Fraud and Workplace Culture

Last week’s blog was about the three types of fraud and how to prevent them. Typically, organizations lose 5 percent of revenue to fraud each year. Think about how much that means to your organization’s bottom line. Not pretty. Fraud hits smaller organizations and nonprofits even harder, which means a bigger bite out of annual revenue.


The Association of Certified Fraud Examiner’s 2018 Report to the Nation on Occupational Fraud and Abuse says that the median loss of fraud cases examined over the last two years was $130,000. Twenty-two percent of losses exceeded $1 million!


Organizations can be reluctant to report fraud to law enforcement for two related reasons – bad publicity and poor internal disciplines. Reputations and bottom lines are hurt when a fraud case is exposed in the headlines. It’s even worse when the story behind the headline reveals that financial controls and oversight were so lax, the organization essentially handed the stolen funds to the fraudster.


Financial controls that fail to detect or prevent fraud are the symptom of a larger issue – poor workplace culture. What is that, and why is it important? Workplace culture is the personality of an organization – the values, accepted behaviors and attitudes that make the environment and its people work together.


Part of a strong workplace culture is promoting ethical, honest and transparent actions, starting with senior management. A strong tone at the top goes a long way to letting everyone in the organization know that dishonest and unethical behavior is not tolerated. Fraud is less likely to occur in an organization with strong workplace culture and tone at the top.


So here’s the ironic part. In a recent report, The Culture Economy, 60% of smaller business leaders think that strong organizational culture is a “nice to have” thing, not a necessity. What?! Just look at the fraud statistics to see how essential workplace culture is to the financial success of an organization. Sure, not everyone working in a place with lax financial controls is going to commit fraud; but lax controls make it easy for the dishonest or financially-stressed employee to steal or engage in corrupt practices.


A strong workplace culture lets your employees know that fraud and other dishonest behavior will not be tolerated. Of course, strong financial controls and oversight are important. Clear messaging about expectations and appropriate actions go a long way to making sure your employees know that fraud will not be tolerated.

Appearances Matter

Many organizations rely on outside vendors for their technical or professional services, materials, or other special needs. Those needs could be specialty skills, bulky or fragile materials, and other needs that are not practical to provide in-house. Clients and customers might never know that vendors are involved because they appear to be part of the organization.


Appearances can be deceiving but they really matter. Vendors intended to help organizations with expertise or capacity can end up hurting instead, if they don’t perform as promised. And if they appear to be part of the organization, guess who ends up getting hurt and looking bad? You guessed it – the organization!


Three simple steps help organizations avoid vendors who appear to be helpful, but end up hurting productivity, profit and reputation:


  1. Do Your Homework

There are a lot of choices out there, not all of them good. Weeding out the dreck and identifying vendors that meet the organization’s standards takes time and effort, but it really pays off in results. Start by defining your standards for quality, timing, and other specifications necessary for the vendor to meet the organization’s productivity and reputational needs. Involve your network and professional associations to get referrals that appear to meet the standards that you defined.


  1. Get Proof

Sure, trusting your instincts is part of selecting from the referrals you get. But relying solely on a prospective vendor’s word about her or his track record is an invitation for issues — expensive issues. Ask prospective vendors to provide proof of her or his performance. References provide insight, too, but other organizations don’t share your objectives, requirements and standards. It’s not a one-size-fits-all world, so make sure you get proof that you can trust the vendor to deliver.


  1. Monitor and Inquire

Once the vendor choice is made, it’s important to have confidence going forward that the choice was a good one. That takes regular monitoring and periodic inquiries to let you know that the vendor is helping, not hurting. Figuring out what to monitor and how takes time and effort, just like Doing Your Homework. Monitoring not only provides the organization with peace of mind, it lets the vendor know you’re watching and you care about performance.


Relying on vendors can be great, but it comes with risks. Protect your organization’s reputation and bottom line by managing vendor risk using the three simple steps above. Sure, it takes time and effort, but it’s well worth protecting your organization from being hurt by a vendor who appears to be helpful, but is hurting your organization instead.

Vendor Risk and Your Reputation

Recent news about Facebook and user data highlights the need to understand how your organization’s confidential data is protected. As if we needed another reminder! Sure, it’s a big, extreme and public example most of us cannot relate to. Splashy news stories are an opportunity for you to think about your own organization’s risk exposure related to data protection, without the splashy headlines.


These days, many businesses outsource services to third party vendors. Those vendors could have access to or be responsible for your organization’s confidential data. How can you make sure that those vendors are protecting your data as well as, if not better, than you would? How do you prevent your organization from being the victim of a data breach and avoid the negative on your reputation and operations?


Organizations should, at minimum, take three simple steps to protect their data and reputation from vendor risk:


  1. Written Agreement

Data protection responsibilities and expectations must be clearly delineated in a written agreement signed by both parties. Sufficient details should be included to clearly describe what controls and precautions are in place, who is responsible, how controls and precautions are validated, and when validations are performed. The agreement should also address the assumptions and performance expectations for your operations and controls.


