Employee Theft and Misuse of Company Property: Legal Actions for Small Business Owners in the Philippines

Legal Actions for Small Business Owners in the Philippines (Practical Legal Article)

Overview

Employee theft and misuse of company property can range from “small” pilferage (supplies, fuel, petty cash) to serious offenses (inventory diversion, falsified reimbursements, data theft, and resale of stolen items). In the Philippines, a small business owner typically has three tracks of action that can run in parallel (with different goals and standards of proof):

  1. Workplace discipline / termination (labor law) – to stop the loss and lawfully remove the employee.
  2. Criminal action (Revised Penal Code and special laws) – to hold the offender criminally liable.
  3. Civil action (Civil Code / Rules of Court) – to recover property/money and damages.

A strong response is process-driven: secure evidence, follow lawful investigation steps, observe due process in discipline, and choose the right legal theory (theft vs. qualified theft vs. estafa, etc.).

Part I — What Counts as “Employee Theft” and “Misuse”?

A. Common real-world patterns

1) Inventory and asset theft

  • Taking stocks or raw materials out of the premises
  • “Short delivery” schemes with a rider/warehouse staff
  • Substituting genuine items with inferior items
  • Theft of tools, phones, laptops, machinery parts

2) Cash and payment diversion

  • Skimming from sales (especially cash businesses)
  • Pocketing collections (employee receives payment but doesn’t remit)
  • Fake refunds/voids
  • Altered receipts and “under-declared” sales

3) Expense, reimbursement, and procurement fraud

  • Inflated receipts, “ghost” deliveries, kickbacks
  • Fuel card abuse or fake gasoline receipts
  • Supplier collusion

4) Misuse of company property (not always “theft,” but still actionable)

  • Using company vehicle for personal trips or side business
  • Using company equipment for non-company work
  • Unauthorized borrowing of tools/equipment with risk of loss/damage
  • Excessive personal use of company supplies

5) Data, trade secrets, and digital asset misuse

  • Copying customer lists, pricing, and supplier terms
  • Leaking designs/formulas
  • Taking source code or internal files
  • Unauthorized access to systems

Part II — Criminal Liability in the Philippine Context

A. Theft (Revised Penal Code)

Theft generally involves taking personal property belonging to another without consent and with intent to gain, without violence or intimidation.

Examples in business: taking merchandise, tools, cash from a drawer, or company phones.

Key points for owners

  • “Intent to gain” can be inferred from circumstances (e.g., concealment, resale, removal).
  • Even “temporary” taking can be treated seriously if there’s intent to benefit or deprive.

B. Qualified Theft (Revised Penal Code)

Employee theft frequently falls under Qualified Theft, which is typically more serious than ordinary theft because of grave abuse of confidence or similar qualifying circumstances.

Why this matters: In many workplace situations, the employer entrusts property or access to the employee (cashier, warehouse custodian, bookkeeper, driver, purchasing staff). That entrustment can elevate the offense.

Common scenarios

  • Cashier skimming daily sales
  • Warehouse custodian diverting stocks
  • Bookkeeper taking checks or cash collections

C. Estafa (Swindling) (Revised Penal Code)

Some “theft-like” acts are legally better framed as Estafa, particularly when the employee lawfully receives money or property (in trust, for administration, or on commission) and later misappropriates it.

Typical estafa patterns

  • Collections received from customers “for remittance” but not remitted
  • Company funds given for purchase, then employee keeps the money
  • Items released to employee for delivery/consignment, then sold and proceeds kept

Practical distinction (simplified)

  • Theft / qualified theft: property is taken without the owner’s consent (unlawful taking).
  • Estafa: property/money is initially received lawfully, then misappropriated (breach of trust).

D. Fencing (PD 1612 – Anti-Fencing Law)

If stolen goods are sold, bought, received, possessed, stored, or disposed of, the person dealing in them may be charged with Fencing, which targets the “market” for stolen items.

Small business angle

  • If you discover your inventory is being sold elsewhere, fencing can be explored against the reseller/buyer—especially when there are indicators of knowledge that the items are stolen.

E. Related crimes that sometimes apply

Depending on facts, additional charges may be considered:

  • Malicious mischief (intentional damage to company property)
  • Falsification (fake receipts, altered documents, forged signatures)
  • Forgery / use of falsified documents
  • Computer-related offenses (if hacking, unauthorized access, or data interference is involved)
  • Violation of special laws if the act implicates regulated items or systems

Important: Proper “charge selection” is strategic. Mislabeling the offense can weaken the case.

