Can employers be vicariously liable for the criminal acts of employees?

The general rule is that an employer is liable for the dishonesty and fraud of its employee, if that dishonesty or fraud has occurred within the course of the employment: Lloyd v Grace, Smith & Co [1912] UKHL 1; [1912] AC 716.

What is the meaning of “within the course of employment”?

In assessing employer liability difficulty arises in determining whether the employee’s dishonest conduct occurred within the course of employment.

Gleeson CJ in New South Wales v Lepore [2003] HCA 4; (2003) 212 CLR 511 at [40]:

“Not everything that an employee does at work, or during working hours, is sufficiently connected with the duties and responsibilities of the employee to be regarded as within the scope of the employment.  And the fact that wrongdoing occurs away from the workplace, or outside normal working hours, is not conclusive against liability”.

The case of Ffrench v Sestili contains a useful analysis of the tests in the case law where an employee was held to have misappropriated funds “in the course of employment”.

Ffrench v Sestili

In Sestili v Triton Underwriting Insurance Agency Pty Ltd [2007] SASC 241 the primary issue was whether an employer (Sestili) was vicariously liable for the dishonest conduct of an employee (Brown) who withdrew $33,350 from Ms Ffrench’s (Ffrench) bank account that she was not authorised to access.  The secondary issue was whether the employer’s insurance contract provided coverage for the theft of the employee. Ms Ffrench was disabled and engaged Mr Sestili to provide a carer (Brown).  Ms Brown did all manner of personal things for Ms Ffrench including accessing one of her bank accounts in order to go shopping and purchase groceries.  The allegations against Sestili by Ffrench were:

• that she was vicariously liable for the misconduct of Ms Brown;
• that she was negligent in her selection of Ms Brown as Ffrench’s carer; and
• that she had acted in breach of contract.

At first instance, the Magistrate hearing the matter found against Ms Ffrench on all counts, saying notably that Ms Brown was “on a frolic of her own”, when she committed the fraudulent acts.  Ffrench subsequently appealed.

The first appeal was heard by Gray J who held that Ms Sestili was vicariously liable for the full amount misappropriated by her employee.  The central finding being that Ms Brown’s conduct was ‘sufficiently connected with Ms Sestili’s business’ to render her vicariously liable with the loss suffered. Further, it was held that the loss was one of ‘tangible property’ which was within the meaning of the clause in the insurance policy.

 The decision of the Full Court Supreme Court

The judgement by Debelle HJ (which Sulan HJ and Layton HJ concurred) contains a useful distillation of the principles from the case law in relation to the doctrine of vicarious liability.

Debelle HJ cited two propositions from Lepore which were relevant:

1. Firstly “the fact that an employee had intentionally engaged in criminal conduct or other breach of the law may not suffice to deny vicarious liability” at 37; and
2. Secondly “the fact that the conduct in which the employee has engaged was contrary to instructions given by the employer may not be sufficient to deny vicarious liability” at 38.

Defining versus regulating the sphere of employment

In determining whether the conduct complained of was in the course of employment Debelle HJ relied on a number of principles from the majority in New South Wales v Lepore (2003) 212 CLR 511 as well as the various consistent international precedents.

‘It is necessary to distinguish between those prohibitions which limit the sphere of employment and those which merely regulate the employee’s conduct within that sphere:  Plumb v Cobden Flour Mills Co Ltd [1914] AC 62 per Lord Dunedin at 67.

Sphere of employment

• Brown was engaged as Ffrench’s carer to perform all manner of domestic duties for her. The sphere of employment therefore included withdrawing money for the purposes of shopping.

Employees conduct within the sphere

• Any instruction by Ms Sestili not to use Ms Ffrench’s credit card was an “instruction which did not limit the sphere of employment but only as to how her employment as a carer was to be performed.  The instruction, even if given, did not limit the extent of the authority reposed in Ms Brown as a carer”.^[1]

The Close Connection Test

The final element to be satisfied was whether Ms Brown’s fraudulent conduct was sufficiently connected to the conduct authorised by Ms Sestili to make her vicariously liable.  It was noted that the close connection test whilst acknowledged as being the preeminent test, provides “little guidance on the type or degree of connection” that will be normally regarded as sufficiently close to create liability for the employer.

In analysing the degree of connection between the authorised conduct and the fraudulent conduct of the employee, Debelle HJ took into account the following factors in the relationship between the parties:

• that the relationship was one of trust and confidence (note that Debelle HJ stopped short of describing the relationship as a fiduciary one);
•  that as carer, the employee had access to confidential information;
• that the client was in a vulnerable position.

Application of the tests to the fraudulent acts of the employee

The employee was engaged as the carer of a disabled person.  There was a wide discretion in the duties that were to be performed on a day to day basis.  Applying the close connection test (and the factors above) it could be seen that:

• the employee’s conduct in using the card and PIN to misappropriate money for her own purposes were so closely connected to her duties that the misappropriations must be regarded as occurring in the course of her employment; and
• the unauthorised withdrawals were so closely connected to the authorised withdrawals that they were improper modes of discharging the duty to withdraw money for shopping purposes, a task to which she had been entrusted.^[2]

Consistency with precedent

The Debelle HJ cited various examples from the case law which highlight the boundaries of where liability can be drawn for employers.

 R F Brown & Co Ltd  v Harrison (1927) 43 TLR 633

In this case, Stevedores stole cargo which they were specifically employed to handle.  The ship owners were held to be liable to the owners of the cargo because the stevedores were doing that which they were employed to do but were doing it dishonestly.

Leesh River Tea Co Ltd v British India SN Co Ltd [1967] 2 QB 250

Here, the question was whether the ship owners were liable for damage to a cargo of tea.  The ship owners employed a firm of stevedores to discharge and load that tea.  In the course of the loading and unloading, one of the stevedores stole a cover plate of a storm valve.  This allowed sea water to enter the hole through the storm valve.  On the voyage to London, the ship encountered heavy weather and water entered through the storm valve and damaged the tea.  The Court of Appeal held that the ship owners were not liable for the acts of the stevedores as their employees because the theft of the cover plate in Port Sudan was outside the work involved in discharging and loading the cargo of cotton seed and was not in any respect incidental to that work.^[3]

Recommendations for employers

To assist to minimise the potential of liability there are various things that employers can do including:

• implementing a clear statement of authorised and unauthorised conduct (Policy), which should form part of the contract of employment, particularly where employees have access to potential information or property which may put them in a position to commit a fraudulent act.  Employers should also ensure they can prove that the employee received the Policy.
• considering pre-employment criminal reference checks where the relationship between the employee and the employers customers involves a “great deal of trust and confidence”.
• considering implementing appropriate physical safeguards to prevent dishonesty where the possibility exists;
• reviewing or implementing appropriate insurance cover and ensuring that the cover includes the sorts of conduct by employees that may commit;
• ensuring that electronic communications are monitored (note that most states and territories in Australia require that employees be put on notice of electronic surveillance).

As shown above, the performance of these things may be insufficient to deny liability, so employers should be put on notice where employees have access to records or data which may be subject to misuse or loss.  Similarly care should be taken where the relationship between employees and clients of the employer involve a degree of trust and confidence or the extends to being a fiduciary one.

Disclaimer

This article contains general commentary only.  You should not rely on the commentary as legal advice.  Specific legal advice should be obtained to ascertain how the law applies to your particular circumstances.

---

Related insights about employment law for employers