Fitting the Fraud Triangle to Wells Fargo
This week I had the good fortune to participate in a compliance forum hosted by Thomson Reuters here in Boston, talking about how to engage with front-line employees to foster a strong compliance program.
The conversation was excellent, especially because we had an example ripped from the headlines of how not to manage compliance in your workforce.
We had Wells Fargo.
For the last few who haven’t heard the news, it’s this: regulators fined Wells Fargo $185 million last week for allowing thousands of employees to give unwanted products to customers for years. The employees signed up customers for those products without ever notifying them, generally to hit sales targets and win compensation bonuses. Wells Fargo then collected fees from the customers for maintaining those unwanted (and often unknown) products.
As part of last week’s settlement, Wells Fargo fired 5,300 employees. The CEO is facing a hearing in front of the Senate Banking Committee next week. Analysts and governance activists are demanding that Wells Fargo exercise its clawback provisions, foremost for the retail banking chief who oversaw this division (she retired last summer) and possibly for the CEO other senior leaders, too.
So—how does a company engage front-line employees to fight pervasive misconduct like that?
We can start with the famous Fraud Triangle. We’ve all seen it: a visual demonstration of the three forces that drive an individual to commit fraud.
In one way I love the Fraud Triangle because it’s so versatile; you can apply those three forces—opportunity, pressure, and rationalization—to many other types of misconduct in addition to fraud. You can use the Fraud Triangle as a risk assessment tool, asking yourself: Which employees feel the most pressure to commit misconduct? How would someone do it? Why would they believe that committing misconduct is acceptable?
The Fraud Triangle does, however, have one subtle flaw. In almost every depiction of the triangle that you see, all three sides are equal length.
Fit the Triangle to Your Company
Here in the real world, motivation to commit fraud is never equally distributed among opportunity, pressure, and rationalization. Fraud triangles come in all sorts of sizes, where each side has its own length. Compliance officers need to take an exact measurement of each side, to understand the threat you have and how to design a compliance program that fights it.
Let’s first use the example of an individual sales agent tempted to pay bribes in an emerging market. In that world, where failure to meet sales quotas might leave the person unemployed and unable to provide for his family, pressure would be a much larger part of the triangle (“I must provide for my family”), and possibly rationalization too (“the company won’t be hurt by me bribing someone to take a contract”). So his fraud triangle might look something like this:
Now we circle back to Wells Fargo and the 5,300 employee padding customer accounts there. Given that this misconduct was widespread and went undetected by others in the bank for years, we can safely assume that opportunity was a larger element here:
What else about the Wells Fargo shape? I trimmed the pressure leg of the triangle because, frankly, in this country very few people face imminent destitution from job loss (certainly nothing like what people in emerging markets might face).
The point is that if we want to use the Fraud Triangle as a vehicle to understand the risks your organization faces, you must be flexible. Try to quantify the relative amounts of each force (opportunity, pressure, rationalization) you have, for the misconduct you’re trying to prevent. Sketch out what that triangle might look like. Ask others if it seems right.
The Anti-Fraud Triangle
The other reason I love the fraud triangle is because you can match those three forces with their ethics & compliance counterparts, each one intended to fight its opposite:
If Wells Fargo had better review controls, someone else in another part of the bank might have detected the false customer activity earlier. Or perhaps if the bank had better segregation of duties, the offending employees wouldn’t have been able to transfer funds from a legitimate customer account into a bogus one. The point is that so many people at Wells Fargo engaged in this behavior because they could. Stronger internal controls would have meant that they couldn’t.
Likewise, back to our fictional sales agent in the emerging markets. If his motivation is primarily pressure to meet sales quotas so he can support his family, the company needs to foster a culture that reassures him it’s OK to achieve lower sales without bribery; you need to ease up his sense of pressure. If you don’t, all the controls and policies in the world won’t keep that person from trying to evade them so he can stay employed.
Unfortunately I don’t know how many companies truly believe in, and communicate, that idea.
9 Comments
Leave a Comment
You must be logged in to post a comment.
I think that rationalisation was a big component too – “everybody else is doing it so it must be OK”. What the model doesn’t help you with is that while opportunity and motive/pressure might be easy to see, rationalisation occurs mostly inside the individual’s head, so you have no idea what their moral code says is OK to do or how they justify their actions to themselves. What you or I might consider abhorrent, is perfectly normal to somebody else.
Yes it’s true that better controls would have prevented at least some of the fraud. More impotantly, perhaps, 1) management clearly failed in its critical duty to communicate a zero tolerance culture and 2) there was inadequate motive on the part of honest employees to blow the whistle. The two issues are related and should be managed through robust, mandatory fraud awareness training
[…] interest of mine this year. We’ve seen several high-profile examples of corporate misconduct (Wells Fargo and Mylan Labs, to name only two) that could have been avoided, had boards and senior leaders done […]
[…] Wells Fargo was Exhibit A in this cavalcade of clunkers. Its scandal of employees creating fictional accounts for customers provided endless fodder for SCCE attendees. We picked over the bank’s culture and compliance […]
[…] improper use of performance metrics, too. It has Wells Fargonian overtones, but where Wells Fargo had a rotten culture that led to harm foisted on consumers, Credit Suisse more shows how poor oversight can prompt the SEC to hammer you for harm to investors. […]
[…] Would they support the Yates Memo standard of full cooperation to identify individual culprits? How much cooperation and investigative support would qualify as “full” anyway? How widespread would misconduct need to be to deserve a fine at the corporate level? (Looking at you, Wells Fargo.) […]
[…] A would be Wells Fargo, with its scandal of employees creating false accounts that customers never ordered. Why did they do that? Because they were pressured to hit the bank’s sales quota of selling eight […]
[…] to that of Wells Fargo. That’s not quite right. In one sense what happened at Wells Fargo—employees opening false accounts for customers to hit sales quotas, and then quickly closing them—was worse. Wells defrauded both investors and customers. Little surprise, then, that when the […]
[…] all know the compliance horror stories caused by misguided incentive programs. The obvious example is Wells Fargo: its incentives were negative, pressuring employees to meet sales goals or they might get fired. A […]