Details in this case study have been anonymized to protect client confidentiality. The items flagged, the amounts, and the recovery outcome are accurate.
The Receipt Nobody Was Going to Read
The kitchen remodeling company had a straightforward workflow for materials purchasing. When a job needed supplies, the foreman authorized an employee to take the company card, go to the store, and get what was needed. The employee would return with the materials and submit the receipt. The transaction would be recorded. The amount would be reconciled against the job budget. If the total was within the expected range for the job, the receipt went into the file and no one looked at it again.
It was a reasonable system. It was the kind of system that most small contractors run. It worked well enough that no one had any particular reason to change it.
The problem was that "within the expected range" and "only job-related items" are not the same question. The company's workflow was designed to answer the first one. It was never designed to ask the second.
The Run to Lowe's
The foreman sent an employee to Lowe's with the company card and a clear list: more tile for the current job, plus the counters and cabinets that needed to be ordered. It was a large purchase — the kind that would look entirely normal in the context of a kitchen remodel in progress. The employee went to the store, completed the order, and submitted the receipt.
The transaction amount fell within the expected range for the job. Under the company's normal workflow, that was the end of the review.
SpendGuard looked at the receipt anyway.
SpendGuard reviews every receipt at the line-item level — not to make policy judgments about what employees should or shouldn't be allowed to purchase, but to flag items that are categorically inconsistent with the stated purpose of the transaction. On this receipt, three items stood out against the tile, counters, and cabinet orders:
- A brand-name vacuum cleaner: $500
- A multipack of toilet paper
- A Monster energy drink
The Finteligence team noted the items in the client report. The framing was straightforward: these items appeared on a receipt submitted as a job materials purchase and are categorically inconsistent with kitchen remodeling supplies. We're not in a position to determine whether they were authorized — that's a business decision — but we're flagging them so the client can make that determination.
The Investigation
The CEO reviewed the flag and pulled the employee in for a conversation. The employee confirmed what the receipt already showed: the vacuum, the toilet paper, and the energy drink were personal purchases, added to the company card transaction during the supply run.
The vacuum was still in the box, unopened. The CEO recovered it, returned it to the store, and received a full refund. The toilet paper and the energy drink were gone, but the vacuum — the item that represented the meaningful dollar amount — was recoverable precisely because it was caught quickly.
The total unauthorized spend on that transaction was approximately $530. Not a number that would have triggered any threshold-based alert. Not a number that would have shown up as an anomaly in any aggregate financial report. Just a receipt that fell within the expected range for a kitchen remodel job, filed and forgotten — until SpendGuard read it.
What This Case Is Really About
The embezzlement cases — the construction foreman with the split checks, the $68,000 over four years — are the stories that get attention. They involve deliberate schemes, meaningful dollar amounts, and a satisfying arc of detection and accountability. They are the cases that make CFOs and CPAs sit up straight.
The kitchen remodel case is different. The employee probably didn't think of it as theft. He was running an errand for the company, he had the card in his hand, and he added a few personal items to the transaction. The vacuum was a significant purchase, but it was buried in a receipt that was otherwise entirely legitimate. The total fell within range. Nobody was going to read that receipt.
That's the point.
The cases that get caught through traditional reporting are the ones that are large enough, or systematic enough, or poorly enough concealed to surface in an aggregate review. The cases that don't get caught are the ones that fall below every threshold — the ones that are too small to flag, too well-disguised to stand out, or simply buried in a receipt that nobody was going to read.
SpendGuard reads every receipt. Not because every receipt contains a problem — the vast majority don't. But because the only way to catch what's on a receipt is to look at what's on the receipt. And the only way to do that at scale, across every transaction, every job, every employee, every week, is to build it into the continuous monitoring layer rather than leaving it to a periodic review that was never designed to ask that question.
The Broader Pattern
Receipt-level anomalies are more common than most business owners expect. Not always fraud. Sometimes it's an honest mistake — a personal card left at home, a transaction that was meant to be split and wasn't. Sometimes it's a gray area that the business owner wants to know about regardless of intent. Sometimes it's deliberate.
In every case, the value of catching it early is the same: the vacuum was still in the box. The merchandise was recoverable. The conversation happened before the pattern had a chance to repeat.
By the time a periodic report would have surfaced this — if it ever did — the vacuum would have been in someone's living room for a month. The receipt would have been filed. The employee would have learned that the system wasn't looking.
Finteligence was looking. That's the difference.
Melissa Lewis is the founder and CEO of Sentinel Intelligence Corp., the company behind Finteligence — a continuous financial intelligence platform delivered exclusively through advisory partnerships with CPA and CFO firms. If you are a CPA or fractional CFO interested in offering Finteligence to your clients, visit the advisory partner page.