  1. Vendor Monitoring

Use the data protection responsibilities and expectations in the written agreement to determine the vendor activities for you to monitor. Monitoring can take many forms, such as system or management reports and performance test results. Don’t hesitate to ask the vendor for documented evidence. Taking the vendor’s word without proof can backfire later.


  1. Hold Up your End

Vendors with access to or responsibility for your confidential data are depending on your organization and your workers to fulfill certain responsibilities. If a data breach or other performance issue occurs and you have not held up your end, the vendor could escape taking the appropriate responsibility – or liability. Remember, outsourcing doesn’t mean a total hand-off.


Data breaches, splashy headline or not, can be expensive and damaging to your organization. A vendor you depended on could be the cause. Outsourcing can be great but it comes with risks. Protect your organization’s reputation by managing vendor risk using the three simple steps above.


Reputation is a Fragile Asset

Back in June, I blogged about the risks of Inappropriate Tone at the Top, and what leaders can do to promote an ethical culture. Making it clear that unethical conduct will not be tolerated helps to avoid the costs of lawsuits, fraud, and decisions that are not in the best interest of the organization. I was reminded of that blog when I read the news reports about Kobe Steel, in the New York Times article, Kobe Steel’s Falsified Data Is Another Blow to Japan’s Reputation,  and heard about it on NPR.

For decades, Kobe Steel, Volvo, Wells Fargo, and other companies built and sustained reputations for quality, reliability, value – the attributes that made their brands. Having a great reputation generally results in having a larger market share. A great reputation could also mean commanding a higher price than competitors. Why not? Clients and customers are willing to pay a premium for that reliability and quality.

It is difficult to imagine why the leader of any organization would take risks with a long-established, stellar reputation and completely blow it up. On top of all the greed and hubris, another reason must be that those leaders do not recognize that a good reputation is a valuable asset. A good reputation is also an incredibly fragile asset, as evidenced by the Kobe Steel example. What was built over decades can evaporate in a day, or less.

I do not pretend to know what motivated the leaders of Kobe Steel, Volvo, or other companies to squander their stellar reputations. I do, however, offer five questions to ask before using sub-standard materials, lying about test results, enrolling customers in unrequested programs/services, or engaging in other compromising behavior:

1. Would I be 100% comfortable if my actions or decisions were disclosed in the news?

2. Is meeting profit goals more important than meeting customer/client needs?

3. Is my product or service safe enough for my parent/child/spouse to use it?

4. Do I want to risk all of the time and effort I’ve invested in building my organization?

5. Is my organization protected from prosecution or other claims of negligence or malfeasance, if necessary?

Answers to these and other questions are completely subjective, of course. But these are valuable questions to reflect on in order to uphold your organization’s reputation. Treat your good reputation as the incredibly fragile asset it is. Don’t blow up in a day what took years to build.



Your New Worker: Employee or Contractor?

When your organization needs more help, you might be too busy and stressed to think about all the details. Worker classification — employee or a contractor — takes a back seat to more immediate concerns, like the worker’s start date and assignments. In reality, how your workers are classified should be your first consideration because it impacts your cost.


What is Worker Classification?


Workers can be employees or independent contractors. Determining worker classification comes down to the amount of control over the worker and the work in three categories:


  1. Behavioral: Do you control what the worker does and how the job is done? For example, who determines work hours and how the work will get done? If you set work hours and procedures, your worker is an employee.


  1. Financial: Do you provide the infrastructure for the worker to perform the job, such as a work space, computer, and other tools? Your worker is an employee.


  1. Relationship: Is the work permanent or temporary? Are employee-type benefits provided? Permanent workers who receive employer-provided benefits are employees. Temporary workers could be employees or independent contractors, depending on your level of control under #1 and #2.


How Does Worker Classification Impact Cost?


Costs can be higher when workers are classified as employees vs. classifying them as contractors. Employee wages are subject to employment taxes, the employer portion of social security taxes and all federal and state unemployment taxes. Employees may also get employer-provided benefits, such as insurance. An independent contractor is responsible for paying all of her or his social security taxes and benefits. Compare the total cost of each worker classification to know how your decision will impact your bottom line.


What If a Worker is Misclassified?
Even if the costs are higher, workers whose job duties are controlled by the organization must be classified as employees. No choice. Organizations that misclassify employees as independent contractors to save on employment taxes may be held liable for unpaid employment taxes, plus interest and penalties. Making a worker classification error, accidentally or intentionally, can get pretty expensive.


The IRS has more helpful details at Still have questions? Consult a qualified tax professional.

The Budget: A Waze App to your Financial Destination

When you’re going to a new destination, you use a navigation app like Waze. Your financial goals are just like that new destination – you’re not quite sure how to get there. So how can you navigate towards achieving your financial goals? You set-up and follow a budget. Your budget is your Waze App (a.k.a. Road Map for most over 50) to finding your organization’s financial destination (a.k.a. your goals).


