Home Articles Case Study: Inside a Property Manager's Maintenance Billing Fraud
15 January 2026 · Gumshoe Team

Case Study: Inside a Property Manager's Maintenance Billing Fraud

A property management group discovered one of their own managers had been routing fake maintenance invoices through family-registered businesses for over two years. The scheme was sophisticated, hidden inside legitimate rent statements, and nearly impossible to detect without automated supplier verification.

Background

Walkyl Property Group is a mid-sized residential property management agency managing approximately 1,400 investment properties across three offices in south-east Queensland. Their business model is typical of the sector: landlords pay a management fee, and all maintenance, repairs, and compliance work is coordinated by property managers who engage tradespeople and deduct costs from rental income before disbursing funds to landlords.

This model — where a single employee controls both the engagement of suppliers and the approval of disbursements — creates a structural fraud risk that the industry has long understood but inconsistently addressed. Walkyl was no exception.

How the Scheme Worked

A property manager with 11 years at the agency and a portfolio of 220 properties began the scheme gradually. The initial mechanism was simple: he directed routine maintenance work — plumbing, electrical, painting, general handyman — to a sole trader registered under his mother-in-law's name. The business, a general maintenance entity, had a legitimate ABN and was listed in the agency's supplier database without scrutiny.

Over time, the scheme expanded. His brother registered a second entity — a painting and decorating business — and his sister-in-law registered a third, nominally a cleaning contractor. All three were used to invoice for work across his managed portfolio. Some work was performed, at inflated rates. Some was invoiced and never performed at all. A portion of legitimate work completed by other tradespeople was double-invoiced: once by the legitimate tradesperson and again by one of the family entities.

The invoices were embedded inside monthly landlord statements. A landlord receiving a statement showing rental income of $2,400 minus management fees of $240 minus "maintenance and repairs" of $380 would simply see a net disbursement of $1,780. The line items were not itemised to tradesperson level in the standard statement format. Landlords had no mechanism to query which contractor had performed which work.

The Scale Over 26 Months

When the scheme was eventually unwound, forensic accountants identified 847 individual invoices across the three family entities spanning 26 months. The total value: approximately $1.1 million. Of that, investigators assessed that approximately $420,000 represented work that was either never performed or significantly inflated, with a further $190,000 representing double-billing of legitimate work. The remaining $490,000 represented genuine work performed at above-market rates — technically not fraudulent but a clear breach of fiduciary duty.

The agency's exposure extended beyond the direct losses. Landlords who discovered they had been billed for work not performed pursued civil claims. The agency's professional indemnity insurer disputed liability on the grounds that the internal controls failure was fundamental. Legal costs exceeded $280,000 before a settlement was reached.

The Warning Signs That Were Missed

In retrospect, the three family entities carried multiple verifiable red flags that automated supplier verification would have surfaced at onboarding:

Entity One — Mother-in-law's maintenance business

  • ABN registered 19 days before the first invoice was submitted
  • No website, no web presence across any candidate domain
  • Email address: a free Gmail account
  • No ASIC company registration — sole trader only
  • Registered address: a residential suburb
  • Assurance score (modelled): 32% — High Risk

Entity Two — Brother's painting business

  • ABN registered 4 months prior — recently registered flag triggered
  • Domain registered 11 days before first invoice, with no SSL certificate history in crt.sh
  • No MX records — invoices sent from a personal Hotmail account
  • Spamhaus DBL: clean (too new to be listed)
  • Assurance score (modelled): 39% — High Risk

Entity Three — Sister-in-law's cleaning business

  • ABN status: active — but registered 3 weeks before first invoice
  • Website existed but was a one-page template with no unique content, no contact form, no phone number, and a stock photo banner
  • Domain registered 18 days before first invoice; 1 SSL certificate issued (crt.sh)
  • No DMARC record; SPF missing
  • Assurance score (modelled): 44% — Verify Further

None of these entities would have passed a rigorous onboarding check. All three would have been flagged for manual review. A phone call to a verifiable landline — something the agency could have required — would likely have surfaced the conflict of interest before a single payment was made.

