5 Common Embezzlement Schemes in Law Firms and the Internal Controls to Prevent Them

Key Takeaways:

Employee theft costs U.S. businesses $50 billion annually, with law firms particularly vulnerable due to high cash flow and often informal financial controls—the average embezzlement scheme in a law firm lasts 18 months before detection
The five most common schemes targeting law firms are check fraud, payroll manipulation, credit card abuse, trust account theft, and billing fraud—each exploiting specific weaknesses in typical firm operations
Implementing proper internal controls can reduce embezzlement risk by up to 90% while actually saving time through automation, with most firms recovering implementation costs within 60 days through improved financial oversight

Picture this: Your firm’s trusted office manager of 10 years—the one who never takes vacations and always volunteers to handle the finances—has been systematically stealing from your firm. By the time you discover it, $450,000 is gone, your trust account is compromised, and you’re facing potential bar sanctions.

This isn’t a hypothetical. It’s happening right now in law firms across the country.

Employee theft costs U.S. businesses approximately $50 billion every year, and employees embezzle more than $50 billion from their employers annually. For law firms, the risk is particularly acute. The roughly 13,000 U.S. law firms with 5-50 lawyers face disproportionate vulnerability because informal accounting operations and lack of day-to-day senior supervision provide opportunity for theft.

The uncomfortable truth? Most embezzlement is committed by long-term employees who owners trusted implicitly and would never have suspected of stealing from them. These aren’t strangers or new hires—they’re the people you’ve shared holiday parties with, whose kids you’ve watched grow up, who’ve become integral to your firm’s daily operations.

But here’s the good news: Most of this theft is avoidable. With the right internal controls and vigilance, you can protect your firm without creating a culture of suspicion or drowning in administrative overhead.

The Real Cost of Embezzlement in Law Firms

Before diving into specific schemes, let’s understand what’s really at stake. The financial impact alone is staggering—but it’s just the beginning.

Beyond the Dollar Signs

When embezzlement strikes a law firm, the damage cascades through multiple dimensions:

Financial Impact: The median loss per embezzlement incident is $120,000, but law firm cases often exceed this significantly. Recent cases include a CFO who embezzled more than $1.3 million from two San Francisco law firms, and a Virginia attorney convicted of embezzling at least $450,000 from her firm.

Trust Account Violations: When a nonlawyer employee steals money from the trust account, this creates certain ethical obligations for the firm attorneys. These violations can trigger bar investigations, mandatory reporting requirements, and potential disciplinary action against all partners—even those uninvolved in financial management.

Reputational Devastation: Once word spreads that your firm fell victim to embezzlement, client confidence erodes. Potential clients question your ability to protect their interests if you couldn’t protect your own funds. Referral sources think twice. Recruitment becomes harder.

Operational Disruption: Discovering embezzlement triggers forensic audits, police investigations, insurance claims, and often litigation. Partners spend countless hours dealing with the aftermath instead of practicing law or developing business.

The 5 Most Common Embezzlement Schemes Targeting Law Firms

Understanding how embezzlement happens is your first line of defense. Let’s examine the five schemes that account for over 80% of law firm embezzlement cases.

1. Check and Payment Fraud: The Classic Scheme

Check fraud remains the most common embezzlement method in law firms, despite the digital age. Why? Because many firms still rely heavily on paper checks for vendor payments, client refunds, and operating expenses.

How It Works:

Common methods include forging partners’ signatures on checks, creating fake vendors and then making firm payments to those fake vendors, and forging signatures of executors, trustees and other fiduciaries to take money out of fiduciary bank accounts.

The sophistication varies. Simple schemes involve writing checks to cash or personal accounts. More complex schemes include creating fictitious vendors—IT consultants, temporary staff, etc.—to channel funds to family and friends who share the proceeds.

Real Case Example: A law firm administrator created multiple fake vendor accounts with names similar to legitimate suppliers. Over 18 months, she approved and processed $100,000 in payments to these phantom vendors, always keeping individual amounts below the threshold requiring partner approval.

Why It Succeeds: Law firms often have loose controls around check signing, especially for “routine” expenses. Partners, focused on billable work, often sign stacks of checks without scrutiny. The same person who prepares checks may also reconcile bank statements—a fatal control weakness.

2. Payroll Manipulation: The Gradual Grab

Payroll fraud is particularly insidious because it can continue for years undetected. In one case, a law firm’s office manager gradually raised her annual salary from $35,000 to $250,000 over an 18-month period.

