| When you become CIO, it turns out that you're | | | | Certified Fraud Examiners (ACFE) revealed that |
| going to have a lot more on your mind than just | | | | companies may be losing up to 7% of their annual |
| how to use the latest and greatest technology to | | | | revenues due to employee fraud. Now that's a big |
| help the company run faster. You've got a | | | | number! |
| problem that starts with "F" and rhymes with | | | | There's lots of ways that IT staff along with the |
| "Baud" and that stands for Fraud... | | | | rest of the business can commit fraud. However, |
| Bad Times Make Fraud More Likely | | | | if we had to group them together, they'd all fall |
| When things get tough at a company, people | | | | into one of three different buckets. These |
| start to feel the pressure to deliver results no | | | | groupings are: asset misappropriation, corruption, |
| matter what. Some recent studies by behavioral | | | | and financial statement fraud. It turns out that |
| psychologists have revealed a trait that all of us | | | | asset misappropriation is the most common and |
| have called "reframing". This occurs when in order | | | | averages roughly $150,000 per event. On the |
| to get away with cheating, we adjust the | | | | other end of the spectrum, financial statement |
| definition of cheating so that it excludes our | | | | fraud is the least common but the most |
| actions. Neat trick, eh? | | | | expensive - it costs the company $2M on |
| What this means for you soon-to-be-CIOs is that | | | | average every time it occurs. |
| just about anyone working for the company is | | | | How To Stop Fraud |
| capable of committing fraud. Hard times brought | | | | So how does the CIO fit into all of this you may |
| on by, oh say, a global recession, can boost the | | | | be asking yourself? The answer is actually very |
| chances that someone will cross that line that | | | | simple: good leadership. The goal of every CIO |
| should never be crossed. | | | | should be to prevent IT staff from making bad |
| The Fraud Triangle | | | | judgement calls before they become fraud. A CIO |
| Look, you're going to become the company's CIO | | | | who establishes clear standards for the IT |
| and unfortunately that's not going to suddenly | | | | department to follow has gone a long way in |
| equip you with magical mind-reading abilities. | | | | preventing fraud from occurring in the first place. |
| Instead you are going to have to be aware of | | | | Of course, we're talking about the IT department |
| what is called the "fraud triangle" and keep you | | | | here and so there has to be a second level of |
| eyes open both within and without the IT | | | | effort - fraud detection. The CIO has access to |
| department. | | | | the entire company's data and it's electronic tools. |
| The fraud triangle has (of course) 3 sides to it: | | | | He / she is best suited to working with the CEO |
| pressure, opportunity, and that ability to rationalize | | | | and CFO to implement the IT sensors that will |
| your actions that we've already talked about. Any | | | | alert them if something unusual starts to happen. |
| one of these by itself probably isn't enough to | | | | What All Of This Means For You |
| push one of your staff to do something that the | | | | Fraud is, unfortunately, all too common in modern |
| entire company might regret, but put all three of | | | | companies. A CIO has a key role to play in both |
| them together and you've got the makings of a | | | | preventing fraud from occurring within the IT |
| serious problem. | | | | department and detecting it when it happens in |
| 3 Categories Of Fraud | | | | other parts of the business. |
| So how big is this fraud thing? Well first you need | | | | Understanding that anyone can end up committing |
| to understand that study after study have shown | | | | fraud given the right set of circumstances is the |
| that people will cheat if they think that they can | | | | key to preventing it. CIOs need to establish clear |
| get away with it. What makes this even more | | | | standards that make sure that everyone knows |
| amazing is that they will cheat no matter what | | | | what is and is not acceptable behavior within the |
| their background is (Ivy Leaguers do it too) and | | | | company. |
| they'll cheat even if they really don't have all that | | | | In the end, it's the tone set by the CIO that will |
| much to gain by cheating. | | | | be communicated down to the rest of the IT |
| This is a big deal for companies. A 2007-2008 | | | | staff. Preventing fraud is something that a CIO |
| survey that was done by the Association of | | | | can do by leading by example. |