10 steps to help clients prevent employee theft

Published Friday 5 June 2026

Table of contents

• The real cost of employee theft in Australia
• Common types of employee theft
• 10 steps to help clients prevent employee theft
• Warning signs of employee theft
• Reporting employee theft in Australia
• How you can help your clients stay protected
• Strengthen your practice with Xero
• FAQs on preventing employee theft

Key takeaways

• Retail crime cost Australian businesses A$7.79 billion in 2023–24, with employee theft accounting for a significant share of total shrinkage. Helping clients build strong internal controls is one of the most valuable advisory services you can offer.
• The most common forms of employee theft include cash skimming, inventory theft, time theft, payroll fraud, expense fraud, and data theft. Each requires specific controls, and many can be detected earlier with cloud accounting and regular reconciliation.
• Prevention starts with segregation of duties, clear policies, and technology that gives your clients real-time visibility over their finances. Tools like Xero's bank feeds and automated reconciliation make it harder for discrepancies to go unnoticed.
• As a trusted adviser, you're well placed to help clients establish fraud-resistant processes, spot red flags during routine reviews, and respond appropriately when theft is suspected.

The real cost of employee theft in Australia

Employee theft is not a fringe issue. It affects businesses of every size and sector, and the financial impact is growing.

According to Griffith University's 2024 ANZ Retail Crime Study, retail crime cost Australian businesses A$7.79 billion in the 2023–24 financial year. That figure rose roughly 40% in just two years. While external theft drives the largest share of those losses, employee theft remains a persistent and costly contributor, with industry estimates placing it at 28% or more of total retail shrinkage.

The Association of Certified Fraud Examiners (ACFE) 2024 Report to the Nations found that employee-level occupational fraud carried a median loss of USD $60,000 per case. Fraud committed by owners or executives was far more damaging, with a median loss of USD $500,000. These figures span 1,921 cases across 138 countries and territories.

For your clients, even a single instance of employee theft can threaten cash flow, damage trust within a team, and distract from running the business. That makes prevention a high-value conversation to have with every client.

Common types of employee theft

Employee theft takes many forms, and some are harder to detect than others. Here are the most common categories you should help your clients watch for.

• Cash skimming: Pocketing cash payments before they're recorded in the books. This is especially common in businesses that handle a lot of cash transactions.
• Inventory and supply theft: Taking stock, raw materials, or office supplies for personal use or resale. It often starts small and escalates over time.
• Time theft: Inflating hours worked, clocking in for absent colleagues, or conducting personal business during paid hours. It's widespread and often overlooked.
• Payroll fraud: Creating ghost employees, inflating pay rates, or manipulating overtime. This type of fraud can persist for months if payroll processes lack oversight.
• Expense fraud: Submitting inflated, duplicate, or fictitious expense claims. Without a clear approval process, these can slip through unnoticed.
• Data and intellectual property theft: Copying customer lists, proprietary information, or trade secrets. This form of theft can be the most damaging long term, even if the immediate financial loss seems small.

Understanding these categories helps you tailor your advisory conversations. A retail client will need different controls from a professional services firm, and your guidance should reflect that.

10 steps to help clients prevent employee theft

There's no single fix for employee theft, but a combination of policies, processes, and technology reduces the opportunity for fraud to take hold. Here are 10 steps you can recommend to your clients.

1. Separate financial duties

Segregation of duties is the foundation of fraud prevention. No single person should control an entire financial process from start to finish. For example, the person who approves purchase orders shouldn't also be the one who processes payments.

For smaller clients where staff numbers make full segregation difficult, recommend compensating controls such as regular owner reviews, mandatory dual approvals for payments above a set threshold, and rotating responsibilities periodically.

2. Run background checks during hiring

Prevention starts before someone joins the team. Encourage your clients to verify employment history, check references, and run police checks where appropriate, particularly for roles involving cash handling, financial management, or access to sensitive data.

Australian employers can request a National Police Check through accredited bodies. For finance roles, this small upfront investment can prevent significant losses down the track.

3. Set clear policies and communicate them

Your clients need documented policies that define what constitutes theft, the consequences, and how to report suspected misconduct. These policies should be part of onboarding and revisited regularly.

When employees understand that controls exist and are enforced, the deterrent effect is real. The ACFE's fraud triangle identifies opportunity as one of three conditions that enable fraud. Visible policies reduce that opportunity.

