Overachieving Fraud Wolves in Sheep's Clothing

Follow this CFE consultant as he uncovers top collection reps at a business call center who inflated their performances for more money and job advancement. Lesson? Do not always follow the money.

Sometimes we find fraudulent activity occurring in the most unsuspecting places. What started out as a routine examination into a tip from an anonymous call-center employee who was concerned with the large number of suspicious credit card payments a few fellow employees were processing, turned out to be the discovery of a whole new area of call center fraud operating right under the noses of management, compliance, internal audit, quality assurance and even fraud committee members.

A call center environment can foster many credit card processing scams. The most popular is for call center agents to retain credit card account numbers, expiration dates and security codes for themselves or to sell to fraudsters. We also see this scam in restaurants and other retail industries. Fortunately, in this case, the employee who called the hotline supplied the locations and names of the suspicious employees and claimed that the number of payments they processed was far beyond the norm.

As an outside consultant, I first had to become familiar with the work of the business unit and the group in which the suspected employees worked. That unit handles inbound and outbound phone calls with customers who are past due on delinquent accounts. The collectors, who use defined call scripts, process payments through a number of payment options for consumers, including mailing payments, self-performed Internet payments, check by phone, automatic account debit and, naturally, credit card and debit card payments processed over the phone. The company provides exceptional training services for the employees and monitors their work so they comply with company policies, procedures and applicable federal, state and even some local statutes. An automated account management system documents all work, and the company records all phone calls.

Next, I zeroed in on the accused employees because the tipster had not provided specific details of the alleged fraudulent conduct. I listened to call recordings, reviewed the corresponding accounts associated with calls and sat in on some blind monitoring of the collectors' live calls. Nothing seemed out of the ordinary. The targeted collection representatives were very professional, positive and helpful to consumers.

I expanded the investigation to several previous months and increased the sampling of calls and accounts. I reviewed consumer complaints containing allegations of unauthorized charges to see if these collectors had handled them. I still found no questionable conduct. As a final part of the examination, I interviewed the entire business unit staff to uncover any other employee suspicions of fraudulent activities. I immediately saw that the group members were extremely competitive, but management encouraged this through bonuses and advancement to high achievers.

After six or eight interviews, I believed I discovered the employee who filed the anonymous report to the hotline. She made remarks that those who "know how to work the system" are the ones who make bonuses and advance, while those who "play by the rules" are stuck, live paycheck to paycheck and are passed over for promotions. She struck me as either a disgruntled employee or someone tired of seeing cheaters prosper. After a few additional probing questions, I had what I needed to develop a theory for what may be the most unsuspecting fraudulent activity I have ever uncovered. I tore into the historical performance measurements, metrics, reports and employee files of the business unit. What I found was shocking.

My interviews with the business unit's management and review of historical documentation showed clearly that the top collection representatives processed over the phone as much as two to three times the number of credit card and debit card payments as the average collector. Incentives for the number of credit card payments allowed representatives to earn bonuses.

After I traced the payments to the accounts, I noticed that some collection representatives would set up customers on payment plans to charge their credit cards once or even twice a week, instead of the typical payment plan for once every two weeks or monthly. The total amount the customer paid was the same, but it was broken down into smaller amounts and processed regularly to increase the number of payments per week. Ironically, these "top-performing" employees appeared to be the most talented, dedicated, hardest-working phone representatives in the business unit.

As I reviewed the employment records and performance reviews of the current and former supervisors and managers of the business unit, I found it crystal clear that they had all worked their way up in similar fashion. They routinely outscored their peers at the performance metrics. I expanded my investigative analysis to other call center business units and found the same conduct.

DRIVING EMPLOYEES TO CHEAT

Much has been written, preached and practiced in the area of employee motivation, especially for those directly interacting with customers. Management drives them to shatter sales and service records, surpass customer satisfaction standards, hit key performance indicators, out-hustle the competition and find ways to do more with less. We set goals and budgets, apply performance metrics, and offer various bonuses and creative incentives.

