The Hidden Cost of Construction Worker Time Fraud (and How to End It)

I have looked at the payroll runs of dozens of mid-size construction GCs in the past three years and the conversation always opens the same way. The owner thinks fraud is a small problem. The data says otherwise.

Time fraud on a construction site is not a single dramatic incident. It is a steady, structural leak. A worker shows up 18 minutes late and the paper log says they were on time. A foreman waves through a clock-in for somebody who is not there. A crew clocks in from the truck at the gas station. Each event is small. The annual total is not.

This is the case file for what time fraud actually costs, where it hides, and the controls that end it.

How much fraud quietly runs through a construction payroll

The American Payroll Association has long cited time-theft estimates in the 4–7% range of total labor cost. The Robert Half/Accountemps surveys place average time theft around 4.5 hours per employee per week. Industry-specific studies in construction tend to land higher because of the distributed, unsupervised nature of the work.

Run the math on a 30-person GC averaging 42 hours a week at a $34 blended loaded rate:

• 30 workers × 4.5 hours × 52 weeks × $34 = $238,680 in theoretical maximum exposure
• Realistic recovery — operators report 40–55% recoverable once controls are in place — works out to $95K to $130K a year

Even at the conservative end, fraud recovery pays for the time tracking platform several times over. The Klees Standard plan at $32 + $7/user runs about $3,000/year for a 30-person GC. Fraud recovery is 30x to 40x that line item.

The four common patterns

Buddy punching

The classic. A worker who is running late hands their PIN, badge, or phone to a buddy who clocks them in. The system thinks the worker is on-site at 7:00 AM. The worker actually arrives at 7:35 AM. The pay record shows 35 minutes that the company paid for and did not receive.

Buddy punching is undetectable on paper logs, undetectable on PIN-based time clocks, and undetectable on most mobile apps. It is detectable when the clock-in event requires a real-time selfie of the actual person — which is what we built PinShot to do. We cover the mechanism in detail at What Is PinShot?.

Ghost shifts

A ghost shift is a clock-in event with no worker on site at all. The worker (or a co-conspirator) clocks them in from a phone at home, drives to a different site, takes the day off, or never shows up. The shift gets billed and the company pays for nothing.

Ghost shifts thrive on overnight commercial cleaning and on early-morning construction shifts where no supervisor is present at the clock-in moment. They are eliminated by the same control as buddy punching: identity verification at the punch event.

Off-site clock-ins

The crew shows up at the gas station two blocks from the site, opens the app in the truck, clocks in, then drives the last half mile to the actual site. Eight minutes a day across a crew of six is 240 minutes a week — four billed hours that produced no work.

Off-site clock-ins are caught by geofences. A clock-in outside the perimeter either fails or is flagged as an out-of-fence event for supervisor review. We walk through geofence sizing in Geofence Time Clock for Construction Sites.

Inflated breaks

The 30-minute lunch becomes 50. The 15-minute break becomes 30. Across a crew over a year, this is the single largest contributor to time leakage in operations I have audited.

The fix is to track break start and break end as their own punches, not as a single field on the time sheet. When the break is a discrete punch event, the worker either logs it accurately or the foreman can review the gap on the daily exception report.

What the four patterns cost a 30-person GC

Fraud pattern	Frequency seen in audits	Annual cost (30-person GC)
Buddy punching	4–9% of shifts	$18,000 – $42,000
Ghost shifts	0.5–2% of shifts	$6,000 – $24,000
Off-site clock-ins	6–14% of shifts	$12,000 – $28,000
Inflated breaks	30–50% of shifts	$24,000 – $55,000
Total realistic range		$60,000 – $149,000

The numbers vary site by site. A construction GC running tight supervision in a single metro will hit the low end. A multi-site operator with overnight cleaning crews and remote highway work will hit the high end. The middle of the range is where most of our customer base sat before they switched.

Why traditional controls miss every one of these

The reason fraud persists in construction is that the controls most operators rely on are structurally incapable of catching it:

• Paper time sheets record only what the foreman writes. Foremen are not auditors.
• PIN-based clocks verify a number, not a person.
• Badge-based clocks verify a badge, which can be handed over.
• Mobile apps without identity verification verify a device, which can also be handed over.
• GPS-only apps verify a location, but not whose device is there.

