Inside the Mind of a FraudsterTips for Leaders to Help Put a Stop to Fraud
What makes a fraudster tick? As anti-fraud experts, we are often asked questions such as: What makes some people commit fraud while others would never conceive of crossing that ethical line? And what causes one person facing financial hardships to steal from his employer and another to find a more honest way to pay his bills?
See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources
I also wonder what goes through the minds of individuals as they're making that choice - that first decision - to commit fraud. How do they rationalize or justify their actions, and do they feel guilt, stress, or even excitement when they actually cross that line into breaking the law?
When you listen to a fraudster discuss his or her crimes, there is often an underlying sense of pride in how they committed their scheme ...
By hearing the stories of convicted fraudsters, spoken in their own words, we can begin to understand the motivations behind the act of committing fraud and hopefully create an environment that discourages such behavior. We believe these insights would be of keen interest to security professionals and anyone charged with protecting assets and information. With this in mind, the Association of Certified Fraud Examiners (ACFE) set about compiling and comparing fraudsters' stories, looking for common threads and clues.
Fortunately, we didn't have to start from scratch. Over the years, the ACFE has collected hours of interview footage with convicted fraudsters in which we asked them to tell their story, and followed up with probing questions, as any good interviewer would do. The goal was to get the unvarnished truth in their own words.
In one of our interviews, for example, fraudster Mark Whitacre, the former FBI informant/embezzler at ADM (and the main character in the movie, "The Informant"), discusses the irrational optimism and lack of remorse he had about his crimes, largely because of a lack of tone at the top, as well as the inadequate fear of punishment that kept him believing he was simply too smart to get caught. As Whitacre notes in his interview: "White-collar criminals are made, not born." This then begs the question: How do you make a white-collar criminal?
For some, a big part of the answer is found in the rationalization aspect of the fraud triangle. The idea that the company wasn't paying them what they were worth. The long hours they were putting in, without recognition. An inflated sense of importance to their organization. I once listened to a fraud perpetrator tell me that he had been the most valuable employee at his company - the same company from whom he had stolen more than $2 million.
Another issue lies in the rush that some fraudsters have described, the feeling they get after they've committed a fraud. They keep stealing, not just for the money, but to chase that surge of adrenaline that accompanies the sense that they've gotten away with something.
I've had fraud perpetrators tell me that it became an addiction for them. When they steal and don't get caught, it just reinforces their self-assuredness and desire to commit the next fraud. Sometimes ego fuels this sense of addiction. When you listen to a fraudster discuss his or her crimes, there is often an underlying sense of pride in how they committed their scheme, and how easy it was to sustain for as long as they did.
Each fraudster's story is interesting in its own right. Aaron Beam, a manager who committed fraud at HealthSouth, claimed that he couldn't stand up to executives about the actual amount of profits and resorted to altering numbers to appease a boss who didn't like to be told no.
Having this knowledge, what steps can security professionals take to keep themselves from becoming just another victim in a future fraud story? There are several.
- First, the addiction aspect tells us that a fraudster won't stop until their fraud is uncovered - and will often strike again even after having been caught. So, safe hiring practices are critical for any organization. Background checks and credit checks should be administered as permitted by law.
- However, that's only the beginning. Security professionals, along with company management and owners, should always be aware of red flags. People who steal also tend to spend: Watch for the employees who appear to be living outside of their means. A new, expensive car or stories about lavish vacations could be an indication that something is amiss.
- Finally, the proper controls need to be implemented. Surprise audits, an anonymous hotline and segregation of duties are a great place to start. Many of the fraudsters we've talked to were put in a position to steal because they were in control of too many aspects of the business and finances. An environment like that is akin to rolling the dice for a company in the hopes that their employees won't give in to temptation.
As long as fraud perpetrators are willing to tell their story, without embellishment or self-gain, I'll be willing to listen. And I'll make sure that the ACFE provides a platform for such testimonials, as the clues and insights they lend help anti-fraud professionals worldwide in their efforts to detect and prevent fraud.
Ratley is the president and CEO of the Association of Certified Fraud Examiners (ACFE), the world's largest anti-fraud organization with nearly 60,000 members in more than 150 countries.