Rogue CFO IV – The Company Response

by Sands Anderson PC

In this series we have considered the problem of a rogue CFO, or other executive officer, who defrauds or steals from the company. The focus has been on measures that are designed to prevent the high-level fraud from occurring in the first place. But what actions should the company take when it suspects that an insider is defrauding the business?

1. Investigate

The company first needs to assemble promptly the evidence regarding the suspected fraud. During the investigation the company must be careful not to defame the executive or let him or her know they are under suspicion. Keep all communications to a very small group and avoid written accusations. The suspected employee may attempt to destroy the evidence or cover their tracks, which may make matters difficult when the company later needs to prove its case. So, avoid alerting the suspected perpetrator until it is absolutely necessary. It would be wise to bring in a third party to verify the evidence, a party such as outside legal counsel, the firm’s accountants or a certified fraud examiner. One advantage of bringing in the company’s outside legal counsel is that communication with counsel will be protected by the attorney-client privilege, so it may be best to bring counsel in as early as possible. With each item of evidence the investigators should try to understand what alternative explanation may be possible to explain the facts. It is possible that there are benign explanations for what has occurred and management must insure that they do not falsely accuse the individual or give him or her cause to accuse the company of defamation. An interview with the employee at the right time is an important part of the process.

2. Preserve and Protect the Company’s Data and Information

At some point the evidence of misconduct will become clear enough to take action. Insure that the company has backed up all financial information, records and communications, including data from hand-held devises. This should include the relevant bookkeeping records, expense reports, financial entries. Preserve all e-mails, text messages and other forms of electronic communications. The preservation of electronic data is very important should litigation arise out of the circumstances, so every effort must be made to preserve and not delete files and data. When engaging the employee, insure that the company has the employee’s prior permission to view personal items or to search a hard drive.

3. Lock Up and Lock Out

During the investigation the company would be well advised to have a bias toward removing the offender from the situation as soon as it is determined that further access to accounts or other assets by the executive could jeopardize the company or evidence could be destroyed. When this time comes, the board of directors and supervisors should lock the individual out of computer servers, take away access cards, keys, and deny access to the company files, documents, records and accounts. Do not allow the executive to remove records from the premises. If needed, the board of directors through human resources can direct that the executive be placed on paid leave until the issues can be fully investigated. If the executive has an employment agreement management must be careful not to violate it or give the employee cause to claim that he or she was constructively terminated. This means that the company should have someone ready to fill-in for the executive. This will require some prior planning since the executives in higher offices are harder to replace.

4. Call In the Company’s Trusted Advisors

The board of directors or managers of the company need to be involved in the process throughout. The board and the senior officers should develop a plan of action to stop the fraud, disconnect the persons involved in committing the actions under investigation and assure the firm’s customers, employees, suppliers and investors that the directors are on top of the situation and taking decisive action. The company’s attorneys and accountants should be brought in to advise the board and to help the board to design a plan of action. They know what to look for, how to preserve the evidence, and what is required to build the case against the suspected perpetrator. Most importantly they know how to develop systems to insure that the fraud doesn’t happen again.

5. Determine the Consequences for the Executive

The company may decide to terminate the employee. This action will most likely allow for a “for cause” termination if the behavior falls within the definition of “for cause” termination in the employee’s employment agreement, if the employee has one, or the company’s employment manual or other applicable corporate documents. The board of directors must insure that if the employee is terminated, he or she will need to be removed from other positions of responsibility, such as the role of director, manager or officer. In addition to termination of the perpetrator’s employment, there are three basic approaches to confirmed acts of fraud that damage the company: criminal prosecution, civil litigation or a negotiated resolution. In addition to dealing with the perpetrator, the board must determine who has been defrauded. If the harm is external, for example, to a vendor, supplier, customer, lender or shareholder, then the company must analyze how to rectify the damage sustained by the outside parties.

One common reaction to insider fraud is to call the police and press criminal charges. This may seem appealing. It certainly gets the perpetrator’s attention and it sends a clear message to the other employees that actions which damage the company will be met with serious consequences. There are, however, disadvantages to contacting law enforcement. Depending on your jurisdiction this type of complaint may not bring swift action from the police. As the saying goes, law enforcement may have bigger fish to fry. They may not have the time or the resources to deal with the investigation. If there is not a danger to the community the file may go to the bottom of the in-basket and sit there for months or even years without law enforcement taking any action. Furthermore, the company may simply want to recover its losses rather than make an example of the perpetrator.

The board of directors could decide to work out a settlement with the offender. The company may want to consider a payment plan for the executive to repay the damages and stolen funds in consideration of the company not filing suit. This may not be possible for someone who has little or no net worth, however, if the executive is a person who has some considerable financial resources, a negotiated settlement can result in restoring the stolen property and funds to the company and paying other restitution damages. The repayment can be structured to provide the company with protections and security if the executive fails to repay the debt.

