Employee Dishonesty and the Crime Policy Gap: When

A business owner discovers that a trusted bookkeeper has been embezzling funds for two years. The total loss: $150,000. The owner files a claim under the Business Owners Policy (BOP), confident that “theft” is a covered peril. The insurer responds with a payment of $10,000 — the employee dishonesty sublimit — and closes the file. The remaining $140,000 is unrecoverable. This scenario plays out with devastating frequency, and it stems from a misunderstanding that most business owners share: the assumption that “theft coverage” in a property policy covers all forms of theft.

It does not. And by the time most business owners learn this, the money is already gone.

The Critical Distinction: Third-Party Theft vs. Employee Dishonesty

Standard commercial property policies — including the property coverage built into a BOP — cover “theft” as a named peril. But in the insurance context, “theft” refers primarily to third-party theft: burglary, robbery, shoplifting, or break-ins committed by people who have no authorized access to the business’s property or funds.

Employee dishonestyis an entirely separate category. When an employee entrusted with access to your money or financial systems steals from the business, that loss falls under a distinct coverage form — typically a sublimit endorsement on a BOP or a standalone crime policy. The distinction matters because the sublimits on BOP endorsements are almost always inadequate.

BOP Employee Dishonesty Sublimits: Wildly Inadequate

Most BOPs include an optional employee dishonesty endorsement with sublimits ranging from $5,000 to $25,000. Higher limits are rarely purchased because agents don’t emphasize them and owners don’t understand the exposure. According to the Association of Certified Fraud Examiners (ACFE), the median occupational fraud loss is approximately $117,000 and the average exceeds $1.7 million. Even a $25,000 sublimit covers less than a quarter of the median loss.

• $5,000 sublimit: Barely covers a single incident of petty cash theft
• $10,000 sublimit:The most common default — meaningless against any sustained embezzlement scheme
• $25,000 sublimit: Still far below the median occupational fraud loss
• $50,000–$100,000 sublimit: Available as an upgrade but rarely purchased, and still insufficient for many businesses

The Standalone Crime Policy: Comprehensive Protection

The proper solution for employee dishonesty exposure is a standalone commercial crime policy, typically written on an ISO CR 00 21 form or a proprietary equivalent. Unlike the thin endorsement on a BOP, a standalone crime policy provides dedicated limits across multiple coverage parts, each addressing a distinct type of crime risk.

• Coverage A — Employee Theft: The core coverage. Pays for loss of money, securities, and other property resulting from theft by an identified employee. Can be written per-loss or per-employee; the per-loss form generally provides broader protection.
• Coverage B — Forgery or Alteration: Covers loss from forgery or alteration of checks, drafts, promissory notes, or similar instruments made or drawn by or upon the insured.
• Coverage C — Inside the Premises (Money and Securities): Covers loss of money and securities by theft, disappearance, or destruction while inside the premises or a recognized safe depository.
• Coverage D — Inside the Premises (Robbery/Safe Burglary): Covers loss of property other than money and securities caused by robbery of a custodian or safe burglary inside the premises.
• Coverage E — Outside the Premises: Covers loss of money, securities, or property while conveyed by a messenger or armored vehicle. Protects bank deposits in transit and cash transported between locations.
• Coverage F — Computer and Funds Transfer Fraud: Covers loss from fraudulent electronic transfers of money or property. As businesses rely increasingly on electronic transactions, this coverage has become essential.
• Coverage G — Money Orders and Counterfeit Money: Covers loss from accepting counterfeit currency or money orders not paid upon presentation. Critical for retail and cash-intensive businesses.

Types of Employee Theft: How the Money Disappears

Employee theft takes many forms, and sophisticated schemes can be extraordinarily difficult to detect:

• Embezzlement: Diverting company funds to personal accounts through falsified records or unauthorized transfers
• Skimming: Intercepting cash before it enters the accounting system, making detection nearly impossible without external audits
• Check fraud: Forging signatures, writing checks to fictitious vendors, or altering payee names on legitimate checks
• Payroll fraud: Creating ghost employees, inflating hours, or failing to remove terminated employees from payroll
• Inventory theft: Diverting merchandise or supplies, concealed through falsified shipping records or spoilage write-offs
• Vendor kickback schemes: Steering contracts to preferred vendors in exchange for payments, causing the business to overpay
• Accounts payable manipulation: Submitting fictitious invoices, duplicating payments, or billing through shell companies

Why Employee Theft Takes So Long to Discover

According to the ACFE’s Report to the Nations, the average occupational fraud scheme runs 12 to 18 months before detection. Some persist for years:

1. Trust: The most damaging embezzlers are long-tenured, trusted employees who earned access by appearing reliable. Owners are psychologically predisposed to dismiss warning signs.
2. Concealment: Sophisticated schemes involve falsified records and manipulated reconciliations. The employee actively covers their tracks, often refusing vacations to maintain control of the paper trail.
3. Inadequate controls: Many small businesses lack segregation of duties. One person handling receivables, payables, and reconciliations creates an environment where theft is virtually undetectable.
4. Gradual escalation: Most schemes start small and grow. By the time the cumulative loss becomes noticeable, the total can be staggering.
5. Misattribution: Missing funds are attributed to accounting errors or software glitches. Owners may accept explanations from the very person committing the fraud.

