What to Do After Theft: Police Blotter, Affidavit of Loss, and Protecting Company Documents

Theft incidents are not just about recovering missing items. In the Philippines, the aftermath typically involves (1) documenting the incident through law enforcement processes, (2) executing sworn statements such as an Affidavit of Loss, and (3) controlling business, legal, operational, and data-privacy risks—especially when company documents, IDs, devices, or records are involved.

This article provides general legal information in the Philippine setting and is not a substitute for legal advice for a specific case.

I. Theft vs. Robbery (Why the Classification Matters)

Under the Revised Penal Code, the classification affects what you report and how authorities record the incident:

  • Theft generally involves taking personal property without violence or intimidation and without force upon things (e.g., pickpocketing, stealthy taking, unauthorized taking of an item left unattended).
  • Robbery involves taking personal property with violence or intimidation against persons, or force upon things (e.g., breaking a lock, forcibly opening a door, snatching with violence, hold-up).

Even if you are not certain which applies, you can still report the incident. Provide facts; the classification can follow.

II. Immediate Actions: The First Hour Checklist

Before paperwork, control harm:

  1. Ensure safety first. If the perpetrator is nearby or violence is involved, prioritize personal safety and seek help.

  2. Preserve the scene (if applicable). Avoid touching areas that may contain fingerprints or evidence (e.g., broken locks, opened drawers).

  3. Record details while fresh:

    • Date/time window of the incident
    • Exact location
    • Missing items (description, serial numbers, identifying marks)
    • People present; possible witnesses
    • CCTV coverage (nearby establishments, barangay cameras)

  4. Secure digital access immediately if any device, ID, or credential was taken:

    • Change passwords
    • Revoke sessions (email, cloud, messaging apps)
    • Remote lock/wipe company devices (MDM tools if available)
    • Disable stolen company IDs and system accounts

  5. Notify internal stakeholders (company context):

    • Immediate supervisor, HR/security, IT/security team, compliance/data protection contact
    • Log an internal incident report (time, items, actions taken)

III. Police Blotter: What It Is and What It Is Not

A. What a Police Blotter Is

A police blotter is the official log entry made by a police station recording reported incidents. It usually notes:

  • Complainant’s details
  • Nature of incident
  • Time/date/location
  • Brief narrative
  • Items involved (at a high level)

A police blotter entry is often enough to support administrative requirements (replacement IDs, internal documentation, some insurance steps), but it is not always the same as a full criminal complaint.

B. What a Police Blotter Is Not

  • It is not automatically a criminal case in court.
  • It is not necessarily a full investigation report.
  • It may be insufficient for certain claims unless supplemented by additional documents (e.g., sworn statements, demand letters, proof of ownership, or a formal complaint).

C. When You Should Get Blottered

Common situations include:

  • Stolen phone/laptop/USB storage
  • Stolen company ID, access card, keys
  • Burglary at workplace
  • Stolen checks, receipts, invoices, official company records
  • Theft involving possible identity theft or data exposure

D. Where to File

Generally file at:

  • The police station with jurisdiction over where the theft occurred, or
  • The nearest station if urgent—then coordinate with the proper station if needed.

Barangay reporting may help for community documentation, but police reporting is usually more widely accepted for formal replacement processes and potential prosecution.

E. What to Bring / Prepare

  • Government ID (or any available identification)
  • Proof of ownership (if available): receipts, photos, warranty cards, device box with serial number, inventory logs
  • Serial numbers / IMEI (phones), device asset tags, MAC addresses (if known)
  • Witness contact details
  • CCTV references (location and custodian)

F. Requesting a Copy

You may request a certified true copy or a certification referencing the blotter entry, depending on the station’s practice. Keep:

  • Blotter entry number
  • Date/time of reporting
  • Name/desk of officer who received the report (if provided)

IV. From Blotter to Criminal Complaint: When Escalation Makes Sense

A police blotter is a start. Escalation may be appropriate when:

  • The value is substantial
  • A suspect is known
  • There is CCTV or strong evidence
  • The theft is part of a pattern (inside job, repeated losses)
  • Company-sensitive information may be misused
  • Insurance claims require more formal documentation

Escalation can include:

  • Executing sworn statements
  • Submitting documentary proof of ownership
  • Coordinating with investigators
  • Filing a criminal complaint with the proper office, depending on the case and evidence

V. The Affidavit of Loss: Purpose, Uses, and Legal Weight

A. What an Affidavit of Loss Is

An Affidavit of Loss is a sworn statement (executed under oath, typically notarized) declaring that an item/document was lost or missing, under the affiant’s personal knowledge, and describing circumstances of the loss.

In the Philippines, it is commonly required by government offices, banks, employers, and private institutions to:

  • Replace lost IDs or certificates
  • Reissue documents
  • Support internal audit/compliance documentation
  • Establish a record of loss to deter later misuse

B. Loss vs. Theft: How to Phrase It

If the item was stolen, it is better practice to state that it was lost due to theft or that it was taken without consent, and to reference the police blotter details.

Avoid writing something inaccurate just to fit a template. A false sworn statement may expose the affiant to criminal liability (e.g., perjury or related offenses).