Common Variations:

Ghost Employees: Creating fictional employees and diverting their “paychecks”
Unauthorized Raises: Gradually increasing one’s own salary or bonus
Overtime Fraud: Claiming excessive or fictional overtime hours
Commission Manipulation: Inflating billable hour reports tied to bonuses

The Perfect Crime? The fraud went undetected until the managing partner received a routine report from the firm’s actuary showing actual salaries and projected safe harbor profit-sharing contributions for the year. Without that external check, it might have continued indefinitely.

Why It Works: Small and mid-sized firms often have one person handling all payroll functions. Partners assume payroll is “just administrative” and don’t review detailed reports. Annual increases seem normal, and gradual changes fly under the radar.

3. Credit Card and Expense Account Abuse: The Easy Target

Using the firm’s credit card to pay for personal expenses is one of the simplest and most common forms of embezzlement. Yet it remains surprisingly easy to execute.

The Schemes:

Personal purchases disguised as business expenses
Inflating or fabricating expense reimbursement requests
Using firm cards for personal subscriptions and services
Creating fake receipts for never-incurred expenses

Case in Point: A law firm administrator used the business credit card for more than $90,000 including personal groceries and gasoline, department store purchases, and private school tuition. The breadth of personal expenses shows how emboldened embezzlers become when controls are weak.

Detection Challenges: Modern corporate cards make spending easier but tracking harder. Statements arrive electronically, often going directly to the person committing fraud. Generic vendor names (like “AMAZON” or “OFFICE SUPPLIES”) mask the true nature of purchases.

4. Trust Account Theft: The Ethics Nightmare

Trust account theft isn’t just embezzlement—it’s an ethical catastrophe that can end careers and destroy firms. The stakes couldn’t be higher, yet many firms maintain surprisingly weak controls over these accounts.

Common Methods:

Direct theft by writing checks to personal accounts
“Borrowing” from one client to pay another (lapping)
Diverting interest that should go to IOLTA programs
Creating fictitious client matters to justify withdrawals
Intercepting and stealing client settlement checks

The Danger Zone: A Virginia attorney was convicted of embezzling at least $450,000 from the law firm where she was employed by grabbing the social security disability checks before the firm could deposit them in the bank.

Why It’s Different: Trust account violations trigger mandatory reporting requirements in most jurisdictions. Even unintentional commingling can result in suspension or disbarment. When employee theft involves trust funds, every partner faces potential disciplinary action.

5. Billing and Collection Schemes: The Hidden Theft

These schemes exploit the complexity of law firm billing and the trust-based relationship with clients. They’re particularly hard to detect because they often involve legitimate transactions manipulated for personal gain.

Scheme Varieties:

Diverting client payments to personal accounts
Writing off legitimate receivables and pocketing payments
Creating unauthorized “discounts” in exchange for cash kickbacks
Skimming cash payments before recording
Manipulating billing rates or hours for personal clients

The Long Game: Unlike other schemes that require active theft, billing fraud can be passive. An employee might simply redirect a client’s auto-pay to their account, collecting hundreds monthly without any ongoing action required.

Detection Difficulty: These schemes hide within normal business operations. Write-offs are common. Discounts happen. Without proper controls, distinguishing legitimate adjustments from fraudulent ones becomes nearly impossible.

Essential Internal Controls: Your Protection Playbook

Now that we’ve examined the threats, let’s build your defense. These internal controls aren’t just theoretical—they’re practical measures successfully implemented by thousands of law firms.

Preventing Check and Payment Fraud

Segregation of Duties: Ensure that no single person has complete control over financial transactions. Separate duties like authorization, recording and custody of assets.

Check preparation: One person
Check signing: Different person (ideally rotating partners)
Bank reconciliation: Third person never involved in payments
Vendor approval: Separate from payment processing

Dual Control Requirements:

Insist upon dual authorization (e.g., two signers) for amounts exceeding specific dollar limits. Set thresholds based on your firm’s size:

Under $1,000: Single signature
$1,000-$5,000: One partner signature
Over $5,000: Two partner signatures

Vendor Verification Protocol:

Every new vendor requires:

Partner approval for addition to approved vendor list
W-9 form and tax ID verification
Confirmation of physical address and phone
Periodic audit of vendor list for inactive or suspicious accounts

Technology Solutions:

Positive pay services from your bank (pre-authorize check amounts)
Electronic payment systems with built-in approval workflows
Check stock with security features stored in locked cabinet
Regular review of check sequence for gaps

Stopping Payroll Manipulation

Independent Payroll Review:

Someone independent from the person making deposits and withdrawals must review payroll. Implement these specific controls:

Partners review all payroll changes monthly
Annual salary report compared to prior year
Overtime pre-approval required
Bonus calculations independently verified

External Oversight:

Use outside payroll service when possible
Require written authorization for all pay changes
Annual review by outside CPA
Compare payroll tax filings to internal records

Red Flag Monitoring:

Watch for:

Employees with no deductions or taxes withheld
Duplicate Social Security numbers or addresses
Paychecks going to P.O. boxes
Round-number salaries (like exactly $250,000)

Controlling Credit Card Abuse

Card Management Fundamentals:

Limit the number of employees who have a company credit card, and restrict the use of credit cards to business expenses only.

