The Danger Of References

David Harris

A client of ours recently asked us this question:

“I have an interviewee, and I would like to talk to her past employers. She’s been at a local restaurant for the last 4 years, but it closed in April.

What would you recommend doing to check employment?

She listed 3 references from the restaurant with their contact info. Would you recommend contacting them?”

Our client is someone who makes every effort to run his practice properly, and his dilemma forces us to deal with a seminal issue in background checking – with whom should we be speaking?

I often have dentists tell me that they ask for “references” or that they check “references.” Normally they are doing this to show me that they are careful about who they hire. Typically, what they are doing is asking the applicant for a list of people who the dentist can contact to gain some level of comfort about the applicant’s character.

One of my concerns with the hiring practices of many dentists is that they know far too little about people who they hire, so I am glad to see a desire on the part of these dentists to close this knowledge gap. However, I think that by checking references, their efforts are misdirected.

The first problem with applicant-supplied references is that they have been “cherry-picked” by the applicant. This selectivity means that the information they give you lacks objectivity. Everyone has at least a few people in their life who are raving fans, and when you call applicant-supplied references, that is exactly with whom you are speaking. So, you are unlikely to hear anything remotely negative from these people. I’m pretty sure that if my dog could talk, he would say wonderful things about me. But because I feed him and rub his belly on demand, he isn’t exactly objective.

To make the problem worse, often the references that are supplied (and checked) are really in the nature of “character references,” by which I mean that their knowledge of the applicant does not come from a work setting (e.g., the high school volleyball coach or parish priest). In addition to an objectivity issue, there are often other problems; the information you receive may suffer from a lack of relevance.

The people who can give you information that is both relevant and objective are former employers, and that is exactly with whom you should speak.

To circle back to the question that my client asked, what is behind his question is that the thing that the (correctly) wants to do has been frustrated by the closure of the restaurant.

In this case, because the applicant has nominated co-workers, the relevance issue is less important because these people have observed the applicant at work and have done so recently. The true concern is objectivity.

I will also reiterate something that I frequently mention about calling people when doing a background check; verify all phone numbers independently and do not rely on any phone number provided by an applicant. You may end up speaking with someone other than who you think you are.

My suggestion to the client was to call the references to ask them if they supervised or managed the applicant. If the answer to this question was no, then who was her supervisor and manager? I would then call these people to ask about the applicant. We refer to this concept as obtaining “derivative references”.

Particularly if they were not on the supplied list of references, now I would have access to information that is more likely to be objective. So in cases where it is difficult to access former employers directly, keep the concept of derivative references in your toolbox.

Reconcile or Reckless? You Choose!

Amber Weber, David Harris, and Wendy Askins

(Editor’s note — the concepts for this article were first presented in a webinar presented by the authors in May 2020. To view a recording of the webinar, please click HERE)

When someone wants to embezzle from you, their approach is predictable.  Thieves begin by asking themselves whether the reconciliation process used in your practice is thorough and complete. 
By “reconciliation,” we are referring to the oversight by practice owners of the daily and monthly balancing done by staff.  In its simplest form, reconciliation is the process of ensuring that the money that your practice management software says you received got deposited to your bank intact.

If a thief realizes that your reconciliation process is flawed, which is probably the case in 75% of practices, this bestows a particular blessing on that thief. He or she can steal by simply “shorting” the deposit; in other words, they can steal without needing to tamper with individual patient accounts to conceal it. Stealing in this way does not require high intellect or any -n-depth understanding of your practice management software.

On the other hand, if a would-be thief believes that a deficient deposit would be noticed (in other words, that the reconciliation process has integrity), now to steal he or she is faced with a much greater challenge. While it is possible to pocket payments from patients and insurance companies and conceal the theft by not recording the payments in practice management software, this will result in “phantom” patient receivable balances. For this reason, this approach tends to be a self-limiting method of stealing. If this “snatch and grab” approach is employed, sooner or later, patients may realize that amounts that they owe to the practice are overstated, and the act of these patients complaining may get the thief caught.

Therefore, a “tight” reconciliation process usually forces a would-be embezzler into a riskier and far more complicated embezzlement scheme where it is necessary to tamper with individual patient accounts to keep the amounts owing pristine while still stealing. This manipulation is certainly possible, but success requires a much smarter embezzler with a good knowledge of your software.

So what does this elusive reconciliation process entail?

