When the Founder Is the Risk: Two Business Failures That Background Checks Could Have Prevented

Some of the most damaging supplier failures in Australia and New Zealand didn’t start with systems or processes, they started with people. This article examines the collapses of Plutus Payroll and Courtenay House Capital, and how publicly available founder history could have flagged material risk long before losses occurred.

A practical look at why basic background checks remain one of the most underused tools in third-party risk management.

Case Study 1: Plutus Payroll

A Payroll Provider That Never Should Have Been Trusted

What Happened

Plutus Payroll was a Brisbane-based payroll services provider used by labour hire companies and major employers across Australia, including government-linked organisations.

In 2019, Plutus collapsed after it was revealed that tens of millions of dollars in PAYG withholding tax had been siphoned off, leaving clients exposed to unpaid tax liabilities, penalties, and operational chaos. The alleged fraud was orchestrated by the company’s founder and managing director, Christopher Hill.

The Red Flags That Existed Before Engagement

This was not a “clean-slate” founder.

Public records showed that Christopher Hill had:

• A history of previous business failures

• Associations with entities that had entered liquidation

• Patterns of phoenix-style corporate behaviour across related companies

• 
  

None of this information was hidden. It was available through ASIC searches and basic corporate background checks.

Yet many clients:

• Treated Plutus as a “utility provider”

• Focused on price and convenience

• Failed to assess founder history or related-entity structures

Why This Was a Third-Party Risk Failure

Payroll providers sit in an unusually sensitive position:

• They control cash flows

• They interact with the ATO on behalf of clients

• They create legal exposure even when wrongdoing isn’t yours

Despite this, Plutus was often onboarded with minimal verification beyond surface-level company details.

The assumption was simple:

How a Simple Background Check Could Have Prevented This

A proportionate verification process would have included:

• ASIC director history checks

• Review of prior liquidations or failed entities

• Mapping of related companies connected to the founder

• Risk-tiering Plutus as high impact due to payroll access

Any one of these steps would have prompted, deeper questioning, additional controls or a decision not to engage at all.

The Outcome

• Clients faced ATO enforcement action

• Significant financial losses were incurred

• Criminal proceedings followed

• Businesses learned — too late — that supplier failure does not shield you from liability

Case Study 2: Courtenay House Capital

When a Founder’s Past Predicted the Future

What Happened

Courtenay House Capital was a Wellington-based investment and lending firm that collapsed in 2018, owing investors more than NZD $20 million.

The company was led by founder Neil Barnes, who positioned the business as a sophisticated investment operation.

Instead, it was revealed to be operating in a manner consistent with a Ponzi-style scheme.

The Red Flags That Were Publicly Available

Before Courtenay House Capital’s collapse, the founder:

• Had been involved in multiple failed companies

• Was associated with prior financial misconduct allegations

• Operated through complex corporate structures that obscured transparency

• Had a reputation within regulatory circles that never reached counterparties or investors

These were not allegations uncovered after the collapse. They were discoverable through basic company and director history checks.

Why This Matters for Supplier Relationships

Courtenay House wasn’t just an investment firm — it was a counterparty to other businesses:

• Professional services firms

• Intermediaries

• Partners relying on its legitimacy

Those entities suffered reputational and financial damage through association — despite not being investors themselves.

This is where many organisations misunderstand risk:

Reputational and operational exposure doesn’t make that distinction.

How This Could Have Been Avoided

A simple verification framework would have included:

• Director history and insolvency checks

• Review of prior regulatory actions or warnings

• Identification of repeat failure patterns

• Clear documentation of risk acceptance if proceeding

Instead, trust was extended without evidence.

The Outcome

• Investors lost millions

• Associated firms faced scrutiny

• Regulatory enforcement followed

• Business relationships were retrospectively reassessed — after damage was done

The Common Failure Across Both Cases

In both Plutus Payroll and Courtenay House Capital:

• The founders were the risk vector

• The information was publicly available

• The cost of checking was negligible

• The cost of not checking was enormous

These failures were not about complex cyber threats or hidden fraud.

They were about not asking the most basic question:

Why This Matters for Businesses Today

Founders and directors shape not only the governance culture, but also the risk appetite ethical boundaries in which the companies operate.

If you don’t verify the people behind a supplier, you’re trusting a story not evidence.

The ClearMarc View

At ClearMarc, we see this repeatedly: Businesses verify invoices more thoroughly than the people they pay them to.

Simple background checks:

• Don’t slow onboarding

• Don’t imply distrust

• Do surface repeat patterns early

  
  

And most importantly — they give businesses a choice before commitment replaces caution.