Theft of Money and/or Goods by an Employee

The Crown alleged that on 45 occasions over a 6-week period the Defendant made unauthorised use of a Manager's password to cancel transactions after the customers had left the shop. This gave the appearance that the goods had not actually been sold and enabled her to pocket the cash that had been paid.

The crucial questions in the case were:

• Could the Crown prove that the goods had left the shop?
• Could the Crown prove that the money was missing?
• Could the Crown prove that the Defendant did the relevant transactions?

My Expert Report, and the evidence that I gave in court, accepted that the goods had left the shop and that the money was missing but it presented an alternative scenario in respect of who did the relevant transactions.

Based on a detailed analysis of the Electronic Point of Sale (EPoS) transaction log and other supporting documentation I was able to challenge the Crown's argument that the Defendant was in the shop at the relevant times; but I was also able to go much further.

Following a period of observation in another of the retailer's shops I was able to demonstrate to the Court just how easy it would have been for someone to have compromised the Defendant's password. My detailed analysis had already shown that the Deputy Manager's password had been compromised because it was used when the retailer could prove that he was not in the shop. Armed with the Defendant's ID and Password and the Deputy Manager's ID and Password any member of staff or management could have completed and authorised the fraudulent transactions.

My Report also highlighted previously undiscovered irregularities in the end-of-day procedures that were undertaken by the Manager, Deputy Manger or Supervisor who could easily have removed any excess cash during the final cashing-up.

The jury found the Defendant not guilty.