The board of directors must decide what its objectives are and whether or not the planned remedy will achieve those objectives and be in the best interest of the company. It may be better for the company to focus on the rogue executive returning what has been stolen and paying restitution for other damages. If the company can get over the desire to punish the offender, the concept of a work out with the perpetrator may be faster, less costly than full civil litigation or prosecution and result in full restitution of its losses.

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Sands Anderson PC | Attorney Advertising

Written by:

Sands Anderson PC

Sands Anderson PC on:

Readers' Choice 2017
Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign up using*

Already signed up? Log in here

*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
Privacy Policy (Updated: October 8, 2015):

JD Supra provides users with access to its legal industry publishing services (the "Service") through its website (the "Website") as well as through other sources. Our policies with regard to data collection and use of personal information of users of the Service, regardless of the manner in which users access the Service, and visitors to the Website are set forth in this statement ("Policy"). By using the Service, you signify your acceptance of this Policy.

Information Collection and Use by JD Supra

JD Supra collects users' names, companies, titles, e-mail address and industry. JD Supra also tracks the pages that users visit, logs IP addresses and aggregates non-personally identifiable user data and browser type. This data is gathered using cookies and other technologies.

The information and data collected is used to authenticate users and to send notifications relating to the Service, including email alerts to which users have subscribed; to manage the Service and Website, to improve the Service and to customize the user's experience. This information is also provided to the authors of the content to give them insight into their readership and help them to improve their content, so that it is most useful for our users.

JD Supra does not sell, rent or otherwise provide your details to third parties, other than to the authors of the content on JD Supra.

If you prefer not to enable cookies, you may change your browser settings to disable cookies; however, please note that rejecting cookies while visiting the Website may result in certain parts of the Website not operating correctly or as efficiently as if cookies were allowed.

Email Choice/Opt-out

Users who opt in to receive emails may choose to no longer receive e-mail updates and newsletters by selecting the "opt-out of future email" option in the email they receive from JD Supra or in their JD Supra account management screen.


JD Supra takes reasonable precautions to insure that user information is kept private. We restrict access to user information to those individuals who reasonably need access to perform their job functions, such as our third party email service, customer service personnel and technical staff. However, please note that no method of transmitting or storing data is completely secure and we cannot guarantee the security of user information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

If you have reason to believe that your interaction with us is no longer secure, you must immediately notify us of the problem by contacting us at In the unlikely event that we believe that the security of your user information in our possession or control may have been compromised, we may seek to notify you of that development and, if so, will endeavor to do so as promptly as practicable under the circumstances.

Sharing and Disclosure of Information JD Supra Collects

Except as otherwise described in this privacy statement, JD Supra will not disclose personal information to any third party unless we believe that disclosure is necessary to: (1) comply with applicable laws; (2) respond to governmental inquiries or requests; (3) comply with valid legal process; (4) protect the rights, privacy, safety or property of JD Supra, users of the Service, Website visitors or the public; (5) permit us to pursue available remedies or limit the damages that we may sustain; and (6) enforce our Terms & Conditions of Use.

In the event there is a change in the corporate structure of JD Supra such as, but not limited to, merger, consolidation, sale, liquidation or transfer of substantial assets, JD Supra may, in its sole discretion, transfer, sell or assign information collected on and through the Service to one or more affiliated or unaffiliated third parties.

Links to Other Websites

This Website and the Service may contain links to other websites. The operator of such other websites may collect information about you, including through cookies or other technologies. If you are using the Service through the Website and link to another site, you will leave the Website and this Policy will not apply to your use of and activity on those other sites. We encourage you to read the legal notices posted on those sites, including their privacy policies. We shall have no responsibility or liability for your visitation to, and the data collection and use practices of, such other sites. This Policy applies solely to the information collected in connection with your use of this Website and does not apply to any practices conducted offline or in connection with any other websites.

Changes in Our Privacy Policy

We reserve the right to change this Policy at any time. Please refer to the date at the top of this page to determine when this Policy was last revised. Any changes to our privacy policy will become effective upon posting of the revised policy on the Website. By continuing to use the Service or Website following such changes, you will be deemed to have agreed to such changes. If you do not agree with the terms of this Policy, as it may be amended from time to time, in whole or part, please do not continue using the Service or the Website.

Contacting JD Supra

If you have any questions about this privacy statement, the practices of this site, your dealings with this Web site, or if you would like to change any of the information you have provided to us, please contact us at:

- hide
*With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name. Or, sign up using your email address.