B.C. lawsuit over alleged $500k in misappropriated tips highlights vulnerability of tip systems without tight controls and oversight
A recent civil suit filed in B.C. Supreme Court against a Kamloops Denny’s restaurant serves as a warning for employers across Canada that rely on digital systems to pay and distribute tips and other payments to staff.
Northland Properties, the company that owns Denny’s in Canada, alleges that three employees at the B.C. interior restaurant stole more than $500,000 in tips while working at the restaurant between 2023 and 2025, using a digital platform called Tips Today to move funds.
CBC News reports that an audit “discovered $11,000 had been illicitly moved from the restaurant’s electronic tip system in a scheme involving two employees,” and that a third employee is accused of previously stealing more than $494,000. Northland claims the two employees used access codes to get onto the tip platform, send money to one account, and then share funds via etransfer.
Digital payment platforms and access control
As reported by CBC, the civil claim says Northland maintains “a digital tip distribution platform known as Tips Today, used to collect, hold, and distribute funds to employees,” via a centralized digital tipdistribution platform. A former Denny’s employee told CBC that the system sent credit and debit tips to servers via a “kind of credit card”, while cash tips went directly to servers.
For Jenson Leung, employment lawyer with KSW Lawyers in Vancouver, the case highlights how sensitive system access can become in the hands of the wrong person (or people); the challenge for employers is that someone has to hold the keys to these systems, he says, and risk tends to rise with seniority and breadth of access.
“The more senior the employee, the harder it is for an employer to safeguard against this type of theft,” he says.
“Because, at the end of the day, someone needs to have access to that payment system.”
How seniority and fiduciary duties affect risk
The notice of civil claim from Northland does more than simply allege theft. It also accuses the workers of breaching various employment duties and fiduciary obligations, raising questions about which employees may be treated as having higherlevel obligations in law.
Leung explains that fiduciary duties do not attach to every employee equally and are usually reserved for those in more senior, trusted roles with significant control.
“They have to be given a high degree of control and trust by the employer In order for a claim of fiduciary duty to really have a good chance.”
He adds that the typical front-line manager is unlikely to be treated as a fiduciary, compared to executives or staff with extensive financial authority and access to systems.
“If you are, for example, just a front-line manager that isn't given unusual degree of control, usually that's not going to be enough,” he says.
Segregation of duties for digital tip and pay systems
According to a LakelandToday report, the lawsuit claims that a former manager resigned on Nov. 3, 2025, the same day he allegedly emailed a server seeking “financial verification codes” to access the Tips Today system, then texted five days later seeking more codes.
The claim says the server believed she was helping him and said she didn’t understand how platform access worked.
Leung says that in many small and midsized workplaces, employers may not be making full use of role-based permissions and access controls that now exist in most digital payment and HR platforms.
“It's very common that they won't understand, for example, the fact that in most software, you can limit the degree of access that people have to different parts of that software,” he says. “Or different levels of authority.”
He recommends employers take a stricter “need-to-access” approach when setting up roles in digital systems that touch money or personal information – in practical terms, that means mapping out who truly needs which permissions, and restricting everything else.
“If someone is just a server, or if they are, for example, a run-of-the-mill administrative employee at an office, they don't really have any sort of need to have, for example, access to the ability to transfer funds or change payment information, or those kinds of things,” Leung says.
“To the extent possible, employers, as a general rule, should be asking themselves, ‘Who needs access to what? And making sure that that's all that they have access to.”
Oversight, audits and red flags in tip pools
The civil claim points to nearly $495,000 in tips allegedly removed from 2023 to 2025. According to Leung, that total, on top of roughly $11,000 allegedly moved in a much shorter timeframe, raises questions about what financial checks were in place.
The size and duration of the alleged misappropriation suggests that routine reviews of the tip pool and digital payouts may have been lacking.
“The other prevention item that seems to have been very much missed in this case is the fact that it seems like there wasn't much oversight of these tip payments and tip pool,” he says.
“Because $494,000 over the span of … two or three years, is a lot, and I'm just having a hard time picturing how that amount going to one or even a handful of employees would not trigger some kind of red flag.”
Employers should think about controls in two layers, Leung says: preventing unauthorized access and building in regular oversight and approvals for payouts – especially above certain thresholds.
At the same time, he cautions that no system – digital or otherwise – can completely remove the risk of theft when humans are involved.
“Before these kinds of systems, when people were dealing with just cash tips, misappropriation would still happen and theft would still happen,” he says.
“But it's just that when it comes to electronic systems, there can be less understanding.”
