What is Employee Dishonesty? Understanding Insider Threats in Your Business
15 May 2026 | 7 min read
Your Own People Represent Your Biggest Uninsured Risk
Cash theft, payroll fraud, vendor kickbacks, data theft — employee dishonesty losses in Indian businesses routinely run into crores, often undiscovered for years.
India loses an estimated ₹60,000 crore annually to corporate fraud, according to industry surveys — and most of that money doesn't walk out through a hacked firewall. It walks out through the front door, carried by someone on the payroll. KPMG's India Fraud Survey found that 73% of organisations experienced some form of fraud in the past two years, with current or former employees identified as the primary perpetrators in a significant proportion of cases.
The threat is not limited to large corporations. Small and mid-sized businesses in retail, manufacturing, IT services and hospitality are equally vulnerable — often more so, because they typically lack the audit infrastructure to detect fraud early. This guide explains what employee dishonesty is in insurance terms, which types of insider fraud are most prevalent in India, and how a purpose-built fidelity insurance policy protects your balance sheet when trust breaks down.
What is employee dishonesty in insurance terms?
Employee dishonesty insurance — also called fidelity insurance or crime insurance — covers the direct financial losses a business suffers when an employee steals, defrauds, embezzles or otherwise acts dishonestly to the company's financial detriment. It is distinct from cyber insurance (which covers external attacks) and from errors and omissions (which covers accidental mistakes). Employee dishonesty is intentional, internal and often invisible until the damage is already significant.
In India, IRDAI-approved insurers offer fidelity and crime covers under the broader commercial lines category. The policy can be written as a named-perils policy (covering only specific listed acts) or as a broader crime policy that wraps multiple dishonesty risks into one schedule. For most Indian SMEs and mid-market businesses, a bundled crime policy is the cleaner solution.
The median time to detect employee fraud in India is 14 months — well over a year of ongoing loss before discovery.ACFE's Global Fraud Report 2024 found that organisations without anti-fraud controls suffer losses twice as large as those that have them, and take significantly longer to detect fraud.
The 6 most common types of employee fraud in India
Understanding how insider threats manifest is the first step to both prevention and insurance structuring. The six types below account for the overwhelming majority of employee dishonesty claims filed by Indian businesses.
Cash theft and skimming — the most frequent category — is highly prevalent in retail, hospitality and distribution, where physical cash changes hands many times a day. Payroll fraud (ghost employees, inflated expense claims) is common in organisations with weak HR controls. Inventory theft regularly costs Indian manufacturers and e-commerce warehouses 1–2% of annual revenue in shrinkage. Vendor and accounts-payable fraud — fake invoices, procurement kickbacks — tends to produce the largest single-incident losses. Data and intellectual property theft is rising sharply in IT services, pharma and BFSI. Financial statement fraud, while less frequent, produces catastrophic losses — the Satyam scandal, the PNB-Nirav Modi fraud and the Yes Bank promoter case are all examples of insider dishonesty at scale.
Which sectors face the highest exposure in India?
No business is immune, but the frequency and severity of employee fraud incidents vary significantly by sector. Banking and NBFC organisations top the exposure table, driven by access to large pools of cash and financial instruments. Retail and e-commerce follow closely, due to high staff turnover, physical inventory and cash-handling at scale.
Manufacturing businesses face significant risk from raw material theft and procurement collusion — issues that are particularly acute in auto ancillary, chemicals and consumer goods supply chains. IT and BPO companies deal with a different kind of exposure: employees with privileged access to client data, source code and financial systems. Healthcare sees billing fraud and pharmaceutical inventory theft. Real estate and infrastructure companies are exposed to contractor collusion and fictitious subcontractor billing.
Warning signs of an insider threat
Employee dishonesty rarely announces itself. The following red flags, taken together, should prompt a closer look — and in serious cases, a forensic audit:
Lifestyle inconsistent with salary. A ₹40,000/month accounts assistant buying a new car or renovating their home is a classic early warning sign seen in countless Indian fraud cases.
Refusal to take leave. An employee who never takes annual leave — especially one in a financial role — may be preventing a colleague from accessing their work and discovering discrepancies.
Excessive attachment to vendor relationships. Procurement staff who insist on managing specific vendors exclusively, resist price benchmarking, or receive unexplained gifts from suppliers.
Unusual journal entries near period-end. Round-number adjustments, frequent reversals or entries made after business hours are classic signs of financial statement manipulation.
Resistance to audit or process change. Employees who become unusually agitated when internal audit comes calling, or who lobby strongly against system upgrades that would increase transaction visibility.
Authorisation bypassing. Transactions split below approval thresholds, dual-control procedures consistently skipped, or digital access credentials shared with others.
The regulatory framework: what Indian law requires
Employee dishonesty insurance in India sits at the intersection of corporate governance law, IRDAI regulation and criminal liability provisions. Understanding the framework helps businesses structure both their controls and their insurance appropriately.
The Companies Act 2013 (Section 134) requires that the board of directors include a statement confirming the adequacy of internal financial controls in the annual report. A significant undisclosed fraud discovered later can expose directors to personal liability. The Prevention of Money Laundering Act (PMLA) requires designated entities to maintain KYC records and flag suspicious transactions — an obligation that dovetails directly with the detection of payroll and vendor fraud. The RBI's Master Direction on Frauds requires banks and NBFCs to report fraud incidents above specified thresholds (currently ₹1 lakh for individual accounts, higher for institutional) to the RBI within prescribed timelines. The Prevention of Corruption Act 1988 applies to fraud involving public servants and public sector undertakings — particularly relevant for companies with PSU clients or government contracts. IRDAI licenses and regulates the fidelity and crime insurance products that cover these losses, and has progressively expanded the basket of permissible covers as the Indian commercial insurance market matures.
