An exclusive article by Diogo Ferreira

On April 21, 2026, the Miami-Dade Sheriff’s Office arrested Mauricio Jimenez, 48, a store manager at the Home Depot located at 7899 West Flagler Street in Miami. The charges: organized fraud over $50,000 and grand theft in the first degree. The direct loss to the company: $4.3 million in negative margin, spread across roughly 4,500 orders with unauthorized discounts, over the course of 28 months, at two separate stores — the first in Hialeah Gardens, the second in Miami.

The surface-level reading of this case is: “dishonest manager gave too many discounts and got caught.” The investigative reading is different.

Crime is not random. It follows a pattern. And in this case, the pattern is not the manager’s. It is the governance structure’s, the one that allowed the pattern to exist for two years and four months.

What actually happened

Jimenez had the authority to approve price adjustments; that was his legitimate scope as a store manager. What he did with that authority, according to the arrest affidavit, was to apply it systematically to a narrow group of accounts: resellers purchasing power tools and high-liquidity items destined for the secondary retail market. In gross volume, $55 million in sales. In applied discounts, $24 million. In net margin for Home Depot, negative $4.3 million.

There was no merchandise theft. No register tampering. No fictitious invoicing. The fraud operated entirely within the system, using exactly the permissions the role granted. This is the characteristic that makes this type of scheme invisible to traditional auditing: it does not violate controls; it exploits authority.

Three elements from the affidavit deserve particular attention:

First, the transfer of the pattern between stores. Investigators from Home Depot Central Investigations noted that anomalous activity ceased at the prior store when Jimenez was transferred, and surged at the new location shortly after his arrival. The signal was in his employment history, not in the store’s history. No geography-based audit system would have caught this; only an audit logic centered on the person, not the point of sale.

Second, the deliberate structuring of transactions. Jimenez fragmented and organized orders specifically so that each transaction fell below automated detection thresholds. This is the same technique used in money laundering to evade regulatory reporting: smurfing applied to retail. Those who investigated this case found, in practice, an inverted AML scheme operating inside a retail business.

Third, and this is the point that fundamentally changes the reading on accountability. Before the arrest, a regional vice president and a district manager had already spoken with Jimenez and instructed him to stop selling to seven specific affiliated companies. He continued. And he continued long enough for millions more to walk out the front door, with a receipt.

The question nobody is asking

Why was a verbal warning all that happened?

The compliance literature has a name for this: managerial drift. The manager is confronted, receives guidance, signals agreement, and the case is deemed “resolved” by leadership. There is no post-alert monitoring plan. No automated trigger. No mandatory review of the flagged employee’s portfolio for the following 90 days. The alert, instead of marking the beginning of intensified oversight, marks the administrative closure of the incident.

This is the point where directors, regional managers, and operational leaders become part of the fraud mechanism, not through intent, but through structural omission. When leadership flags a problem and fails to create a structure to verify that the problem has ceased, it has tacitly authorized its continuation.

In the Home Depot case, the internal program (Assurance & Advisory Management Program) worked — it was the one that triggered the original alert in December. What failed was the human layer between the signal and corrective action: the hierarchy trusted that the conversation had resolved the issue. In human risk, trust without verification is the operational definition of exposure.

The bonus paradox

There is a disturbing detail in the arrest report reviewed by Judge Mindy Glazer. Jimenez received elevated bonuses throughout the fraud period because bonuses were tied to sales volume, not to margin.

In other words, the company was compensating the employee for the very losses he was causing.

This is the type of misaligned incentive I decode with clients during human risk assessments. The operational question is straightforward: what is your bonus structure actually rewarding? If the answer is “volume without margin verification,” then fraud is not an anomaly; it is an expected mathematical consequence. The incentive design creates the window. The person simply decides whether to step through it.

Here is a principle I repeat in training sessions: corporate crime does not originate from the employee; it originates from the convergence of a personal vulnerability and a systemic vulnerability. Remove either one, and the event does not occur. Maintain both, and it is only a matter of when.

