Download (direct link):
Sexy or not, the forensic professional as organizational pathologist will continue to serve an important and continuing role in the organizationâ€™s life, for the detection of disease is always vital. As we have seen on television, doctor shows come and go, lawyer shows come and go, but the continuing importance of their
professional roles lives on. Perhaps we should enjoy our newfound sexiness while we can, but realize that while sex may come and go, the significance of our function endures.
As Yates noted so many years ago in his observations on the role of the internal audit function, it is tough to dance alone. Unless senior management is of the mindset that it is better to be aware of bad news and be able to act on it, the pathologist may find that while the patient is capable of being examined, he or she cannot hear. Thus is valuable, perhaps vital, information lost. Such concerns are far from academic. The New York Times reported in June 2002 of the experiences of analysts and auditors on Wall Street. They saw problems and reported them and got fired for their efforts. The Times notes of such actions:
What if the people who want to do the right thing can get no support, especially from executives hired to make sure regulations are followed? What if people like these are in fact punished for speaking out?67
Perhaps it is necessary that the power of the federal government be the motivating factor to open the lines of communication. Perhaps wise executives and board members will come to this conclusion of their own accord. Perhaps neither will happen, but given the climate of the times, it appears unlikely. In that scenario, those who choose knowledge over risk, and action over inaction, will be the ultimate winners.
PARTNERSHIPS FOR THE FUTURE
Partnership is a key element in most of the law enforcement models examined. What degree of partnership do we have already, and is it the proper amount with the pertinent partners, or must new alliances be forged? How, in times of resource constraints, do we ask more of other entities without being perceived as the organizational pest? From whom in the organizational hierarchy do we get permission to involve these resources?
We may be able to learn much from how at least one professional in a major company has approached this task. His concepts, while pertaining to the issue of partnerships, also speak significantly to areas such as leadership, advertising, and reconceptualization. George Campbell is the President of Fidelity Security Services, Inc., an arm of the massive Fidelity Investments financial services firm. In an address he gave to the National Food Service Security Council in July 2000, he touched on many of the lessons learned while building a highly successful corporate security function.1 While occupational fraud, and not corporate security, is our immediate focus, there is much to be learned from his experience, as both professions share many of the same issues.
The first issue Campbell cites is that top management tends to have little understanding of the security function, perceives it as not being proactive, and does not see it as having much to contribute to business decisions. Campbell refers to these factors as being part of the Influence Quotient of a corporate security program. He then lists those program elements he believes are necessary if a corporate security program is to be successful. These he refers to as a Program Legitimacy Index:2
â€˘ Unhindered access to the top
â€˘ Influence the strategic direction of the business.
PARTNERSHIPS FOR THE FUTURE
â€˘ Acknowledged stakeholder in the corporate risk management program
â€˘ Matters are escalated, no surprises.
â€˘ Senior management responds appropriately.
â€˘ Senior management exhibits support of the security policy.
â€˘ Sufficient resources to accomplish the protection mission
â€˘ Positive impact on the ethical hygiene of the firm
â€˘ Exclusive ownership of the firmâ€™s security program
â€˘ Customer base exhibits broad knowledge of the security program and risk awareness.
We may gaze on Campbellâ€™s list of successful program attributes in awe and wonder. We may say to ourselves, â€śSure, who wouldnâ€™t want their occupational fraud program to be in that shape? If my program looked like that, my job would be a hundred times easier.â€ť
The point Campbell is making is that hardly anyone inherits a security, or occupational fraud, program in such solid shape. The points he goes on to make are concerned with how one begins to achieve such an organizational presence. The first key element he cites is a qualitative reporting and analysis program. It is simply impossible to be taken seriously in an organizational context when one cannot even articulate the dimensions of the problem(s) one is seeking to address or what is causing them.
This, unfortunately, is the common refrain throughout much of the forensic community when it seeks to address issues of occupational fraud. Our definitions are leaky, our statistics are weak, and causation has been little dealt with in almost 30 years, at least in any organized and available sense.