Individual cards for each authorized user (no sharing)
Monthly spending limits appropriate to role
Merchant category restrictions (block personal-use vendors)
Mandatory receipt submission within 48 hours

Review Requirements:

Require employees to submit receipts for all business credit card charges. But go beyond collection:

Detailed receipts (not just credit card slips)
Business purpose documentation
Client/matter codes for reimbursable expenses
Monthly review by someone other than cardholder

Technology Integration:

Modern expense management platforms can:

Capture receipts via mobile phone
Automatically categorize expenses
Flag unusual patterns
Integrate with accounting software
Require pre-approval for certain categories

Protecting Trust Accounts

The Three-Way Reconciliation:

This is non-negotiable. Monthly (at minimum) reconciliation comparing:

Bank statement balance
Client trust ledger totals
Individual client ledger sum

Any discrepancy requires immediate investigation.

Access Controls:

Separate IOLTA account from operating accounts
Different people handle trust and operating funds
Online banking with view-only access for non-signers
Audit trail for all account access

Documentation Requirements:

Every trust transaction needs:

Written authorization from attorney
Clear client/matter identification
Purpose of deposit or disbursement
Supporting documentation maintained

Automated Safeguards:

Trust accounting software should:

Prevent negative client balances
Flag unusual transactions
Maintain complete audit trail
Generate compliance reports automatically

Preventing Billing and Collection Fraud

Payment Processing Controls:

All payments go to central location (not individual attorneys)
Lockbox service for check deposits
Electronic payments to firm accounts only
Daily deposit of all receipts

Write-off and Adjustment Procedures:

Tracking write-downs and discounts is crucial for profitability. Require:

Written approval for all write-offs
Partner review of adjustments over threshold
Quarterly analysis of write-off patterns
Comparison of collections to billings by client

Accounts Receivable Management:

Regular aging report review
Independent follow-up on past due accounts
Confirmation letters to clients for large balances
Investigation of payments applied to unusual accounts

Building Your Anti-Fraud Framework

Beyond specific controls, your firm needs a comprehensive approach to fraud prevention. This framework addresses the human element—where most embezzlement originates.

Understanding the Fraud Triangle

Employee theft occurs when there is motivation, rationalization, and opportunity. Your framework must address all three:

Reducing Motivation:

Fair compensation and regular reviews
Open communication about financial concerns
Employee assistance programs
Recognition and appreciation

Eliminating Rationalization:

Clear ethical standards
Zero tolerance for “small” thefts
Leading by example
Regular training on ethics

Removing Opportunity:

Internal controls (as detailed above)
Supervision and oversight
Regular audits
Separation of duties

Creating a Culture of Integrity

Create a culture of open communication where employees feel comfortable raising concerns. This requires:

Clear Policies:

Written fraud policy with examples
Consequences clearly stated
Reporting procedures defined
Whistleblower protections

Regular Communication:

Annual fraud training for all staff
Updates on control changes
Recognition for ethical behavior
Open door policy for concerns

Tone at the Top: Partners must model ethical behavior:

Follow same expense rules as staff
Submit receipts promptly
Respect control procedures
Take violations seriously

The Trust But Verify Principle

President Ronald Reagan’s “Trust but verify” applies perfectly to law firm financial management. This means:

Trust your employees but implement controls
Assume honesty but prepare for dishonesty
Avoid creating paranoia while maintaining vigilance
Balance efficiency with security

Red Flags: Warning Signs You Can’t Ignore

Knowing the red flags to watch for can help reduce risk of loss. Train all partners and managers to recognize these warning signs:

Behavioral Red Flags

Lifestyle Changes: Employees who suddenly begin living an extravagant lifestyle that is disproportionate to their income could be using stolen funds to make purchases. Examples might include high-end vehicles, expensive jewelry, or luxury vacations.