A budget navigates your organization toward achieving Three Financial Goals:


  1. Immediate Needs

Identify the amount of income and expenses that you expect to receive and pay out for the year to operate your organization. Build the budget line-by-line, carefully considering the reliability, amount, and timing of each item. Start with income and expenses for which a contract or agreement is in place. Include other items based on their likelihood to occur and your organization’s track record. Be realistic and document any assumptions that you make.


  1. Infrastructure

Beyond the day-to-day operations, you need to invest to keep up with technology or replace equipment that has reached the end of its useful life. Assess the condition of your vehicles, computers, and other property that you depend on to manage your operations, data, and communications. Determine what needs to be replaced, when, and the cost. Any replacements that don’t fit into the current year’s budget should be included next year, or in the future.


  1. Future Growth

Growing your market, programs, or services takes money. Budgeting is a thoughtful process that helps you plan for growth and funding. Budget time is when you assess your current financial scenario and previous track record, and plan your future. It’s the perfect time to weigh the costs and benefits of growing, and determine how to fund those costs. If those costs exceed what you can fund yourself, does borrowing or bringing on an investor make sense?


You wouldn’t drive to a new destination without a navigation app. Why would you navigate your organization toward its financial goals without a budget? Developing a budget and using it as a navigation tool will help your organization stay on track to achieving financial goals for immediate needs, infrastructure, and future growth.



Players for a Winning Advisory Team

As a business owner or nonprofit leader, you are an expert in your field. But one individual cannot be an expert in all the areas required to run an organization. You need a team of trusted and qualified advisors to guide you through setting up the organization, planning for sustainability and growth, and managing the operations.


Who are the Players you should have on your Winning Advisory Team? Every organization should recruit Players for these five Advisory Team Positions:


  1. Legal – You need input from an attorney to decide what type of entity to form (e.g., sole proprietor, partnership or corporation), know the applicable laws for your organization, develop contracts, and establish human resource and other policies. Nonprofits also need guidance for establishing bylaws and protecting the Board.


  1. Financial – Setting up your financial record keeping, reporting, and processes is not as easy as loading the accounting software. You need a financial professional with experience establishing and performing the accounting, financial reporting, and monitoring necessary for accurate and reliable information to run the organization.


  1. Insurance – Protecting your organization, its people, and its assets could mean transferring risk to insurance coverage. An experienced insurance professional will help you understand what types of coverage are needed and how much. Working with an independent insurance broker provides more choice in coverage options.


  1. Taxes – Even if you prepare your own income taxes, you are probably not equipped to keep up with all the business income, payroll, property, real estate, sales, excise, and other tax rules and requirements. Not to mention the special information filing requirements for nonprofits. A tax professional is needed on every team.


  1. Information Technology – Organizations depend on technology for their day-to-day operations and to secure their information. Every organization needs an IT professional to keep its operating system, applications, phone system, e-Commerce, and other connectivity up-and-running and secure. If your systems go down, you go down.


Your business or nonprofit must have a Winning Advisory Team to set up, manage, and grow the organization. Recruiting for the right Winning Advisory Team members will put you on track for a winning season this year, and in future years.


Achieve Goals by Tracking Progress

Your organization’s goals are spelled out in budget and planning documents. Those goals are usually established at the beginning of the year. At the end of the year, you see if the goals were achieved. Do you really want to wait until the year-end?


Probably not. Year-end is too late to find out whether goals were met.


Tracking established goals is the best approach to manage your organization’s progress and avoid getting knocked off course. Organizations achieve their goals with tracking mechanisms that address these four areas:


  1. Result Areas – Think about what “success” looks like for your organization. Identify the outcomes, roles, and processes that are essential to achieving success. Result Areas may be specific to your industry or market. They can be financial, operational, or programmatic. Examples include achieving specific profit margins, quality standards, or market share.


  1. Indicators and Attributes – Select the outcomes, roles, and processes that are necessary to achieve the established goals. There’s a lot going on in your organization, and you can’t track all of it. Focus on the essential activities that MUST work for each goal to be achieved. Identify the information needed to get a view of what’s going on, and whether things are working well or not, such as financial, production, and employee reports.


  1. Collect and Report Data – Standard processes for collecting, tracking and reporting data helps ensure that information is reliable. Automation generally increases accuracy and makes it easier to obtain. Define “normal” profits, volumes, transactions, etc., to help recognize results that are abnormal, or “exceptions” that require more attention. Include all applicable stakeholders in defining normal vs. exception results.


  1. Analyze and Act – Review tracking reports and interpret them based on circumstances and established goals. Analyzing trends can help organizations see an issue early, before it grows to a crisis. Exception results should be assessed in an effort to understand what is causing the exception. Knowing the cause of the exception helps to identify corrective actions help get things back on course.


Don’t wait until year-end to see of your organization’s goals were achieved. Use these four tracking mechanisms to manage your organization’s progress and stay on course.