In the past couple weeks we have seen Patisserie Valerie in the news, but unfortunately the news was anything but sweet…
At this stage, five Patisserie Valerie employees have been arrested in connection with a substantial case of internal fraud. With internal fraud, the loss an organisation will suffer is never just money. The shareholders and the company’s bottom line might be victims, but more particularly it’s the staff. As a result of the dishonest actions of a few, 900 staff were laid off, the share price plummeted and the business, which was once valued at £450 million, was purchased for just £5 million.
Patisserie Valerie may well recover, as its brand strength could see it through and the new owners could turn it around. But this type of business risk is nothing new. It has happened before and will happen again. In fact, it is happening now in other business across the UK. What is most surprising though is that so few businesses adequately seek to manage this risk effectively. The key question is, who owns internal fraud risk in a business? Ask that question at a typical board meeting and see how the fingers point around the room at different functions: security, HR, IT are all involved, as are internal audit and line managers. No organisation is immune to internal fraud and yet so few have a clear risk management policy in place.
Clear ownership is just part of the issue. Fundamentally, businesses rely on their staff and seek a high level of trust in them to do their jobs well and diligently. However, this level of trust is what ends up being broken. In a fast moving business world where people have access to systems or assets, and are under pressure to perform quickly, can lead to open gaps in defences. People change, their circumstances change, and things happen that effect their lives outside of work: a death in the family, or growing addiction, for example. Equally, disgruntled employees who feel aggrieved could turn against their employers. Finally, it is possible that employees are pressurised or incentivised by organised criminal gangs to infiltrate your business for criminal purposes.
There may be one reason someone commits fraud, or there may be multiple, but there is always one common factor: they all believe they can defraud their employer and not get caught. The telltale signs will be there: fancy clothes, exotic holidays and other expensive purchases that may indicate someone is living above their obvious means. Or you may have a quiet employee that comes and goes, and doesn’t interact or engage. Or instead you may work with a person who seems to be a workaholic, not taking a holiday as they are too frightened that someone will spot what they have been up to while they are away. Critically, where there are weak management controls in place there will be much larger windows of opportunity. The employee might have tried something and gotten away with it once – on purpose, or sometimes by accident – and it snowballs from there.
This is part of a wider discussion we have quite a lot at Cifas. At what stage does dishonesty become acceptable? Is grabbing an apple at the office canteen without paying justified? Does not punishing that action lead to a culture of where taking from your employer is okay? It may be a low-level example but it challenges our thinking. Where does it end? An apple, some stationary, a laptop, some cash, staff property, false expenses claims, customer data, false invoices, major data download, falsifying accounts?
Thankfully, we live in a world where most people we employ are trustworthy and hard-working—it is the few who are the issue.
To counter that issue you have to start at the beginning. Vetting new staff is vital and employers don’t always do this effectively enough. CVs can be ‘creatively' written and, while previous employers are not legally required to give a reference, if they do it’s pretty worthless. This is where Cifas’ Internal Fraud Database can help as a place for employers to record and share sensitive information about dishonest people. Being a member of the Internal Fraud Database creates a strong anti-fraud culture in the workplace, which is in turn protecting your business, staff and customers from fraud threats.
Stopping repeat offenders is vital. Typically, if someone gets away with fraud once, they resign, and do it again at the next organisation, over and over. This is why collaboration and sharing information within the legal framework of Cifas’ Internal Fraud Database is the best way we can prevent fraud reoccurring.
There is some straightforward best practice your organisation can apply to limit opportunities of internal fraud:
Fighting internal fraud is something all members of staff and all departments should have an interest in. Shifting the responsibility or looking at management only to act isn’t enough. Clear management and procedures should be in place that work effectively - don’t simply pay lip service to it. The particular risk of internal fraud and the potential damage it could do to your business if left unchallenged is not something that can be swept under the rug.
The release of the Financial Ombudsman Service’s annual report has raised an important question for consumers – are you banking safely?CONTINUE READING
Calling all local authorities! Work for 2020’s Fighting Fraud and Corruption Locally strategy is set to begin July 2019 and volunteers are needed. Collaboration from councils is vital in developing the strongest strategy possible - make sure your council is involved.CONTINUE READING