Work Pattern Anomalies: Employees who stay late or come in at odd times might be trying to hide something. Employees who insist on working alone and who refuse offers of assistance could be trying to avoid being discovered. Employees who refuse to take vacations might be afraid that their fraud will be discovered in their absence.

Personality Changes: Employees who begin to act strangely for no apparent reason might be exhibiting symptoms of shame or guilt.

Operational Red Flags

Document these concerns immediately:

Missing documents or records
Excessive adjustments or corrections
Delays in providing requested information
Reluctance to provide account access
Unusual explanations for discrepancies
Photocopied documents when originals expected

Financial Red Flags

Watch for these patterns:

Unexplained variances in accounts
Increasing reconciling items
Stale or unusual journal entries
Round dollar amounts in expenses
Vendor addresses matching employee addresses
Spikes in particular expense categories

Technology: Your Force Multiplier

Modern technology doesn’t just detect fraud—it prevents it from occurring. Here’s how to leverage technology effectively:

Essential Software Capabilities

Your financial software should provide:

Role-based access controls
Complete audit trails
Automatic flagging of anomalies
Integration between systems
Real-time reporting capabilities
Automated approval workflows

Integration Is Everything

Disconnected systems create gaps where fraud thrives. Ensure integration between:

Time and billing software
Accounting systems (like QuickBooks Online)
Trust accounting platforms
Payment processing systems
Expense management tools
Payroll services

Automation Benefits

Beyond fraud prevention, automation delivers:

Reduced manual entry errors
Faster month-end closing
Better cash flow visibility
Improved client service
More time for billable work
Enhanced partner confidence

Making the Business Case

When proposing technology investments, emphasize:

ROI through prevented losses
Time savings for attorneys
Reduced audit and compliance costs
Competitive advantages
Risk mitigation benefits
Insurance premium reductions

Your 90-Day Implementation Roadmap

Transforming your firm’s financial controls doesn’t happen overnight. Here’s a practical timeline for implementation:

Days 1-30: Assessment and Planning

Week 1: Current State Analysis

Document existing financial processes
Identify control gaps
Interview key personnel
Review recent financial statements
Analyze write-offs and adjustments

Week 2: Risk Assessment

Rank vulnerabilities by likelihood and impact
Consider firm-specific factors
Evaluate current staff capabilities
Assess technology readiness
Calculate potential loss exposure

Week 3: Design Controls

Draft control procedures
Define roles and responsibilities
Create approval matrices
Design reporting requirements
Plan technology needs

Week 4: Build Buy-In

Present findings to partners
Address concerns and questions
Secure budget approval
Assign implementation team
Set success metrics

Days 31-60: Implementation Phase

Week 5-6: Quick Wins Start with high-impact, low-effort controls:

Implement dual signatures
Separate key duties
Lock down credit cards
Secure check stock
Begin daily deposits

Week 7-8: Technology Deployment

Select and configure software
Set up integrations
Import historical data
Create user accounts
Test workflows

Days 61-90: Optimization and Training

Week 9-10: Training Rollout

Conduct all-hands fraud awareness training
Department-specific procedure training
Software training for users
Partner briefing on oversight responsibilities
Document procedures

Week 11-12: Monitoring and Adjustment

Monitor compliance with new procedures
Gather feedback from staff
Fine-tune controls for efficiency
Celebrate early victories
Plan ongoing improvement

Week 13: Full Implementation

All controls operational
Reporting in place
Staff trained and compliant
Technology fully deployed
Continuous monitoring active

The Bottom Line: An Investment, Not an Expense

Let’s be crystal clear about the ROI of fraud prevention:

The Math Is Compelling:

Average embezzlement loss: $120,000+
Cost of implementing controls: $10,000-$25,000
Time to recover investment: 60-90 days
Ongoing savings: 5-10 hours monthly through automation
Risk reduction: Up to 90%

Beyond the Numbers: The real value isn’t just in prevented losses. It’s in:

Sleeping better at night
Maintaining bar compliance
Preserving partner relationships
Protecting your reputation
Building client trust
Creating operational efficiency

The Alternative Is Unthinkable: Without proper controls, you’re not asking “if” embezzlement will happen, but “when” and “how much.” Can your firm afford a six-figure loss? Bar sanctions? Client lawsuits? Reputational damage?

Take Action Today

Every day without proper controls is another day of unnecessary risk. The embezzler’s advantage grows with time—they learn your weaknesses, build trust, and become harder to stop.