Part III — Labor Law: Termination and Discipline (The “Correct Process”)

Even if the employee clearly stole, a business can still lose a labor case if it terminates without due process. In the Philippines, employers must observe both:

  1. Substantive due process (a valid ground), and
  2. Procedural due process (the proper steps)

A. Typical “just causes” used in theft/misuse cases

Under the Labor Code’s “just causes” (commonly cited as Article 297, formerly Article 282), theft and misuse issues often fall under:

  • Serious misconduct
  • Fraud or willful breach of trust
  • Commission of a crime or offense against the employer or the employer’s property
  • Analogous causes (company policies clearly defining serious violations)

Which ground fits best?

  • Pilferage / stealing: often “crime against employer/property,” plus “serious misconduct,” and/or “breach of trust.”
  • Custodians/cash handlers: “willful breach of trust” becomes central.
  • Unauthorized use (vehicle, equipment): may be “serious misconduct,” “willful disobedience” (if there’s a clear policy), or “analogous causes,” depending on severity and proof.

B. The “Twin-Notice” rule (core procedural due process)

A standard compliant approach:

  1. First Notice (Notice to Explain / Charge Sheet)

    • Specific acts/omissions, dates, items, locations
    • The policy violated
    • Give the employee a reasonable chance to respond in writing

  2. Opportunity to be heard

    • A conference/hearing is recommended, especially for disputed facts
    • Document minutes and attendance

  3. Second Notice (Notice of Decision)

    • Findings, basis, and penalty (termination/suspension/etc.)
    • Effective date

Tip: Vague accusations (“you stole company property”) are a common reason employers lose procedural fairness arguments.

C. Preventive suspension (when allowed)

If the employee’s continued presence poses a serious and imminent threat to life/property or to the integrity of the investigation (e.g., can tamper evidence, intimidate witnesses), preventive suspension may be used—within lawful limits and with documentation.

D. Standard of proof in labor cases

Labor cases generally use substantial evidence (not “beyond reasonable doubt”). But you still need:

  • Inventory records
  • Audit trail
  • CCTV (lawfully obtained and handled)
  • Witness affidavits
  • Admission (if voluntary and properly documented)
  • System logs / electronic evidence

Part IV — Civil Actions: Getting Your Money/Property Back

Criminal cases punish wrongdoing; civil actions recover losses.

A. Demand letter and settlement

Often the first practical step is a written demand:

  • Identify missing items/cash and computed loss
  • Demand return/payment by a deadline
  • Preserve your right to file criminal/civil action
  • Offer structured settlement if appropriate (installments, return of items)

B. Replevin (recovery of specific personal property)

If you can identify property currently in someone’s possession (e.g., your laptop, tools, equipment), you may consider a court action to recover possession.

C. Collection of sum of money / damages

If the loss is cash or value of goods:

  • File civil action for recovery (with evidence of liability and amount)
  • Claim damages where supportable (actual damages, sometimes exemplary/moral if legally justified)

D. Offsetting from wages/final pay: be careful

A common mistake is “we’ll just deduct it from their salary/final pay.” Wage deductions are regulated. Unilateral deductions without clear lawful basis and documentation can create exposure. If you plan to apply offsets:

  • Ensure there’s a clear written authorization or a lawful basis
  • Keep computation and acknowledgment in writing
  • Consider legal advice before withholding significant amounts

E. Quitclaims and affidavits of desistance: what they really do

  • A quitclaim can help in settlement, but it must be voluntary, for a reasonable consideration, and not contrary to law/public policy.
  • An affidavit of desistance in a criminal case does not automatically “erase” the crime. Many crimes are offenses against the State; prosecution may still proceed if evidence exists.

Part V — Evidence: How to Investigate Without Creating New Legal Problems

A. Immediate “loss containment” steps (first 24–72 hours)

  • Secure inventory area / lock access
  • Preserve CCTV footage (export, keep originals)
  • Freeze system access (email, POS, ERP, cloud drives)
  • Conduct a controlled physical count with witnesses
  • Identify last-known custody and access list
  • Keep a written incident timeline

B. Documentation checklist (high value in court)

  • Incident report
  • Inventory ledger and variance report
  • Purchase/sales documents (PO, DR, SI, OR)
  • POS logs, void/refund reports
  • GPS/fuel records (for vehicle misuse)
  • System access logs and file transfer logs
  • Affidavits of witnesses with personal knowledge
  • Photos/videos with details: date/time, location, custodian
  • Chain-of-custody notes for devices or recovered items

C. CCTV, searches, and privacy

You generally can monitor your premises and protect assets, but best practice is:

  • Clear workplace notices/policies on CCTV and property checks
  • Reasonable, non-discriminatory implementation
  • Avoid humiliating “public shaming” tactics
  • Handle personal data responsibly (especially when sharing footage)

D. Interrogations and “confessions”

Avoid coercion. Don’t:

