A property manager in Martin County, Florida is accused of embezzling hundreds of thousands of dollars from two homeowners associations. She allegedly spent the money on plastic surgery, vacations, and shopping sprees. She now faces 124 criminal charges and a $1.35 million bond. As of this writing, she is wanted on an arrest warrant.

The methods are not sophisticated. They never are.

The four methods

According to investigators, the accused property manager used four techniques:

  1. Wrote checks to herself from HOA bank accounts. The simplest form of embezzlement. If one person controls the checkbook with no oversight, money walks out the door.

  2. Created fictitious invoices. Fake vendor bills for services never performed. The invoices looked real. The payments went to her.

  3. Made false ledger entries. The books were altered to hide the missing money. If no one independently verifies the ledger, the fraud is invisible.

  4. Forged signatures of authorized account holders. Paper-based approval processes are trivially forgeable. A signature on a check is not a control. It is a formality.

These are not exotic techniques. They are the same four methods in nearly every HOA embezzlement case, going back decades.

Why it works

Every one of these methods requires the same thing: one person controlling the financial records with no one else watching.

The property manager had sole access to the bank accounts. She controlled the ledger. She produced the financial reports the board reviewed. The board saw what she wanted them to see.

This is the default arrangement at most managed HOAs. The management company owns the accounting system. They control the login credentials. They produce the reports. The board receives a PDF summary once a month — if they ask for it. No board member can independently log in and see every transaction, every bank reconciliation, every journal entry in real time.

HOA embezzlement succeeds when three conditions exist simultaneously:

  • One person controls funds with no automated enforcement. Manual processes rely on trust. Trust is not a financial control.
  • The ledger is editable. If entries can be altered after the fact, the audit trail is meaningless.
  • No one independently verifies. If the person writing the checks is also reconciling the bank statements, fraud is undetectable until the money runs out.

Most self-managed HOAs meet all three conditions. Many professionally managed associations meet two of three.

The real problem: the HOA does not own its own records

This case is not an anomaly. It follows a structural pattern. The property manager controlled the association's financial system because the management company owned the ledger.

Think about it like phone numbers before number portability. Your carrier owned your number. If you wanted to leave, you lost it. Carriers had no incentive to make switching easy. The switching cost was the business model.

Property management companies operate the same way today. They run the association's books on their own QuickBooks instance, their own bank login, their own reporting tools. When a board fires the management company — or the management company fires the board — the association loses access to its own financial history. Sometimes permanently.

This is why embezzlement happens. Not because property managers are inherently dishonest. Because the system gives one party exclusive control of another party's money with no independent verification built in.

The fix is not better property managers. The fix is an architecture where the HOA owns its own system of record and every board member can see every transaction.

Read more: Why HOAs Are Demanding Their Operating System

What actually prevents it

The answer is simpler than people think: give every board member direct access to the same accounting system, in real time, with an immutable audit trail.

If the president, treasurer, and secretary can each log in and see every transaction, every bank reconciliation, every journal entry, and every vendor payment — the game is over. There is nowhere to hide unauthorized checks. Fictitious invoices are visible to everyone. False ledger entries are caught by automated integrity checks. Forged signatures are replaced by authenticated digital approvals tied to real user accounts.

The Florida property manager got away with it for as long as she did because she was the only one with access. A centralized system of record that multiple board members can see eliminates this entirely.

Each of her four methods has a specific control that blocks it:

Against unauthorized disbursements: dual approval workflows

Every outgoing payment should require approval from someone other than the person initiating it. No single person can send money without a second sign-off. Payment thresholds should trigger escalating approval requirements — a $500 landscaping bill might need one approval, a $15,000 roof repair should need two.

Every disbursement should be logged with who requested it and who approved it, visible to every board member with access. If a property manager writes a check, at least one board member should see the request before it clears.