The “Manifest Intent” Requirement

Most crime policies require that the insured demonstrate the employee acted with manifest intent— meaning the employee intended to cause a loss and obtain a financial benefit. Insurers sometimes argue the employee intended to “borrow” the funds and repay them. Courts have generally rejected this defense, holding that unauthorized taking without disclosure demonstrates the requisite intent regardless of any subjective belief about repayment.

This requirement also distinguishes covered theft from losses caused by employee negligence or poor judgment. A terrible business decision that costs the company money is not employee dishonesty — it falls outside the crime policy’s scope.

ERISA and Fidelity Bond Requirements

Businesses with employee pension or benefit plans governed by ERISA face an additional mandate: under Section 412, every fiduciary and every person handling plan funds must be bonded at a minimum of 10% of funds handled ($1,000 minimum, $500,000 maximum, or $1,000,000 for plans holding employer securities). Failure to maintain the required bond is a federal violation exposing fiduciaries to personal liability. If your business sponsors a 401(k) or other ERISA plan, confirm your fidelity bond is in place and adequate.

Social Engineering Fraud: The Growing Threat

One of the fastest-growing crime categories is social engineering fraud— schemes where criminals impersonate executives, vendors, or partners to trick employees into wiring funds to fraudulent accounts:

• CEO fraud / Business Email Compromise (BEC): An employee receives an email that appears to come from the CEO or CFO, directing an urgent wire transfer to a specified account. The email is spoofed or sent from a compromised account.
• Vendor impersonation:A criminal contacts the accounts payable department, posing as an existing vendor, and provides “updated” banking information. Subsequent payments are routed to the fraudster’s account.
• Attorney impersonation: A caller claims to represent a law firm handling a confidential transaction and pressures the employee to wire funds immediately, often invoking urgency and confidentiality to discourage verification.

The critical coverage question is whether a traditional crime policy covers these losses. Many do not, because the employee “voluntarily” initiated the transfer — the employee was tricked, not hacked. Insurers have denied claims on this basis, arguing the loss does not meet the definition of “computer fraud” or “funds transfer fraud.” In response, the market has developed social engineering fraud endorsements that specifically cover losses from deceptive instructions. However, these endorsements often carry lower sublimits ($100,000 to $250,000) and may include verification requirements that must be followed for coverage to apply.

Filing an Employee Dishonesty Claim: What to Expect

Crime claims are document-intensive. The insurer will require bank statements, canceled checks, accounting records, payroll reports, and forensic accounting reports. The burden of proving the loss amount falls on the policyholder.

• Law enforcement reporting: Most policies require the loss be reported to police as a condition of coverage. File a report promptly and keep a copy.
• Employee identification: The insurer typically requires identification of the dishonest employee. Anonymous losses may not qualify under Coverage A.
• Sworn proof of loss: A formal sworn statement is usually required within a specified timeframe. Do not miss this deadline.
• Examination under oath: The policy may require the insured to submit to an EUO and cooperate fully with the investigation.

Practical Steps to Protect Your Business

The best approach combines adequate insurance with strong internal controls. Neither alone is sufficient — insurance without controls invites loss, and controls without insurance leave you exposed when they fail.

1. Purchase a standalone crime policy: Do not rely on the BOP endorsement. A standalone policy provides dedicated limits, broader coverage, and multiple insuring agreements. Work with your broker to match limits to actual risk.
2. Set limits based on realistic exposure: Consider the maximum an employee could steal before detection. The right limit matches your worst-case scenario, not your comfort level.
3. Segregate financial duties: No single employee should control an entire financial process. The person who writes checks should not reconcile the bank statement.
4. Require dual authorization: Wire transfers and disbursements above a threshold should require two approvals. This single control prevents the majority of large-dollar embezzlement schemes.
5. Conduct regular and surprise audits: Annual financial audits by an independent CPA provide an external check. Surprise audits are even more effective because they prevent employees from preparing for review.
6. Implement a tip hotline: The ACFE finds that tips are the number one fraud detection method, accounting for roughly 43% of cases. Anonymous reporting encourages employees to flag suspicious behavior.
7. Require mandatory vacations: Many embezzlement schemes collapse when the perpetrator is absent. Consecutive vacation days force someone else to handle their duties, surfacing irregularities.
8. Review insurance annually: As revenue grows and new employees gain access to financial systems, your crime exposure changes. Review limits each year.

When the Insurer Disputes Your Crime Claim

Crime policy claims are frequently disputed. Insurers argue that the loss was not discovered within the policy’s discovery period, that manifest intent was not established, or that conditions precedent like timely notice were not met. If your claim is denied or underpaid, you have options. A licensed Public Adjuster can help organize documentation and present the claim effectively. For coverage disputes, legal counsel experienced in insurance litigation may be necessary. Understanding what your business property policy actually covers is the first step toward closing gaps before a loss occurs.

This article is for informational purposes only and does not constitute legal advice. Insurance policies and applicable law vary by state and by policy form. Consult with a licensed professional regarding your specific situation.

Written by Leland Coontz III, Licensed Public Adjuster, CA License #2B53445.