The Day I Caught My Own Cashier

I remember the exact moment I knew something was wrong. It was a Thursday evening in 2019, and I was going through the day’s sales records at one of our retail outlets in Lagos. The numbers looked fine on paper. Actually, they looked a little too fine. Every transaction was perfectly rounded. No kobo balances, no odd figures. Just clean, whole numbers. And if you have ever sold anything in Nigeria, you know that is not how reality works. Reality is messy. Reality has N3,475 and N11,250 and change that nobody wants to carry. But this ledger? This ledger was fiction.

I stayed back that night and told the team I had a meeting. Then I sat in the back office and tried to make sense of the accounting. What I discovered made my stomach turn. My cashier, a young man I had trained, personally vouched for, and even given a salary advance just two months earlier had developed a system. He would ring up items at a lower price, pocket the difference, and at the end of the day, adjust the books. He had been doing it for at least three months. The total? Over N800,000. That is not petty theft. That is a second salary.

Although, I felt really betrayed, I did not shout. I did not fight. I sat with the pain for about two days before I acted. Because the truth is, it was not just about the money. It was the betrayal. You bring someone in, you trust them, you build something together and they are quietly bleeding you dry. That experience changed how I think about business security forever. It is what led me to what I now call the No-Trust Architecture. And no, it is not about being heartless. It is about being smart.

As the Yoruba elders say, “Ẹni máa jẹ oyin inú àpáta, kì í wo ẹnu àáke” -the person who wants to eat honey embedded in a mountain will not be bothered about the effect on the axe. If you want to protect your business, you cannot be afraid to look closely at the people running it.

This post is going to be long. It is going to be detailed. It is going to make some of you uncomfortable, because you will recognise your own businesses in this post. But I would rather you be uncomfortable now than bankrupt later. Let us get into it.

Why Nigerian Businesses Are Bleeding Money Silently

According to SMEDAN, over 80% of small and medium enterprises in Nigeria fail within their first five years. We like to blame the economy, the government, the exchange rate, NEPA sorry, PHCN or whatever they are calling themselves this week. But the truth that nobody wants to say out loud is this: a significant percentage of these businesses die because the owner’s own staff killed them from the inside.

Employee theft in Nigeria is not an occasional problem. It is an epidemic. It is so normalized that some business owners have simply built it into their cost structure. I have heard people say, ‘just add 15% to your pricing to cover what staff will steal.’ Budgeting for robbery is not a business strategy. That is Stockholm syndrome.

The EFCC deals with the big fraud cases, the million-naira corporate theft, the politicians, the Yahoo boys driving Benz. But who is dealing with the cashier that takes N5,000 a day? Who is tracking the warehouse manager that ‘damages’ three cartons of stock every week? Who is watching the procurement officer that inflates every invoice by 20% and splits the difference with the supplier? Nobody. Because we have accepted it as the cost of doing business in Nigeria.

Here is what makes it worse, most business owners do not even know they are being stolen from. They see declining profits and blame the market. They see shrinking inventory and blame the supplier. They see rising costs and blame inflation. Meanwhile, the thief is sitting right there in the office, greeting them ‘Good morning, Oga’ every day with a smile that costs them millions. Here is what makes it worse, most business owners do not even know they are being stolen from. The people stealing from you will not look like thieves. They will look like your most loyal employees.

The Seven Faces of Employee Theft

Before we talk about solutions, we need to understand the problem. Employee theft in Nigerian businesses is not one thing, it is at least seven different things, and each one requires a different approach. Let me break them down.

1. The Classic Cash Theft – This is the most straightforward form. The cashier takes money directly from the register, the sales person underreports daily takings, or the accountant siphons funds through fake expenses. In a country where cash is still king, despite everything the Central Bank has tried to do with the cashless policy. I have seen cashiers develop systems so sophisticated that they could teach a masterclass on creative accounting. One woman I heard about would ring up every tenth transaction without recording it. Just skip it entirely. At the end of the day, she would reconcile by adjusting quantities on other transactions. Genius, honestly. Evil, but genius.

2. Inventory Theft (The Warehouse Ghost) – This is where products simply disappear. They walk out of the warehouse in staff bags, in delivery trucks making unauthorised stops, or they get ‘damaged’ with alarming frequency. A friend of mine who runs a provisions store in Surulere told me he was losing an average of N150,000 worth of stock every month to ‘breakage and spoilage.’ When he installed cameras, the breakage mysteriously dropped to almost zero.

3. Time Theft (The Invisible Drain) – This one does not show up on any ledger, but it costs you just as much. Staff who clock in and then disappear for hours. Drivers who take personal detours on company fuel. Employees who run their own side businesses using your internet, your electricity, your office space, and your time. I once discovered that one of my team members was running a full online store using our company laptop, during working hours, from our office. When I confronted him, he looked genuinely confused. ‘But Oga, it is just a side hustle.’ A side hustle that was costing me about 25 hours of productive work per week.

