After 25 years of investigating instances of fraud and corruption, I am still amazed that otherwise law-abiding citizens will engage in fraudulent behavior. It also perplexes me that organizations place an extremely high weighting on the honesty of management and staff as a key fraud and corruption risk-mitigation tool.
This reliance on individual integrity is dangerous. In a world seemingly focused on larger and more group-organized cyber-fraud, it is still the case that fraud and corruption often begins with a person or small group of people acting in concert.
In the ongoing case involving the misconduct of senior U.S. naval officers and a defense contractor, Glenn Defense Marine Asia, one may well ask what was going through these officers' minds when they agreed to sell information in return for gifts, as alleged in the government's reports.
Is it simply a case of greed, or have these men, who seemed to have served their country with honor and integrity before now, decided they were worth more than the Department of Defense was willing to pay them?
Organizations cannot control the factors that motivate a good employee to commit fraud or engage in corrupt behavior.
They can control only one thing: The opportunity for employees to engage in that type of behavior. They should create robust fraud and corruption controls. This control framework should consist of a number of key components, including fraud and corruption awareness training, explicit policies for bidding the behaviors, and the use of a whistleblower hotline and process for employees to report their suspicions.
It is also important for organizations to balance their trust in employees with anti-corruption controls and not be lulled into a false sense of security. Just because a person has been with a company for a long time or has never exhibited poor behavior in the past does not provide foolproof security to the employer.
All organizations must be on the lookout for "red flags" that could suggest a person is engaged in fraudulent behavior. These include overly close relationships with suppliers and agents; missing documentation; a failure to explain expenditures; and any signs of excess, sudden personal wealth.
It is not prying to look into these matters, even with a trusted employee. It's performing the compliance function.