As a result of Mr. Wittman's presentation, the IMUA's Arts and Records Committee prepared a paper titled "Insider Theft & Employee Dishonesty Within Cultural Institutions."

"I think it's a bigger problem than most people think, because it's the kind of thing most people don't like to talk about--particularly the museums," said David Shillingford, director of marketing and operations of the Art Loss Register in New York, as well as a member of IMUA's Arts and Records Committee.

"Having something stolen from you is one thing...but having it stolen by someone who works for you is even harder to discuss," Mr. Shillingford added.

Part of the problem, he noted, is that theft occurring within an organization takes longer to discover. This is because either the very person in charge is the thief, or because of a lack of checks and balances in place to prevent internal theft.

He observed that because perpetrators of inside jobs are generally not hardened criminals, it's easier to prevent such thefts by having procedures in place. This protocol also makes it easier to discover when items are missing.

"There aren't many case studies that show a person joined an organization with the intent of stealing," he said. "Rather, theft was an opportunity that presented itself."

In fact, any facility where employees, volunteers or other members of the public have access to valuable items is vulnerable, according to Mr. Shillingford.

"Internal theft is not unique to the museum community," he said. It's just that the assets here have such high value."

At the top of the list for keeping items safe is "knowing what you've got and where it is, and checking it frequently," Mr. Shillingford suggested.

Next on the list are background checks of employees and volunteers, or anyone with right of entry to valuable assets.

"From a security standpoint, there should be no differentiation between volunteers and employees," he noted, warning that background checks can be a sensitive topic with employees--especially with volunteers and others allowed to move freely within the museum.

Having loss control procedures in place, however, "lets people know that you're serious about protecting the cultural assets that have been left in your care," he said.

According to the IMUA report, the type of coverage that protects organizations from employee theft and other fraud is known as fidelity insurance, which is typically separate from a standard property and casualty policy.

It is common for this type of coverage to respond only when an employee has been identified as the one responsible for the theft or embezzlement.

The exposure is difficult to underwrite because it can change over time as an employee's personal circumstances change, according to IMUA.

The report noted that underwriters may not have scrutinized the peril of insider theft, believing that museums are not-for-profit, that the items in museum collections are unique and not easily sold on the open market, and that the employees are there as a "labor of love."

The report also warned that employees who steal are able to rationalize and even excuse their actions. One example is entitlement--when employees feel underpaid, overworked, or are living beyond their means and believe that money from the sale of a stolen artifact can solve their financial problems.

When putting a procedure in place, start at the top, according to the report. Numerous considerations include an organization's hierarchy and reporting relationships, access and control policies, and established levels of accountability.

The report recommends installing, implementing, maintaining and testing rigorous access control policies and systems, as well as having well-defined levels of authority and access to valuable materials.

It also recommends established accountability, a system of checks and balances, written documentation and record-keeping protocols, and regulated, documented access control to the inventory or collection.

Mr. Shillingford said the report is being circulated among museum underwriters and brokers so that checks and balances can be initiated at museums and other institutions.