How $3.79m was Stolen

Written By Business One Stop Shop

Case Study: How $3.79 Million Was Stolen — And Could've Been Stopped.

A 50-year-old data entry clerk at a community housing provider managed to steal $3.79 million—right under management’s nose.

How?

 She manipulated internal banking transfers, diverting funds to her own accounts.

 The two managers responsible for approvals?

They only checked the total value, not the details of the payees.

Her motivation: a gambling addiction.

 The damage: millions gone, trust broken, and a public service organisation left exposed.

🔍 What Went Wrong?

 This wasn’t a sophisticated cybercrime — it was a failure of basic internal controls.

 Missing Controls That Could Have Prevented This Theft:

 ✔️ Dual authorisation with independent review — Both managers should have independently reviewed payee details, not just totals.

 ✔️ Segregation of duties — The person entering data should never have control over who gets paid.

 ✔️ Audit trail monitoring — No system in place to flag unusual or repeated changes to banking details.

 ✔️ Gambling policy and support programs — Red flags may have been visible if proactive support measures were in place.

🔐 If it can happen to a regulated housing provider, it can happen in your business too.

📞 Fraud prevention isn't about paranoia — it's about protection.

 Reach out if you want a tailored fraud risk review that ensures this doesn’t happen to you.

Business One Stop Shop

Helping small businesses to grow and thrive

http://www.BOSS.asn.au/
Previous

7 Habits to Deter Employee Fraud
Next

Payroll Fraud