What could happen to an organization if a trusted person is in fact the thief himself — a wolf in sheep’s clothing? To conceal fraudulent transactions, in connivance with fellow department managers, is to accomplish white-collar crime.
A recent conversation with a former student made me recall what I had taught in class about corporate ethics. What should they do? They should do the right thing!
In the corporate world, it is everyone’s responsibility to report any knowledge of fraud to appropriate management no matter how big or small its impact will be, and regardless of the parties involved — even if the one involved is your colleague, a close friend, or even your boss. One must blow the whistle.
AN EMPLOYEE’S DILEMMA
My former student became a whistleblower, unveiling a major fraud incident at his company. He shared with me his experience with his boss who, upon being reported for fraud through the company’s “Fraud Hot Line,” had been stripped of his supervisory responsibility. My former student’s staff was then instead made to work directly with the boss.
He further shared with me that, at first, he was anxious about his career, because he would be reporting the irregularities allegedly committed by his boss (and other department managers). His boss was the very same person who had endorsed him for the assistant manager promotion. He was also thinking about the potential harm that could happen to him upon reporting the scheme since the managers involved were quite “close to each other” and could conspire against him.
He knew that fraud allegedly committed by his boss and other department managers should be stopped, and he knew exactly what to do — that is to file a report against his boss — the Internal Audit Manager.
Remembering what he learned from my Corporate Ethics class about five years ago, he recalled that I told them to maintain integrity and do the right thing. When arriving at the ethical dilemma of whether or not to report of any knowledge of potential fraud in the organization, he had to do the right thing. And he did.
FRAUD IN ORGANIZATIONS
Fraud committed by individuals in the corporate world is prevalent in any type of business and industry. Based on PricewaterhouseCoopers’ 2018 Global Economic Crime Survey, 49% of the respondents said that they had been victims of fraud or economic crime over the past two years. This is higher than the 36% in the 2016 GECS results. The 2018 GECS results also revealed that there was a significant jump to 52% from 46% (in 2016) in fraud committed by internal actors/employees and these economic crimes were attributed to senior management (52% in 2018 from 46% in 2016). With this data, it appears that management is most likely to perpetrate the most disruptive frauds in the organization.
BUT WHY DOES MANAGEMENT COMMIT THE MOST DISRUPTIVE FRAUD?
In the context of corporate deception, Dr. Donald Cressey, a US penologist, sociologist, and criminologist, has made innovative contributions in identifying the factors that make a person commit fraud, or what we would call “white-collar crimes.” After processing more than a thousand criminals during his career, Dr. Cressey came up with the fraud triangle — a model for explaining the contributing factors that cause an individual to commit fraud — these are motivation or pressure, opportunity and rationalization.
The Internal Audit Manager who allegedly committed fraud, like any other corporate manager, had the fiduciary authority and responsibility over daily operations of the company. There were times when a member of senior management would approach a lower-ranking individual and give instructions directly about how to proceed with an unusual transaction, which would be authorized by the same senior management. Thus, any irregular transaction becomes legitimate when approved by one or two managers or senior managers.
So Dr. Cressey’s three elements of the fraud triangle now include another fraud factor — that is, “capability to commit fraud,” where an internal fraudster 1) is knowledgeable about company governance; 2) has the ability to persuade others; 3) has the technical know-how or ability to exploit internal weaknesses; 4) is able to accomplish the scheme without hesitation. In the case of the Internal Audit Manager, all four fraud factors were present and all attributes of a capable fraudster were apparent; thus, he was able to commit fraud.
To prevent fraud, an organization must be consistent in maintaining robust management control systems, the failure of which can lead to large financial losses, reputational damage and, possibly, eventual collapse of the organization. An organization must consider the following to maintain a robust management control system:
• Tone at the top: Fraud is not tolerated across the organization
• Integrity management, i.e. walking the talk, being a role model
• Fraud-awareness education and training to prevent it
• Two-way communication (up and down)
• Effective monitoring of internal control systems and maintaining efficient reporting mechanisms
• Consistent disciplinary action for violations of corporate policy and business conduct
• No retribution for “whistle-blowers”
• Acute awareness of red flags
Organizations need to step up their corporate governance and hold its leaders fully accountable for any organizational misconduct. Likewise, employees are encouraged to report any form of abuse and malpractice in the organization and to blow the whistle as prescribed by the firm’s internal fraud policy.
The views or opinions expressed in this article are solely those of the author and do not necessarily represent those of PricewaterhouseCoopers Consulting Services Philippines Co. Ltd. The content is for general information purposes only, and should not be used as a substitute for specific advice.
Aurelio Mari G. Gueco is a senior manager with the Forensics practice of Pricewaterhouse Cooper Consulting Services Philippines Co. Ltd., a Philippine member firm of the PwC network.
+63 (2) 845-2728 local 3231