First, we will mention that it consists of some daily activities and some month-end ones. Performing only one of these and omitting the other is problematic. Looking at day-end information and ignoring month-end reporting leaves the practice owner vulnerable to “day-off” transactions performed on days when the practice is closed and creates challenges with credit card payments and bulk receipts when there is often a timing difference between when these funds are deposited and when receipt is recognized by practice management software.

On the other hand, ignoring daily reports and focusing on a month-end review degrades your ability to spot entries in your software that are inconsistent with what actually took place. There is no substitute for a timely day-end review for this.

There are a few basic rules for reconciliation:

  1. Print your own reports. Delegating this function means that you abdicate control over the choice of information for the reports. This approach leaves you vulnerable to selective reporting.
  2. Timeliness is important. Review the day-end report from your practice management software before you go home for the day. Postponing that review, even by a single day, diminishes your ability to spot inaccuracies
  3. Articulation is mandatory. If you have 18 working days in a month, the month-end report should equal the sum of the 18 day-end reports that you have. Prosperident has developed a spreadsheet that does the math for you (if you want it, please ask for it at, and we will be happy to oblige).
  4. Your receivables at the end of a period (whether a day, month or year) should always equal the following calculation: Starting receivables + fees – payments – adjustments. If you can’t “prove” receivables using this formula, something improper happened.

What should a practice owner scrutinize?

Daily, the most important report is the practice summary from your practice management software. This report has various names depending on the software you are using but will summarize the fees charged today, the adjustments applied, and the payments received.

Your review should include the following:

  • Review of the procedures billed for accuracy (and if you have other providers in your practice such as hygienists, partners or associate dentists, each of them should review their own summary and sign it to attest to accuracy).
  • Review the payments received. In particular, you are looking at whether your policies on the collection of co-payments at the time of the patient’s visit are being followed.
  • Review every adjustment made. Ensure that the amount, timing, and categorization all make sense. Force staff members making adjustments to be specific — there should be a separate category in your practice management software for each different PPO in which you participate and different codes for each type of marketing discount that you offer (senior discount, coupon discount, etc.) Anything categorized as a “miscellaneous adjustment” needs a detailed explanation attached.
  • Review the deposit amount, and compare it against the report. Rather than checking the amount leaving the practice, it is far better to use online banking to verify the amount actually deposited and to “lag” this part of your review by a few days to allow payments with a timing difference, like when patients pay by credit card, to catch up.

On a monthly basis, the good news is that the more tedious part of this review can be outsourced. Reconciling your bank account, merchant account (this is the account attached to the credit card terminal in your practice), and any third-party patient financing, payment management, or collection agency that you use is important but mundane. For this reason, it is completely understandable if you choose to outsource these tasks. A dental bookkeeper or your CPA firm are good candidates for this work.

However, there are some things that require your personal attention. Here are the things for you to look at:

  • This monthly review is the time to ensure that the daily practice summaries you have reviewed total to the same numbers as the month-end practice summary.
  • Review your receivables report. Focus on the overdue amounts and on the collection efforts being taken by your practice to collect them.
  • Practice management software normally has an “outstanding insurance claims” report. Review this and check on the actions taken to finalize outstanding claims (is a resubmission needed, or has the insurance company asked for additional information that has not been provided?)
  • Review the following reports:
    • Adjustments report
    • Deleted transactions report
    • Modified transactions report
  • Review the “entry log” from your alarm company to see if a staff member is visiting the practice at unexpected times. A staff member logging extra (often uncompensated) hours is almost always a symptom of embezzlement.
  • Ensure that the month that you are reviewing has been “closed” in your practice management software. Do this by checking the software directly; don’t complete this task by asking a staff member. If you aren’t sure how to do this, your software has trainers and a help desk to teach you how to check.

Performing day-end and month-end reconciliation properly will not catch all embezzlement. However, it will eliminate the easiest ways to steal and the wanna-be thieves without the software knowledge and intellect needed to progress to more advanced stealing.

Do you have questions about this article or want to speak with us about your practice? You can contact us using THIS LINK.

