A former Winnipeg sales employee for a building products supplier has been charged after allegedly embezzling nearly 4.2 million dollars through a long-running rebate fraud scheme tied to a customer incentive program.

Police allege that between 2016 and 2024, the accused created four fictitious home-building companies with fake employees, used forged checks, and submitted about 5,500 fraudulent rebate applications. He continued this behavior even after his employment ended in 2023, before ultimately turning himself in and being charged with fraud in excess of 5,000 dollars, forgery, and use of a forged document.

Source: https://www.hcamag.com/ca/specialization/employment-law/former-salesman-charged-with-42-million-embezzlement-through-rebate-fraud-scheme/553422

Commentary

According to the source, the supplier uncovered the fraud after the employee had already been terminated for unrelated reasons in June 2023, when internal review revealed fictitious customer accounts and rebate claims within the incentive program.

The company reported the suspicious activity to Winnipeg police in October 2024, prompting the Financial Crimes Unit to open an investigation, link the former salesman to about 5,500 fraudulent rebate applications filed between 2016 and 2024.

Conducting targeted audits when employees take extended vacations or leave employment is a critical loss prevention control that can uncover ongoing fraud, deter would-be offenders, and strengthen internal accountability.

Many occupational fraud schemes rely on continuous, uninterrupted access to systems or processes, so removing the perpetrator from day-to-day activity, even temporarily, often exposes inconsistencies, irregular transactions, or workarounds that would otherwise remain hidden.

From a crime prevention standpoint, announcing and consistently applying a practice of transactional and access audits whenever an employee goes on vacation or departs the organization creates a powerful perceived risk of detection.

Employees who might otherwise test control gaps know that any future absence could trigger a review of their work, including rebate processing, refunds, adjustments, vendor and customer account changes, and unusual journal entries. This perceived certainty of scrutiny is often more effective at deterring internal fraud than severe, but unlikely, sanctions.

The audit process tied to vacations or separations should include reviewing high-risk transactions authorized or initiated by the employee, analyzing patterns over time, and verifying the existence and legitimacy of counterparties such as vendors, customers, or rebate recipients.

Access rights and system logs should be examined to identify use of shared credentials, unusual after-hours activity, overrides of controls, or creation of fictitious accounts that could facilitate embezzlement, kickbacks, or rebate fraud. Where possible, independent confirmation should be obtained from third parties to validate balances, payments, and addresses.

This control is especially important where one individual has substantial autonomy over a revenue stream, discounting, rebates, refunds, purchasing, or inventory, or where duties are not fully segregated.

In such environments, fraudsters often build schemes around routine processes and rely on trust, a lack of secondary review, and a reluctance to challenge long-tenured or "high performing" employees. Making it standard practice to audit around vacations and departures reframes review as a neutral, organization-wide safeguard rather than a sign of suspicion about a particular person.

To be credible and effective, the organization should document this practice in policy, communicate it to employees, and ensure that audits are actually performed rather than merely threatened. Results should be logged, with any exceptions investigated promptly and objectively. Use the lessons learned to tighten controls, improve segregation of duties, and refine monitoring reports.

The final takeaway is that the expectation of post-absence review can significantly reduce internal theft and support a culture of transparency.