I consider employee theft as one of the biggest risks facing businesses. According to a recent report by the Kenya National Bureau of Statistics, the number of Kenyan workers convicted for employment-related offences rose by 60% last year. Similarly, a recent Microsoft Security Intelligence Report noted that in 2018, the incidences of cybercrime in Kenya rose by 167%.

Employee theft leads to revenue leakages and financial losses. Therefore, businesses must step up their business risk management strategies in order to curb this vice.

In this Article, we consider common types of employee theft and some of the effective strategies that businesses can implement to prevent theft.

Types of Employee Theft

  1. Skimming: also known as “off the books theft”, arises whenever an employee steals monies or assets prior to book-entry posting.
  2. Larceny and Embezzlement: Larceny occurs where there is outright theft of a firm’s assets by a person who is not in authority for such assets. For example, a store clerk or cleaner may steal cash from the cash register while the cashier is away. In contrast, embezzlement arises in situations where an employee is entrusted with authority over assets and decides to misuse such authority. Thus, in the preceding example, embezzlement would arise if the cashier were to steal the cash as opposed to the cleaner.
  3. Theft of Time: Employees can also steal their employer’s time by failing to put in requisite hours of work. As a result, the productivity and output of the organisation are seriously hampered.
  4. Cybercrime: Cybercrimes or computer-related crimes can be broadly categorised into two areas. The first relates to crimes that target networks and computer devices. The listing below provides some examples of crimes under this category.
  • Distributed Denial of Service (DDOS) attacks – these are malicious attacks on user networks. They arise when hackers incessantly drive lots of unauthorised traffic through the user’s site to the point where the network becomes overwhelmed. Eventually, the hacker gains unauthorised access to user systems.
  • Malware – malicious software that tries to attack a computer system. It includes viruses, worms, Trojan horses etc
  • Ransomware – occurs when malware attacks or threatens an attack on a computer system until a specified ransom is paid to the attackers.

Cybercrimes may also be perpetrated through computer devices as shown in the examples below:-

  • Phishing – this crime involves hackers sending malicious email attachments or URL’s to users to gain access to their computing devices.
  • Identity Theft – arises where unauthorised users gain illegal access to users’ personal information and use such information to steal or commit fraudulent activities. The stolen information may include computer credentials, national identification numbers, phone numbers, etc.
  • Fraudulent Disbursements – here, employees embezzle funds by working around a firm’s financial system. For instance, they may authorize wire transfers to a fake customer of vendor accounts or forge signatures to process payments.

Strategies for Minimising Incidences of Employee Theft

1. Screen job candidates before hiring

At the hiring stage, firms should use candidate screening tools such as background/reference checks and police clearances. Such tools can highlight red flag detail on an employee’s work and behavioural background.

2. Look out for strange employee behaviours

Employers should take the time to know their employees. Often, when employees steal, they begin to exhibit strange behaviours. For example, they may have lifestyle changes that are way above their salaries. Further, these employees may develop fears of getting caught and as a result, become reluctant to take up their annual leave entitlement. They may also start spending unnecessarily long hours in the office. Alternatively, the employees in question may become very resistant to proposals to change policies or processes that affect their areas of work.

Where an employee is involved in theft, employers should take swift and decisive action to dismiss the employee in accordance with the law and internal HR policies/processes.

3. Develop attractive Employee Value Propositions

Employee value propositions represent the total compensation and benefits package offered to employees. An attractive proposition will usually offer staff salaries and benefits that are either in line with or above market trends. They may also include enhanced non-monetary incentives such as long paid leave periods, flexible work schedules, employee meals etc. These kinds of perks encourage employees to focus on achieving company goals. They also reduce the temptation to steal.

4. Have Robust Policies and Processes

It is advisable for every employer to develop policies that demonstrate to employees zero-tolerance stance to employee theft. As a starting point, all employees should sign an Employee Code of Conduct and Business Ethics. The Code of Conduct and Ethics outlines an employer’s general statement of the kind of behaviours employees are expected to demonstrate during their employment.

Further, all departments within an organisation should endeavour to develop policies and processes that close potential loopholes for theft. For example, to tackle cybercrime, employers should put in place an effective IT policy coupled with cybercrime detection mechanisms. The typical areas that such policies cover include password management, data management, network and internet security, software and hardware management, etc.

Similarly, the finance department should develop financial controls and processes to avoid leakages. Some examples include segregation of responsibilities among employees, regular review of financial statements and appointment of independent auditors to audit books of account.

5. Put Your Workplace Under Surveillance

Video surveillance and biometric systems serve as useful theft deterrents. Video cameras should be placed in hot spot areas such as the cashier/cash collection department or company warehouse. Regular reviews can be conducted to rule out suspicious activity. Biometric systems give indications of employee reporting and log-out times. They can be useful in tracking the movement of staff.


Theft by employees can be costly to your company. Before you fall victim to theft, take steps to understand your employee profile. Additionally, establish proper systems in all areas of operations.

***THE END***

About the Author: Anne Mutie is an advocate of the High Court of Kenya whose main practice area is corporate law. For over 10 years, she has successfully guided businesses of varying sizes on ways of navigating corporate and commercial legal issues. Anne spent 3 years as a Litigation Advocate at Hamilton Harrison & Mathews before she pursued a career as in-house legal counsel in multiple organisations ranging from start-ups to multinationals. Her work at these organisations provides her with a unique insight as to the types of legal challenges that organisations face and she draws upon her knowledge to provide timely and relevant solutions. For more Articles, please visit her venture law blog.

About Anne Babu

Anne is an Advocate of the High Court of Kenya and the Founding Partner of Anne Babu & Co. She has practised employment law for over 12 years and her employment law practice has been recognized by the prestigious Chambers & Partners. Anne cares about employers and their labour issues.


The information on this website is for general guidance on your rights and responsibilities and is not legal advice. If you need more details on your rights or legal advice about what action to take, please contact a lawyer.

We try to ensure that the information on this website is accurate. However, we will not accept liability for any loss, damage or inconvenience arising as a consequence of any use of or the inability to use any information on this website.

We assume no responsibility for the contents of linked websites. The inclusion of any link should not be taken as an endorsement of any kind by us of the linked website or any association with its operators. Further, we have no control over the availability of the linked pages.

error: Content is protected !!