Seven red flags for payroll fraud

Seven red flags for payroll fraud

Although it’s impossible to accurately quantify, payroll fraud is more common than you might think.

With most cases remaining unprosecuted due to the minimal chance of recovering the funds, the fraud is often not reported in the press and is managed by internal HR processes.

So what are the seven most common areas that give rise to suspected fraudulent payroll activity?

1. Payroll audit trail

If your payroll system doesn’t have a robust audit trail, or even if it does but you aren’t using it to audit critical fields, this should now be your number one priority.  The payroll audit trail will often point directly to fraudulent activity and show up the areas that need to be investigated. 

The activity that you might be looking for is varied, but if there is fraudulent activity in your payroll it is often quite obvious to someone who understands the process. I can’t stress enough how important it is to ensure the auditing feature of your payroll system is working so it’s available if and when you need it.

2. Regular master file changes

If there are regular changes in employee bank details or leave balances this is something that should be investigated. There could be simple explanations for these changes, but it is a common red flag in payroll fraud.

3. Duplications of data and ghost employees

Although I have come across cases of twins that share a bank account and live at home with their parents being on the same payroll, this is rare indeed! If you identify duplicate names, addresses, dates of birth, tax file numbers or other master file details you should investigate further to eliminate the risk of ghost employees.

4. Out-of-hours access

Much fraudulent activity occurs out of normal office hours and often by remote access to the payroll system. If people in your organisation are regularly accessing the payroll outside business hours, the need for this access may be something that should be investigated.

5. Loose security

I’m a firm believer that the only people that should have write access to a payroll system are those that are in the business of paying people. Anyone else, including senior management, should have restricted or read only access.  Not only does this reduce the possibility of payroll fraud, it protects those who only need read only access from suspicion.

6. Sharing logins or using obsolete logins

Sharing logins is an absolute no-no and concerns should be raised about anyone who does this. If you have a genuine reason to access a payroll system, you need to have your own login and password. Likewise, with turnover of payroll staff you should ensure that old logins are deleted so third party users cannot use them.

7. High percentage of casual employees

Although not cause for suspicion in itself, much payroll fraud is committed using a casual workforce. If you have a high percentage of casual employees, more attention needs to be given to processes that minimise or eliminate the opportunity for payroll fraud.

For a confidential discussion regarding payroll fraud or other concerns you might have about the governance of your payroll operation, give me a call on 02 9818 1931.


Notify of
Inline Feedbacks
View all comments
SmartCompany Plus

Sign in

To connect a sign in method the email must match the one on your SmartCompany Plus account.
Or use your email
Forgot your password?

Want some assistance?

Contact us on: or call the hotline: +61 (03) 8623 9900.