The Importance of Month-end Reconciliations


By Wendy Askins, CFE, MBA

A thorough month-end reconciliation is critical to uncover revenue anomalies, errors, and embezzlement.   Relying solely on information that is offered to a business owner by a team member is dangerous.  Embezzlers can manipulate reports, handwritten deposit slips, and other data sources to execute their schemes.  However, they cannot manipulate third-party statements from outside entities.
All third-party revenue statements should be sent directly to a secured location accessible only by the business owner.  Revenue statements include bank statements, merchant account (credit card) statements, third-party patient finance company (Care Credit and Lending Club) statements, Orthobanc or Vanco statements, and OrthoFi statements.  Once the business owner has reviewed the statements, forward the documents to the bookkeeper or the individual responsible for practice financial data reconciliation and retention.
 The reconciliation process can be an arduous process that is best completed by an outside source instead of the business owner.  Additionally, the reconciliation process should NOT be completed by a team member who has control over the posting of payments or control over the day-end processes.  Many practice owners rely on an external bookkeeper or company that can complete the process virtually.
The reconciliation process begins by ensuring that all serial numbered computerized daysheets and deposit slips are represented and that there are no “hidden” records of adjustments or payments. 
Using the third-party statements, confirm that the amounts of each payment method listed on the practice management software computerized deposit slip match the amount and timing of the deposit on the third-party statements.  Physical payment methods (cash, checks, money orders) are located on the bank statement; funds electronically deposited to the bank are located on the individual company statement.  Once the revenue data from the practice management software is reconciled to all third-party statements, then move to a reconciliation of the business accounting software (QuickBooks, etc.).


Many business owners assume that their Certified Public Accountant (CPA) is responsible for reconciling their revenue.  In actuality, CPAs are responsible for ensuring that expenses are categorized correctly and generating business financial statements.  CPAs do not reconcile income from the practice management software with records of revenue on third-party statements.   A webinar with more reconciliation tips can be found on the Prosperident website and YouTube channel.    If you suspect embezzlement is occurring in your practice, please seek advice from individuals who specialize in financial crimes committed against orthodontic specialists.  Prosperident is here to help!

ADA Survey Addresses How Embezzlement is Discovered

The American Dental Association’s Council on Dental Practice recently released the results of a survey completed last year on embezzlement.
One of the questions on the survey addressed the question of behaviors exhibited by embezzlers. The answers were enlightening.

The pie graph below highlights the most commonly observed behaviors (please note that, due to multiple responses, the total exceeds 100%).

Observed behaviors of embezzlers, 2019

As you can see, possessiveness about the embezzler’s duties and a reluctance to cross-train other team members was the single biggest factor, given by almost 50% of respondents. Closely related was territoriality about the embezzler’s workspace, with over 25% of respondents reporting that behavior.

Defensive when questioned about financial matters, and complaints from other staff about the affected employee, or observed bullying on the part of the thief, we also observed by many victims.

Employee behavior is still one of the key elements in detecting embezzlement. Our Embezzlement Risk Assessment Questionnaire has been taken by thousands of dentists and provides a good barometer for employee behavior. You can access the Questionnaire HERE.

ADA says Embezzlement is Increasing

The American Dental Association’s Council on Dental Practice recently released the results of a survey completed last year on embezzlement.
There are some interesting results, and they generally do not constitute good news for the dental profession.
First, compared to a similar survey released just over ten years ago, the prevalence of embezzlement in practices is noticeably up. The 2008 survey had found that 35% of respondents had been victims of embezzlement. The survey released in February 2020 showed that 48% of those responding had been embezzled. This increase of 13 percentage points in ten years is significant and should be a cause for alarm among practice owners. The logical conclusion is that embezzlement will sooner or later affect more than 90% of practice owners.
The 2020 survey did something that the previous survey did not. For those who had been embezzled, it asked them how many times they had been victimized. From those who had reported being embezzled, 26% (i.e., 54% of those who had been victims) indicated that it had happened once, 23% of victims reported being stolen from twice, 5% of those stolen from declared three embezzlements and an astonishing 18% (which is 8% of all dentists surveyed) confirmed having been victims at least four times.


Many dentists believe in the honesty of long-service employees. The survey tested that hypothesis directly, asking embezzlement victims how long the thief had worked for them at the point of discovery. The following graph shows the results:


