If you discovered a major fraud at your company, would you handle it in-house or call law enforcement?
That was the topic of a discussion on proformative.com, a networking site for finance executives. Participants in the discussion offered an eclectic mix of observations.
If, say, “Bob” was caught cashing a client’s check, the bar for calling the cops would be high indeed for said Regis Quirin, director of finance at Gibney Anthony & Flaherty. He said he’d need to weigh three pieces of information prior to recommending involvement by the authorities: (1) Do all facts lead to the same conclusion that Bob committed fraud? “Making a claim of fraud requires irrefutable evidence,” Quirin said. (2) Do we have any ability to recoup the monies from Bob? (3) Must we engage our client to help us understand if fraud was actually committed?
“It does not make sense to replace one fraud with two risks — i.e., the risk of a lawsuit from Bob and the risk of losing the client,” Quirin said.
Wayne Spivak, CFO at SBA consulting, took issue with all of Quirin’s points. While a company may have an internal policy not to turn in employees unless there is irrefutable evidence, Spivak noted that from a legal standpoint all that’s needed is reasonable suspicion. Second, Spivak said, “Going to Bob and saying ‘pay us back or we go to the police’ can place you in a precarious position of possibly being charged with extortion.” Third, “Engaging your customers is a must. They for the most part won’t pay you twice, but they’d want to know, because they too were defrauded and are part of the legal proceedings.”
An anonymous CFO of a government agency weighed in that not involving law enforcement can make the company liable because it failed in its fiduciary duty to protect shareholder interests.
But doing the opposite can be dicey as well, the finance chief said. He told of a case where a new employee was discovered to be stealing from Company 1 a few months after being hired. He was terminated, but Company 1 kept it quiet and the fraudster moved on to another job at Company 2.
During the course of the fraud investigation, it had been discovered that the perp had also been terminated by his prior employer for fraud. But when Company 2 called Company 1 when checking references, the latter didn’t say he’d been fired for fraud, but rather said there was a mutually agreed-upon separation. Company 1 was playing it safe, because the person’s guild had not been proven in the criminal-justice system.
Guess what happened then? Company 2 sued Company 1 for not revealing the truth. “You’re damned if you do and damned if you don’t,” the government CFO said.
Sara Voight, controller at Critical Signal Technologies, offered that if a company doesn’t have the funds for an investigation and doesn’t want to risk reporting the fraud to authorities, it should not provide any references. That doesn’t mean it can’t send a message. There is a difference, she pointed out, between “our company policy is to not provide references” and “we will not be able to answer any of your questions with regards to reference information outside of hire dates and salary.”
Another anonymous participant told of once discovering that his or her boss, the company treasurer, was committing fraud and that it was a hard decision to call the boss out. Quirin responded that if you discover fraud you should report it internally, regardless. “I understand the difficulty,” he said. “However, if you know about it and turn a blind eye, you may as well be party to it.”