Over and over, year after year I see the same anti-fraud mistakes. Leaders are willing. They take the correct first steps to fight fraud. They speak the right words and make the right initial commitment to get anti-fraud efforts off the ground.
Then they trip themselves up and undermine their own efforts by making the same mistakes that others before them have made. And by and large, these mistakes can be easily avoided once they are brought to the surface.
Common Mistake 1: Strong management statements but inadequate follow up
My client’s board and senior executives were trying to regain their footing after a major fraud surfaced on their watch. A rogue treasury department employee
had taken advantage of their position of trust and ripped off the company for over four million dollars. After the theft became public and arrests were made, CEO David recorded a five-minute video sent in an email link to all of the 55,000 employees. “We’re not going to tolerate this type of behavior. We’ll support prosecution. We’ll pursue restitution.” Etc, etc, etc. Important messages to be sure, but that was the first and last that employees heard from their top leaders.
Strong statements must be followed by strong visible action. Not a witch hunt. Positive, proactive steps to recruit every employee into your Fraud Risk Management Campaign. Don’t miss the opportunity to rally the troops that comes from a crisis. Sell awareness and specific anti-fraud behaviors hard and fast as part of you crisis response plan.
Common Mistake 2: No Policy on Anti-Fraud Responsibilities
Sally has been a mid-level financial manager for 12 of her 25 years with the company. For her division, she oversees critical controls including transaction processing, vendor payment approval, out of pocket expense reimbursement, budgeting, and month-end analysis and reconciliation. All are anti-fraud controls. Yet she has never – not once in 25 years – been told in explicit terms what her responsibilities are for fighting fraud and theft in her areas of responsibility.
A Policy on Anti-Fraud Responsibilities is an easy fix. Email me at John@JohnHallSpeaker.com and I’ll send you an outstanding example for you to follow.
Common Mistake 3: CEO Anti-Fraud Efforts are Unintentionally Undermined by Busy Middle Managers
Hopefully, the CEO has been both visible and vocal in their leadership of the organization’s Anti-Fraud Campaign. But at management levels that make up the rest of the organization chart, everyone is busy with a thousand other priorities. All are supportive of the boss’s fraud prevention program, but most simply don’t believe that fraud will happen on their watch so they don’t give this risk the attention it deserves. Result: good intentions are undermined by busy managers with other more pressing responsibilities.
CEO’s must personally hold managers accountable for their anti-fraud responsibilities. Every manager at every level must know that they will be held personally accountable for their signature on documents. Zero exceptions – zero tolerance.
Common Mistake 4: Flawed Beliefs About Fraud Risks are Left Uncorrected
Beliefs lead to actions. Flawed beliefs lead to flawed actions. Pretty basic stuff. Yet flawed beliefs about fraud risks usually go unaddressed in business. Here are a few for you to consider as well as the correcting belief you should help others embrace.
Flawed belief #1: “We only hire honest people.”
Better Belief #1: Most of our people are honest, but a few have changed since hiring. Family pressures, spouses who have lost their jobs, substance abuse and other addictions, and living beyond one’s means all cause people to change over time. Many employees and managers are under significant undisclosed pressure. A few will cheat to solve their problems.
Flawed Belief #2: “Our controls will prevent wrongdoing and fraud.”
Better Belief #2: Controls will not prevent all fraud. They will prevent some schemes and deter others. Controls should be well designed and consistently executed. But beware that in a worst case, controls will just make a potential fraudster or thief change their method. And by definition, anti-fraud controls have only limited effectiveness on employees who are part of the control structure. They are already inside your circle of trust, and can even use the controls they oversee to mask their misconduct.
Flawed Belief #3: “We don’t have a fraud problem here.”
Better Belief #3: “We do have a fraud problem and it’s costing us $______ (fill in your own amount!).” You may think it’s zero, but it’s not. For larger mature organizations, fraud costs in the range of one to two percent of revenue are the norm, not the exception. Assume you’re losing one percent of revenue to wrongdoing. Prove you’re not.
Common Mistake 5: Employee Fraud Prevention Expectations without Skills Training
This one is the biggest and most damaging mistakes, and a gaping hole in most anti-fraud initiatives. Few come to work for you with education and/or job experience that includes in-depth anti-fraud skills. This is just a simple fact. Yet even knowing this, the vast majority of leaders still expect their employees and supervisors to know what fraud looks like and how to respond. ‘Situational incompetence’ and frustration are the inevitable result.
This huge mistake is so easy to fix.
Get serious about Fraud Risk Management Skills Training for all employees. Not just awareness sessions – real skills training. Your employees are your first and last line of defense against wrongdoing. Don’t send them into battle unarmed.
These five mistakes aren’t everything you need to avoid. But they’re a good start. We can help you avoid these and other common mistakes in your Fraud Risk Management Campaign.
Just say the word and we’ll get started today.
John J. Hall, CPA, is an author, speaker and results expert who presents around the world at conventions, corporate meetings and association events. Throughout his 35-year career as a business consultant, corporate executive and professional speaker, John has helped organizations and individuals achieve measurable results. He inspires audience members in corporations, not-for-profit organizations and professional associations to step up, take action and “do what you can.”