Your Employees Are Your Greatest Asset — and Your Biggest Uninsured Risk
TropoGo structures employee dishonesty and crime insurance for Indian businesses of all sizes — from retail chains and IT companies to manufacturing groups and NBFCs. Get a tailored quote in minutes.
Why employee dishonesty insurance is essential, not optional
Internal controls reduce the probability of fraud, but they cannot eliminate it. An employee with sufficient tenure, access and motivation will eventually find a gap — particularly in fast-growing companies where processes lag behind headcount. The five covers in a comprehensive crime policy address the losses that controls fail to prevent:
Direct employee theft cover reimburses the loss of money, securities or property stolen directly by a named or unnamed employee — the core of any fidelity policy.
Forgery and alteration cover addresses cheque fraud, forged payment instructions and manipulated financial records — common in businesses that still rely heavily on manual payment processes.
Computer fraud cover picks up losses arising from fraudulent digital transfers, system misuse or unauthorised data exfiltration by internal users — an increasingly critical add-on in India's digital-first business environment.
Funds transfer fraud cover addresses unauthorised NEFT, RTGS and IMPS transfers initiated by a dishonest employee, including Business Email Compromise scenarios where an employee is both the perpetrator and the point of entry.
Investigation costs cover reimburses the forensic audit fees, legal costs and third-party investigation expenses incurred after a fraud is discovered — costs that frequently run to ₹10–30 lakh on their own in a mid-market case.
Beyond financial restitution, the policy creates a structured incident-response process. Insurers typically require prompt notification and a forensic report — both of which discipline organisations to investigate properly rather than quietly burying the loss to avoid reputational damage.
What's next: digital businesses face new insider risks
India's rapid digitalisation is creating a new generation of insider threat vectors. As more transactions move to UPI, NEFT and corporate banking portals, the opportunity for authorised users to initiate fraudulent transfers — in small, hard-to-detect increments — is expanding. India's IT services sector, which employs millions with privileged access to client systems, faces growing data-theft exposure as cloud workloads multiply. IRDAI is progressively updating fidelity and crime product guidelines to accommodate these evolving risks, and specialty crime policies now routinely include cyber-fraud extensions for internal actors.
For businesses growing rapidly — adding employees, entering new cities, acquiring companies — the internal control environment frequently lags the pace of expansion. This is when employee dishonesty exposure peaks, and when a comprehensive fidelity policy provides the most critical protection. TropoGo's specialist commercial lines desk structures cover that scales with your business.
Is employee dishonesty insurance mandatory in India?
It is not universally mandatory, but certain regulated sectors effectively require it. Banks and NBFCs under RBI oversight are expected to maintain adequate controls against fraud, and many audit committees formally require fidelity cover as part of the risk management framework. For companies listed on BSE or NSE, the Companies Act 2013's internal financial controls requirements create strong governance pressure to maintain this cover. For all other businesses, it is strongly recommended rather than legally mandated.
Does the policy cover fraud by managers and directors, not just junior staff?
Yes. A properly structured crime policy covers dishonest acts by employees at all levels — including directors, managers and senior executives who have authority over financial processes. This is critical because financial statement fraud and large-scale embezzlement typically involve senior insiders with the access and authority to cover their tracks. The policy can be written to include or exclude controlling shareholders and promoters, depending on the structure of the business.
What is the difference between fidelity insurance and crime insurance?
Fidelity insurance in India traditionally covers only employee dishonesty — the core theft or fraud act. Crime insurance is a broader term that bundles fidelity cover with additional perils such as computer fraud, funds transfer fraud, forgery, and sometimes premises-related losses like robbery. Most modern commercial crime policies in India offer the bundled structure. TropoGo's team can advise on which approach is appropriate for your business size and sector.
How does the insurer investigate an employee theft claim?
The insurer will appoint a claims assessor or forensic accountant to verify the loss. You will typically need to provide financial records, access logs, internal audit reports and any police complaint or FIR filed. The investigation process usually takes 30–90 days depending on complexity. TropoGo supports policyholders through the claims process, helping assemble documentation and liaising with the insurer's loss adjuster to expedite settlement.
Can I claim for losses discovered after the employee has left?
Yes, subject to policy conditions. Most crime policies cover losses that occurred during the policy period even if discovered after the responsible employee has resigned, been terminated or retired — provided the loss is discovered within the discovery period specified in the policy (typically 12 months post-expiry). This is important because employee fraud is often discovered months or years after the employee has moved on. Always check the discovery period clause carefully when purchasing cover.
How do I get employee dishonesty insurance for my business from TropoGo?
Visit tropogo.com/other-insurance/employee-dishonesty-insurance and provide details about your business — industry, headcount, annual revenue, number of employees with financial system access, and any specific fraud controls already in place. TropoGo's commercial lines team will structure a fidelity or crime policy from IRDAI-approved insurers tailored to your risk profile and sum insured requirements.
If your business employs people with access to cash, financial systems, inventory or sensitive data — and that is nearly every business — you carry employee dishonesty exposure. Most Indian businesses discover this only after a loss has already occurred.
