DSOPro talks with lawyer Brian Colao, Director of the Dykema DSO Industry Group, about M&A trends, new technologies, emerging legal issues, and the...
How to Identify and Minimize Employee Theft
You may believe that DSOs are less vulnerable to embezzlement than solo or smaller group practices, but it is in fact a significant industry-wide issue.
Embezzlement and DSOs
While it is easy to understand the vulnerability of solo and small group practices to embezzlement, it is tempting to believe that dental support organizations, which generally have better controls, professional management, and centralized services, should be less prone to be victimized. Unfortunately, this belief does not hold up in practice, and many DSOs face significant issues from employee theft.
This article will discuss why and how embezzlement takes place in DSOs and will offer some suggestions to minimize vulnerability.
Pressure, Opportunity, and Rationalization
Criminologist Donald Cressey suggested that there are three preconditions for economic crime: pressure, opportunity, and rationalization.1
Pressure can be financial or emotional. Financial pressure means that an employee’s basic financial existence is threatened. This might be the result of someone’s spouse losing their job, an addiction, or an employee suddenly dealing with the unfavorable economics of divorce.
Emotional pressure can result from a belief that the employee is underpaid or the perception that the employee’s friends who own businesses or have higher paying jobs are getting ahead faster than the employee.
We’ll start the opportunity discussion by stating that most employees working in dental offices, particularly front-office employees, have at least some opportunity to steal. The relevance of opportunity in the DSO context is that how someone steals flows directly from the opportunities that face them. For example, an employee working in the payroll department probably has a greater opportunity to tamper with payroll than to intercept incoming payments. On the other hand, when front-office employees steal, it normally involves misappropriation of patient or insurance payments.
The third precondition is rationalization. Rationalization involves the suspension of someone’s belief system. We all know that it is wrong to steal, so a thief must construct a reason why it is acceptable to do so in their specific circumstances. For example, thieves convincing themselves that they work for a greedy institution that will never miss the stolen funds is an excellent example of a rationalization.
One factor should not be lost on DSO leadership. The prevalence of embezzlement (approximately 75% of solo dentists will be victims at some point in their careers, and about half of those more than once2) suggests that thieves have little trouble rationalizing theft from the solo dentist who signs their paychecks, probably has a social relationship with them, and works 30 feet away. Given this, how difficult will it be to rationalize stealing from a private-equity-funded DSO with management 1,000 miles away who are not known personally to the thief? The answer is that rationalization is not hard at all.
What Vulnerabilities do DSOs Face?
Dentistry has several risk factors that are not present in other types of businesses. For example, the bifurcation of recordkeeping between practice management software that tracks revenue and accounting software for expenses creates opportunities that are not present in other businesses.
The fact that much of dentistry is funded by third-party insurance, the complex interplay between patient and insurance payment of PPO insurance, and the relative indifference of most dentists to the business affairs of their offices are all contributing factors to the high prevalence of embezzlement in dentistry.
DSOs face these issues, and also face some additional risks that are not present in solo or small group practices:
- As mentioned, it is easier for thieves to rationalize stealing from a large entity.
- DSOs have been experiencing a period of rapid growth and consolidation, with the almost inevitable result that the development of control systems lags behind growth.
- For DSOs using the cash method of accounting, the split between practice management and accounting software is not a particular concern of an entity’s external accountants, who can perform their work from banking records and without needing to ensure the articulation between practice management software and accounting records.
- For those entities using accrual accounting, accounts receivables balances become relevant to the accounting process, but since most DSOs operate “silo” practice management softwares (with each individual office running its own installation of the software) it is challenging to identify discrepancies or for external auditors to verify the results. Particularly for DSOs that grow by affiliation, it is common to have six or eight different practice management software types to be running in affiliated practices, which makes oversight extremely challenging.
- DSOs tend to enter more complicated financial arrangements than solo practices. Many DSOs enter complicated earnout arrangements with affiliated dentists. Even the presence of associated dentists creates another potential embezzlement portal.
- Centralized functions like payment centers and accounts payable departments often are not well-controlled and have their own set of vulnerabilities.
- Many DSOs employ people with little dental business experience as regional managers or the equivalent. A lack of dental background makes it difficult to oversee financial operations of practices. Additional complications may include a regional manager’s offices having diverse types of practice management software as well as geographical separation.
