Case Studies

High-profile, successful projects delivered for our clients

Get in touch  

Employee Theft of Client Funds – UK Professional Services Practice


A manager employed by the Insured, a professional services practice in the UK, stole funds from two bank accounts containing the firm’s client funds.  The Insured had the benefit of a professional indemnity policy, including mitigation cover, but did not have commercial crime insurance.  Accordingly, only misappropriated funds owed to the firm’s clients potentially fell within the scope of the policy and there was no cover for loss of the Insured’s own funds.

We liaised closely with the Insured from the outset to understand their procedures for recording and managing client funds. Combining this information with our forensic analysis of the Insured’s bank accounts and internal records, we were able to quantify the loss in line with policy requirements at £1m.

Our investigations:

In the first instance, we conducted a thorough analysis of the Insured’s bank statements to confirm the amount stolen from the client account.  We then reconciled the client account balance against the firm’s client records and data to confirm the amount owed to clients.

However, quantifying the loss was more complex than initially anticipated. This is because we ascertained that the fraudster had also deliberately diverted some client funds into an office account before misappropriating those funds too. To identify which misappropriations were from client funds and which were from the Insured’s funds, we performed a forensic analysis of the transactions in the account. This included a reconciliation of the bank statements against internal records and client receipts.

We established that the fraud went undetected because the fraudster manipulated the client and office account bank statements so that they appeared to agree to internal records. When the fraudster presented the manipulated bank statements to the Insured’s accountant, no concerns were raised because the figures matched.

Risk features:

Several factors contributed to the success of the fraud:

  • The fraudster had authority to liaise with the Insured’s bank in respect of the firm’s accounts. They also had access to internal records.
  • The Insured did not have online banking, so the Insured’s accountant could not access the bank statements to review transactions.
  • The amalgamation of client funds in one account meant that the loss went undetected as new client deposits masked the overall deficit.
  • Many client receipts were received by cheque or cash, making the receipts more susceptible to manipulation and theft.


  • Segregation of duties has been introduced in respect of receiving, recording and banking cheques.
  • Effective controls have been implemented over client accounts, including regular reconciliation of client funds to internal records and bank statements obtained directly from the bank or through online banking.
  • Robust payment processes have been introduced, including dual authority to instigate bank transfers.
  • Effective and regular management oversight of banking activity has been introduced.
  • Cash and cheque transactions and handling are now minimised.
May 2021
Latest Insights