4. Use cloud accounting for real-time visibility

Cloud accounting gives business owners and their advisers access to financial data in real time, from anywhere. This makes it much harder for irregularities to go undetected for long periods.

With Xero, your clients get automatic bank feeds, one-step reconciliation, and a clear audit trail for every transaction. You can review their accounts without waiting for month-end reports, and unusual patterns are easier to spot when data flows in daily.

5. Reconcile bank accounts regularly

Monthly reconciliation is a minimum. For clients with high transaction volumes, encourage weekly or even daily reconciliation. Discrepancies between bank statements and accounting records are often the first sign that something is wrong.

Automated bank feeds in Xero reduce the manual effort involved and make it practical to reconcile more frequently. As their adviser, you can build regular reconciliation reviews into your service delivery.

6. Implement approval workflows

Every payment, expense claim, and payroll run should go through a defined approval process. Dual authorisation for transactions above a certain value adds an important layer of oversight.

Encourage clients to use digital approval workflows rather than informal email sign-offs. Xero's purchase order features can support these workflows, and connected apps extend them further to cover inventory management, expense approvals, and more.

7. Monitor inventory and assets

For clients who carry stock, regular stocktakes are essential. Compare physical counts against recorded inventory and investigate variances promptly. Even non-retail businesses should track high-value assets and supplies.

Connecting inventory management software to Xero creates a single source of truth. When stock records and financial records flow through the same platform, discrepancies surface faster.

8. Review payroll and expenses closely

Payroll fraud and expense fraud thrive on inattention. Recommend that your clients review payroll reports for ghost employees, unusual overtime patterns, or unexpected changes to pay rates. Expense claims should be checked against receipts and approved before payment.

Tools like Hubdoc can help by automatically capturing receipts and matching them to transactions, reducing the risk of duplicate or fabricated claims.

9. Restrict and monitor system access

Not everyone needs access to everything. Encourage clients to apply role-based permissions so employees can only access the systems and data they need for their role. Review access levels regularly, especially when someone changes roles or leaves the business.

In Xero, user roles and permissions let clients control who can view, create, or approve transactions. This is a straightforward step that many businesses overlook.

10. Foster a culture of transparency

Controls and technology are important, but culture matters too. Businesses that encourage open communication, treat employees fairly, and act on concerns are less vulnerable to fraud.

Encourage your clients to create a safe channel for reporting concerns, whether that's an internal contact or an external whistleblower service. When employees see that ethical behaviour is valued and misconduct is addressed, the incentive to commit fraud drops.

Warning signs of employee theft

Even with strong controls in place, it's worth knowing the red flags. During your regular client reviews, keep an eye out for patterns that might indicate something is off.

• Financial discrepancies: Unexplained variances between bank balances and accounting records, missing receipts, duplicate payments, or irregular adjustments to accounts.
• Lifestyle changes: An employee suddenly living well beyond their salary, purchasing expensive items, or paying off large debts without an obvious explanation.
• Resistance to oversight: Employees who refuse to take leave, resist audits, insist on handling certain tasks alone, or become defensive when questioned about processes they control.
• Unusual working patterns: Consistently working outside normal hours without a clear reason, or accessing financial systems at odd times. This can be a sign of someone manipulating records when fewer people are watching.
• Vendor irregularities: Payments to unfamiliar suppliers, vendors with no clear business purpose, or invoices that lack detail. These can indicate fictitious vendor schemes.

None of these signs confirm theft on their own, but a combination should prompt a closer look. As your client's adviser, you're in a strong position to notice patterns that internal staff might miss or be reluctant to raise.

Reporting employee theft in Australia

When theft is suspected, your clients need to handle the situation carefully. Getting it wrong can expose them to legal risk, even when the suspicion is justified.

The first step is to secure evidence. Advise your clients to document discrepancies, preserve financial records, and avoid confronting the employee before gathering the facts. Engaging a forensic accountant may be appropriate for complex cases.

Under the Fair Work Act 2009, employers must follow procedural fairness requirements before dismissing an employee, even for serious misconduct like theft. The Fair Work Ombudsman provides guidance on employer obligations in these situations. That means giving the employee a genuine opportunity to respond to the allegations. A dismissal that skips this step can be found to be unfair, regardless of whether theft actually occurred.