As you can see, almost half of the stealing employees had been employed for four or more years.
The survey asked how embezzlement was discovered. Predictably, there was a wide variety of answers, ranging from reported by another employee (28%) to discovery when changing accountants (3%). While the ADA did not do this in its survey, one additional analysis that we performed was to taxonomize the means of discovery into two categories; embezzlement discovered by the planned operation of a practice’s system of controls (of which an example would be discovery by reviewing the audit trail in a practice’s software) and stealing discovered by some chance occurrence (for example, when discovery is caused by a patient complaining about their account). This analysis revealed that only 17% of embezzlement was discovered through the systems employed by practices, with a staggeringly high 83% revealed through unpredictable events. Clearly, practice systems are not providing the protection that practice owners believe they are. David Harris, Prosperident’s CEO, is part of a group writing a series of articles designed to help practice owners receive a higher level of protection from their systems. The first article in the series is available here —
The survey also looked closely at the behaviors displayed by embezzlers, and the results are consistent with something that we have been saying for many years – embezzlers exhibit certain telltale behaviors, and one of the best ways to detect an embezzlement problem is to look for these behaviors. Here are the most prevalent behaviors of embezzlers, as determined by the survey (the percentages add up to more than 100% due to multiple responses):


Our Embezzlement Risk Assessment Questionnaire provides an excellent way for a practice owner to evaluate the behavior of employees. It is available at a modest cost in our electronic store at
The ADA survey validates what our own experience over the last decade has suggested – embezzlement is on the increase in dentistry. Practice owners need to be both vigilant and proactive in dealing with it. Prosperident’s Office Protection System provides an effective way of protecting a practice or a group of practices from embezzlement. More information is available here — .

Deleted Transactions — Hidden Gems

Prosperident’s Wendy Askins, CFE, MBA

Deleted transactions are overlooked and ignored to our detriment. One must purposely seek to find these hidden gems to uncover the dark stories they tell. You will not find them visible on the patients’ ledger in most practice management software; they are only discovered by generating a separate audit log report, adjustment report, or deleted transactions report.

As a Certified Fraud Examiner, I attest to the immense value of scrutinizing deleted transactions and begin every investigation with a specialized in-depth process of review. The majority of confirmed embezzlement cases hide theft patterns in transactions that are intentionally deleted.

Confirmed embezzlement cases have suspicious deleted transactions, but not every deleted transaction is suspicious. For example, if a retainer charge and cash payment are recorded, then both transactions are deleted without the application of a correcting transaction. The sequence likely occurred due to theft. On the other hand, if a retainer charge transaction is recorded, then deleted and reposted for the corrected amount with a cash payment amount matching the sequence likely occurred due to human error in the original retainer charge amount.

Deleted transactions conducted in an attempt to correct an error can also tell a story of an employee that needs additional training, financial policies that need revision, areas in need of improved communication, or software in need of greater customization. For example, if Olivia Office Manager continually posts insurance digital credit cards as EFT payments, then deletes the EFT payment and reposts as a credit card payment, it’s a sign that Olivia Office Manager needs more training in the differences between the two payment methods and how the error could impact the reconciliation process.

The Prosperident recommendation is to print the deleted transactions report personally (sometimes called voided, reversed, or error transactions) and review the transactions monthly. There will be a large volume of transactions in the report; I recommend focusing on the deleted cash payments. Identify a specific deleted cash payment, then review the patient’s ledger to determine if the payment was reposted with corrections:


Fraud detection is a highly specialized skill, and some theft modalities leave no trace evidence in the practice management system, such as skimming. Following the above guidelines could give the business owner advantage to uncovering embezzlement.

If you suspect embezzlement is occurring in your practice, please seek advice from individuals who specialize in financial crimes committed against orthodontic specialists. Prosperident is here to help!

Daily Balancing – the Right Way

David Harris

Everyone knows that daily balancing is a key safeguard for your practice’s finances, but there is very little information available to a dentist on how to do it properly. So here’s a recipe:

  1. Which reports should be scrutinized? Most software can produce a lot of different reports. Most software has a report specifically designed for day-end review. It may be called a “daily summary”, “day-end report,” or “daysheet”, or it may have a different name in your software. For purposes of this discussion, I will refer to it as the “daysheet”. The daysheet will normally show procedures performed, fees associated with the procedures, payments received, and adjustments made, as well as any deletions or corrections that were made. Normally at the bottom of the report are totals for each of these activities, plus a breakdown of the payments received by type (cash, check, credit card payment, third party deposit, etc.) Most daysheets also show your accounts receivable balance at the beginning of the day and the balance at the end of the day. If the daysheet from your practice management software is missing some of this information, you will need to print additional reports to ensure that you have everything listed in this paragraph.
  2. Some reports will isolate any one of these items in a single report. For example, most software will generate an adjustments report that only lists adjustments or a production report that isolates procedures performed and fees billed. These reports have their uses and allow you to review a specific type of transaction. However, for the day-end review that you are performing, I recommend that you look at the daysheet, which allows you to see all of the activities undertaken for each patient today in a single report. So for a patient who visited the practice for treatment, you can see what was billed, what was paid, and any adjustments or modifications that were made. This approach is preferable to, for example, looking at today’s adjustments on a separate report, which means that you will not have the context for the adjustments made. Put another way, a $200 adjustment on $1,600 of treatment means something quite different from the same $200 adjustment applied to a $250 treatment, and looking at an adjustments report simply will not give you that context, without cross-referencing it to other reports. The daysheet, if generated with the proper settings, will allow you to have all of the information needed for your daily review in a single report.
  3. The daysheet and other reports from your practice management software used in this process need to be printed by you, your spouse, or an external person like a bookkeeper or accountant. You should never rely on a staff member to generate the reports used for reconciliation. Doing so creates the possibility of “selective reporting” where certain activities are excluded from the report. If this is done, you will think that report you are using summarizes the entire practice when it does not.
  4. I love the approach taken by a friend of mine, Sandy Baird, a practice management consultant based in Tennessee. Sandy says that the day-end routine needs to be a team concept and that team members other than the practice owner also have roles. For example, Sandy suggests that each associated dentist, assistant, and hygienist needs to print a production report for their own activities, compare it with their schedule and ensure that correct fees and procedures were applied and that work performed was coded to the correct provider. This activity is not a substitute for the owner’s review of the practice but increases the chances of finding inaccuracies.
  5. You need to review day-end reports personally. This review should not be delegated to anyone. However, as mentioned in the previous paragraph, your review should be supplemented by the reviews carried on by individual billers of their own activities. You are the only person who has a chance of spotting a discrepancy between what was done and what was billed for work that you performed, plus you, as practice owner must use this chance to look at the overall activities of the practice. Month-end reviews are also important, but there is no substitute for reviewing a day while what took place is still fresh in your mind.
  6. A delayed review of a day is close to useless. Your ability to find an error or unusual transaction degrades considerably with even a 24-hour delay in performing the review and looking at last Thursday’s report on Monday afternoon represents a lost opportunity to find inaccuracies.
  7. When reviewing the day-end report, there are several things you should scrutinize:
    a. Review all fees that were billed for accuracy. Embezzlement is not the only threat to your practice’s revenue; simple clerical mistakes can also be costly. A one-digit error in a procedure code can cost you hundreds of dollars.
    b. Review payments received. One thing to check is to look at payments made by patients during the day to ensure that your policies for collecting co-pays are being followed. In other words, if your policy is to collect co-payments (or at least estimates thereof) on walk-out, your daysheet will tell you if team members are following this policy.
    c. Ensure that there was a fee charged for every patient you saw today unless you know that a specific patient was booked for a “no-charge” appointment (an example of a no-charge appointment is a visit within a multi-visit procedure that had a single fee, such as an ortho check if your practice does orthodontic treatment).
    d. Review all adjustments (both debit and credit adjustments) and ensure that you understand the reason for them and that the adjustments make sense in the context. Substituting an adjustment code for a payment code is one of the most basic methods of concealing theft.
    e. Check the “continuity” of accounts receivable. The “closing” balance of receivables from the last day that your practice was open should be exactly the same as the “opening” receivables balance for today. If these two receivables balances are not identical, it means that there was some activity in your practice management software between the end of your last workday and the beginning of the current one.
    f. An excellent idea is to print “roll-up” reports instead of current-day ones from your software. Even though it is commonly called a “daysheet,” this report can cover any period you wish. So if today is Monday, and your office’s last working day was last Thursday, rather than review a Monday daysheet, you should be looking at one that spans the period from the last cutoff on Thursday until the end of today. This report will show you any transactions that took place in the three days when the office was closed. Since you are printing the reports yourself, this is not hard to do.
  8. Ensure that all patients are “checked out” in your practice management software. Checking out is the process of closing an appointment in practice management software. Checking out a patient forces the front desk staff to either apply a charge or record a patient as having had a no-charge appointment. When any patient who had chargeable work done is not checked out, you have lost money.
  9. Many practices do not use adjustment codes properly. Each “reason” for making an adjustment needs to have a unique code. So each PPO, and every other category of discounts (e.g., senior citizen discount, professional courtesy for referral sources, etc.), and every marketing initiative that you undertake, needs a unique adjustment code. There should be very few “miscellaneous adjustments”, and whenever one is made, staff need to make a detailed explanation in the patient notes. Give some extra attention to any miscellaneous adjustments on your report and check the notes made to ensure that you agree with the basis for the adjustment and that it does not fit within one of the defined adjustment categories. And if there are a fair number of miscellaneous adjustments made for more or less the same reason, this is a good time to place a label on that type of situation and create a tailored adjustment code for it.
    Not having (and using!) specific adjustment codes deprives you of information needed to make key decisions about your practice, such as whether you should drop a specific PPO plan or whether a specific marketing initiative is working. Having only a few adjustment categories (or one generic category used for all adjustments, and yes, I have seen this on occasion) also makes it easier to “bury” fraudulent adjustments. Forcing specificity makes inappropriate adjustments much more conspicuous.
    Whatever the cause of an adjustment, it represents money out of your pocket, and for that reason, it requires scrutiny comparable to if you were writing a check for the same amount.
  10. There is no particular benefit to having an external party review the daysheet or daily balancing. You should personally verify the agreement between practice management software and today’s deposit. It is permissible to outsource the monthly reconciliation that compares a month at once. Reconciling the entire month at once drastically reduces the workload involved for the person performing the reconciliation, because most of the timing differences that have occurred within the month will have worked themselves out, and it is only the ones that straddle the beginning or end of the month that need to be addressed. This monthly reconciliation provides a “double-check” on the daily work that you are doing.
  11. The “timing differences” discussed earlier in this chapter create challenges in balancing and reconciliation. Situations where collections are recorded earlier or later in your practice management software than when they are received by your bank mean that it is often impossible to know by closing time today whether today is properly balanced. When a patient pays today by credit card, it will be several days before that payment can be confirmed
    Conversely, payments deposited by insurance companies directly in your bank account normally appear in your account a couple of days before you receive the Explanation of Benefits from that insurance company.
    Timing differences complicated the balancing (done by staff) and reconciliation (done by you, your spouse, or an outside party) processes because they require keeping track of “held over” items for a few days until the other part of the transaction can be verified.
    For timing differences, online banking is a must to allow you to confirm that the correct amounts were deposited. This adjustment is easy for amounts that appear in the bank before being recorded in your practice management software. However, for amounts with the deferred receipt, confirmation that these amounts were correctly received needs to wait a few days.
    The result of this timing difference is that “real-time” end-of-day reconciliation is no longer possible, and you need to review balancing a few days after the fact to be able to verify time-lagged credit card deposits. Prosperident has developed a spreadsheet that makes monitoring of deferred and advanced amounts easier. If you are comfortable using spreadsheets, please email us at, and we will be happy to send you a copy.
  12. In addition to dealing with timing differences, online banking access for the dentist is virtually a necessity for other reasons. Online access allows you to compare your practice management software against what actually appeared in your bank account. Relying on pieces of paper like a bank deposit book (which can be adulterated), and waiting for the bank to send a month-end statement to provide ultimate confirmation of deposits, are not good ideas.

