What the Atlanta Hawks Embezzlement Case Can Teach Business Owners About Internal Controls

A recent $3.7 million embezzlement case highlights how growing businesses can reduce risk through stronger financial oversight and internal controls.

A recent federal embezzlement case involving a former Atlanta Hawks finance executive serves as a reminder that some of the most significant financial risks businesses face can come from within their own organizations. Sometimes significant risk arises when a trusted employee has broad financial authority without sufficient independent review.

According to the U.S. Attorney’s Office for the Northern District of Georgia, former Atlanta Hawks finance executive Lester T. Jones Jr. was sentenced in April 2026 to three years and five months in federal prison after embezzling approximately $3.7 million from the organization through fraudulent expense reimbursements and misuse of corporate credit cards.

For small and mid-sized businesses, the lesson is not about professional sports. It is about internal controls, review procedures, and the importance of verifying financial activity before small problems become major losses.

Many business owners begin with a small team where responsibilities are shared informally and financial processes evolve naturally over time. As a business grows, however, those same processes may not keep pace with increased complexity, additional employees, and greater financial activity.

What worked when the business was smaller can create vulnerabilities as responsibilities become more distributed and financial activity increases. Periodic reviews help ensure that processes continue to support the business as it grows.

What Happened

Federal prosecutors reported that Jones joined the Hawks’ Accounting and Finance Department in 2016 and later became Senior Vice President of Finance. In that role, he had significant access to the organization's corporate credit card program and expense reimbursement systems.

According to federal prosecutors and information presented in court, Jones became the sole administrator of the Hawks’ corporate credit card account and also served as administrator of the organization's electronic reimbursement platform. Prosecutors stated that he used that access to submit or direct fraudulent reimbursement requests, charge personal expenses to corporate cards, and conceal the activity through false representations to other employees. The court also ordered him to pay $3,898,486.99 in restitution.

The case highlights the risks that can arise when an employee has significant financial authority, broad system access, and limited independent review.

Why Insider Fraud Is Difficult to Detect

Insider fraud is especially challenging because it often comes from someone who understands the business, knows the approval process, and appears trustworthy. That combination can make unusual activity easier to explain away or miss entirely.

In many businesses, the issue is not a lack of trust. It is a lack of verification. Trust is important, but it should not replace review, documentation, and separation of responsibilities.

Common Internal Control Weaknesses

The mechanics of this case are not limited to large organizations. The same control weaknesses can appear in businesses of almost any size.

1. Too Much Responsibility Assigned to One Person

When the same person can approve expenses, manage company cards, process reimbursements, and reconcile accounts, the business has limited protection if that person misuses access.

2. Limited Review of Expenses

Expense activity should be reviewed regularly, not only when cash flow feels tight or something appears obviously wrong. Fraud often grows slowly because individual transactions seem small or routine at first.

3. Weak Documentation Requirements

Every reimbursement or company card charge should have supporting documentation, a clear business purpose, and independent approval. Missing receipts, vague descriptions, and repeated exceptions should be addressed quickly.

4. Senior Employees Operating Without Oversight

Long tenured or high-level employees may have broad access because they are trusted. However, seniority should not remove the need for controls. In fact, higher access usually requires stronger review.

Why This Matters for Small and Mid-Sized Businesses

The circumstances in this case may be unusual, but the underlying risks are not. Smaller businesses often operate with lean teams, which can make it difficult to fully separate financial responsibilities. As a result, one person may end up handling multiple parts of a transaction—from approval to payment to reconciliation.

That reality does not mean a business is exposed to fraud. It does mean that business owners should periodically review whether their financial processes still fit the size and complexity of the business.

Large organizations may have more complex systems, but smaller businesses often have fewer people involved in financial processes. That can make segregation of duties harder, but it does not make it less important.

Even when a business cannot fully separate every role, it can still reduce risk by adding basic review procedures, requiring documentation, and having someone independent examine bank activity, credit card statements, reimbursements, and vendor payments.

A loss does not have to reach millions of dollars to harm a business. Smaller losses can still affect payroll, vendor relationships, tax planning, cash flow, and owner distributions.

Potential Tax Implications of Fraud Losses

Fraud losses can also create tax questions. The IRS generally requires stolen property to be reported as income by the person who stole it, unless it is returned in the same year. Depending on the circumstances, businesses may be eligible to claim deductions related to theft losses. The timing of those deductions often depends on when the loss is discovered and whether there is a reasonable prospect of recovery through insurance, restitution, or other reimbursement sources.

Because the tax treatment of theft losses can vary based on the facts and circumstances, businesses should consult a qualified tax professional regarding the proper reporting of any loss, recovery, or restitution payment.

Practical Steps to Strengthen Controls

Businesses do not need complicated systems to improve protection. They need consistent processes that make financial activity easier to review and harder to misuse.

• Separate expense approval, payment processing, and account reconciliation whenever possible.

• Require receipts and a documented business purpose for reimbursements and company card charges.

• Review credit card statements, reimbursements, vendor payments, and bank activity on a regular schedule.

• Look for unusual patterns, repeated exceptions, duplicate payments, unfamiliar vendors, or vague descriptions.

• Limit financial system access to what each employee needs to perform their role.

• Use an outside accountant or advisor to periodically review activity and identify control gaps.

  
  

The former Hawks executive’s case is a reminder that access without oversight creates risk. Strong internal controls are not about assuming the worst of employees. They are about protecting the business, its cash flow, and the people who depend on it.

Every business reaches a point where financial processes become more complex than the systems originally designed to support them. Periodic reviews of internal controls can help identify weaknesses before they become costly problems.

If your business has grown, added employees, expanded company card use, or changed financial systems, Brilliant Solutions Group can help evaluate your current processes and identify practical opportunities to strengthen financial controls and reduce risk.