Employee theft from an IOLTA account is a major problem for a few different reasons. First, the lawyer is a fiduciary responsible for the safekeeping of the client funds held in an IOLTA account. Second, the lawyer may be subject to discipline for failing to safeguard client funds and / or failing to properly supervise subordinate employees. Third, the lawyer will be responsible for making the client whole. Employee theft may, depending on the circumstances, be covered by malpractice insurance but if it isn’t the lawyer will need to reimburse the clients whose funds have been stolen by the employee.

Most cases of employee embezzlement have a few common characteristics such as the supervisor’s confidence, ability to authorize disbursements, a lack of checks and balances, and a “test” transaction. The confidence of a supervisor is always a key ingredient. Many times the employee has the supervisor’s trust because he is a personal friend, longtime employee, or family member. In a few extreme cases the supervisor is just lazy and never has any intention to get involved as long as he isn’t aware of any problems. The employee often has the ability to authorize, directly or indirectly, disbursements from the account. This may be because the employee has signing authority on the account, access to a signature stamp with an authorized signor’s name, or such complete confidence of the lawyer that he will sign anything the employee says should be signed without a thorough review. The characteristic common to most employee embezzlement cases that ensures the success of the enterprise is a lack of checks and balances. This is the framework within which the embezzlement is allowed to continue until an outside event triggers the discovery. In it’s most basic sense, checks and balances means that no person that processes a transaction verifies (or reconciles) that transaction. The verification or reconciliation may be immediate, regularly scheduled, or as a result of a third party inquiry. In most embezzlement cases this means the employee is allowed to both process transactions and reconcile the account. The final common characteristic in employee embezzlement cases is the “test” transaction. The “test” transaction is the initial theft, usually small and easily ex- plained as a mistake that the employee uses to see if the scheme will be detected. In most cases, if the transaction is discovered, the scheme ends.

Consider this typical fact pattern. The lawyer has a busy practice, which for this example means handling a lot of real estate transactions. During a typical month, the lawyer handles 6 - 10 refinances, each with 15 - 20 disbursement checks that need to be written. He has a paralegal he has employed for 20 years and who is by now a trusted family friend. The paralegal handles all of the paperwork, prepares the checks, and gives the attorney the entire package to review before the transaction. The lawyer reviews all of the transactions and the checks the paralegal has prepared. At this time the lawyer signs all of the checks, either manually or with a stamp. The clients come in and the transaction is handled.

Returning from the transaction, the lawyer gives the entire package to his paralegal to finish by sending out the disbursement checks. The paralegal now removes a couple of small checks (e.g. a discharge fee, property taxes, and/or title insurance) and writes checks to herself in the identical amount as the disbursements she removed from the transaction package. The paralegal uses the attorney’s signature stamp to sign the new checks.

The paralegal also handles the attorney’s trust account records. She inputs all of the transactions in the IOLTA account records as they appear in the transaction package. She then reconciles the IOLTA account, which balances perfectly every month. Months go by before any call comes into the office. At that time, a quick check of the IOLTA account records and the bank statement, and the transaction seems to be correct. The lawyer often writes a replacement check with a vow from the paralegal to follow up on the error.

This simple fact pattern has resulted in millions of dollars of employee theft.

A few simple things can be done by the lawyer to help prevent this situation. No employee should ever have the complete confidence of an employee regardless of the circumstances. Do not get a signature stamp or allow a non-lawyer to be an authorized signor on an IOLTA account. If a signature stamp is deemed necessary, keep it in a secure location and know where it is at all times. After the transaction is complete, the lawyer should send out all the disbursement checks himself. In addition, the lawyer should have a system of checks and balances in place that does not allow the same person that prepares the transaction paperwork and writes the disbursements enter the IOLTA account records. Finally, every lawyer needs good audit procedures for their IOLTA account.

The system of checks and balances does not have to be an elaborate accounting system. It can often be a combination of a few simple things anyone is capable of doing with a small investment of time such as (1) checking the bank statements, (2) following up on all outside inquiries, (3) hiring an outside auditor, and (4) being aware of changes in employees.

(1) The lawyer should always be the first person to open the bank statements. He should match the records to the bank statements and look at the checks. Most lawyers, if they look at the bank statements at all, look at the transaction detail, which lists the date, credit or debit amount, and total account balance. While this is normally adequate, it will not prevent the employee theft in this example. The lawyer needs to, at least periodically and in a non-predictable pattern, match the physical checks to the bank statement transaction detail and the IOLTA account records.

(2) Personally follow up on all questioned transactions, or at a minimum have a different employee review the questioned transaction. This review must include, at a minimum, looking at the transaction paperwork, bank statement, and a copy of the check that was cashed. Any call about a payment not received should trigger a complete review of the file by the attorney or an outside auditor. As part of any series of checks and balances, the person who handled the original transaction can never handle the review of the transaction.

(3) Hire an outside auditor to review the records once a quarter, semi-annually, or annually. The outside auditor can verify the accuracy of the transactions and does not have the handicap of knowing the employees involved. It is often the friendliest employees and employees most eager to help that are embezzling money from an IOLTA account. Note that a title insurance auditor is not an outside auditor that can be counted on to catch employee theft. Due to confidentiality rules, a title insurance auditor is not entitled to look at any client files that are not directly re- lated to their transactions. As long as at least one unrelated client exists, a title insurance auditor cannot certify an IOLTA account is entirely reconciled.

(4) On a personal level, any manager should always be aware of a change in the habits of employees. While a change may be a sign of many different things that do not require attorney intervention, any change in circumstances (like a drug or alcohol addiction) may be an alert to keep a closer eye on the IOLTA account.

Similar to the value of the reconciliation requirement in catching honest mistakes quickly when they are easier to correct, a system of checks and balances stops embezzlement before the theft becomes large. In a practical sense employee embezzlement starts with a “test” and small beginning transactions. The “test” transaction is usually a small transaction that is often explained as a mistake if it is discovered. If the initial test is successful then some periodic follow up transactions occur and eventually the thefts get larger and more frequent over time. If the system of checks and balances is adequate, the initial test - or an early follow up transaction - is unsuccessful and the employee stops, either on their own or by being removed from the position, and the enterprise is ended.

Potential discipline will vary from jurisdiction to jurisdiction, but the underlying basis for potential discipline is the lawyer’s responsibility to safeguard property and to supervise employees. If your jurisdiction requires the IOLTA account to be reconciled every 30, 60, or 90 days then a failure to catch an employee thief for an extended period of time will potentially become part of the disciplinary process.

Lawyers need to always remember that they are a fiduciary responsible for safeguarding client funds. Employee theft is one problem that can be prevented with a minimal amount of time, some common sense procedures, and a good system of checks and balances.