Covid cheats

Managing insider-fraud risks in a pandemic

Insider-fraud risks are on the rise as the economic and psychological fallout from the COVID-19 pandemic takes its toll on organizations and their employees. Understanding these risks and knowing how to manage them will be an important part of many CFEs’ jobs.

When a medical device packaging company fired Christopher Dobbins in March last year just as the COVID-19 virus was starting to spread across the U.S., he decided to seek revenge on his former employer.

Shortly after receiving his last paycheck on March 26, 2020, Dobbins accessed the company’s computer system with a fake user account and sabotaged its electronic shipping records. The hack resulted in $200,000 in damages and, perhaps worst of all, delayed the delivery of  vital personal protective equipment to Americans seeking ways to defend themselves against the threat of the new virus. (See Former employee of medical packaging company sentenced to federal prison for disrupting PPE shipments, U.S. Attorney’s Office, Northern District of Georgia.)

While such acts of revenge have long been commonplace among employees, the COVID-19 pandemic has only exacerbated the threats from insider fraud. Perceived unshareable financial need, perceived opportunity and rationalization — the three components of the Fraud Triangle — have been increasingly present during the COVID-19 pandemic. The economic hardship caused by the health crisis and the subsequent psychological pressures have brought these motivating factors to the forefront for committing fraud.

This is especially true for insider or internal occupational fraud. With many organizations laying off employees and many fearing for their jobs, the motivation to embezzle funds to cover basic financial needs is strong.

Employees’ desire to seek revenge for severe layoffs and pay cuts might also spur staff to undertake fraudulent activity. Consulting firm Deloitte, which emphasized these dangers in a recent report, warned that organizations’ efforts to cut costs during the economic downturn through layoffs could create incentives for employees to commit fraud. (See COVID-19 Operating in the ‘new normal’ – A backdoor to increased fraud risk? Deloitte.)

Indeed, amid the uncertain economic backdrop caused by COVID-19, both financial motives and perceived opportunities for insider fraud abound. Some U.S. and U.K. insurance experts have warned that insurance  staff  working from home could carry out opportunistic fraud to alleviate some of the financial difficulties caused by the pandemic. They said that those employees are also vulnerable to professional fraudsters who use social engineering to steal data from insurance policies and claims. (See Industry experts warn of insider fraud as a result of Covid-19 pandemic, by Katie Scott, Insurance Times, April 30, 2020.)

Lockdowns and working at home have caused employees emotional stress, and even trauma, but they’ve also elevated insider and external fraud risks. Individuals under pressure are prone to rushed or irrational decision-making and hence are easy targets for criminals.

Companies of all sizes are vulnerable to this type of fraud. One such case recently occurred at electric car maker Tesla where a Russian national allegedly offered an employee $1 million to help orchestrate a ransomware attack at the company. (See Russian pleads not guilty in foiled Tesla ransomware plot, by Ken Ritter and Scott Sonner, AP, Sept. 24, 2020, and Russian National Indicted for Conspiracy to Introduce Malware into a Computer Network, U.S. Department of Justice, Sept. 4, 2020.) Organizations that fail to reassure and support employees to help alleviate the psychological impacts of the pandemic could increase motivations and rationalizations to commit insider fraud.

For full access to story, members may sign in here.

Not a member? Click here to Join Now. Or Click here to sign up for a FREE TRIAL.