  • Force “admissions” through threats
  • Detain employees or block exits
  • Confiscate personal phones without basis or process
  • Make defamatory public accusations

If an employee volunteers an admission:

  • Put it in writing, factual and specific
  • Have witnesses
  • Ensure it’s voluntary (no intimidation)
  • Keep it consistent with other evidence (confessions that contradict records can backfire)

E. Electronic evidence

If the case involves emails, logs, messages, or files:

  • Preserve metadata where possible
  • Avoid altering files
  • Keep backups and hash/verifiable copies if feasible
  • Maintain a record of who handled the evidence and when

Part VI — Choosing the Best Legal Path (Decision Guide)

Scenario 1: Clear theft caught on CCTV + missing inventory

Best combined approach

  • Labor: NTE → hearing → termination (breach of trust/serious misconduct/crime vs employer property)
  • Criminal: qualified theft/theft (depending on role/facts)
  • Civil: demand + recovery/replevin if property identifiable

Scenario 2: Employee received collections but did not remit

Often fits estafa

  • Document authority to collect + proof of collection + non-remittance
  • Criminal: estafa
  • Labor: breach of trust / fraud
  • Civil: collection of sum + damages

Scenario 3: Unauthorized use of company vehicle/equipment without clear “taking”

May be misuse rather than theft

  • Strengthen with policy: authorized use rules, logs, GPS, fuel
  • Labor: serious misconduct / willful disobedience / analogous causes
  • Civil: damages if quantifiable (repairs, fuel)
  • Criminal: only if facts support unlawful taking/damage/fraud

Scenario 4: Stock diversion with a reseller

Expand beyond the employee

  • Criminal: qualified theft + possible fencing against downstream handlers
  • Evidence: serials, unique identifiers, controlled buys (with care), transaction trails
  • Business action: tighten inventory and vendor controls immediately

Part VII — Practical Templates and Clauses (Owner-Friendly)

A. Notice to Explain (NTE) essentials

Include:

  • Date, employee name/position
  • Specific acts: what was taken/misused, when, where, how discovered
  • Evidence references (CCTV time stamp, audit report date, variance count)
  • Policy violated (code of conduct, trust position clause, asset policy)
  • Instruction to submit written explanation within a stated period
  • Notice of administrative conference date (or “to be scheduled”)

B. Property & asset use policy (minimum must-haves)

  • Clear statement: company assets are for business use only unless authorized
  • Issuance forms for tools/devices
  • Return obligations upon separation
  • Vehicle rules: authorized drivers, trip tickets, fuel controls, GPS consent notice
  • Prohibited acts: borrowing without written approval, tampering, resale, pawning
  • Progressive discipline vs. dismissal (clarify that theft is terminable)

C. Inventory control upgrades that prevent repeat incidents

  • Segregation of duties (custody ≠ recording ≠ approval)
  • Cycle counts + surprise audits
  • Two-person release for high-value items
  • Serialized assets and sign-out logs
  • POS permission controls (void/refund authority)
  • Vendor vetting; rotate procurement approvals

Part VIII — Frequent Mistakes That Hurt Owners in Labor and Criminal Cases

  1. Skipping due process because “it’s obvious.”
  2. Charging the wrong crime (theft vs estafa) without matching facts.
  3. Weak documentation (no inventory baseline; no audit trail).
  4. Unlawful wage deductions without proper basis.
  5. Overreaching investigations (coercion, illegal detention, defamatory posts).
  6. Letting evidence expire (CCTV overwritten, logs deleted, devices wiped).
  7. No clear policies (misuse claims become “he said, she said”).

Part IX — A Practical Step-by-Step Action Plan for Small Businesses

Step 1: Stabilize

  • Secure stocks/cash, revoke access, preserve CCTV and logs.

Step 2: Document

  • Inventory count + variance report + incident report.
  • Identify who had access; list witnesses.

Step 3: Internal due process

  • Issue NTE; receive explanation; conduct hearing; issue decision.

Step 4: Recovery

  • Demand letter; recover items; consider settlement terms with safeguards.

Step 5: Escalate legally (as needed)

  • If deterrence, seriousness, or recovery requires it: file criminal complaint and/or civil action.

Step 6: Fix controls

  • Treat every incident as a control failure to be corrected.

Part X — Practical Final Notes

  • A well-run theft case is rarely about one “smoking gun.” It’s about a coherent package: logs, counts, policies, custody proof, and fair procedure.
  • In the Philippines, the strongest outcomes come from doing both: (1) disciplined labor-law compliance and (2) evidence-ready criminal/civil strategy.
  • The fastest wins are often preservation + due process + demand, because once evidence is lost or a termination is procedurally defective, you may spend years fixing avoidable mistakes.

This article is for general information and practical education and is not a substitute for advice tailored to your specific facts.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login