4. Procurement Fraud – This is the big one. Your procurement officer collects three quotes as required, but all three suppliers are either his friends or companies he has a stake i n. The prices are inflated, the kickback is split, and you pay 30-50% more for everything from office supplies to raw materials. Trusted employee, unchecked authority, and zero oversight is a recipe for procurement fraud.

5. Data and Intellectual Property Theft. Your sales manager who just resigned and took your entire customer database with him. Your developer who got a better offer and copied your source code. Your marketing coordinator who has been sending your campaign strategies to a competitor for months or exporting your email lists. In the digital age, your data is your business, and most Nigerian SMEs have absolutely zero protection against digital theft. No NDAs, no access controls, no audit trails. Nothing.

6. Vendor Collusion – This is when your employee and an external vendor work together to defraud you. The delivery driver confirms receipt of 100 units when only 80 were delivered. The accounts payable clerk processes duplicate invoices from a friendly supplier. The maintenance officer approves work that was never done. These schemes can go on for years because they require you to audit not just your internal records, but also cross-reference them with external parties.

7. Expense Fraud – Fuel receipts for trips never taken. Hotel bills for conferences that do not exist. Meal allowances claimed on days the employee was not even in the office. Receipts in Nigeria are easy to fabricate as any roadside business centre with a printer can produce official-looking receipts for any amount. I have seen employees submit fuel receipts that, if real, would mean they were driving from Lagos to Abuja and back every single day.

There are so many ways to get burned as an entrepreneur which unfortunately also means that there is no one fool-proof method to prevent theft across different businesses. However, that doesn’t mean you are completely helpless.

Before I get into building a system, I would like to touch on two main issues that I think business owners must be aware of, the role of CCTVs and the need to unbundle financial authority within the business.

CCTV Is Not Enough – The Camera Illusion

The first thing every Nigerian business owner does after getting burned is install CCTV cameras. I know because that was my first reaction too. And listen, CCTV is important. I am not saying do not get cameras. Get cameras. Put them everywhere. But understand what cameras actually do and what they do not do.

Cameras are reactive, not proactive. They record theft, they do not prevent it. A camera will show you what happened after the money is already gone. And here is the dirty truth about CCTV in Nigerian businesses: half the time, nobody is watching the footage. The DVR is recording somewhere in a dusty corner, overwriting itself every 72 hours, and the only time anyone looks at it is when something big goes missing. By then, the evidence might already be gone.

I have seen businesses spend N2 million on a CCTV system and then not bother to review the footage for months. That is not security. That is decoration. It is like buying a fire extinguisher and leaving it in the packaging. The tool only works if you use it.

Also, a camera is only useful in certain contexts. A CCTV cannot catch digital fraud, procurement kickbacks, time theft, intellectual property theft, and most forms of collusion. The camera cannot see what is happening in your accounting software. It cannot read the WhatsApp messages between your procurement officer and his favourite vendor. It cannot detect that your payroll has three ghost employees.

So yes, install cameras. But if cameras are your only line of defense, you are building a house with one wall. You need a complete system, not just one tool.

Separation of Duties

This is the foundation of the No-Trust Architecture, and it comes straight from accounting best practices that have existed for centuries. The principle is simple: no single person should have complete control over any financial process from start to finish. The person who approves a purchase should not be the person who makes the payment. The person who receives inventory should not be the person who records it. The person who processes payroll should not be the person who authorises it.

In practice, this means restructuring your operations so that every critical business process involves at least two independent sets of eyes. Let me give some examples.

For cash management: one person handles the register, a different person reconciles the daily takings, and a third person makes the bank deposit. No single person touches the money at every stage. For procurement: one person identifies what needs to be purchased, a different person sources the quotes, and a third person approves the final vendor selection. For inventory: one person receives the goods and signs the delivery note, a different person counts and verifies the received goods, and a third person updates the inventory system.

‘But Oga Israel, I am a small business. I do not have all these people.’ I hear you. And that is a valid concern. But separation of duties does not always require more staff. Sometimes it means you as the business owner becomes one of the checkpoints. You personally verify the bank deposits. You personally spot-check the inventory. You personally review the procurement quotes before approval. Yes, it is more work but it is less work than rebuilding after someone steals your entire profit margin.

The moment one person controls the entire chain, you have created the perfect conditions for theft. It is not a matter of if, it is a matter of when. As my grandmother used to say, “Eni ti a ran si oja, o le ma ra t’ara e?” meaning, can the person sent to the market not buy something for themselves? The answer is, of course they can. Your job is to make sure you know when they do.

The No-Trust Architecture: A 15-Point Protection Framework

After years of building, getting burned, and rebuilding, I have developed what I call the No-Trust Architecture. This is not about being paranoid or treating your staff like criminals or putting in place bureaucracy that makes it difficult to run the business effectively.