Start small if you must, but start today:

Implement dual signatures immediately
Separate one key financial duty this week
Schedule fraud awareness training this month
Evaluate your technology needs
Create an implementation timeline

Remember: As Ronald Reagan said in the context of nuclear disarmament: “Trust but verify.” Imposing strict internal control procedures does not mean you distrust anyone, but rather sets a standard for the partners and staff alike that ethical behavior in the workplace is the only acceptable standard for the firm.

Frequently Asked Questions

Q: We’re a small firm with just one office manager. How can we segregate duties?

A: Even small firms can implement controls. Have a partner review bank statements, use external payroll services, require partner approval for all vendor payments, and consider outsourcing some financial functions. If complete segregation isn’t possible, compensate with stronger review procedures and more frequent audits.

Q: Won’t all these controls slow down our operations and frustrate employees?

A: Initially, there may be minor adjustments, but well-designed controls actually improve efficiency. Automated approval workflows are faster than paper-based systems. Clear procedures reduce confusion. Most employees appreciate the protection controls provide them—they can’t be falsely accused when strong controls exist.

Q: How can we implement controls without seeming like we don’t trust our staff?

A: Frame controls as protecting everyone—including employees. Emphasize that controls protect innocent employees from suspicion, ensure compliance with bar requirements, and improve firm efficiency. Make it about professionalism, not mistrust. Apply controls uniformly, including to partners.

Q: What’s the minimum we should do if we can’t implement everything immediately?

A: At minimum: (1) Separate check signing from bank reconciliation, (2) Have partners review all payroll changes, (3) Require receipts for all credit card charges, (4) Perform monthly trust account reconciliations, and (5) Have someone other than your bookkeeper open and review bank statements.

Q: Should we tell our employees we’re implementing these controls because of embezzlement concerns?

A: Be honest but positive. Explain that you’re modernizing financial operations to improve efficiency, ensure compliance, and protect everyone’s interests. Mention that these are industry best practices recommended by insurance companies and bar associations. Focus on the benefits, not fear.

Q: How often should we review and update our internal controls?

A: Conduct a formal review annually, but monitor effectiveness monthly. Adjust controls when you change systems, add staff, or discover weaknesses. After any incident (even minor), review related controls. Stay informed about new fraud schemes and emerging best practices.

Q: What if we discover embezzlement? What’s our first step?

A: First, secure evidence and prevent further loss. Contact your insurance carrier immediately. Consult with an attorney specializing in employment law before taking action against the employee. If trust funds are involved, review your jurisdiction’s reporting requirements. Document everything and avoid discussing the situation broadly until you understand the full scope.

Sources

Lawyers Mutual Insurance NC. “The Threat From Within: Employee Theft and Embezzlement in Law Firms.” August 7, 2024.
Association of Fraud Examiners. “Occupational Fraud 2024: A Report to the Nations.” 2024.
U.S. Department of Justice. “Former CFO Of San Francisco Law Firms Admits To Years-Long Scheme To Steal More Than $1.3 Million.” December 11, 2024.
Rosen Institute. “Embezzlement Is a Law Firm’s Dirty Little Secret.” July 27, 2017.
LinkedIn. “Embezzlement Happens! (In Small & Midsize Law Firms, Too!).” Michael Marget. May 20, 2019.
CFO Dive. “Ex-law firm CFO sentenced to three years in prison for $1.3M embezzlement scheme.” May 22, 2025.
Corporate Compliance Insights. “Warning Signs of Embezzlement & Practical Internal Controls.” September 5, 2024.
Adams and Reese LLP. “Best Practices for Internal Controls and Warning Signs of Embezzlement.” 2024.
Wolters Kluwer. “Guarding Against Internal Frauds Committed by Employees.” February 19, 2022.
Porter Hedges. “Best Practices to Prevent Internal Fraud and Embezzlement.” September 12, 2022.
American Bar Association. “ABA Model Rules of Professional Conduct: Rule 1.15 Safekeeping Property.” 2024.
ACFE. “2024 Report to the Nations on Occupational Fraud and Abuse.” 2024.
State Bar Ethics Opinions on Trust Account Management. Various dates.
Legal Malpractice Insurance Industry Reports. 2023-2024.
Federal Banking Regulations on IOLTA Accounts. Current through 2024.

Ready to protect your firm from embezzlement while improving efficiency? See how LeanLaw’s integrated financial management platform provides built-in controls, automated workflows, and complete audit trails—all while saving you time and money. Schedule a demo to see how we can transform your firm’s financial operations.

About LeanLaw

LeanLaw helps law firms simplify billing, trust accounting, and financial reporting—without changing how attorneys work. Built specifically for legal teams, LeanLaw integrates seamlessly with QuickBooks to give you clarity, compliance, and control.