C. Typical Situations Requiring an Affidavit of Loss

  • Lost company ID/access card
  • Lost checks, passbooks, bank cards
  • Lost OR/CR, permits, certificates
  • Lost stock certificates or corporate documents
  • Lost notarized contracts, deeds (note: replacements can be complicated)
  • Lost devices containing company data (often paired with incident reports and police blotter)

D. Who Should Execute It (Company Context)

The affiant should be the person with personal knowledge and custody:

  • The employee to whom the ID/device was issued
  • The custodian of records (admin officer, corporate secretary, finance officer) for corporate documents
  • The accountable officer for checks and financial instruments (treasurer/cashier) as appropriate

For corporate documents, it may be necessary to back the affidavit with:

  • Board resolutions or authorized signatory designations
  • Company inventory/asset records
  • Circumstantial evidence (incident reports, police blotter)

E. What Must Be in an Affidavit of Loss

While formats vary, a strong affidavit typically contains:

  1. Affiant’s identity

    • Full name, age, civil status, nationality
    • Residence address
    • Government ID details (often required by notaries)

  2. Statement of ownership/custody

    • Why the affiant had the item/document
    • Whether it was issued by the company or institution

  3. Description of the lost/stolen item

    • Document type and identifiers (serial numbers, control numbers, plate/engine/chassis if vehicle documents, check numbers, certificate numbers)
    • For devices: brand/model, serial number, IMEI, asset tag

  4. Circumstances of the loss/theft

    • When and where last seen
    • How it was discovered missing
    • Actions taken (search efforts, security review, reporting)

  5. Statement of non-recovery

    • That despite diligent efforts, the item has not been recovered

  6. Purpose clause

    • For replacement/reissuance, reporting, record purposes

  7. Undertakings (when relevant)

    • Commitment to return the original if found
    • Commitment to hold the issuer/company free from liability caused by misuse (often used by banks/issuers)

  8. Reference to police blotter

    • Blotter entry number, station, date (for theft-related cases)

  9. Signature and jurat

    • Sworn and subscribed before a notary public

F. Notarization Basics (Philippine Practice)

  • The affiant must personally appear before the notary.
  • The affiant must present competent evidence of identity (valid government ID).
  • The notary will complete the jurat and record details in the notarial register.

VI. When Company Documents Are Stolen: Risk Categories You Must Address

The theft of company documents is not just “lost paper.” It can trigger cascading legal and operational problems.

A. Corporate Governance and Authority Risks

Stolen items like:

  • Secretary’s certificates, board resolutions
  • Corporate seals/stamps
  • Signed blank letterheads
  • IDs of authorized signatories can be used to create fraudulent authorizations.

Immediate controls:

  • Freeze/limit use of seals/stamps; re-secure them
  • Issue internal advisories invalidating stolen letterheads or forms
  • Notify banks and counterparties about stolen signatory IDs or documents
  • Review and tighten approval thresholds (dual controls)

B. Financial Fraud Risks

High-risk stolen items:

  • Checks (unused or signed), checkbooks
  • Official receipts/invoices
  • Bank tokens, ATM cards, passbooks
  • Payment instructions, supplier bank details

Immediate controls:

  • Notify banks promptly; request stop-payment or watchlist measures for check numbers
  • Change online banking credentials and revoke tokens
  • Review recent transactions and set alerts
  • Inform finance, audit, and procurement teams

C. Contractual and Commercial Risks

Stolen:

  • Original signed contracts
  • NDAs, pricing schedules, bid documents
  • Customer lists, supplier terms

Immediate controls:

  • Secure master copies and digital backups
  • Notify affected counterparties if misuse is plausible
  • Tighten access to contract repositories
  • Track potential fraudulent communications (phishing using real contract references)

D. Employment and HR Risks

Stolen:

  • Employee 201 files, IDs, payroll details, medical information

This raises privacy and confidentiality issues and must be treated as a potential data breach.

E. Data Privacy Act Exposure (RA 10173)

If stolen documents or devices contain personal information, especially sensitive personal information (e.g., government IDs, health records, payroll, biometrics), obligations under the Data Privacy Act may be triggered.

Key actions:

  • Conduct a breach assessment: what data, whose data, how many individuals, likelihood of misuse
  • Implement containment: revoke access, remote wipe, disable accounts, invalidate IDs
  • Determine if notification is required (to affected individuals and/or the regulator) based on notifiability factors such as likelihood of serious harm and the nature/volume of data
  • Document decision-making and remedial steps

Even when formal notification is not required, internal documentation and mitigation are critical (audit trail, risk controls, preventive steps).

