If an employee steals from the organisation he or she is working for there are a number of ways in which this can be dealt with. The decision will no doubt be based on the organisation’s fraud policy and what it wants to achieve. Does it want its money back, to sack the fraudster or to make a public example of the issue? The alternatives include:
- Reporting the employee to the police – the police may or may not be interested. If they are – they may investigate. If they do, this can be disruptive to the business. Often however, given the shortage of police fraud investigation resources the response to a fraud report may well be a request to provide comprehensive details of the occurrence i.e. effectively to go and investigate the fraud yourselves!
- Commencing some form of disciplinary action in order to safely remove the fraudster from the business. This has to be done with care because inappropriate treatment of staff can lead to claims for unfair dismissal or constructive dismissal – even by the guilty fraudster!
- To investigate the fraud using internal or external resources with the view to instigating some form of civil litigation for recovery of the losses due to fraud.
Very often, however, an organisation will do none of the above! They will let the perpetrator go with a reference on the understanding that this is the end of the matter. Incredible though it seems, this is exactly what some major financial institutions or publicly listed companies will do. Not wanting any publicity to impact share prices perhaps, they prefer to hush the matter up!
I am aware of one major building society turned bank that caught one of its employees recently having fraudulently obtained substantial loans and conducted a preliminary investigation. Then they simply asked the person to leave. Around a month later it emerged that the person was working nearby, in one of the UK’s largest credit card insurance providers!
The fraudster was able to obtain another sensitive position, obviously with the assistance of a reference from its former employer. This is irresponsible action by the bank, as it sends out a strong message to would-be fraudsters that it is possible to get away with it. It flies in the face of all fraud prevention efforts being preached by the regulators, various fraud fora and even by fraud experts like myself. How can we combat fraud, if we do not deal with it fully when discovered?
The recent news that a number of T Mobile employees were selling customers details to competitors shows how lenient penalties can encourage fraud and theft. In this case we have the Information Commissioner complaining that the maximum fine of £5,000 from the Magistrates Court is unlikely to be reached, and that harsher penalties should be available to deter this activity. Why do we not simply prosecute – it is theft after all!