Organizations monitor and evaluate employee performance, and top achievers climb up corporate ladders. If you are passed over too many times you are branded as stale, and you may lose all hope to advance. Those who earn promotions then study the playing fields and develop their strategies to move up the next rungs of corporate ladders.

Capitalism through competition. So what is there to worry about? Plenty. Let us take a deeper look into this activity.

Typically, CFEs, internal auditors, external auditors, and risk and compliance managers will search for fraudulent employee activity by focusing on employee theft, embezzlement, expense account fraud, larceny, fraudulent check writing or cashing, vendor contracts and countless other schemes. They follow the money and focus on financial transactions and reporting as sources for discovery. But significant fraudulent employee activity can be occurring in the open, and we fail to recognize it or the severity of the risks and potential losses.

We are familiar with criminologist Dr. Donald R. Cressey's fraud triangle that defines fraud as the convergence of three factors to set the climate for fraud: pressure, opportunity and rationalization. CFEs are trained to focus their sights on the business resources, processes, procedures, employee activities and personnel to detect the potential for, and existence of, the fraud triangle factors. Nevertheless, many fraud examiners do not recognize the existence of these factors in the out-in-the-open business environment because we are diligently sleuthing for the not-so-obvious, hidden schemes buried deep in the organization. Is it possible that fraudulent activity is fully accepted and expected? If so, where, and how do we identify it?

THE NUMBERS CAN LIE

In this case, the use of data was essential to steer the investigation in the proper direction. Looking at the total payment processed by the representatives in the group in Figure 1 (below), we see no significant variance. In fact, the highest producers of total payments are reps 112 and 117. However, drilling into the number of debit card and credit card payments processed quickly reveals a statistical anomaly. Reps 114 and 118 clearly processed a disproportionately higher number of these payments than the others in the group. Because the company incents reps with bonuses and awards to obtain these payments, Reps 114 and 118 benefitted. 

[Figure 1 is no longer available. — Ed.]

This information caused us to review the details of payments and customer accounts. We were alarmed to see that these reps were breaking policy by processing payments as often as two times per week on the same customer account to artificially inflate the number of payments and earn bonuses. The consumers agreed to this practice when the reps told them it was necessary to keep activity occurring on their accounts so no additional collection action was taken.

In another group, we found that management was looking at a standard call center Key Performance Indicator (KPI) to identify any employee that may not be in line with performance standards. Figure 2 (below) shows that the average handle time seems consistent across all employees. However, upon closer examination, we notice that Reps 223 and 226 have extremely short first contact and inbound call times.

[Figure 2 is no longer available. — Ed.]

We decided to monitor calls and found that these reps would not thoroughly and adequately address customers' questions, disputes or requests for documentation, as required by company policy. They were cutting corners to handle more calls. You will not be surprised to learn that the monthly incentives in the group were based on the average number of calls handled per day. By cutting these calls short and telling customers that someone would get back to them on their issues or concerns, they were able to make more calls than other reps.

RISK AND COMPLIANCE

According to The Committee of Sponsoring Organizations of the Treadway Commission (COSO), "Everyone in an organization has responsibility for internal control." It starts with the CEO, who should ultimately "assume ‘ownership' of the system," COSO states. However, management devises goals, targets, budgets and service standards and drives them to the production level. A close examination of the conduct and behavior at that level may reveal potential fraudulent activity that standard business processes and procedures have cloaked.

We know that certain areas are ripe for employee fraud, such as expense accounts, commission reports and vendor contracts. But does the definition of fraud and Cressey's fraud triangle apply to activity and conduct related to employee performance metrics? We can build the case that it does.

Employees, supervisors or managers who intentionally inflate performance metrics in daily job duties, or omit negative information or activities, meet the first part of the definition for fraud. But what about the requirement for a victim suffering loss by these actions? Again, the victim here is the employer organization through the receipt of invalid performance metrics, delivery and data, or the absence of these values from negative data that could be used to improve the organization and its outcomes.