Against fictitious invoices: vendor verification and reconciliation

Every invoice should tie to a known vendor. Does the vendor have a business license? Insurance? A physical address? If the property manager submits an invoice from "ABC Services LLC" and no one has ever heard of that company, that is a flag.

The accounts payable subledger should reconcile against the general ledger automatically. When the subledger says $50,000 in bills are outstanding and the GL says $65,000, someone fabricated $15,000 in entries. Automated reconciliation catches this without anyone needing to manually cross-check spreadsheets.

When every board member can see the full vendor list and the AP aging report, a fake vendor is visible to everyone — not just the person who created it.

Against false ledger entries: an append-only ledger

The ledger should be append-only. No entry should be deletable or silently editable after posting. Every change creates a new record. The old one persists.

This is the difference between a spreadsheet and institutional accounting software. In QuickBooks, anyone with the password can delete a transaction and the record is gone. In an append-only system, corrections are made by posting a new reversing entry — the original entry is still there, and the reversal is visible to everyone.

Every board member should be able to see the full journal register. Not a summary prepared by the property manager. The actual entries.

Against forged signatures: digital identity

Paper signatures prove nothing. A signed check shows that ink was applied to paper. It does not prove who applied it.

Digital approval workflows tied to authenticated user accounts are different. They record who approved what, when, and from where. The approval is visible to every board member in the activity log. There is nothing to forge because the approval is not a mark on paper — it is an authenticated action tied to a login credential.

Bank reconciliation: the control that catches everything else

Bank reconciliation is the single most important fraud prevention tool. Match every transaction in the ledger to the actual bank statement. If the property manager wrote a $5,000 check to herself, it shows up in the bank statement. If the ledger does not have a matching entry — or the entry was fabricated — the reconciliation fails.

The problem is that most HOAs delegate bank reconciliation to the same person who controls the checkbook. That defeats the purpose entirely.

The board should reconcile the bank statements themselves. Import the statement into the accounting system. Match transactions. Review anything that does not match. This takes 30 minutes a month and is the single most effective fraud deterrent that exists.

No one can hide a disbursement when three people are independently reviewing the same bank feed.

The hidden cost

The financial loss from embezzlement is obvious. The cost that follows is worse.

When an HOA discovers embezzlement, it pays legal fees to pursue recovery — often exceeding the stolen amount. Insurance premiums increase. The board spends months in dysfunction. Homeowner trust collapses. Resale values may drop while the association is in litigation.

Most HOA fidelity bonds cap at $50,000 to $100,000. If someone steals hundreds of thousands, the bond covers a fraction. The rest comes from reserves or a special assessment on every homeowner in the community.

What to do now

If you serve on an HOA board:

  • Own your own financial system. The association's ledger should not live inside the management company's software. The board should have direct, independent access — not a monthly PDF summary. If your management company will not give every board member read access to the actual accounting system, that tells you everything you need to know.
  • Require dual authorization on all disbursements. No exceptions. No amount is too small to skip this.
  • Separate duties. The person who approves payments should not reconcile the bank statements. If your board is small, rotate the reconciliation role monthly.
  • Review actual bank statements. Not the treasurer's summary. The statements from the bank. Every month. Better yet, import them into your accounting system and reconcile them yourself.
  • Carry a fidelity bond. Confirm the coverage amount matches at least one year of assessments, not some arbitrary minimum.
  • Use accounting software with an immutable audit trail. Spreadsheets are editable. QuickBooks entries can be deleted. A proper institutional ledger is append-only.
  • Require an annual financial review. An independent CPA reviewing the books catches problems the board will miss.

The controls that prevent embezzlement are not expensive. They are not complicated. They are simply not optional.

The deeper lesson from every case like this one: the person who stole the money was the only person who could see the books. Fix that, and you fix the problem.

CommunityPay is an HOA accounting platform with an immutable ledger, enforced approval workflows, automated bank reconciliation, and multi-member access — built specifically to prevent the problems described in this article.