CST-JohnPersil35-EditBy: John Persil, Partner

Fraud is a universal business problem. According to the Association of Certified Fraud Examiner’s (ACFE) 2014 Global Fraud Study, Report to the Nations On Occupational Fraud and Abuse, the average organization loses 5% of revenues each year as a result of fraud. And while most organizations have policies and procedures in place to protect themselves, even the most strategic plans can fail if they are poorly implemented or lack an appropriate communication plan.

For most companies, internal staff members are the most common perpetrators of fraud. Employees commit fraud for a variety of reasons, but the most common motivation can be explained through Donald Cressey’s Fraud Triangle Theory. In his book Other People’s Money: A Study in the Social Psychology of Embezzlement, Cressey explains the three psychological stages that an employee experiences during the fraudulent activity. First, an employee is typically experiencing a personal crisis and feeling the financial pressure associated with it. Then he or she identifies an opportunity, and finally rationalizes the behavior.

For example, an employee could be in a state of economic desperation because they are going through a divorce or have an ill family member. If he or she has access to the company’s finances and identifies an opportunity to commit fraud, he/she may justify the behavior by convincing themselves that they deserve this pay off for their hard work or long hours. Because the perpetrator rationalizes the behavior, fraud can be going on for years without being detected. Any employee, given the right combination of circumstances, could commit fraud. However, there are red flags that may be indicators of fraudulent activities. They include: living beyond one’s means, developing abnormally close relationships with vendors or clients, or showing signs of addiction, among others.

Fortunately, employers can minimize the risk of fraud by establishing proper internal controls, educating company employees (including executives) about the role of those internal controls, and creating a safe channel of communication for employees to report fraudulent behavior.

Internal Controls

Having a dedicated team of advisors to periodically monitor the company’s vulnerability for fraud is critical to the sustainability of any organization. Proper internal controls not only help the organization achieve their objectives, but can also lead to more efficient detection and control of fraud. Organizations should create an advisory team that brings together people who are familiar with employees and have the necessary access to at-risk systems. Advisors should include representatives from human resources, the IT Security team, and front-line managers.

Human Resources

As the first team to interact with potential employees, the HR department can have an enormous impact on the safety of the organization. Again, any employee could commit fraud—personal crises can lead even the most trustworthy employees to act inappropriately. But to minimize the risk, HR should always perform a criminal and civil background checks and require drug testing for all new employees. A high percentage of “white collar” crimes—specifically occupational crimes—go unnoticed or unprosecuted, so it’s imperative that HR employees are thorough when checking references from previous employers.

IT Security Team

Sharing sensitive information via Internet and email is the most common method for committing fraud, which is why the IT Security Team must set up policies and restrictions to monitor company devices. By having a specific network installed that allows the IT department to gain access to an employee’s email/web activity if the need arises, employees will be less likely to partake in unethical behavior.

Front-Line Managers

Likewise, it’s the duty of front-line managers to stay involved with employees and ensure that regulations are practiced on a day-to-day basis. By frequently checking in with team members and making themselves available, employees will have less of an opportunity to participate in fraud. Front-line managers should also take note of any bizarre behavior patterns and address any suspicious activity.

Protecting Company Culture

While implementing a firm internal control policy is critical to your company’s financial health, it can also make employees feel like they aren’t trusted—leading to a high-stress and unproductive work environment.

One way to promote a welcoming and comfortable atmosphere is by practicing transparency from the top down. For instance, if executives are following company protocols and regulations, employees are less likely to feel like they are being unfairly monitored or held to different standards.

Educating employees about the purpose of internal controls, and the specific information and processes tracked by them, can also foster a positive work environment. When employees become familiar with the organization’s fraud rules and regulations, they feel as if they’re part of the solution.

---

The information contained in the Knowledge Center is intended solely to provide general guidance on matters of interest for the personal use of the reader, who accepts full responsibility for its use. In no event will CST or its partners, employees or agents, be liable to you or anyone else for any decision made or action taken in reliance on the information in this Knowledge Center or for any consequential, special or similar damages, even if advised of the possibility of such damages.