Internal Controls in a Culture of Fear

… rendered ineffective by socio-psychologically savvy fraudsters – are at the core of my forthcoming talk at the ACFE Conference in Frankfurt a.M. The invitation to hold a session has prompted me to focus on Germany’s “hidden champions”, its famed Mittelstand.

Those over 3 million Small and Medium Enterprises (short SMEs) have come under increasing and severe pressure from foreign direct investment (FDI), mainly from China but also in the form of European and North-American mergers and acquisitions (M&As).

Frequently marked by hierarchical and even patriarchal structures, sceptical of progressive whistleblowing and informant practices and approaches thanks to its history, Germany’s SMEs have suffered substantial losses and remain fairly resistant to lessons-learned, resulting from fraud committed by social engineers (Business Email Compromise or BEC, also CEO-Fraud or ChefTrick) that continues to balloon.

Fraud, frequently conceptually misunderstood as an exclusively external phenomenon urgently requires more attention and a better grasp in terms of scope and depth (i.e. covering holistically the aspects of Wirtschaftskriminalität, Betrug and Missbrauch of resources, data etc.). It finds fertile ground in an organizational culture of fear in particular where:

  • speaking up and speaking out are equated with insubordination,
  • creativity is the privilige of certain departments, functions, individuals or hierarchy levels (or even demographics) and
  • social compliance dominates every action in the organizational routine.

These unhealthy parameters provide the perfect conditions for fraudsters who understand to read the obscure and subtle signs (or absence of such) of victim organizations.

Mitigating this fraud risk (and related reputation risk) and effectively tackling this wide-spread and potentially existency-threatening dilemma is not what most SMEs believe it to be: the current dominant knee-jerk response of staff firing and shame-driven hiding of failed (or barely existent) risk cultures is only adding power to fraudsters – thereby benefitting foreign investors and competitors.

Instead, smart empowering and effective risk strategies can leverage existing functions but require radical rethinking and a thorough understanding of the socio-psychological factors that cannot be engineered on paper into Germany’s SMEs.

Overcoming fear and building trust across functions are central to this type of progressive and sustainable immunization. Transparency and non-authoritarian leadership styles are key pillars in building this type of risk resiliency.

Conference attendees will have full access to my paper including appendix and references and the slides.

3 comments

  1. Dear Britta. Thank you for this paper. I think you are in front an actual with these thougths. I have just one comment. When you talk about this organizational culture of fear in particular where : speaking up and out are equated with subordination- I find a better meaning if you write – equated with the grade of subordination. Perhaps it is just me but anyway😀 Good luck with your presentation❤️

    Sendt fra min iPad

    > Den 23. mar. 2018 kl. 12.21 skrev RisikoKlár : > > >

    Liked by 1 person

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s