Category Archives: Fraud and Corruption

Blogs about fraud and corruption

The Management Fraud Paradox

1 Reply

Executive management, and management at every level is responsible for managing many kinds of risk, including the risks of fraud and corruption. Yet we see from many spectacular cases over the years, the threat can be management itself.

Can you protect me from yourself?

As Frodo said to Aragorn, in Tolkien’s Lord of the Rings, “Can you protect me against yourself?” Herein lies the paradox of management fraud. The greatest risk comes from the very people responsible for managing it. The fox is guarding the hen house! The problem is not necessarily the character of the fox, or of Aragorn, but rather the tendency of an obvious temptation to gradually become overwhelming.

What is the solution?

We continue to look for ways to improve Corporate Governance, with auditors and audit committees comprised of independent directors. There is of course always the deterrent of potential criminal prosecution. Yet temptation and the paradox remain, we cannot readily remove it. We can however work to increase awareness of the risk, educate board and audit committee members, and executive management. By keeping the risk of management fraud on the agenda, we can help avoid trust becoming blind trust.

Investigation – A sign of strength!

Leave a reply

When fraud or other malpractice is discovered, we tend to interpret it as evidence of management weakness. Whether or not that is the case, the first instinctive reaction of managers is often “Cover it up! They will do their own shotgun investigation, and move on with as little publicity as possible. It happens at every level; even at the top level many companies have preferred to reward malpractice with early retirement rather than face the publicity that an investigation might generate. This is unfortunate, as it sends the wrong signal to the organization, and erodes the internal culture. And, the organization loses the opportunity to learn from mistakes, raise internal awareness of risks and identify root causes that need fixing.

Fraud will happen

In practice, good management and strong internal control cannot guarantee the absence of fraud and malpractice. Every organization, to varying degrees, decentralizes authority and responsibility to its members. Management cannot maintain absolute control over the actions of employees, suppliers and business partners. The owners cannot fully control management. We simply cannot manage without trust. As a result, there will always be opportunities for fraud to occur. When it does, if the incident is detected, competently investigated and appropriately resolved, that is a sign of management strength, not weakness!

Be Prepared

We need to change our attitude towards the risk of fraud and malpractice. Typically, managers see these as an unlikely events, exceptions. We know they are possible, but we don’t expect it will happen in our organization. As a result, when a serious incident occurs we are caught off guard, embarrassed, and anxious to cover-up. We need to change our mindset and recognize that some amount of fraud and malpractice is highly probable. We can and should take reasonable preventive actions, but we should also be prepared to handle the incidents that will occur. By preparing a response plan, we can in a calm and organized manner set priorities, identify resources, and assign responsibilities. Then when the time inevitably comes, we can manage the investigation not as a crisis but as a normal business process.

Silo Mentality and Investigations

Various functions in the organization might have some capacity or mandate to investigate. There is internal audit, security, legal, HR, certainly line management, and others. If incident response plans are not formalized, the function that owns a particular investigation is often the one who first learns about it. There have been cases where two parallel internal investigations were started by different functions, each ignorant of the other! A formal incident response plan ensures that information is shared by a small, central group and that each investigation is managed by the persons most qualified to do so. More on this subject later!

Our corrupt biology

Leave a reply

There is something about fraud we find repulsive, worse than simple larceny or burglary. The latter are more physical, perhaps even violent crimes, and we fear them. But the deception of fraud seems somehow worse. Why?

The law of the jungle

Deception comes naturally. We find plenty of examples in the animal kingdom, with animals who camouflage themselves to surprise their prey, or prey who make themselves appear frightening or less edible. While this is perhaps adapted behavior rather than true deception, it illustrates the value of deception as an acceptable tactic according to the law of the jungle. Human beings did not get to the top of the food chain through virtuous means, or through physical prowess; we are expert deceivers. So if we can use these natural skills to get what we want, why not?

Survival of the Group

Mankind evolved as a social animal, since the group is far more effective at hunting and defending than a lone individual would be. The group can only function through cooperative trust, so we have developed the psychological ability and the cultural tools that allow us to work together. We carry within us not only the egotistical fraudster but the reciprocal team player.

Fraud is a strategic option

There is a risk that fraudulent individuals might exploit the fruits of cooperation. This is not in the interest of the larger group! But because it happens all the time, we have also developed the ability to suspect and detect fraud, and a tendency punish fraudsters. The point is that fraudulent behavior is nothing abnormal. It is simply one of the strategic options that we carry with us as part of our behavioral repertoire. In our daily lives, our fraudulent abilities are countered by social cooperative strategies designed for the common good, and if we are guilty of fraud against the group, a betrayal of trust, we keep it well hidden.