How It Was Discovered

The scheme surfaced not through internal audit but through a landlord complaint. A property owner reviewing their annual statement noticed they had been charged $2,200 for carpet replacement on a property they had visited two weeks earlier — carpets that appeared original and undamaged. They asked for the invoice. The property manager provided one. The landlord's spouse, who worked in construction, noted the invoice looked like a template and the ABN on it resolved to a business name they didn't recognise.

They escalated to the agency principal, who engaged their external accountant. An initial review of three months' invoices from the flagged entity surfaced the double-billing pattern. A broader review covering all three entities followed. Police were notified after the first week.

The Property Management Structural Risk

What makes property management particularly vulnerable to this class of fraud is the concentration of control in a single relationship. A property manager who controls which tradesperson is engaged, approves the work completion, and processes the invoice disbursement — without independent verification at any step — has near-total freedom to manipulate the maintenance billing cycle.

This is structurally different from most accounts payable fraud scenarios, where at least a second person typically approves invoices above a threshold. In property management, the threshold is effectively the manager's discretion, and landlords — who are the ultimate payers — are typically not reviewing individual invoices at all.

What Systematic Supplier Verification Would Have Changed

Had Walkyl Property Group applied mandatory ABN verification at supplier onboarding, the outcome would likely have been very different:

  • All three entities would have been flagged at or before the first invoice was processed
  • A policy requiring assurance scores above 60% for approval would have blocked all three
  • A dual-approval requirement for WARN/FAIL suppliers would have brought the scheme to the principal's attention on day one
  • The conflict of interest — a supplier sharing a residential address with an employee — would have been surfaced by any cross-reference process

The cost of verifying each new supplier at onboarding: approximately 40 seconds and nil dollars. The cost of not doing so: $1.1 million in fraudulent invoices, $280,000 in legal costs, and reputational damage to a business that had operated for 19 years.

Industry Context

Property management fraud of this type is not rare. The Australian Securities and Investments Commission (ASIC) and various state fair trading bodies have documented hundreds of cases involving misappropriation of maintenance funds. The pattern — fake or related-party tradespeople, invoices hidden in disbursement statements, sole trader structures to avoid ASIC scrutiny — recurs consistently.

The sector has been slow to adopt systematic supplier verification, partly because the industry culture relies heavily on personal relationships and partly because the costs of fraud are partially externalised to landlords and insurers. Where principal-employer supervision is light and trust substitutes for process, the vulnerability is structurally embedded.

Recommendations for Property Management Businesses

  • Verify every new tradesperson at onboarding — ABN age alone is a powerful first filter. Any tradesperson with an ABN less than 6 months old should require principal sign-off before the first invoice is approved.
  • Cross-reference residential addresses — supplier addresses that match employee or known associate addresses should trigger immediate escalation.
  • Itemise maintenance in landlord statements — requiring tradesperson name and ABN on each maintenance line item gives landlords the ability to spot anomalies without specialist knowledge.
  • Periodic re-verification of active suppliers — an entity that was legitimate at onboarding can be transferred or restructured. Quarterly re-verification catches changes.
  • Phone verification for high-value suppliers — for any tradesperson billing above a threshold (say, $10,000 per quarter), a recorded phone call confirming the engagement and authorised contact is a strong deterrent.

The Walkyl case is a case study in how structural vulnerability, unchecked trust, and absent process create the conditions for sustained fraud. The mechanisms to detect and prevent it existed throughout the 26-month period. They simply weren't applied.

Related Articles

16 June 2026
Make Your Next Audit Boring
9 June 2026
Active ABN Is the Floor, Not the Ceiling
2 June 2026
The Three-Second Check That Prevents a Five-Figure Mistake
VERIFY A SUPPLIER
Run a free check in seconds

Search by business name, ABN, or ACN. Get a real-time PASS/WARN/FAIL report across 8 verification checks.

Start verifying →

Contains data sourced from the Australian Business Register and ASIC, © Commonwealth of Australia, licensed under CC BY 3.0 AU.