In today's column we will talk about a social phenomenon that drives the need for security programs in companies.
by Héctor R. Torres, PhD, MBA, CPP, CFE, CHS
A fraternal greeting from Puerto Rico to all colleagues and readers of this column. It is a pleasure to share again with you. From the sociological point of view, this phenomenon is one that defines the reason for security programs in companies and why we exist as professionals in the security industry.
In turn, this phenomenon also enacts the sales of security products and services to companies. I am referring to fraud in companies. Every year many companies lose millions to the crime of fraud caused by their own employees. Many companies have even had to go bankrupt because they do not know how to deal with this phenomenon.
Streamlining fraud
During the 1950s, there were many companies that suffered from acts of internal corruption, embezzlement and financial fraud. As part of his doctoral dissertation to study this phenomenon, Donald R. Cressey develops a hypothesis that explained why employees of a company committed these acts. This hypothesis then becomes a theory that today is known as the Fraud Rationalization Theory. Based on this theory, Cressey identifies three elements that make up what he called the Triangle of Fraud. To understand this important theory, we proceed to define these elements:
The first element is opportunity. Opportunity is an employee's ability to commit acts of fraud in a company. To carry out a fraud, the employee must believe that the activities of his crime cannot be detected. The opportunity to commit fraudulent acts is possible when employees have access to the assets and information of the company within their ordinary tasks which allow them to carry out and hide the fraud.
Opportunity is also created when there are no internal controls, poor management and/or supervision, and a lack of procedures to detect/investigate fraudulent activity. Therefore, access must be limited, controlled and monitored periodically to reduce the opportunity.
The second element is motivation, or what is known as the incentive to commit fraud. Motivation is the pressure or need of an employee to commit an act of fraud. It can be based on a real or perceived financial need on the part of the employee who wants to profit from the company to pay their debts or improve their financial and/or economic status.
Motivation can also be based on non-financial reasons such as the pressure to perform well in the company. For example, company results are falsified to hide poor performance.
The last element is that of rationalization. Employees who commit fraud in a company rationalize that their criminal acts are acceptable behavior. This rationalization is the most important element in cases of fraud because the employee reconciles his behavior through a justification using countless excuses such as receiving a low salary for his performance or for the mistreatment of his superiors.
Other excuses to justify their behavior may be based on thinking that the company makes so much money that it won't realize if some of the money disappears or that they're just borrowing the company's money for a while until they can repay it.
According to this theory, the primary method of reducing acts of fraud in a company is to reduce the element of opportunity to employees since the management of a company cannot really control the elements of motivation or rationalization. Reducing the opportunity lies in turn in creating the perception that any act or attempt to commit fraud will eventually be detected by the company.
Being possibly detected or discovered as the perpetrator of a fraud within the company is the greatest psychological deterrent that can be created. During its rationalization, the employee who is thinking of committing a fraudulent act thinks twice before committing the act because he knows that there is a high possibility that he will be identified by the company. Faced with this possibility, he rationalizes that it is not worth losing his job, losing his personal reputation and facing a prison sentence for a criminal act.
In conclusion
It is imperative that a company has a comprehensive security program that significantly reduces the element of opportunity to reduce fraud. This program is based on processes, procedures, internal controls, investigation of violations of internal controls, principles of physical security and the use of security technology to detect fraud and thus reduce the element of opportunity.
Dr. Cressey used to say that 5 percent of a company's employees are honest and integrated people, another 5 percent of employees are unscrupulous people who commit criminal acts without any remorse, and the remaining 90 percent of employees tend to be "opportunistic." It is the responsibility of a company's management and security industry professionals to diminish the element of opportunity to combat fraud. I invite you to continue to share your ideas and concerns from the world and security management.
A hug and see you next time!
