of its bookkeeper, who stole more than $250,000 over six years, by forging cheques to herself and her husband. But the employer had neglected to check the bookkeeper’s references when it hired her. The court found that the Society should have checked the references or informed its auditors that the bookkeeper had been fired from her last job for misappropriation of funds. The auditors successfully argued that they would have adjusted their auditing practices had they been aware of this information.

In fact, the importance of checking résumés and references cannot be overstated. In a recent study, ResumeDoctor.com attempted to verify the accuracy of information from 1,000 randomly chosen résumés from a variety of industries. The study found that 42.7% of the résumés included significant inaccuracies in employment, job titles and dates of employment, and 12.6% of the résumés contained two or more inaccuracies.

References should be checked in a manner consistent with human rights and privacy laws. Employers should be consistent in their reference checking to maintain fairness in the hiring process and avoid allegations of discrimination against applicants. Reference checking can be completed in a number of ways, including face-to-face meetings, telephone inquiries, written correspondence, and online questionnaires. Although rarely used, the face-to-face meeting is the best way to obtain a reference.

Employers should note that reference checking is not a foolproof way to root out a rogue employee. Past employers are often hesitant to criticize the applicant for fear that, if the applicant is rejected because of the poor reference, the applicant may decide to sue the former employer. For this reason it is imperative that the prospective employer conduct different types of background checks.

For example, when hiring an employee for a position of trust such as a finance position, an employer should strongly consider checking the person’s criminal history. To do this, an employer must obtain the job applicant’s consent. Criminal records checks can delay the hiring, since the police are often slow to provide the results of the check. Also, there is usually a fee involved.

If the criminal records check shows that the job applicant has a criminal past, an employer in most jurisdictions can refuse to hire the applicant regardless of whether the conviction is related to the job. But in other jurisdictions, including Ontario, Nunavut and the Northwest Territories, employers cannot refuse to hire an applicant because he or she has been convicted of an offence that has been pardoned. In British Columbia, The Yukon, Quebec and Prince Edward Island, human rights laws require the employer to show that the criminal record is related to the job for which the applicant is applying; otherwise, the criminal record cannot be held against the applicant.

In contrast, in most Canadian jurisdictions except The Yukon, an employer may refuse to hire a person simply because he or she was charged with a criminal offence but found not guilty after a trial. Since possible human rights complaints challenging such a decision can be costly and time consuming, an employer should ensure that there are broader reasons for not hiring the applicant beyond past criminal charges and should carefully document those reasons. Employers should also note that, in many jurisdictions, they cannot refuse to hire a person because she or he has been convicted of a provincial offence.

Criminal records are stored in several places and are not always immediately accessible. Before requesting a criminal records check, employers should educate themselves on police checks by contacting the local police department.

Employers should also consider requesting criminal records checks using applicants’ fingerprints, which can speed up the process.

Credit checks are also important. Employees often commit fraud out of financial need. In some cases, financial instability can be a sign of more serious problems such as drug use or a gambling problem.

A credit check will review a person’s credit history and information such as whether the person pays his or her bills on time and if the person has outstanding debts, which may indicate if a potential employee can handle money properly and prudently.

A person’s credit history may be obtained through an accredited credit reporting agency, such as Equifax Canada Inc. or Trans Union of Canada, Inc. Generally, the employer will be required to obtain the applicant’s written consent before the credit reporting agency will provide the credit report.

Since a number of provinces have enacted legislation addressing credit checks, employers should consult legislation in their province before conducting a credit check.

Monitoring Technology
Another way to manage the risk of employee fraud is to properly monitor computer use among employees. Using electronic resources, an employee can steal intellectual property, engage in insider trading or compete against his or her employer in business. An employee could send a list of his or her employer’s customers by company e-mail to a personal e-mail address or solicit the employer’s clients for his or her own business. Additionally, many employees steal time by surfing the Internet or blogs during work time. Employers may consider using a number of options to monitor employees’ computer activity at work. The options include creating web browsing records, installing programs that monitor or record the frequency of outgoing and incoming e-mails (or even the writing of draft e-mails), blocking inappropriate Internet sites, reading the content of files stored on a computer and keystroke monitoring.