The control that catches every one of the four patterns is selfie verification at the clock event, paired with a geofence. That combination answers all three audit questions — who, where, when — in a single record.

How PinShot ends the four patterns

PinShot is the Klees selfie-verification feature. At every clock-in and clock-out:

1. The app takes a selfie. The worker cannot proceed without it.
2. The selfie is anti-spoof scored. A photo of a photo gets flagged, a face mask gets flagged, an obscured image gets flagged.
3. The selfie is compared against the worker’s reference image on file.
4. The GPS coordinate is captured and checked against the site’s geofence.
5. The punch is written to the audit log with all of the above.

Buddy punching fails because the wrong face appears on the selfie. Ghost shifts fail because there is no worker present to take the selfie. Off-site clock-ins fail the geofence. Inflated breaks fail because the break-end punch carries a selfie that locates the worker — usually still on a break and not at the work face.

Operators report buddy-punch incidents drop to zero within the first 30 days of PinShot rollout. The pattern is universal: word travels fast on a crew, and the people who were buddy-punching either stop or leave. The leak closes.

What it does not do

PinShot is not a productivity surveillance tool. It does not track location continuously. It does not photograph workers mid-task. It captures the punch moment only and retains the artifact as a record. We document the privacy posture in GPS Time Tracking for Field Workers.

This distinction matters culturally on a construction crew. Workers do not object to a verification photo at the punch moment because it is the same trade-off as showing an ID at a bank — a transactional verification, not continuous surveillance. Anything more invasive triggers resistance and the rollout fails.

What a clean fraud-resistant stack looks like

For a construction GC who has read this far, the seven-piece checklist:

1. Mobile clock-in with selfie verification — PinShot or equivalent
2. Geofenced job sites — sized per the radius guide
3. Anti-spoof scoring on every selfie
4. GPS pin + device fingerprint on every punch
5. Discrete break punches — not a single field
6. Daily approval workflow — not Friday-only
7. Retained audit log — meets DOL FLSA recordkeeping rule

Klees ships all seven in the Standard plan at $32 + $7/user. The case study at Alta Janitorial documents what this stack delivered for a 5-state cleaning operator: buddy-punch incidents to zero, payroll errors down 87% in 90 days.

The legal angle most owners miss

Time fraud is not just a labor leak. It is a record-integrity problem. If a wage claim or DOL audit lands on the desk and the company cannot produce a defensible record of who actually worked when, the burden of proof shifts to the employer. Under Anderson v. Mt. Clemens Pottery (1946), still controlling FLSA law, an employer that has failed to keep accurate records cannot defeat a claim with weak counter-evidence.

Translation: paper logs and unverified clock-ins are not just leaky. They are legally weak. A PinShot-grade record is both an operational control and a defensive posture in any wage dispute.

FAQ

Is PinShot considered biometric data under U.S. state laws?

In states with biometric privacy statutes (Illinois BIPA, Texas, Washington), a verification-only selfie that is not used to build a persistent biometric template is generally treated differently from biometric identification. Klees retains the selfie as a punch artifact, not a template. Consult counsel for your jurisdiction.

Does selfie verification work in low light?

Yes. Modern phone cameras handle low-light selfies well enough for verification scoring. We have rolled PinShot to overnight cleaning crews working in 50% lighting and the false-rejection rate runs under 1%.

Can a worker refuse the selfie?

A worker may refuse, in which case the clock-in does not complete and they are not on the clock. The selfie is a condition of clock-in, not a separate consent event. Onboarding documentation should make this clear at hire.

What happens to the photo after the shift?

It stays in the audit log attached to the punch. It is not used for face search, not used for productivity monitoring, not surfaced outside the audit log. Retention follows the FLSA three-year rule.

How long until buddy punching stops on a new rollout?

In our customer base, the pattern is consistent: the first week shows attempts and rejections, by week three buddy-punch attempts have fallen to near zero, and by week six the pattern is structurally gone. The Alta migration documented this trajectory at scale.

---

Want to scope the fraud exposure on your current stack? Book a 30-minute audit call with Klees — we will walk through the controls you have and the gaps that are costing you.