When a Fraud Goes Public


Download Our Chapter’s Free App RVACFES on Google-Play!

There’s a high probability that every fraud examiner, during the course of his or her career, will work on at least one fraud that hits the newspapers.  Your client and its counsel will undoubtedly turn to you as a member of the investigative team for input, especially, as is most frequently the case, the whole experience will be new to them. Given the overwhelming importance of corporate on-line and off-line reputation as a driver of value and with sustainability as a strategic concern, the bottom-line value of communicating with all corporate publics about both tangible and intangible events affecting performance has risen. This is doubly the case with a sensitive issue like a publicized fraud. Today, the ACFE tells us, intangible assets can account for as much as 70 percent of the value of a business. They include brand, employee loyalty, credibility, trust, and (perhaps of most importance) reputation. In a world continually rocked by corporate governance and other scandals, attention to reputation risk is proving more important than ever. Because organizations derive that reputation from how their various stakeholders and publics perceive their performance, behavior, and actions in the goldfish bowl of social media, the need for more careful management of the public information interface is also vital but especially so in a crisis.

The ACFE also reports that a growing number of major global companies are investing substantial resources to manage their reputational risk, and have increased their efforts to do so over the last five years. Indeed, 82 percent of risk managers report their companies are making a “substantial” effort to manage reputational risk, and 81 percent said they’ve increased their focus on reputational risk during the last 36 months. That’s partly because risk managers recognize the difficulty most enterprises have attempting to wrap their corporate arms around the nuances of just what a reputation is and what risks it faces, and also because less than half of the executives surveyed said the management of reputational risk was “highly integrated” with their enterprise risk management (ERM) function or another risk oversight program.

During the fraud risk assessment process many CFE’s have likely suspected or even warned that the actions that some of their client enterprises were taking or planning to take – especially those related to over-the-top spending or perceived lapses in corporate ethical judgement – might not be viewed today with the stakeholder disinterest they once were.   Now, every management must deal with reputational risks that were not necessarily reputational risks in the past, and they must deal with changes – rapid in many cases given social media – in the public’s estimation of what is and isn’t acceptable corporate behavior.

Any publicized fraud, major or minor, impacts the corporate reputation and serves as proof that all of its key fraud risks are intertwined; each risk can impact others. Losses to fraud impact reputation just as surely as bad strategic decisions. To help minimize the negative effects of these intertwined threats, organizations should consider identifying risk champions within the organization, including the CEO, the president, regional presidents, and, sagely, the marketing director, whose roles would include not only monitoring and reporting on on-going reputational risks but, acting as a committee,  in actively shaping the corporate response to a publicized fraud.  These champions routinely look for reputational risks as part of their day-to-day activities, arranging for corporate auditors to test anti-fraud controls and look at policies and procedures that might carry some type of reputational risk.  Likewise, every member of management should be sensitized to be aware of reputational risks and educated to identify areas for audit that, in their opinion, are not being managed correctly and thus likely represent loci of developing fraud-related threats to the enterprise’s good name.

Organizations which haven’t experienced a publicized fraud often overlook the multifaceted nature of reputational risk and the need to consider it at the inherent level, rather than focusing, as so many organizations do, on reputational risk at the lower, residual level; damage to reputation is never just a residual effect and should never be viewed as such. This judgment error can leave managements complacent about the magnitude of damage a threat to the company’s reputation can cause. A sense of comfort with the expected perceived control level can make many boards and executives not think about the inherent, potentially devastating reputational risks that are always lurking around every corner.  Never forget, the world’s response to a damaged reputation is faster and harsher today than ever before.

Just how fast social media can change and affect the public’s opinion of any company is something of which many organizations are still insufficiently aware.  Although companies cannot prevent anti-company commentary related to a fraud on social media sites, they can monitor them and possibly influence them. It’s doubtful that many of today’s client senior management were taught the practice of determining potential reputational risks and of monitoring a corporation’s response to them on social media.  CFE’s need to recommend that client companies expand their public mood-tracking activities to these venues when actually responding to and addressing a published fraud.

The management of reputational risk during a publicized fraud requires a constantly updated, fresh approach to what could happen and the reverberations it could have throughout an enterprise’s public universe. Financial responsibility as one type of reputational risk that is not new; as consumers become more actively involved in narratives involving stock market manipulation and corporate corruption, companies are more at risk for being labeled as ‘irresponsible’ if they don’t have a perceived high level of corporate governance. Worldwide slow economic growth has made the reputational risk of all corporate related missteps a greater threat to any company because it simply might not be able to recover from a financial fraud fallout as quickly as it might have in high growth times. Slow growth may also lead more employees to engage in the kind of activity – fraud, theft, quality corner-cutting – that can damage an organization’s reputation and the general public is well of aware of the fact.

Helping client companies manage reputational risk during their response to publicized frauds, including that risk in their fraud risk assessments and then on-going reassessment of the performance of risk related  controls is an area where CFE’s can add tremendous value at very little incremental cost; doing so will certainly add value to the overall fraud prevention effort. And don’t overlook training front line employees in their role in protecting the corporate reputation.

Thoughtful, coordinated management of the fallout from a publicized fraud is the difference between a company stumbling blindly into a far worse reputation debacle than necessary, and heading off disaster by acting swiftly to contain the reputational damage and move the organization forward. CFE’s have a critical role to play in all of this.

Comments are closed.