Practice Management Software can Lie

It’s something that we read over and over.  A dentist in a Facebook forum states that embezzlement cannot be happening in his or her practice because they “check their daysheet every single day.”

Broadly, there are two types of embezzlement.  The first takes place when the balancing process (in other words the daily and monthly comparison between software and financial accounts) is unsupervised or incomplete. In this situation, stealing is easy because a thief can enter all payments into the practice management software and then simply “short” the deposit. This leaves patient accounts balances accurate. This is important to prevent patients from complaining about their balances, repeated occurrences of which might get an embezzler caught.

But what if the balancing process is done with integrity, which means that it is complete and supervised? Does this mean that it is impossible to steal? Not by a long shot. It takes a bit more planning than pilfering from the deposit, but it is something that most would-be embezzlers can master.

Success at this kind of theft requires an embezzler to perform what shouldn’t be possible; he or she needs to teach practice management software to lie. This lying normally involves lowering a patient’s receivable balance in a way that does not simultaneously increase the amount that the software believes should be deposited.

There are many options for doing this. They range from the abuse of functions deliberately built into the software for other (legitimate) purposes to more creative avenues such as exploiting security weaknesses in the software.

It’s tempting to assume that practice management software, which is normally built at considerable expense by some pretty smart people, should be hard to outsmart, but we see it happen over and over.