And finally, does the perpetrating employee receive gain? This is where we make a critical mistake and overlook the obvious. Up to this point, we are dismissing these acts and omissions by employees as harmless, just seeking to look good to the boss, avoid the consequences of missteps or failure, earn that bonus or climb the ladder in the organization. Employees who are evaluated by performance measurements, metrics, data, etc. who manipulate these values are in essence causing their performances to appear to be better/higher/more valuable to the organization than they would actually be otherwise. What is the motivation? Clearly, for those who are compensated by commission and bonuses the answer is obvious: money. But job retention or advancement also constitutes personal gain.

The totality of the definition has been met in the description of employees who purposefully skew performance metrics. It is not hard for frontline employees to cut corners, force orders, shorten calls, bury complaints, etc., day after day to put up some impressive numbers.

This environment is ripe with employee incentive/pressure. The opportunity is present for front-liners to manipulate the input, statistics, calls, paperwork and other job functions. And rationalization is a personal psychological characteristic that has been found to be present in 40 percent of employees, according to "Managing the Business Risk of Fraud: A Practical Guide." And according to Freud, rationalization is a defensive mechanism that seeks to offer acceptable reasons to others, or ourselves, for unacceptable behavior. As stated by ACFE founder and Chairman, Dr. Joseph T. Wells, CFE, CPA, in his "Corporate Fraud Handbook," "For the purpose of detecting and deterring occupational fraud, it does not matter whether employees are actually justified, but whether they perceive that they are."

Now that we have seen that frontline employee conduct may be an undetected area primed for fraud, we need to assess the risk to the enterprise. According to the International Association of Risk and Compliance Management Professionals, the risk and harm sustained by an organization are not limited to the losses from employees who work the system to advance and earn more money. Risk, cost and liability from damage to customer goodwill, brand and exposure to regulatory actions may be significant once the missteps are revealed. When company management is unable to obtain valid data from operations, the impact can be devastating.

HELP THE COMPANY HELP THEMSELVES

The environments most susceptible to transparent frontline fraud are those you would not normally suspect: service centers within the enterprise with high-volume, measurable workload functions. These include call center operations, inside order processing, lead generation, online agent help desks, billing and collection, telemarketing, mail processing, customer service centers and back-office operations.

Once you recognize conduct as potentially fraudulent and know where to focus efforts to discover the activity, you must examine what can be done to mitigate that risk. Often, process and compliance reviews originate inside the same departments that breed the "culture of fudging the numbers." You must address it, or it will continue. Because pressure from management to hit the numbers will always be a source of temptation for all to look the other way, the answer is to expand our reach to areas of the enterprise that possess the resources and skill sets necessary for independent examination.

In our case, once we showed executives the data for employee performance anomalies, management culture and performance-based compensation and advancement history, it was clear that change was required. After we developed and implemented training programs to expose and address the conduct as fraudulent behavior, we devised measurements and reporting to display such activity to serve as deterrents. In a short period of time, performance metrics reflected true and clean data for employee call statistics. With this information, we were able to accurately identify problem employees and quash the culture of "working the system" for bonuses and advancement. In just three months we gained a 14 percent increase in KPIs and customer satisfaction ratings! Only employees playing by the rules earn bonuses for the right reasons.

Clearly the solutions are very simple, and if you take one thing away from this article, this is it: The targets, goals, incentives and bonuses are not the problem. We must focus investigative principles and techniques on performance anomalies because they are ripe for frontline, transparent fraudulent activity. It is critical that we segment employee production by tenure, skill and past achievement variances.

A business environment probably already has all the necessary tools, resources and historical data to assess the accuracy, or lack thereof, of job performances at any level. Management will need to develop controls, checks and balances, monitoring, reporting, ethics training, employee hotlines and preventative measures to reduce the risk for fraud.

We may nip and tuck around the edges to modify behavior, and still the crafty employees find ways to "hit their numbers" and get the prizes. If we are not diligent in reviewing, reconciling and building operations-oriented analysis tools to identify performance anomalies — and investigate them — unrecognized fraudulent activity will occur before our eyes.

Jeffrey Horner, CFE, CRCMP, is chief development officer and senior vice president of the Government Services Division of UCB Inc.

The Association of Certified Fraud Examiners assumes sole copyright of any article published on www.Fraud-Magazine.com or ACFE.com. Permission of the publisher is required before an article can be copied or reproduced.