Where there are humans, there is fraud. Humans as a species evolved precisely due to their being smarter than others, and fraud is – arguably – a mere side effect. The fact that most of us, given the occasion, will find ways to gain a personal advantage by tricking someone else is probably the reason we came this far: the main motive is survival, after all. If you factor in the exceptional ability only humans have of explaining stuff, you obtain the three elements of Cressey’s famous “fraud triangle”: rationalization, opportunity, and need.
Having this in mind, it is with great bemusement that during our courses we witness business leaders maintain that, in their organisations, fraud is not the rule, but rather an unlikely exception. However, as interesting as it may be to see their facial expression change when we confront them with the estimates of the losses due to fraud in organisations, this kind of approach is not informative at all for decision makers and more often than not ends up with them denying furiously any possibility of fraud. This has often been the case also when we would present the findings of our early detection integrity projects: even when every bit of evidence seemed to point towards it, there was always some sort of explanation (“that’s just how it’s done in our business,” “we’ve always done it that way,” “it’s not illegal,” etc.) that would refute any suspicion.
We won’t deny that compliance in the anti-fraud sector has come a long way over the past 25 years, somewhat accepting and reflecting the reasoning above. What we argue for is that, once we acknowledge that fraud exists as a natural part of organisations and society in general, discussing it (and with “discussion” we mean “dialogue, and not “dispute”) will become significantly easier. Even though we may not know where it is nor the extent of it, if we accept fraud as inherently human, putting the human at the centre of the fraud-prevention process will also become natural.
Through carefully formed sessions involving dialogue with employees, aimed at bringing a person's latent ideas into clear consciousness, it is possible to facilitate an orderly process where all parties can learn from exchanging their experiences, thus truly putting fraud at the centre and analysing it from the perspective of the different functions within an organisation. This Socratic mode of inquiry does not mean that we should throw out compliance and controls as we know them. Despite all, they are still the best proxy we have to try to keep something that is extremely difficult to unravel and measure under control. We believe, however, that their effectiveness would be significantly improved by this “fraud dialogue” exercise.
Much like the constant labour of human mind, fraudsters are also in constant labour, in a never-ending effort to get around your controls. This dynamic is usually overlooked by controls based on checklists, as these are not built around fraud, but rather around pre-defined categories originating from processes and routines belonging to some other area within the organisation: procurement, sales, production, logistics... With a tailored fraud dialogue, involving representatives from the different parts of the daily operation, managers would be able to gain significant information about what works and what doesn’t in their organisation, the kind of information that is more useful than any estimates about the incidence of fraud. Decision makers could gain insight in where the weaknesses are and act upon this information, while at the same time enhancing employee awareness of potential risks.
Think of this “fraud dialogue” in practice as a low-impact process of Use Your People To Know Your Frauds: it is all about knowing how to ask the right questions and to whom, that will enable your people to tell you where you stand with respect to the risk of fraud and your resilience to it. We derive considerable professional gratification in managing and directing these dialogues and the subsequent process to support our clients in developing a greater resilience to fraud, and their feedback proves their satisfaction with the results.