The losses nobody calculates

The press quantified the damage at $4.3 million. That is the easy number. The real losses from a case like this, in any company, are distributed across four layers:

• Layer 1 — Direct financial loss. The negative margin, in this case, is $4.3 million. Measurable, recordable, deductible.
• Layer 2 — Regulatory and tax exposure. $30 million in net sales generated taxation, commissions, credit card processing fees, and logistics costs, on transactions that were, in essence, fraudulent. This means the company paid taxes and operational costs to facilitate its own fraud. Recovering this administratively requires reopening 28 months of fiscal and accounting records.
• Layer 3 — Reputational and market damage. The story ran in USA Today, CBS News, NBC Miami, and People. The damage to the brand’s governance perception is diffuse but measurable in metrics such as investor confidence, cost of capital, and D&O insurance premiums at the next renewal.
• Layer 4 — Internal cultural damage. This is the most underestimated. When honest employees discover that a manager ran a scheme for 28 months, received bonuses, was warned, and remained unpunished until arrest, the internal signal is unambiguous: the system does not see what is happening inside it. That signal erodes the voluntary foundation of compliance, the part that works because people believe leadership sees what is going on. Rebuilding that trust takes years.

The sum of all four layers, in comparable cases I have investigated and analyzed, typically falls between 3 and 5 times the reported direct loss.

What could have been prevented?

I will not generically list “internal control best practices.” There is abundant and ineffective literature on that. I will point to the five specific areas where, in the Home Depot case, the structure failed, and which apply to any retail operation, credit union, financial institution, or company with managers who hold autonomous authority:

• Person-centered auditing, not location-centered. The system must track an employee’s history across transfers, promotions, and unit changes. When a risk pattern moves with the person, that is the diagnosis itself.
• Portfolio concentration as a primary alert signal. Repeated discounts, repeated authorizations, or repeated approvals involving the same group of clients or entities constitute a pattern that financial intelligence units, in another context, would classify as “atypical activity.” The same logic applies to retail, credit unions, and financial institutions.
• Post-alert automatic triggers for intensified monitoring. If leadership has spoken with an employee about a suspicious pattern, that must activate 90 to 180 days of mandatory portfolio review, with weekly reports to one level above the manager who issued the alert. Without this, the alert becomes closure.
• Bonuses tied to margin, not just volume. This is a board-level decision, not an operational one. Every incentive structure must include a margin safeguard — or it is, in practice, financing its own erosion.
• Mapping of suspect “affiliated accounts” as an investigative entity. The affidavit mentions that Jimenez was warned about seven specific companies. That is a list. Lists must become systems. Every entity identified as suspicious in any internal alert should be added to a watchlist with conditional blocking of new transactions until validated by an independent review body.

This is the type of preventive architecture we apply in the ARK Method — not as a one-size-fits-all template, but as a reading of what each specific structure needs in order to close the gap between alert and action. The Home Depot case is an involuntary manual of everything that happens when that gap stays open for 28 months.

In Conclusion

Mauricio Jimenez was not a brilliant criminal. He exploited a space that the structure left open, ignored a warning that the structure failed to enforce, and was financially rewarded by the structure along the way. The fraud is not the anomaly in this story — it is the predictable outcome of a system designed not to see.

The case is now before the Florida courts. The question for any director, regional manager, or board member reading this is more urgent: in your operation, today, what is being approved within scope and outside the radar?

The risk ignored today becomes the investigation of tomorrow.

---

Key Points

• A Home Depot manager in Miami was arrested for a 28-month fraud scheme involving $4.3 million in losses through unauthorized discounts.
• The fraud exploited legitimate store manager authority to grant price adjustments to a specific group of resellers.
• Internal alerts were triggered months before the arrest but failed due to a lack of structural follow-up after a verbal warning.
• The manager received performance bonuses during the fraud period because incentives were tied to sales volume rather than margin.
• This case highlights the need for person-centered auditing and automated monitoring triggers following internal compliance alerts.

---

Related Links

• FATF Guidance on Proliferation Financing Risk Assessment and Mitigation
• SEC Enforcement Actions on Internal Accounting Controls
• Florida Office of Financial Regulation Press Releases
• U.S. Department of Justice Corporate Compliance Program Evaluation
• FINRA Oversight of Anti-Money Laundering Programs

Other FinCrime Central Articles About Money Laundering in the Retail Sector

• How Supply Chains Are Used to Launder Funds in the Food and Retail Sector
• Guatemalan Money Laundering Network Using a Retail Chain Busted in US
• Louis Vuitton Fined 500,000 Euros for Dutch AML Compliance Failures

Some of FinCrime Central’s articles may have been enriched or edited with the help of AI tools. It may contain unintentional errors.

Want to promote your brand, or need some help selecting the right solution or the right advisory firm? Email us at info@fincrimecentral.com; we probably have the right contact for you.