Internal Crime Prevention
property — like laptops
lent by the company —
can deter and prevent
crimes committed by
By Susannah Levine
Given the steady drumbeat of school shootings and other horrors, risk managers can’t afford the outrage fatigue that numbs Americans, especially given the unsettling fact that their companies’ resources — human, electronic, automotive — could be used to commit a crime.
Economic crimes — fraud, espionage, embezzlement — are commonplace.
PwC’s 2018 Global Economic Crime and Fraud Survey reports 49 percent of
global organizations have experienced economic crime in the past two years, and
51 percent of frauds were inside jobs.
As different as violent and economic crimes are, risks of both can be mitigated
through management practices: careful hiring, background checks, on-the-job
monitoring and probing exit interviews, industry experts agree.
OUNCE OF PREVENTION
A background check on a prospective employee is not an off-the-shelf affair,
said Richard G. Hudak, managing partner, Resort Security Consulting Inc., but
a thoughtful, detailed inquiry by a reputable organization appropriate to the
applicant’s prospective duties.
“A $25 computer ‘background check’ isn’t a background check,” he said. “Real
ones look at sex crimes, drunk driving, serious debt, mismanaged credit, multiple
divorces and bankruptcy.”
A veteran consultant to the hotel industry, Hudak said, “Bankruptcy isn’t a big deal
for guys moving banquet tables around, because they don’t have access to guest data.”
However, bellmen and housekeepers with access to property should get a more
thorough check, and front desk clerks, who have access to credit cards, should
undergo even greater scrutiny.
For pilots, he said, any domestic violence, DUI, or dishonesty about
employment or education should be a disqualifying event.
Exit interviews can deter theft of intellectual property, said David Taylor,
managing director, Protiviti, by employees who leave on good terms of their own
volition and by disgruntled or laid-off workers.
“When people leave, they can release their research, proprietary information,
network and customer information into the wild.”
Employers have limited tools to “prevent them from downloading that
intellectual property to their new employer,” Taylor said, and exit interviews are an
important reminder not to do it.
For example, Waymo sued Uber last year, alleging departing employees gave
the ride-hailing company access to Waymo’s trade secrets covering technologies
needed to build autonomous cars. The suit ended in a settlement.
Because debt, divorce, addictions and despair can turn good employees
bad over time, periodic checks after hire are a good idea, said John Farley, vice
president, cyber risk practice leader, HUB International.
So are controls on access to information.
“Limit access to information on a need-to-know basis,” he said. Classify
all data, monitor it in real time, block thumb drives and other exit points for
information and set up immediate
notifications if certain information is
emailed. Block file-sharing websites.
Background check best practices also
apply to contractors, said Scott Moritz,
managing director, Protiviti. Even with
the best controls, employees can go rogue.
For example, Edward Snowden, a
government contractor, infamously
leaked a veritable trove of National
Security Agency secrets in 2013. An
investigation afterward showed his
background check was incomplete,
• Fifty-one percent of company
frauds were found to be inside jobs.
• Conducting exit interviews
discourages employees from
sharing company secrets.
• Best practice is to review
exclusions surrounding employee
behavior when off the clock.
“Social change happens when
people, like employers, bear
excessive or unfair costs of a
— Heidi Li Feldman, professor of law, associate
professor of philosophy, Georgetown University Law
Monitoring employee use of company property is one way to prevent internal crime.