How to find the silver lining in a fraud cloud
27 September 2016
Why investigating fraud may not be all bad news.
Suspecting or discovering fraud is an uncomfortable – often painful and emotional – experience for any business, large or small. The reality that someone, whether an employee or a trusted business partner, has deliberately breached the trust placed in them, or has been duped by an outsider, is not likely to be responded to as simply a business issue. It has a visceral impact. The impulse, therefore, to investigate and move on without looking back is understandable. But rarely is that the right thing to do. Whilst the losses, inconvenience and broken trust that a fraud creates may be very deeply felt, a fraud investigation offers a unique opportunity to take a long look at the business, and put in place measures that can help prevent similar events from reoccurring.
By embracing the broader learning experiences offered by a fraud investigation businesses can emerge from the overall experience stronger and more sustainable.
Whether by applying the investigation findings to the wider control environment and business practices or by using the investigation process as a tool to reinforce standards of behaviour and measure corporate progress in such areas, there are a number of “silver linings” that a robust investigation into a fraud creates.
Impact on the control environment
Investigators will be able to pinpoint exactly how the controls in place for a particular part of the business or process were circumvented, overridden or ignored. That should prompt a reassessment of those controls and some thought to the underlying reasons as to why a breach was possible. It could point to the need for training or a wider assessment of whether the business’s culture might require closer examination and renewal. We often find, for instance, that a common reaction among colleagues about one of their peers committing fraud is one of disbelief. It’s behaviour that appears at odds with general perceptions of an individual or group that “didn’t seem the type”. Even the most apparently open and friendly business culture can conceal or obscure less welcome fraudulent activity.
Rethinking wider business practices
Motivations for fraud can vary – from simple greed to disaffection – but for a fraud to take place, motivation requires opportunity. It’s essential therefore to examine a specific instance in the wider business context in order to find other areas that may present similar opportunities for misdeeds. This should also prompt some basic questions: Is training required to raise awareness of the risks and reinforce the right behaviour? Do, for example, staff understand how conflicts of interest can arise and what they should do to manage them? And it may offer a chance to reflect if leadership is exemplifying and communicating the ‘tone from the top’. Taking this approach encourages recommendations that look at wider business practices and the bigger picture. For instance, a procurement-related fraud may prompt the questions about whether a dedicated in-house procurement function is needed at all, and could be better executed another way.
Investigations today require the capture and interrogation of significant amounts of data. Here again an intelligent use of data analytics at the outset, combining both structured and unstructured datasets, can pay dividends to pinpoint unexpected patterns and inform wider business practice. Keeping a focus on financial transactions will ensure the best opportunities to secure value from such analysis.
Using an investigation as a training tool
Fraud also creates presentational challenges. Whilst every effort might be made to keep information on a ‘need to know’ basis and restricted to just a few senior people, in reality there is likely to be speculation within and beyond the organisation. Understanding how to manage a whole range of stakeholders - including staff – is critical. But here again, ostensibly bad news can be turned into an opportunity. Depending on HR policies and privacy rules, communicating that a fraud has been found, investigated and dealt with could offer the chance for others to come forward –via, for example, a whistleblower helpline – with concerns about activities or behaviour that they feel could be in breach of expected standards or codes of conduct. By dealing sensitively, but transparently, with employees’ concerns, a business’s management can help renew trust at the same time as reasserting the required standards of behaviour.
Using an investigation as a measuring tool
Finally, the conclusion of a formal investigation should not mean that the process of learning from the fraud also comes to an end. Proactive monitoring of the identified risks will often be appropriate and there is significant value to be gained from revisiting the lessons learned to assess whether, six months, a year later or even further down the line, they have been sustainably incorporated into business as usual. Every business is susceptible to fraud. But those that take the time to learn from the experience will vastly increase their chances of avoiding becoming a repeat victim.
To discuss the issues raised in this blog, contact me: