In Rehab: Restoring a team after an insider fraud

When I arrived at my last employer’s headquarters on my first day as their new head of counter-fraud, I did not know that the vacancy had arisen because my predecessor had committed… fraud.

The last person to hold that office had stolen nearly £65,000 using false invoices from fake companies. He had been arrested, would plead guilty at court and receive a custodial sentence. Despite the lurid headlines, the organisation was open about what had happened.

1If a humanitarian or global development organisation gets serious about tackling fraud and corruption, then it will detect cases – possibly in significant numbers. As my organisation invested in counter-fraud efforts, for example, we saw recorded suspicions in its global operations nearly treble in three years (this, of course, reflected a rise in vigilance and engagement rather than incidents).

But what happens after an incident of insider fraud or corruption, when the dust settles?

rippleThe job does not finish with the dismissal or conviction of the suspect(s). These incidents have long tails – there is work still to be done to rehabilitate the project or business unit in which the incident took place. An incident represents a severe breach of trust; workers may feel abused and betrayed. The ripples can spread wide.

How we go about rebuilding a team and restoring a business function depends hugely on the circumstances of the case, and there is no ‘one-size-fits-all approach. Although we only have space here for a few pointers, I have learned some lessons from helping teams like mine to overcome setbacks like this – these considerations may be helpful for you too.

First things first

The aftermath of an incident is the time to ask some basic questions: Could this happen again, and are there any other vulnerabilities we can spot?

Startup Stock PhotosHopefully, the organisational response included a lessons-learned exercise, generating changes to implement. This should look beyond the internal controls, also into enabling factors such as culture, communication and awareness.

That said, a fresh and full fraud and corruption risk assessment of the department can be helpful. Are there other vulnerabilities beyond the affected processes? An unexpected further case – just as things settle  – can create more uncertainty for the team if more changes to processes are necessary. Instead, let’s make all the adjustments we need to now (and capture the benefit of a sense of ‘moving on’) rather than risk constant change for the team.

planningNow is also a good time to do some contingency planning. Is the incident serious enough that it could result in regulatory interest, onerous remedial controls applied by institutional donors, or put future funding at risk, for example? We can prepare for these.

Startup Stock Photos

Remember to seek advice. Overcoming an incident of fraud or corruption is a risk-rich activity. Consider engaging with HR, internal communications, legal, any dedicated counter-fraud or ethics or integrity office, staff health and/or other relevant specialists.

Treat people as individuals…

colored-pencils-179167_1920Team members will respond to the matter differently. While some may be relatively unaffected, others may not. It is important to note that where staff have made a commitment to an organisation on the basis of their values – perhaps more common for charities, nonprofits and NGOs than for private sector organisations – a breach of trust could be more impactive. Perhaps there could even be a grief reaction for some team members.

sadLook out for, and respond to, the traditional symptoms of stress, low morale and anxiety. These might include absenteeism, disciplinary issues, a rise in complaints, and disillusionment. An incident can impact upon personal and professional confidence, and colleagues may feel fear, shame or embarrassment. Will the incident create a funding crisis, putting their jobs at risk? Will staff have to justify themselves to an angry public? Consider access to staff support systems, and formal interventions such as counselling and facilitated debriefing.

16404-a-woman-in-a-business-meeting-pvBe a compassionate and responsive manager. Avoid assuming you understand how people feel or why they behave the way they do. Instead, in your one-to-one meetings with team members, explore how they are experiencing the crisis and responding to it. Remember, of course, to make it clear that this is pastoral and not investigative. Similarly, it is important to restore individuals’ sense of control. In a way, employees in whose midst an act of fraud or corruption occurred are victims of abuse. Solicit and listen to their concerns and visibly respond to them.

Accept that restoration may take time. Do not assume that the passage of time, themes in office chatter or improved productivity are signals that everybody has moved on. While these might be positive indicators, look out for those left behind.

…But re-build the team

Teams can be fragile creatures, and discovering that someone was out for themselves can undermine the workplace trust that allows them to function.

gambia-239849_1920Clear communication. Rebuilding trust requires the open communication of reliable content. Low information creates anxiety, more information helps manage our ‘fight or flight’ crisis response. Concealing the matter from the team is, therefore, more likely to sow suspicion and fear than peace and confidence. Be as open as you can about what has happened, and what will now happen, within the boundaries of policy, employment law and data protection legislation. As you describe the future, avoid over-promising – employees need clear and consistent messaging from management. If you cannot make promises, don’t; recognise uncertainty and explain what is being done to reduce it.

Similarly, set the right key messages for staff and stakeholders. Absolutes (‘this will never happen again,’ ‘rogue employee,’ ‘isolated incident…’) and over-reassuring can be risky for expectation management.  More sustainable messaging might include that fraud and corruption are normal business risks which we can reduce but not eliminate, and that the best way to respond to incidents is to use them to make us stronger.

Allow the opportunity to debrief. Ask staff what the incident has meant for them, and for the team. Consider soliciting suggestions on how to move forward, which can demonstrate management’s ongoing belief in the wider team (despite the actions of one). It also helps to empower the team to claim their status back, and move forward.

Team_Building_LanzaroteFoster trusting relationships. Ensure that teams meet as regularly as possible, in person or via teleconferencing. Consider holding team-building events, reflective away days and/or ‘how are we doing’ agenda items in meetings. These measures can improve understanding, interaction and trust between team members.

Arrange a good-quality fraud and corruption awareness workshop. This will not only help reduce the risk of incidents, but will also help staff to feel empowered; the best workshops help to generate a sense of solidarity and support amongst the honest majority. Be cautious not to let it feel remedial.

beautiful-day-1374424_1920Lead by example. We know that employees look to the behaviour of their managers to determine their own. So be present; you cannot role-model behaviours and attitudes if you cannot be seen by anyone. Be positive and show how you treat what has happened constructively, managing risk, avoiding blame, taking care of your colleagues (and yourself), and using the incident to make the business unit stronger in the future. As one casualty of a fraud or corruption incident is honesty, ensure that you are (and are seen to be) authentic. So, for example, if you feel hurt, vulnerable or confused, consider sharing those feelings with the team. This helps to normalise these emotions.

Avoid blame. This includes the narrative that we create around the perpetrator. It is tempting to turn them into the catch-all receptacle for all that has gone wrong, but this risks helping to foster a blame culture that can trip us up later. Furthermore, it can help us to move on from a crisis if we are able to see that there are things we could have done differently.

Get back to business-as-usual as quickly as possible

roadReaching project milestones or completing tasks puts clear blue water between the incident and the present, assisting both staff and stakeholders to move on. It also, of course, ensures the progress of the project or business unit. Embed, as rapidly and effectively as possible, any changes to processes to reduce the risk of a recurrence.

Remember the big picture – the goals and values of your organisation. Trust may have been betrayed on this occasion, but a refocus on why we all come to work in the first place can assist everyone to work hard towards recovery.

Thanks to Liz Crowe, Wellbeing at Work Specialist, for her contributions to the content. Liz tweets @lizcrowe2, or visit her website at LizCrowe.org.

FFCHGDSTo read more about how to deter, prevent, detect and respond to fraud and corruption in humanitarian and global development work, make sure you pick up a copy of my book, Fighting Fraud and Corruption in the Humanitarian and Global Development Sector (Routledge, 2016). It’s out now and packed with relevant material!

Advertisements

Fraud and corruption: 10 tips for obtaining buy-in from your NGO’s Board

pexels-photo-70292

The Commonwealth corruption conference and anti-corruption summit in London last week saw the full engagement of civil society. Leaders from big household name NGOs were active online and in person, taking the opportunity to challenge a range of related injustices. It was exciting and encouraging, but these events should prompt those NGOs to ask themselves, ‘how effective are our own organisational counter-fraud and corruption frameworks?’ If the question needed underlining, we also learned that the US government is investigating allegations of corruption affecting NGOs in the Syria emergency response.

Syria humanitarian aid
US humanitarian aid bound for Syria

What Boards need to do in order to reduce fraud and corruption risk is well-trodden ground. But for international NGOs, one of the great challenges can, in fact, be the Board. As your organisation’s counter-fraud lead, what do you do if members of your Board don’t recognise that fraud and corruption is a problem? Or merely give it lip service, unwilling to invest in meaningful risk reduction efforts? Or worse, are content to turn a blind eye to the risk of physical assets, funds and stock falling into the wrong hands if most aid gets through?

Obtaining the buy-in of an NGO’s Board isn’t about selling them a product – we need their ongoing support and ownership. It’s about changing perspectives; a long haul, not a quick win. So, in helping to generate that ongoing support, I’ve found that these tips (which are not exhaustive and in no particular order) have assisted my colleagues and I; perhaps they might help you too.

1. Educate to effectuate

apple-256261_1920Fraud and corruption has, historically, not been well understood in this sector. Your Board may have a low or rudimentary understanding of the risk and how to respond to it. This means starting at a basic level, making no assumptions, taking the time to address myths and misconceptions and playing a longer game. ‘Educate as you go,’ Willie Oelofse from Deloitte Kenya told NGOs at a conference in January. As we do so, of course, it’s important to remember that counter-fraud is a good news topic – your organisation may be at high risk, but actually there’s a lot that can be done to reduce it. Boardrooms are learning environments too.

2. Keep it simple

OLYMPUS DIGITAL CAMERA

Board members are busy. NGOs (especially humanitarian agencies) are often very responsive, and Board members’ attention is divided between competing thematic risk areas and arising issues. Use your time with them wisely. Proposal documents and assessments, for example, should be short or with executive summaries. Don’t bury key messages in a risk assessment document the size of a telephone directory.

3. Speak from within

people-men-grass-sportCivil society is under attack the world over, and the issue of their fraud and corruption exposure can be something that sends Board members running for their shields and helmets  – especially if it is perceived to come from an out-group rather than in-group. Take charge of how the matter is framed. Don’t let them entrench in defensive positions to ‘fend off’ your ‘attack,’ or sit in a ‘prospective client’ chair to listen to you ‘pitch’. Instead, use their business language, show your understanding of the difficulties they face, and speak from inside their group. Explain the landscape around them, and how you can help them navigate across it.

4. Remember that they’re individuals

colored-pencils-179167_1920People make decisions differently and on the basis of different values. For example, I am a big fan of the MBTI, which is one of a range of models that can help us to understand how we like to work and how best to relate to others. Models like these can really help to improve workplace relationships. So try to understand each member of your Board as a person, and what really drives their decisions. Some will be persuaded by cold, hard data, others by less tangible matters such as how your agenda relates to values, supports people, and so on.

5. Bring the risk to life

DSC06922Fraud and corruption, especially at a strategic level, can be abstract concepts. Help the Board to connect by painting a picture of the risk with case studies. If you don’t have any in your own organisation, then perhaps partners, donors or other organisations have some they will let you use? If not, then find cases in the public space affecting comparable organisations. If you’re really struggling, consider using fictional examples – but remember to state that they’re fictional!

6. Show the benefits

cost-benefit-analysisNGO Boards are often allergic to anything with a whiff of extra expense, especially if it is ‘overhead’ or ‘administration’ flavoured. So explain the benefits of the agenda not just in terms of what it prevents, but also what it gains – efficiency, effectiveness, quality improvement, and so on. Much of counter-fraud work synergises with good management (an example arises from the world of retail – smiling as a customer enters not only deters shoplifting by making the individual feel noticed, but is also good customer service!).

7. Take an evidence-based approach

evidenceNGO Boards manage a lot of risks, only some of which materialize. Using evidence helps them to appreciate how fraud and corruption sits, whether that evidence is perception-based, representative sampled, or from other diverse sources. Cast the evidence net wide – consider staff surveys (especially anonymous surveys), risk assessments, project and programme evaluations, audit reports, security reports, academic research and open source. This may mean that you need to start by improving the detection of incidents, in order to gather enough material. Be cautious with the use of quantification estimates, as these can be inherently open to challenge by those feeling resistant, and with over-stating the case (being debunked seriously damages credibility). Remember to cater for any risks created by the counter-fraud agenda, and to consider any donor or legal obligations.

8. Align with organisational objectives and strategy

marketing-board-strategyJust as is the case with private and public sector organisations, the counter-fraud agenda needs to directly support the organisation’s mission. This needs to be clearly elucidated so that Boards can see that counter-fraud is a mainstream activity, rather than a distraction.

9. Obtain a sponsor

hands-people-woman-meetingIn March’s Charity Finance magazine,  I explained why fraud and corruption needs to be a standing priority for NGO Boards. But in addition to this, the counter-fraud agenda needs a champion at Board level. Benefits of this include how the champion can look out for synergies with other business areas as they’re discussed.

10. Put in the legwork

Startup Stock PhotosA ten-minute agenda item at a Board meeting is not enough to ensure that a Board truly embraces counter-fraud and corruption. Obtain regular meetings with each member to explore their own position and build their buy-in – especially before key decisions are to be made. Similarly, the counter-fraud agenda needs to align not just to the organisation’s mission but to the agendas of those individual Board members. How does countering fraud help, not hinder, the aims of the person in front of you?

11. Bonus tip!

Why not get the members of your Board a copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector? It explains the risk, busts myths and misconceptions, and sets out ways for NGOs to minimise the risk. It’s out now with by Routledge, pick up a hardback or e-reader copy via the Routledge website or Amazon!

FFCHGDS

 

 

 

When NGOs break the law: Consequences for fraud risk

The 1986 movie Top Gun, starring Tom Cruise, opens with a fantastic scene of aerial derring-do.

In this fictional scenario, American planes are engaged by a rival power’s ‘Mig’ aircraft, one of whom activates its missile lock on an American aircraft. The pilot calls out to Tom Cruise’s character to ‘get the [guy] off’ him. As I understand it, what Maverick apparently should have done was to fly behind the Mig and engage his own missile lock, deterring the Mig from firing at his comrade. Maverick doesn’t do that. He’s got his own plan.

4It’s a great scene, and we celebrate Maverick’s daring heroics. But let’s be clear, this wasn’t what he was supposed to do. It was dangerous. We only celebrate because Maverick pulled it off. If something had gone wrong, Top Gun wouldn’t be a heartwarming movie about a young pilot’s quest for meaning, love and success. It would be a dark political thriller about a world on the brink of nuclear war following a mid-air collision caused by a reckless American pilot.

From time to time in my work with NGOs, I’ve caught glimpses of internal cultures where compliance is not as valued as one might expect. When the organisation’s overall aims are moral, getting away with non-compliance might even attract honour. But just as would be the case with Maverick’s airborne antics, there are consequences if risk catches up with reality.

PASSPORT 5Some international NGOs are tempted to break the laws and regulations of their countries of operation, registration, or both. Here we don’t so much mean situations where legal authority is unclear, or regulations and obligations are ill-defined or differently interpreted, or laws which violate human rights. Here we’re focussing on a situation where an NGO wilfully or negligently breaks legitimate, clearly-defined and communicated local laws and regulations. Temptations might include, particularly:

  • Breaching immigration, tax or employment law;
  • Procuring on the black market;
  • Conducting projects outside the authorised parameters;
  • Breaching NGO regulations or directives (e.g. reporting).

INGOs do complex work in complex places. Common reasons why staff or managers may take this action (or indeed, inaction) might include:

  • A tension between the time it takes to negotiate labyrinthine or contradictory local bureaucracies versus their urgent humanitarian objectives or donor expectations;
  • A disconnect between headquarters expectations versus local realities;
  • Failing to invest in the preparation and planning necessary to properly identify relevant regulatory factors and formulate organisational responses to them;
  • Failing to maintain proper oversight to ensure that staff are delivering objectives lawfully – sometimes potentially deliberately (‘don’t ask, don’t tell’);
  • Internal cultures where ‘getting the job done’ is valued more highly than compliance.

This exposes an international NGO to a wide array of risks. Now, this is not a legal blog and I am not a lawyer, but I do note that some possible consequences of non-compliance might affect an NGO’s ability to reduce its risk of fraud and corruption. In this article we’ll suggest three such areas.

The impact upon responding to fraud incidents

file2831269190184When an incident of fraud takes places in a project where the NGO was working unlawfully,  managers may then be incentivised against taking civil or criminal justice action for fear of drawing attention to the project’s own misdemeanours. This may significantly hamper the prospect of redress (getting our money back), and impact upon the available sanctions for a perpetrator. This, in turn, could damage the NGO’s ability to deter fraud and corruption if a potential perpetrator knows that such an outcome is unlikely.

The impact upon counter-fraud culture

My book suggests four characteristics of such a culture, one of which is that ‘all commit to, and participate in, reducing fraud and corruption to an absolute minimum.’ It is not hard to see how the toleration of unlawful activity can contradict this. As a previous blog post has mentioned, how can we ask our employees to role-model accountability and transparency if the managers of our organisations are not doing it?

file4081251141923The risk goes even further, however. While international staff may be able to hop on the next plane home if things get too hot with local authorities, local staff can’t press that escape button. They may therefore bear the greatest risk of consequences like prosecution. This outrageous burden is hardly helpful to the positive workplace relationships necessary to help deter corruption and promote whistleblowing.

Similarly, we need to consider how expecting or allowing workers to break the law, or breaching their employment rights, might disenfranchise them. A breakdown in the relationship between employee and employer – particularly where an employee feels wronged – might, in some cases, contribute to the rationalisation of occupational fraud.

The impact upon preventing fraud and corruption

Operating unlawfully could contribute to a country’s wider crime problem and undermine the legitimate state. In this sense, we help to sustain the environments of complexity and injustice that make transparent and accountable work so difficult – not alleviate them. In turn, this helps to maintain the risk of fraud and corruption in our operations there.

DSC06922An area where this ‘do-no-harm’ themed risk is particularly evident is where NGOs procure from the black market, an option that can arise during scenarios such as the recent fuel crises in Yemen and Nepal. Doing so makes an NGO part of an opaque supply chain and financial flow – where did the product really come from, and where is your money really going? The transparency of your contacts is in no way incentivised, and they are unlikely to volunteer to whom or what they are linked (think Six Degrees of Separation).

Subsequently, an NGO could easily appear in a network that features terrorist groups or those subject to financial sanctions, or in which the financial flow benefits those involved (or ultimately supports investment) in other forms of state-destabilising serious organised crime. Being a black marketplace buyer can make an NGO part of a network in which its donors and supporters might be surprised to see it.

How can these organisations claim to help the nation’s development when, through corruption, they weaken the rule of law? How can we deal with this hypocrisy?

Ingrid Nanne, What happens when NGOs break the law?

Conclusion

Humanitarian and global development work is complex, and programmes are often under pressure from multiple sources. However, operating unlawfully carries a range of risks, and the crystallisation of some of those might damage a programme’s resilience to fraud and corruption.

Managers need to take these risks seriously. This means avoiding the blanket application of a ‘humanitarian need’ trump card to all their operations, and instead ensuring that a nuanced and considered approach to business planning and risk management identifies and caters for foreseeable tensions with legitimate local laws and regulations. The days of ‘don’t ask, don’t tell’ need to be a feature of history textbooks, not modern programme doctrine.

FFCHGDSFind out more about the risk that fraud and corruption pose to humanitarian and global development organisations, and how they can better deter, prevent, detect and respond to it, in my book! Click here to get your copy of Fighting Fraud and Corruption in the Humanitarian and Global Development Sector from the Routledge website or Amazon!