The law is still developing in relation to how far employers may go in monitoring employees’ computer use and using the personal information collected. Different laws govern this area in different jurisdictions.

The Office of the Privacy Commissioner of Canada advises employers to keep their intrusions to a minimum and limit the impact of these intrusions on employees’ personal privacy. Employers should balance their need to know how an employee is using company resources while at work with the employee’s right to privacy. It points out that employers should also consider the cost of employee monitoring in terms of staff morale and trust. Unreasonable surveillance can cause employee stress, erode trust within an organization or impede the free flow of ideas and innovations. A workplace where employees are afraid of surveillance may experience higher absenteeism and staff turnover and lower productivity.

Employers should inform employees about the methods of surveillance such as video or computer monitoring before putting it into effect. Court cases suggest that, unless this is done, an employer may be violating an employee’s right to privacy.

Employers should also develop a policy on Internet and e-mail use by employees. The employer must ensure that all employees are aware of the policy and that it is applied consistently.

There are several benefits to having a policy in place. Employees will know, for example, that they cannot keep private any files stored on the employer’s computer system. Although a court may not agree, a clear policy may cause an employee to think twice before using a computer inappropriately. Further, courts and arbitrators will take the policy into consideration if an employer attempts to discipline or fire an employee for inappropriate use of the employer’s computer.

When collecting employee information under the policy, employers must ensure that they have the employee’s consent and that intrusiveness of the monitoring on employee’s privacy is balanced against a legitimate and reasonable purpose for collecting the information.

E-mail communication presents other risks and opportunities, as well, such as the risk of unintentional disclosure of hidden data attached to electronic files and the opportunity for gathering evidence against a rogue employee who thinks his files have been permanently deleted.

Metadata
Metadata is electronic file data that is often hidden to the casual observer but available to those who know where to look. Metadata is found, for example, under “File/Properties” in Microsoft Word software. The file properties include the title of the document (often taken automatically from the first few words in the document), author, company name and time and date on which the document was saved or modified. When you send a document by e-mail, these identifiers travel with the document.

Metadata can lead to embarrassment even if it doesn’t lead to fraud. A salesperson may send to a top client a personal email message, for example, whose file properties show the name of another client who received the same personal letter.

More embarrassing situations arise from the use of “track changes” in word processed documents. Savvy lawyers have turned on “track changes” to find opposing counsel’s edits to – and sometimes comments on – a key document or agreement. Beware the request, “Could you please email me an electronic copy of that document?”

You can prevent the unintentional disclosure of metadata with metadata cleaning software, which will clean all metadata from the document with one or two clicks, or by scanning a paper copy of the document into a PDF and sending it by e-mail. Likewise, many employers no longer use “track changes” but instead use document comparison software to create a redline showing the differences between two documents.

Just as e-mails and electronic files present risks, they present great opportunities for employers who are seeking to prove misconduct. A deleted e-mail or file is not gone forever. Deletion only erases the file name and path to the file; the contents of the file remain. Only when the hard drive or disc fills up, and the computer needs the disc space, will the deleted file be overwritten. Because most people use far less than 100% of their hard drive space, many deleted files are never overwritten.

Deleted files may be recovered with the assistance of a forensic information technology professional, who can obtain a duplicated image of the hard drive, including deleted files. The professional can then find and restore deleted documents, including e-mails. It is almost always advisable to use an external forensic IT professional because the person who obtains the “image” may be called as a witness in court. Without formal training in forensics, an in-house technology professional may see his or her evidence destroyed in cross-examination – and may also be accused of bias or wrongdoing.

Because most employees believe that “deleted” really means “deleted”, they are often very free with what they say in e-mails – some of which are sent and then promptly deleted. As a result, in employment litigation matters deleted e-mails can become critical evidence if not a source of amusement.

