Theft from Within – Dealing with problematic behavior in the organization
One of the main threats to business is intra-organization theft, carried out by the organization’s own personnel.
This common type of behavior can be the result of hiring non-credible personnel, loose supervision and lack of basic financial policy implementation.
All of the above create an atmosphere of theft and fraud, as large investment firms, factories and most recently – the “YES” cable company recently discovered.
Most organization put little thought and funds into dealing with employee-related theft or preventing improper behavior. Organization which have to deal with this problem do it through various different people from within the organization such as: security officers, managers and even the HR department. Since the above aren’t specifically trained to deal with this issue, wrong supervising and coping methods might be employed. They could act in a specific way to try and deal with a specific problem and do this many times over, while unintentionally ignoring the big picture. Dealing with this phenomenon and doing away with this is best done by employing a systematic methodological approach which will minimize damage to the organization and provide better tools to dealing with it inside the organization.
In order to avoid these phenomena, the organization must take several essential actions, such as:
- Doing a backup check to minimize the risk of hiring workers whose credibility might be flawed.
- Communication the organization’s ethics policy – workers must be made fully aware of procedures regarding fraud. This must be fully understood in order to understand the consequences of breaking it.
- A positive work environment should be created. One which encourages workers to follow policy and regulations in order for them to do their work in the best interests of the organization.
- Random, synchronized audits must be done in order to discover new weak points. These audits must later be checked for effectiveness.
- Workers, vendors and customers should be provided with an anonymous reporting system which would be able to report any breach of policy and regulations.
- Every event must be reported. A thorough and quick investigation of a breach in the organization’s policy must be made. The same goes for allegations and suspicions relating to fraud. These will all help make better decisions and minimize loss.
To summarize: an organization’s management must act as a role-model for its employee. It must lead. By applying these recommendations, as well as others, it will be possible to significantly reduce the number of security breaches and the possibility of fraud / theft by the employees, thereby, protecting the organization’s assets.
If you suspect fraud committed by employees and want to make sure these events do not happen, it is advisable to seek professional help in order to conduct a check / credible investigation and reach effective results.
The author, Shlomi Adar, is an expert and an advisor to organizations in the field of applying and improving information security and employee credibility.