There’s a fine line regarding trust in a workplace environment. Too little trust in employees can diminish effective communication, increase conflict and decrease loyalty. But on the flip side, too much trust could create an opportunity for a key employee to defraud your organization, no matter what internal controls you have in place.
Let’s look at how trust impacts the effectiveness of internal controls and different ways you can protect your organization, including a real-life case study.
Internal controls are policies, mechanisms or procedures created to minimize risk to a business and promote integrity in financial information to outside parties. They are grouped into three major categories:
Preventive controls: Segregation of duties, authorization of money transactions or physical safeguards of assets
Detective controls: Mandatory vacation policies, internal audits and bank reconciliations
Corrective controls: Disciplinary action, staff awareness training and other controls to help mitigate damage once fraud is detected
No matter the size of the business, internal controls are essential. When implemented and enforced properly, they create an effective control environment and help protect an organization from past, current and future losses due to fraud.
Outside of just managing fraud, a working system of internal controls helps to maximize your organization’s operating efficiency, promote accountability and increase confidence in your financial records.
In too many cases, internal controls are overlooked or breached, automatically putting the organization at risk for potentially fraudulent activity.
There are various ways in which internal controls can become ineffective, and oftentimes, management — the regulators of internal controls — is in a position to override or ignore them. Internal controls can also be breached when there is a lack of supervision, poor communication or absence of disciplinary action.
However, some of the most unexpected frauds occur when there is too much trust within an organization.
In these situations, victims state that they trusted the perpetrator and are in utter disbelief that they could have committed the crime. Often the shock and feelings of betrayal associated with the incident are worse than the assets lost. This is especially common in small businesses with fewer resources and oversight than large corporate organizations.
There are various indicators that an employee could be committing fraud. The most obvious is when someone is living well beyond their means. For instance, it should raise suspicion if the receptionist of a small family business owns several motorhomes, vacation properties and luxury vehicles. This is not to say that the employee is definitely committing fraud, but paired with other red flags, it may be worth looking into.
Other signs may include an employee who never takes vacation, works unusual or long hours in the day, or is secretive or protective of their work. Without proper oversight measures in place, management might find checks bouncing unexpectedly, budget overruns, vendor complaints about non-payment or bank account balances lower than anticipated.
The city of Dixon, Illinois, along with its citizens, were victims of a fraud scheme in which the perpetrator was overly trusted in a position of power.
Rita Crundwell, the former comptroller of the city of Dixon, Illinois, began working for the city’s finance department in 1970 when she was still in high school. She was eventually promoted to comptroller in 1983. Over the course of 20 years, Crundwell gained the trust of her fellow employees and began perpetrating a fraud scheme in December 1990. She opened a bank account under the name of Reserve Sewer Capital Development Account (RSCDA) to disguise it as belonging to the city. For the next two decades, Crundwell transferred $53 million of taxpayer money to this RSCDA account, from which she withdrew money to fund her luxury lifestyle and quarter horse business.
Although the city performed routine audits and required budgets to be approved, Crundwell was able to perpetrate a fraud of great magnitude over the course of many years. With a salary of just $80,000, Crundwell had two houses, property in Florida, over 400 quarter horses, and various vehicles and motor homes.
Crundwell was once praised by the city’s finance commissioner, Roy Bridgeman, as being “a big asset to the city as she looks after every tax dollar as if it were her own.” People trusted her, and as a result, proper internal controls were not put into place. The internal controls that were in place were not enforced. More specifically, Crundwell had the power to create and oversee the budget, write checks without oversight, approve payments, perform reconciliations and execute accounting transactions. Even though budgets had to be approved, a lack of oversight allowed Crundwell to come up with false justifications for the overdrawn budgets. Crundwell abused her power to perform her responsibilities and effectively took advantage of the trust put in her.
It is no surprise that co-workers often develop close working relationships, being that they spend at least eight hours of the day together. However, there is a fine line concerning the extent of these relationships, particularly between management and employees. This is not to say we shouldn’t trust our co-workers, but too much trust can lead to careless oversight and breached controls.
Many of us have heard Ronald Reagan’s saying, “Trust, but verify.” There is nothing that rings more true in the workplace. While it is okay to trust employees, it is crucial to ensure adequate internal controls are in place and functioning properly. It’s easy to think, “I don’t have time to authorize those checks this week. Sally can do it — she has been my employee for 20 years.” As soon as this type of decision is made, the possibility of fraud increases.
There are countless ways that fraud can occur in an organization. That’s why it’s important to mitigate the risk as much as you can. Maintaining and enforcing internal controls and using your best judgment is the key to protecting your organization against fraud.
Contact us here or call 800.899.4623.