Unbeknownst to most people, personal e-mails sent from work using an employee’s web based e-mail account such as “Hotmail” will often reside on the work computer. An employee, believing that these e-mails could not be seen by the employer, will often be free with what she says in – or what documents she sends along with – such e-mails. Privacy implications should be considered before using any such “personal” e-mails as evidence.

Tips for reference checking Here are a few steps to follow when checking a potential employee’s references:

Ask the applicant to sign an express and general consent to contact anyone whom the employer believes can provide relevant information regarding the applicant, including those not specifically named by the applicant.

Obtain the name of one referee from each of the applicant’s past employers.

Ensure that the referee has had sufficient first hand experience working with the applicant.

Avoid checking personal references who may lack objectivity.

Contact a comprehensive cross-section of referees (including both supervisors and subordinates).

Prepare a list of questions and use the same list for all referees.

Check the last five years of employment and/or the last three references for the applicant.

Confirm any negative information provided by a referee about an applicant with other supervisors or managers.

Provide as little information as possible to the referee about the applicant or other referees, to maintain the applicant’s privacy.

Obtain consent before contacting the applicant’s current employer. If a prospective employer wants to contact the applicant’s current employer, it should first offer the applicant employment conditional upon a positive reference from the current employer and then obtain the applicant’s consent to get a reference from the current employer.

Recovered e-mails are particularly useful evidence when an employee steals intellectual property or takes steps – while still employed – to compete against the employer. For instance, an employee might send a customer list by e-mail to his personal e-mail address and then delete the e-mail. That e-mail will usually remain on the hard drive and will be smoking gun evidence in legal proceedings against the former employee such as injunction proceedings to prevent the employee from competing or soliciting clients.

Other devices such as cell phones, Blackberries and handheld devices all have memory that can be imaged and preserved by the forensic IT professional.

The employer should take steps to preserve the potential gold mine of electronic evidence on a departed employee’s hard drive. In particular, where key salespersons or other key employees depart, the employer should consider obtaining a forensic image of the employee’s hard drive. If litigation arises, the employer may then analyze the forensic image and determine whether, for instance, the employee stole customer lists. The forensic image of the hard drive may be stored away and used later if necessary.

Similarly, before dismissing a key employee, the employer should secure the employee’s laptop, cell phone, Blackberry or “Palm Pilot” to ensure that the employee cannot, after the dismissal, permanently delete or scrub files from those devices.

Reference Checking and Privacy Laws The Personal Information Protection and Electronic Documents Act (PIPEDA) protects personal information of employees and job applicants of federally regulated companies such as banks, railways and airlines. Personal information does not include the individual’s name, title, business address and telephone number. At this time, PIPEDA does not apply to personal employment information of provincially regulated employers in Ontario, but many employers have chosen to voluntarily follow privacy principles. British Columbia, Alberta and Quebec have their own privacy laws, which are similar to PIPEDA. They apply to all employers in those provinces except federally regulated employers, who remain bound by PIPEDA. Canadian employers should be aware of four main privacy principles in the hiring process in relation to reference checks:

First, PIPEDA requires employers to obtain the consent of applicants when collecting, using and disclosing their personal information.

Second, the employer may collect and use the information only for the purpose of considering the person’s application for employment. The employer may not use the information for any other purpose.

Third, once reference checks are complete, an individual may be entitled under PIPEDA (where PIPEDA applies) to request access to the information obtained from the referee. Similarly, where PIPEDA applies, the individual must also be given the opportunity to challenge the accuracy and completeness of the information and, if such challenge is successful, the information must be amended or corrected.

Finally, under PIPEDA, the employer is required to destroy, erase or make anonymous the information that it no longer needs to fulfill the purpose for which it was collected.

Adrian Miedema is a partner.

Glenda Mallon is an associate.

Heather Chu is a former summer law student at Fraser Milner Casgrain LLP in Toronto.

This article was reproduced with permission from Canadian Treasurer.