- Affiliating with specialist practices can pose additional risks due to their software and revenue cycle being quite different from general dental practices.
The Embezzler’s Approach
While expense-side stealing can take many different forms, the thought process of someone intending to steal incoming payments is quite predictable. Most readers will understand that practice management software tracks the collection of incoming funds, and that collections according to practice management software should “balance” to funds being deposited.
While it is possible for a thief to steal by simply pocketing incoming funds and making no entry in practice management software, this approach tends not to be very successful because it leaves patients with “phantom” receivables balances that have actually been paid. This will result in unfavorable receivables trends and often gets discovered when, in response to collections action, patients claim to have paid the balances that are showing as outstanding.
The question that a would-be thief normally asks is whether an out-of-balance situation (i.e., collections according to practice management software are greater than bank deposits) will be noticed by anyone. If the answer is “no,” then a thief can perpetuate a very simple theft. They post payments accurately in practice management software and then steal some of them. While, as mentioned, this creates an out-of-balance situation (which the thief has determined will not be observed), it does keep patient balances accurate and prevents discovery from collection action being taken against phantom receivables balances.
If a thief believes that an out-of-balance situation would be noticed, they can still steal, but it becomes more challenging. Stealing incoming funds in this situation requires the thief to make deceptive entries in practice management software with the result that the software understates the amount actually collected, allowing the amount of the understatement to be stolen. To avoid empowering would-be thieves we will not go into details of how it happens, but we will say that in our combined four decades of dental forensic investigation we have not yet encountered software that could not be manipulated.
It’s Not Just Cash!
Stealing cash is the first choice of every thief, but it is far from their only choice. It is childishly easy to cash a check payable to someone else, and a thief who understands their environment can also steal credit card payments or even redirect funds that are electronically deposited by an insurance company. We have seen many organizations learn the hard way that tightly controlling cash was insufficient to prevent embezzlement.
There are several steps that a DSO can take to defend its revenue cycle against embezzlement.
- Implement a process of thorough pre-employment screening when hiring. Failing to do this will open the door to “serial embezzlers” with predictable results. If a DSO has a centralized HR department, screening should normally be done by that department; if hiring is done by individual practices or regional managers there need to be clear guidelines on the screening to be done. While state employment law may require some adaptation, a criminal records check, drug testing, credit standing, and a review of social networking activity should be considered as well as a diligent check with former employers for at least the past 5 years. While in a time when it is hard to find employees it is tempting to eschew some of these basic checks, doing so exposes a DSO to both embezzlement and other serious perils.
- Accountability must be clear. Managers of individual offices must be responsible for the daily balancing of collections with deposits and for the accuracy of all transactions in practice management software.
- There must be oversight of financial activities of individual offices. Whether this is performed by regional managers or by a centralized “reconciliation” department is a decision that a DSO can make, but not performing this basic check allows a rudimentary methodology of stealing to be successful. An additional consideration is that whoever is performing the oversight needs to obtain their information directly from an office’s practice management software; working from reports generated by someone in that office and uploaded allows considerable potential for concealment.
- An audit program should be in place with coverage of 5%-10% of an organization’s practices annually. There are various ways to select which practices will be audited—random selection, statistical outliers, behavioral markers, or a combination. Audits perform two key functions: they increase the perception among employees that transgressions will be spotted, and they are a fantastic way to identify weaknesses in a DSO’s systems.
- Regional managers and others involved in the oversight of the revenue cycle should be trained on recognizing the financial and behavioral indicia of embezzlement.
- When embezzlement is suspected in a practice, a proper investigation must be conducted, and thieves should be treated decisively. Having a proper investigation performed and then involving law enforcement provides the best possible deterrent to thieves.
It is tempting to characterize embezzlement as a minor irritant for DSOs that should be a minor organizational priority. In addition to financial losses (the average amount stolen by a dental practice embezzler exceeds $100,000) embezzlement can damage a DSO’s reputation and compromise the integrity of its financial records.
More from the Newsletter
- Heartland Dental Tells its Legacy Story with Upcoming Documentary Premiere
- DSO Cybersecurity Threats: It’s Not if, But When – Webinar
- Pacific Dental Services Reaches 900 Supported Practices Milestone
- Bright Direction Dental Announces Nisheeth Singh as Chief Executive Officer