This week I had the good fortune to participate in a compliance forum hosted by Thomson Reuters here in Boston, talking about how to engage with front-line employees to foster a strong compliance program.
The conversation was excellent, especially because we had an example ripped from the headlines of how not to manage compliance in your workforce.
We had Wells Fargo.
For the last few who haven’t heard the news, it’s this: regulators fined Wells Fargo $185 million last week for allowing thousands of employees to give unwanted products to customers for years. The employees signed up customers for those products without ever notifying them, generally to hit sales targets and win compensation bonuses. Wells Fargo then collected fees from the customers for maintaining those unwanted (and often unknown) products.
As part of last week’s settlement, Wells Fargo fired 5,300 employees. The CEO is facing a hearing in front of the Senate Banking Committee next week. Analysts and governance activists are demanding that Wells Fargo exercise its clawback provisions, foremost for the retail banking chief who oversaw this division (she retired last summer) and possibly for the CEO other senior leaders, too.
So—how does a company engage front-line employees to fight pervasive misconduct like that?
We can start with the famous Fraud Triangle. We’ve all seen it: a visual demonstration of the three forces that drive an individual to commit fraud.
In one way I love the Fraud Triangle because it’s so versatile; you can apply those three forces—opportunity, pressure, and rationalization—to many other types of misconduct in addition to fraud. You can use the Fraud Triangle as a risk assessment tool, asking yourself: Which employees feel the most pressure to commit misconduct? How would someone do it? Why would they believe that committing misconduct is acceptable?
The Fraud Triangle does, however, have one subtle flaw. In almost every depiction of the triangle that you see, all three sides are equal length.
Fit the Triangle to Your Company
Here in the real world, motivation to commit fraud is never equally distributed among opportunity, pressure, and rationalization. Fraud triangles come in all sorts of sizes, where each side has its own length. Compliance officers need to take an exact measurement of each side, to understand the threat you have and how to design a compliance program that fights it.
Let’s first use the example of an individual sales agent tempted to pay bribes in an emerging market. In that world, where failure to meet sales quotas might leave the person unemployed and unable to provide for his family, pressure would be a much larger part of the triangle (“I must provide for my family”), and possibly rationalization too (“the company won’t be hurt by me bribing someone to take a contract”). So his fraud triangle might look something like this:
Now we circle back to Wells Fargo and the 5,300 employee padding customer accounts there. Given that this misconduct was widespread and went undetected by others in the bank for years, we can safely assume that opportunity was a larger element here:
What else about the Wells Fargo shape? I trimmed the pressure leg of the triangle because, frankly, in this country very few people face imminent destitution from job loss (certainly nothing like what people in emerging markets might face).
The point is that if we want to use the Fraud Triangle as a vehicle to understand the risks your organization faces, you must be flexible. Try to quantify the relative amounts of each force (opportunity, pressure, rationalization) you have, for the misconduct you’re trying to prevent. Sketch out what that triangle might look like. Ask others if it seems right.
The Anti-Fraud Triangle
The other reason I love the fraud triangle is because you can match those three forces with their ethics & compliance counterparts, each one intended to fight its opposite:
If Wells Fargo had better review controls, someone else in another part of the bank might have detected the false customer activity earlier. Or perhaps if the bank had better segregation of duties, the offending employees wouldn’t have been able to transfer funds from a legitimate customer account into a bogus one. The point is that so many people at Wells Fargo engaged in this behavior because they could. Stronger internal controls would have meant that they couldn’t.
Likewise, back to our fictional sales agent in the emerging markets. If his motivation is primarily pressure to meet sales quotas so he can support his family, the company needs to foster a culture that reassures him it’s OK to achieve lower sales without bribery; you need to ease up his sense of pressure. If you don’t, all the controls and policies in the world won’t keep that person from trying to evade them so he can stay employed.
Unfortunately I don’t know how many companies truly believe in, and communicate, that idea.