Even Nice People Can Steal

Organizations give a lot of different reasons for not taking more steps to prevent fraud. However, a common theme is thinking that their employees are all nice people and, therefore, internal fraud will not happen. You know where this is going. Of course organizations hire good people, but fraud—both internal and external—happens. The organizations most at risk are the ones that do not implement effective controls. To address this important topic, I was thrilled to participate on a recent “Fraud Protection” panel hosted by Mary Schaeffer, AP Now. A link to the recording is provided in this post, along with tidbits from my fellow panelists. Keep reading to see examples of common risks, a new excuse an employee might use to hide personal purchases, and tips you should be putting into practice. But first, about those nice people you have hired…

About Those Nice People

My fellow panelist, Kelly Paxton, pink collar crime expert, has stressed for years that no company is too small or too big to experience internal fraud. We could also add that no organization is too family oriented, too religious, or too benevolent to be a victim. A friend of mine previously worked at a family-oriented insurance office. A long-time trusted employee was fired at some point because she was caught stealing. When initiating insurance claim payments to customers, she managed to increase the total. She paid the customer what they were owed and then sent the extra portion directly to her bank account. She was a nice person who had a gambling problem; desperation drove her to steal.

In other cases, nice people want nice things. They steal to fund their desired lifestyle. During the panel discussion, Ellen Leith, editor and director of the Purchase to Pay Network (PPN), shared a crazy story about a wedding that was funded by internal fraud.

On the flip side, rule-abiding nice people can fall for scams orchestrated by external fraudsters. A willingness to be helpful can, sadly, override the training employees receive about phishing and other fraud tactics. To combat this, actions your organization should be taking are:

  • Training employees annually on common scams and how they should handle them

  • Conducting fake fraud attempts, led by internal audit or other group, to see what employees do

  • Retraining any employees who fall for the fake attempts

Examples of Common Risks

As expressed during the panel, I regularly encounter organizations that do not follow the best practice of auditing card transactions at least monthly. They rely on managers doing a monthly review of their employees’ card activity (and we can assume that not all managers are thorough) and only doing an independent audit on an annual basis, if ever. In regard to auditing, Kelly Paxton recommends a “surprise and delight” approach, whether the focus is card transactions or other expenses. This basically means to mix up what you audit and when, so employees do not know what to expect.

Another common risk, which Mary Schaeffer brought up during the panel, is a practice that can elude your auditing efforts: allowing employees to use personal cards for business expenses, such as travel, and then get reimbursed. The lack of visibility into their spend opens the door to many ways that an employee could commit fraud. Refer to my April post on next gen virtual cards to see some of the problems.

Beyond card programs, Ellen Leith points out other risks, saying, “When it is not clear who owns a process, then nobody has control.” She specifically notes the issue of not regularly cleaning up the master supplier/vendor file, saying, “Dormant suppliers and the double entry of suppliers give employees an opportunity [to commit fraud].” She also provides a suggestion for this issue, besides the obvious one of cleaning up the file; access the panel recording to hear more.

A New Excuse to Watch For

Smart organizations monitor spend activity—the overall total, by department, and even by cardholder—and compare to equivalent past time periods. A spike in spend can uncover employees who might be using company funds for personal gain. During our panel discussion, Kelly introduced a new way that an employee might explain their increased spending to hide personal purchases: blame inflation. With rising prices on just about everything, a manager might believe the employee’s excuse and not investigate further. All the more reason to establish a robust auditing process and follow up on the results.

Resources

This post only scratches the surface of what we covered during the 45-minute panel, but you can access the full recording: AP Now “Fraud Protection” panel recording on YouTube.

See also related Recharged Education content:


Subscribe to the Blog

Receive notice of new blog posts.

About the Author

Blog post author Lynn Larson, CPCP, launched Recharged Education in 2014. With 20 years of commercial card experience, her mission is to make industry education readily accessible to all. Learn more