By Maurice Gilbert, CEO and Founder of Conselium
At the core of any successful corporate compliance program is a risk assessment and management system which works tirelessly to effectively mitigate any and all factors which may pose a threat to an organization. This means identifying threats, prioritizing them, and handling each issue within the regulations laid out by that organization’s compliance program. The number of risk factors facing companies on a day to day basis is tremendous, and the various ways in which they can be approached and mitigated are equally so. However, in order to help companies better identify and address the subject of fraud, and more specifically employee fraud, a new methodology has been designed which serves this express purpose.
This system, titled the Fraud Triangle and created by a criminologist and sociologist Dr. Donald Cressey, lays out the three factors that have been most commonly identified as underlying and contributing to the majority of occupational fraudulent activity. When the risk factors in each of these three categories become high enough, then the threat of fraud becomes a prevalent reality. Many companies, when developing their risk management strategies, have a tendency to overlook their workforce such a high risk factor, but, while a company’s employees are their greatest asset, they can also be their greatest weakness. The trickiest aspect of internal fraud is the fact that it can so often go unnoticed for months and years, gradually becoming a much larger issue than it may have initially been.
Fortunately, while the Fraud Triangle was designed specifically with cases of criminal activity in mind, it has also been seen that these same principles may be applied to discovering violators of the company’s compliance policies as well. But whether or not a company is using these methods to detect compliance or criminal fraud, they will need to become very familiar with these three principles and the role they play in fraudulent activity.
- Motivation – To start, those who commit acts of fraud against their employer must first have some reason to do so, be it desperation or greed. This need can be generated by any number of possible factors within the individual’s life, be a simple, desperate need for money or something far less savory.
- Rationalization – Having the motivation to commit fraud is not enough for most individuals to suddenly decide to break the law. First such an individual will need to be able to rationalize to themselves why it is alright that they commit such an act. In order for this to work the reasoning must be able to stand up against the individuals moral and ethical code, and most generally draws from perceptions of fairness and justice, reward and equality.
- Opportunity – Finally, in order for any individual to be capable of committing an act of fraud against an organization they must fist have the opportunity and means to do so. This means that the individual in question must have the authority to access certain information or assets, the knowledge and experience to use to effectively remove or alter this information. While the most effective method yet of preventing such acts has been through the application of internal controls, a smart enough individual can usually find a loophole to be manipulated in these systems.
By keeping these simple factors in mind in the risk assessment and management processes, companies will be effectively arming themselves to quickly detect and mitigate any such fraudulent activity committed by an employee, whether it be of a physical or compliance nature.
Published by Conselium Executive Search, the global leader in compliance search.
