About Those Nice People

My fellow panelist, Kelly Paxton, pink collar crime expert, has stressed for years that no company is too small or too big to experience internal fraud. We could also add that no organization is too family oriented, too religious, or too benevolent to be a victim. A friend of mine previously worked at a family-oriented insurance office. A long-time trusted employee was fired at some point because she was caught stealing. When initiating insurance claim payments to customers, she managed to increase the total. She paid the customer what they were owed and then sent the extra portion directly to her bank account. She was a nice person who had a gambling problem; desperation drove her to steal.

In other cases, nice people want nice things. They steal to fund their desired lifestyle. During the panel discussion, Ellen Leith, editor and director of the Purchase to Pay Network (PPN), shared a crazy story about a wedding that was funded by internal fraud.

On the flip side, rule-abiding nice people can fall for scams orchestrated by external fraudsters. A willingness to be helpful can, sadly, override the training employees receive about phishing and other fraud tactics. To combat this, actions your organization should be taking are:

• Training employees annually on common scams and how they should handle them

• Conducting fake fraud attempts, led by internal audit or other group, to see what employees do

• Retraining any employees who fall for the fake attempts

Examples of Common Risks

As expressed during the panel, I regularly encounter organizations that do not follow the best practice of auditing card transactions at least monthly. They rely on managers doing a monthly review of their employees’ card activity (and we can assume that not all managers are thorough) and only doing an independent audit on an annual basis, if ever. In regard to auditing, Kelly Paxton recommends a “surprise and delight” approach, whether the focus is card transactions or other expenses. This basically means to mix up what you audit and when, so employees do not know what to expect.

Another common risk, which Mary Schaeffer brought up during the panel, is a practice that can elude your auditing efforts: allowing employees to use personal cards for business expenses, such as travel, and then get reimbursed. The lack of visibility into their spend opens the door to many ways that an employee could commit fraud. Refer to my April post on next gen virtual cards to see some of the problems.

Beyond card programs, Ellen Leith points out other risks, saying, “When it is not clear who owns a process, then nobody has control.” She specifically notes the issue of not regularly cleaning up the master supplier/vendor file, saying, “Dormant suppliers and the double entry of suppliers give employees an opportunity [to commit fraud].” She also provides a suggestion for this issue, besides the obvious one of cleaning up the file; access the panel recording to hear more.

A New Excuse to Watch For

Smart organizations monitor spend activity—the overall total, by department, and even by cardholder—and compare to equivalent past time periods. A spike in spend can uncover employees who might be using company funds for personal gain. During our panel discussion, Kelly introduced a new way that an employee might explain their increased spending to hide personal purchases: blame inflation. With rising prices on just about everything, a manager might believe the employee’s excuse and not investigate further. All the more reason to establish a robust auditing process and follow up on the results.

Resources

This post only scratches the surface of what we covered during the 45-minute panel, but you can access the full recording: AP Now “Fraud Protection” panel recording on YouTube.

See also related Recharged Education content:

• Controls and fraud

• Risk assessments

• Risk assessment template available for purchase for less than $100

Available Products & Services from Recharged Education

• Complimentary online content

• Resources available for purchase

• Fee-based services for industry providers and end-user organizations, such as training, consulting, and content development

Submit a contact form to request a quote for what your organization needs.

Subscribe to the Blog

Receive notice of new blog posts.

About the Author

Blog post author Lynn Larson, CPCP, launched Recharged Education in 2014. With 20 years of commercial card experience, her mission is to make industry education readily accessible to all. Learn more…