One of the older and more basic concepts in fraud deterrence and detection is the “fraud triangle.” While researching his doctoral thesis in the 1950s, famed criminologist Donald R. Cressey came up with this hypothesis to explain why people commit fraud.
The three key elements in the fraud triangle are opportunity, motivation, and rationalization. Opportunity is the element over which business owners have the most control. Limiting opportunities for fraud is one way a company can reduce it.
The opportunity to commit fraud is possible when employees have access to assets and information that allows them to both commit and conceal fraud. Employees are given access to records and valuables in the ordinary course of their jobs. Unfortunately, that access allows people to commit fraud. Over the years, managers have become responsible for a wider range of employees and functions. This has led to more access for them, as well as more control over functional areas of companies. Access must be limited to only those systems, information, and assets that are truly necessary for an employee to complete his or her job.
Motivation, another aspect of the fraud triangle, is a pressure or a “need” felt by the person who commits fraud. It might be a real financial or other type of need, such as high medical bills or debts. Or it could be a perceived financial need, such as a person who has a desire for material goods but not the means to get them.
Motivators can also be nonfinancial. There may be high pressure for good results at work or a need to cover up someone’s poor performance. Addictions such as gambling and drugs may also motivate someone to commit fraud.
Lastly, employees may rationalize this behavior by determining that committing fraud is OK for a variety of reasons. For those who are generally dishonest, it’s probably easier to rationalize a fraud. For those with higher moral standards, it’s probably not so easy. They have to convince themselves that fraud is OK with “excuses” for their behavior.
Common rationalizations include making up for being underpaid or replacing a bonus that was deserved but not received. A thief may convince himself that he is just “borrowing” money from the company and will pay it back one day. Some embezzlers tell themselves that the company doesn’t need the money or won’t miss the assets. Others believe that the company “deserves” to have money stolen because of bad acts against employees.
Business owners and executives must take control of fraud by working on the portion of the fraud triangle over which they have the most control: the opportunity to commit fraud. It may be difficult for management to do anything about an employee’s needs or rationalizations, but by limiting opportunities for fraud, the company can reduce it to some extent.