Employers should also be mindful of privacy legislation. In Australia, the Privacy Act 1988 and applicable state surveillance laws govern how employers can monitor and investigate employees. Any investigation should stay within these boundaries.

For serious cases, encourage your clients to report the matter to police. A police report creates an official record and may be necessary for insurance claims. Depending on the circumstances, the client may also need to notify their insurer, the Australian Taxation Office (ATO), or industry regulators.

Your role in this process is to help clients preserve financial evidence, quantify losses, and connect them with the right legal and investigative professionals. Knowing the boundaries of your advisory role is just as important as knowing when to step in.

How you can help your clients stay protected

As an accountant or bookkeeper, you see your clients' finances more regularly and more closely than almost anyone else. That puts you in a unique position to help prevent employee theft before it starts, and to detect it early when it does occur.

Here are practical ways to build theft prevention into your advisory services.

• Review internal controls during onboarding: When you take on a new client, assess their existing controls. Identify gaps in segregation of duties, approval processes, and access management. Provide a written recommendation with specific actions.
• Build reconciliation into your regular workflow: Don't wait for year-end. Schedule monthly or quarterly reviews of bank reconciliations, payroll reports, and expense claims. Flag anomalies early and follow up promptly.
• Recommend the right technology: Help clients adopt cloud accounting and connected apps that give them an up-to-date view of their finances and strong audit trails. The easier it is to see what's happening, the harder it is for fraud to persist undetected.
• Educate your clients: Many business owners don't know what to look for. Run them through the common types of employee theft and the warning signs. A short conversation during a regular catch-up can make a real difference.
• Formalise your advisory offering: Consider packaging internal controls reviews as a defined service. This positions you as a strategic adviser, not just someone who processes transactions. It also creates a recurring revenue opportunity for your practice.

The more proactive you are, the more value your clients see in the relationship. Protecting clients from internal theft is a natural extension of your broader advisory work around financial health and risk management. For more on this topic, see Xero's guide to fraud prevention tips.

Strengthen your practice with Xero

Helping clients prevent employee theft is one part of a broader advisory relationship. The right tools make it easier to deliver that kind of high-value service consistently across your client base.

Xero gives you real-time access to your clients' financial data, automated bank feeds, built-in reconciliation, and clear audit trails. With Xero HQ, you can manage your entire client portfolio from a single dashboard and spot issues before they escalate. These features don't just help detect irregularities; they free up time so you can focus on the advisory conversations that matter most.

Join the partner program to access free practice tools, dedicated support, and tiered benefits designed to help you grow a stronger, more advisory-focused practice.

FAQs on preventing employee theft

Here are some frequently asked questions about preventing employee theft, with practical answers for accountants and bookkeepers advising clients.

What's the most effective single control for preventing employee theft?

Segregation of duties is consistently cited as the most effective deterrent. When no one person controls an entire financial process, the opportunity for undetected fraud drops significantly. For smaller businesses where full segregation isn't practical, compensating controls like dual approvals and regular owner reviews serve a similar purpose.

How often should clients conduct internal audits?

The frequency depends on the size and complexity of the business. At a minimum, recommend a formal review of financial controls annually. For clients with higher risk profiles, such as those handling cash or carrying significant inventory, quarterly reviews are more appropriate. Surprise audits, conducted without advance notice, are particularly effective at deterring fraud.

Can an employer deduct stolen amounts from an employee's pay?

Under Australian law, employers generally cannot make deductions from an employee's wages without written consent. Even when theft is proven, deducting the amount from final pay or leave entitlements without agreement can breach the Fair Work Act 2009. Advise clients to seek legal advice before attempting any deductions, and to pursue recovery through other channels if needed.

How should a business handle a suspicion of theft without solid proof?

Advise your client to increase monitoring and tighten controls around the area of concern without singling out individuals. Document any irregularities as they arise. If the pattern continues, engage a forensic accountant or investigator before taking employment action. Acting on suspicion alone, without evidence and without giving the employee a chance to respond, can result in an unfair dismissal claim.

What role does technology play in detecting employee theft?

Cloud accounting software gives you and your clients live access to financial data, automated reconciliation, and audit trails that flag discrepancies early. Connected apps for inventory, expenses, and payroll add further layers of detection. The key advantage is timeliness: fraud that might take months to surface in a manual system can be flagged within days when data flows through automatically.