Stop A Crook Employer

It is often reported that crook employer(s) exist and would abuse the personal information and identities of their own employees if given the opportunity, incentive and rationalization or justification to do so. Opportunity, incentive and attitude are the 3 elements of any fraud. The first 2 (opportunity and incentive) must exist for fraud to occur. I have previously discussed the unauthorized sale of personal information by dishonest employees who have access to the personal information of their company’s clients. Some of these employees may have the opportunity (access to client information), the incentive (motive to make hard cash), and attitude or rationalization (the company doesn’t pay me enough or I deserve it) to commit such fraud. However, what are the fraud elements of crook employer? Let’s analyze the 3 fraud elements as they apply to these employers and how they can be controlled:

Opportunity- Employers not only have access to their employees’ personal information but in some cases and business types such as mortgage brokerages, they have also access to a huge number of client personal information (width) and vast amount of details about each client (depth). Usually, the “opportunity” element of a fraud can be taken out of the fraud equation through access restriction and segregation of duties. I have come across many cases in my internal audits of major corporate operations where the executives had unrestricted and unnecessary access to restricted sensitive information and other company assets they did not need to have to perform their duties. Company executives should be subject to the same security policies and access restrictions as all employees. Access to buildings, specific areas, and computers should be granted based on business needs and not because a CEO is automatically entitled to such access. This argument would be even stronger if this were a public company.

Incentive or Motive- I have an easier time to maybe understand the motive for an hourly employee making minimum wage to sell valuable client or employee information for some decent money, but I have a harder time to figure out a Chief Executive Officer’s incentive in doing so. In one case, a CEO, used the names, addresses and social security numbers of some of its 50 employees to steal over $1 million from various creditors. How do we start to figure out the motive of these people or make any sense of it? Could it be that he hated his employees so much that he needed to hurt them for pleasure? Or, could it be that he was looking for some excitement in his life? These are some hypothetical and potential motives but I think it was the financial motive that made him do it. Isn’t the financial gain and greed always the best motives when it comes to white collar crime? So, how de we manage the incentive risk of a crook employer to prevent him or her from abusing his employees’ or clients’ personal information? Well, should the shareholders compensate them even more to discourage them from doing stupid things? I think not as greed always prevails. Maybe that’s why a lot of CEOs have multi-million dollar contracts; to take any financial motive off the table for these powerful CEOs but past a threshold or salary ceiling, the high compensations rarely work in my opinion. For example, to prevent identity theft committed by CEOs, does it matter if these CEOs make $1 million or $15 million? Would $15 millions make them less greedy? I don’t think so. It’s about ethics and reasonable compensation to eliminate the incentive. Monitoring the financial situation of these companies, their CEOs and other managers would be a great way to detect potential signs of incentive for identity theft. Of course, without any opportunity, it would be difficult for them to misuse personal information, even with a good incentive. Public companies with a Board of Directors’ oversight are better positioned and more capable to monitor their CEOs.

Justification- Attitude, rationalization or justification is also an important element for a crook employer to abuse the employee and client trust by violating their privacy which was disclosed to them when the employees were first hired or clients did their first business transaction. Again, I have a hard time to figure out the rationalization of these well compensated crook employer(s), but maybe human greed and addiction to drugs, gambling or sex help them with their rationalization process. After all, they’re also human.

In conclusion, preventive and detective controls through access restriction, background checks, training and education, awareness, monitoring, investigations by experienced auditors and establishment of a corporate identity theft officer, can minimize the occurrence of such unauthorized misuse of employee and client personal information or other company assets by a crook employer, and, increase the detection possibility of such crime.

Return from crook employer to the workplace protection main page.

Identity Protection Insights Newsletter

Effective identity protection requires dynamic and integrated solutions. This site provides awareness, education and many solutions to address the growing problem of identity theft. Please sign up for the Identity Protection Insights newsletter to receive periodic notification of important articles and solutions, major identity theft news analysis, fraud alerts, and other service announcements.

Enter your E-mail Address
Enter your First Name (optional)
Then

Don't worry — your e-mail address is totally secure.
I promise to use it only to send you Identity Management Journal.