For security reasons, we are not going to outline specific techniques used. If you are a dentist and interested in learning more, feel free to attend one of our doctors-only live presentations or to contact us directly at

How to Protect Yourself

Here are some steps that practice owners can take to help ensure the integrity of the information in their practice management software:

  1. Print the reports you rely on yourself. Allowing a staff member to generate reports for you creates the potential for selective reporting, where you are seeing less than the full picture
  2. Protect your password. One of the best ways to defeat the security measures built into practice management software is to obtain the practice’s owner’s login information. Your password should never be shared with any staff member, and you need to be obsessive about changing your password regularly (changing it quarterly is the maximum interval that should be permitted). Frequent changes will minimize the damage done from compromise.
  3. While it is important to look at day-end reports, looking at monthly ones is vital. If your review is limited to the days when the office is open and no monthly verification is done, you open the door to extra activity performed on days when the practice is closed.
  4. On a monthly basis, the following need to be reconciled by you or an outside party such as an external bookkeeper to your practice management software:
    1. The bank account
    2. The merchant account (this is the facility used when patients pay by credit card)
    3. Any third-party financing or payment management company you use (e.g., Care Credit, Lending Club, or Orthobanc).
  5. You need to be aware of “timing differences” where the date when something is recorded by your practice management software is earlier or later than when the money reaches your bank account. Credit card payments are an example of timing differences because of the 1-3 day “processing lag” before money reaches your bank account. You need to keep track of these amounts and ensure that they reconcile properly.

The bottom line –nothing will prevent embezzlement. But you can detect it quickly if you approach it the right way.

Embezzlement In Orthodontic Practices – Making Sense of the Mess

Wendy Askins, CFE, MBA

The orthodontic community does not have immunity from embezzlement. Instead, open systems and high levels of delegation create the perfect environment for a would-be embezzler to rob a practice broke.

There are thousands of ways to manipulate transactions for personal gain, and Prosperident continues to uncover new varieties of sophisticated methodologies every month.  Still, there are a few consistencies between confirmed embezzlement cases despite the method or amount stolen; it’s the behavior of thieves.

Embezzlement warning signs:

  •  Alone time
  • Refusal to take a vacation/sick time
  • Territoriality
  • Refusal to cross-train
  • Resistant to outside advisors
  • Conspicuous displays of honesty

The behavior of an embezzler can closely mimic the behavior of a dedicated employee in that they want to control all financial aspects of the practice to “relieve you of the burden.”  You’ll often find that they are deeply embedded in every procedure and with every patient.  That’s why their actions are so financially and emotionally devastating. 

Often the difference can be discerned through the willingness of the employee to be transparent and validation of the offered explanation.  For example, upon transaction inquiry, a dedicated employee, who is proud of their work, will relish the opportunity to prove how hard they are working for you, will be able to provide a prompt and very detailed explanation, with supporting documentation. Personal verification of the dedicated employee’s statements is quick and easy.

The embezzler’s manipulation strategy is to make you question your sanity so that they can gain control over you. An embezzler will often delay having to answer questions by utilizing gaslighting statements, such as “why are you wasting your time, let me take care of it” or “you just don’t understand how it works.”  The conversation will leave you feeling as if you are crazy for even asking the question.  Their explanations will be illogical, and most importantly, the transaction cannot be verified.

Prosperident has developed the Embezzlement Risk Assessment Questionnaire, which can help to expose behaviors linked to possible nefarious actions.  The Questionnaire is available for a nominal fee at our web store HERE.

If Embezzlement is Happening in my Practice, My Accountant Would Find it, Right?

Probably not.  Picture someone planning on starting a new business saying this to their (less than tactful) accountant:
“George, I have fantastic news.  I’m about to start a new business.  And I’m so excited because I’m planning to have one piece of software keep track of revenue, and a totally different software account for my expenses.  And here is the best part … these two pieces of software won’t ever communicate with each other!”
The accountant’s response would probably be along the lines that this was a monumentally bad idea and would never work.
We can chuckle a bit at this exchange, and yet we just described every dental practice. 

The disconnect between practice management software and the accounting process is one of the major reasons that accountants find less than 10% of the embezzlement that takes place in dental practices.  However, many practitioners still believe that their accountant is a cornerstone of their protection against embezzlement.

The majority of embezzlement in dental practices is actually uncovered by the behavior of the staff member who is stealing. Our Embezzlement Risk Assessment Questionnaire is a low-cost way to evaluate the behavior of your employees. To get yours, click HERE.