F. Cybercrime Considerations (RA 10175, RA 8792)

When stolen items include:

  • Laptops/phones
  • Storage devices
  • Credentials
  • Access cards used to enter systems

Treat it as a potential cybersecurity incident:

  • Preserve logs
  • Lock accounts
  • Review for unauthorized access attempts
  • Coordinate with IT/security response procedures

VII. A Practical Response Framework for Companies

Step 1: Incident Triage (Same Day)

  • Identify what was stolen: documents, devices, credentials, keys
  • Identify sensitivity: personal data, financial instruments, authority documents
  • Lock down: access revocation, password resets, remote wipe, account disablement
  • Capture evidence: photos of forced entry, CCTV requests, witness statements

Step 2: Documentation Pack (Within 24–72 Hours)

Build an “incident pack” that typically includes:

  • Police blotter entry/certification
  • Affidavit of Loss (and/or Affidavit of Theft/Loss Due to Theft)
  • Internal incident report (who/what/when/where/actions taken)
  • Inventory/asset records proving custody/ownership
  • List of affected systems/accounts and lockout steps
  • If personal data involved: breach assessment memo and containment actions

Step 3: Replacement and Notifications (Within Days)

Depending on what was stolen:

  • Request replacement IDs/badges; invalidate old credentials
  • Reissue documents through issuing agencies/institutions (bank, government office, vendors)
  • Notify counterparties/banks of compromised documents or potential fraud attempts
  • Update signatory lists or internal authorization protocols if needed

Step 4: Remediation and Prevention (Within Weeks)

  • Root cause analysis (how it happened, control failure)

  • Implement controls:

    • Physical: locks, access logs, CCTV coverage, visitor policies
    • Process: custody logs, check handling protocols, dual control
    • Digital: encryption, endpoint management, least privilege, MFA

  • Training: phishing awareness and document handling

  • Update policies: incident response, records management, device security

VIII. Special Notes on Common “Stolen Company Item” Scenarios

A. Stolen Company ID / Access Card

  • Report to HR/security immediately
  • Disable badge access and system accounts tied to ID
  • Execute affidavit of loss/theft and internal incident report
  • Reissue new ID with a new number/barcode if possible

B. Stolen Laptop/Phone Used for Work

  • Remote lock/wipe (if enabled)
  • Revoke corporate email sessions and tokens
  • Change passwords and enforce MFA reset
  • Inventory list of stored data (local files, synced folders)
  • Police blotter + affidavit
  • Treat as potential data breach if personal/company-sensitive data was stored unencrypted

C. Stolen Checks / Checkbook

  • Immediately notify the bank with check ranges
  • Stop payment/watchlist instructions (bank-specific process)
  • Secure check issuance procedures
  • Police blotter and affidavit detailing check numbers

D. Stolen Corporate Records (e.g., resolutions, certificates, permits)

  • Identify which documents can be used to impersonate authority
  • Notify banks and critical counterparties
  • Consider issuing internal memos invalidating stolen copies and requiring verification
  • Strengthen corporate secretarial custody controls

IX. Evidence Preservation and “Chain of Custody” Mindset

Even in private-sector incidents, preserving evidence improves outcomes:

  • Keep original photos/videos of the scene
  • Preserve CCTV by requesting copies quickly (many systems overwrite in days)
  • Keep copies of emails, chat messages, unusual system logs
  • Record who handled evidence, when, and where it was stored

For digital incidents, avoid “self-investigation” steps that destroy logs. Make copies and document actions.

X. Common Mistakes That Create Legal or Operational Problems

  1. Delaying reporting until “it turns up”
  2. Executing an affidavit that contradicts the real facts
  3. Failing to list identifiers (serial numbers, check numbers, document control numbers)
  4. Not locking down access after device/ID theft
  5. Overlooking personal data exposure and privacy obligations
  6. Not notifying banks/counterparties when authority documents may be misused
  7. Weak internal custody controls (no logs, shared keys, unsecured stamps/seals)

XI. What “Good Documentation” Looks Like

A complete and defensible record usually includes:

  • Police blotter entry/certification (timely)
  • Affidavit of Loss/theft (accurate, detailed, notarized)
  • Internal incident report (timeline + actions taken)
  • Proof of ownership/custody (asset register, issuance logs)
  • Containment actions (access revocation, password resets, remote wipe proof)
  • Risk assessment for privacy and fraud (what could happen; what was done)
  • Replacement/reissuance records and communications

XII. Mini-Outline: Sample Affidavit of Loss (Content Guide Only)

A common structure (not a fillable form):

  • Title: AFFIDAVIT OF LOSS
  • Identification of affiant
  • Statement of custody/ownership
  • Description of the item/document (with identifiers)
  • Circumstances of loss/theft (date/time/place, discovery)
  • Diligent efforts to locate; non-recovery statement
  • Police blotter reference (if theft)
  • Purpose for executing affidavit (replacement/reissuance/record)
  • Undertaking to return original if found (optional but common)
  • Signature
  • Notarial jurat

XIII. Bottom Line

After theft, Philippine practice usually requires two tracks running in parallel:

  1. Public documentation: police blotter (and escalation where needed) + sworn statements like an affidavit of loss/theft
  2. Risk containment: immediate security controls, credential invalidation, fraud prevention, records replacement, and privacy incident handling when personal data or sensitive business information is involved

Doing both promptly—and accurately—reduces legal exposure, limits damage, and improves the odds of recovery and accountability.

Disclaimer: This content is not legal advice and may involve AI assistance. Information may be inaccurate.

Privacy Policy

Terms of Use

Lawyer Login

 
 
Privacy Policy         Terms of Use         Lawyer Login