Time theft is one of those problems that's easy to ignore because it happens in small increments. Five minutes here, ten minutes there. But industry surveys suggest that buddy punching alone affects up to 75% of U.S. businesses — and when you add up all the forms of time theft across an hourly workforce, the cost runs into billions per year.
This guide covers the most common types of time theft, what it actually costs, and the practical steps you can take to reduce it — without biometric scanners, surveillance cameras, or destroying employee trust.
What Is Time Theft?
Time theft occurs when an employee receives pay for time not actually worked. It takes several forms:
- Buddy punching — One employee clocks in or out for another who is absent or late. The most common form in businesses using PIN-based or paper time clocks.
- Extended breaks — Taking 45 minutes on a 30-minute lunch, or not clocking out for breaks at all.
- Early clock-in / late clock-out — Punching in before arriving at the work area or punching out after stopping work. Even 10 minutes a day adds up to over 40 hours a year per employee.
- Timesheet falsification — Manually entering incorrect hours on paper or digital timesheets. Rounding start times earlier and end times later.
- Personal time on the clock — Extended personal phone calls, errands, or non-work activities while clocked in.
What It Actually Costs
Let's make it concrete. Say you have 20 hourly employees earning an average of $18/hour. If each one pads their time by just 15 minutes per day — a very conservative estimate for a workforce with paper timesheets — here's what that costs:
The math
20 employees × 15 min/day × 260 workdays/year = 1,300 hours
1,300 hours × $18/hr = $23,400/year
That's $23,400 in labor costs for time that was never actually worked. And that's before overtime implications — those phantom hours can push employees over 40 hours, triggering 1.5× pay for hours that didn't happen.
Scale that to a larger crew or a higher average wage, and the numbers get serious fast.
The Legal Nuance: You Must Still Pay
Here's an important point that many employers miss: under the FLSA, you must pay for all hours actually worked, even if the employee violated your timekeeping policy. The "suffer or permit to work" standard means that if you knew or should have known an employee was working, those hours must be compensated.
You can discipline or terminate an employee for unauthorized overtime or time theft. But you cannot withhold pay for hours actually worked. And you cannot use time theft accusations to retaliate against employees who have reported legitimate wage concerns.
The right approach: prevent time theft through better systems, rather than trying to recover lost wages after the fact.
6 Ways to Reduce Time Theft
1. Replace Paper Timesheets with Digital Clock-In
Paper timesheets are the #1 enabler of time theft. There's no verification, no timestamp, and no audit trail. Switching to a digital time clock — even a simple tablet at the job site — captures exact clock-in and clock-out times with server-side timestamps that can't be retroactively altered.
2. Use GPS Verification at Clock-In
GPS-verified clock-ins confirm that employees are physically at the job site when they punch in. Geofencing goes further — restricting clock-ins to within a set radius of the work location. This eliminates buddy punching and "clocking in from the parking lot 20 minutes early" in one step.
Important: GPS verification at clock-in time is significantly less invasive than continuous location tracking. You're verifying where someone is at the moment they clock in, not tracking their movements throughout the day. Be transparent about this with your team — most employees understand and accept it when the purpose is explained.
3. Require Manager Review Before Payroll
A simple approval step catches problems before they become payroll errors. When a supervisor reviews hours daily or weekly — flagging entries that look unusual, verifying overtime, and confirming that breaks were taken — time theft becomes much harder to sustain undetected.
4. Set Clear Policies in Your Employee Handbook
Define time theft explicitly: what it is, what the consequences are, and how time is tracked. Include your GPS/monitoring disclosure — several states require written notice of electronic monitoring, including Connecticut, New York, and California. Employees should sign an acknowledgment. This protects you legally and sets expectations upfront.
5. Use a Shared Kiosk Instead of Personal Devices
A shared tablet at the job site, shop, or restaurant eliminates the "I forgot my phone" excuse and makes clock-in a visible, in-person action. When the kiosk is browser-based (no app to install), there's no friction and no privacy concerns about employer apps on personal devices.
6. Address It as a Culture Issue, Not Just a Technology Problem
The most effective long-term solution is a workplace where time theft isn't normalized. That means managers leading by example (clocking in and out themselves), addressing violations consistently (not letting some people slide), and framing accurate timekeeping as fairness — nobody wants to carry the workload while a coworker gets paid for time they didn't work.
Why We Don't Recommend Biometric Time Clocks
Fingerprint and facial recognition time clocks do eliminate buddy punching. But they create a different set of problems that many small businesses aren't prepared for:
- Legal liability — Illinois' Biometric Information Privacy Act (BIPA) allows employees to sue for $1,000–$5,000 per scan without proper consent. The BNSF Railway initial jury verdict ($228 million) was specifically about fingerprint time clocks used without proper BIPA consent.
- Expanding state laws — Texas, Washington, Colorado, Virginia, and Connecticut all have biometric or comprehensive privacy laws. More states are following Illinois' lead.
- Hardware costs — Biometric terminals run $500–$2,000+ each, plus maintenance.
- Employee resistance — Many workers are uncomfortable with employers collecting their biometric data, and that discomfort affects morale and trust.
GPS-verified digital clock-ins achieve the same goal — confirming the right person is at the right place at the right time — without collecting sensitive biometric data.
Your Employer Obligations
Even while combating time theft, you must:
- Pay for all hours actually worked — You cannot dock pay as punishment for time theft. Discipline the behavior; pay the hours. (DOL Fact Sheet #22)
- Provide notice of monitoring — If you use GPS or any electronic monitoring, disclose it in writing. Several states (Connecticut, New York, California) require this explicitly.
- Apply policies consistently — Selective enforcement of time theft policies can create discrimination claims.
- Never retaliate — An employee who reports wage violations is protected under FLSA anti-retaliation provisions. Don't conflate time theft discipline with whistleblower retaliation.
Stop time theft the smart way
CrewPunch uses GPS-verified clock-ins and geofencing to confirm employees are at the job site — no biometric data, no privacy headaches. Managers review and approve hours before payroll, and the browser-based kiosk mode means no app installs on personal phones. Start your free 14-day trial.