It is about building systems where theft is structurally difficult, not just morally discouraged. Here are fifteen principles that I follow religiously:

1. Separate every financial process into at least two roles – No single person should initiate, approve, and execute any transaction. Ever.
2. Install POS systems that log every transaction with timestamps – Cash registers that produce paper trails are your best friend. Go digital wherever possible.
3. Conduct surprise audits at least once a month – Not scheduled audits, surprise audits. The moment staff know the schedule, they clean up before inspection day.
4. Rotate staff across positions every six months – A cashier who knows she will be moved to inventory next quarter cannot build a long-term theft system. Rotation also reveals discrepancies the previous person was hiding.
5. Use numbered receipts and invoices – Every missing number is a red flag. If receipt number 4,571 is followed by 4,573, find out what happened to 4,572.
6. Reconcile bank statements daily, not monthly – By the time you catch a monthly discrepancy, the trail is cold and the money is gone.
7. Require dual signatures for all payments above a threshold – Set a limit, say N100,000 above which no payment can go out without two authorised signatures.
8. Install CCTV and actually review the footage weekly – Cameras you never check are just expensive decorations. Always review your footage. It’s boring but necessary work.
9. Implement a whistleblower system with real protection – Anonymous reporting channels where staff can report theft without fear of retaliation. Reward verified reports.
10. Lock down your accounting software with role-based access – Your cashier should not be able to edit historical records. Your inventory clerk should not see the financial reports. Use permissions aggressively.
11. Verify every vendor independently – Do not take your procurement officer’s word for it. Call the vendor yourself occasionally. Visit their premises. Confirm prices directly.
12. Conduct exit interviews and access revocation immediately – When someone leaves, voluntarily or not, cut their system access the same day. Not tomorrow. Today.
13. Track inventory with barcode or RFID systems – Manual inventory counting is an invitation to fraud. Technology makes discrepancies visible instantly.
14. Cross-reference POS data with CCTV footage regularly – The camera should show a customer at the register every time the POS shows a transaction. Mismatches may signal something fishy is going on.
15. Build a culture where accountability is normal, not punitive – The goal is not to catch thieves. The goal is to make theft so difficult and so detectable that nobody even tries.

When You Catch a Thief: What to Do Next

This is where most Nigerian business owners fumble. You have caught someone stealing. Now what?

The instinct is either to rage and fire them immediately, or to confront them quietly and let them go without consequences. Both approaches are wrong.

If you fire without documentation, you have no legal protection if they sue for wrongful termination. Yes, they stole from you but without proper documentation, a labour court might still rule in their favour. Nigeria labour laws protect employees, even dishonest ones if due process is not followed.

Also, if you let them go quietly, you send a message to every other employee that stealing has no consequences. You are essentially putting up a sign that says ‘Steal Here -Worst Case, You Get Asked to Leave.’ That is not deterrence. Here is what you should do instead.

First, document everything. Gather CCTV footage, transaction records, audit reports, witness statements – everything. Second, conduct a formal disciplinary hearing with the employee present. Let them respond to the allegations. Third, if the evidence is clear, terminate with cause and document the termination properly. Fourth, file a police report. Yes, even if the amount seems small. The police report creates a formal record and sends a message. Fifth, inform your insurance company if you have fidelity insurance. Many businesses do not even know this coverage exists.

And here is the part nobody talks about: after you catch one thief, audit everything again. Because where there is one, there are usually more. Thieves in Nigerian businesses rarely operate alone. They build networks. The cashier collaborates with the warehouse person. The accountant covers for the procurement officer. When you pull one thread, be prepared for the whole fabric to unravel.

Building a Culture of Integrity

I want to end with something that might sound contradictory after everything I have said about not trusting people. But hear me out. The No-Trust Architecture is not about distrust. It is about removing temptation. It is about building systems where honest people can stay honest and dishonest people cannot succeed.

The best businesses I have seen in Nigeria are the ones that combine strong systems with strong culture. They pay fairly because an underpaid employee is a tempted employee. They promote transparently because a bitter employee with no prospects will rationalise theft as compensation. They lead by example because an owner who cheats on taxes and cuts corners has no moral authority to demand honesty from staff.

“The system you build will determine the behaviour you get. Design for angels, and devils will exploit you. Design for devils, and angels will still thrive.“

Invest in your people. Train them. Pay them well. Give them a stake in the success of the business through profit-sharing or bonuses tied to verified performance. But also build the systems that protect both them and you. The fence is not there because you do not trust the neighbour. The fence is there because good fences make good neighbours.

As the African adage goes, When the fire has finished burning, the owner of the forest will know how many trees were lost. Do not wait for the fire. Build your firebreaks now.

Build your No-Trust Architecture. Protect your business.