Corrupt Insiders

When we analyze threats to an organization’s assets, the corrupt insiders are major contributors to the harm and theft of Intellectual Property (IP) and other business assets such as employee and customer information who must not be underestimated.

In general, it is often reported in various research studies that company insiders account for about 65 to 70 percent of all business thefts. We have previously discussed fraud drivers in detail, which include capability or opportunity, rational or justification, and motive or incentive. These drivers are what motivate and allow insiders who have no integrity at the core of their existence to commit fraud and malicious acts.

One of the main insider justifications for committing theft and harming a company is entitlement. This rational is regardless of whether they have signed confidentiality or intellectual property agreements and in most cases, such insiders have at least partially contributed to the development of the company’s products. We have witnessed or heard about similar cases many times and while general access restrictions, monitoring and legal protection can be great tools for companies to prevent such losses which sometimes cause the collapse of the company, these controls do not apply to the insiders who must have access to highly confidential information to do their work and have strong sense of entitlement because they have spent many years and hours developing the products or starting and managing various functions for the company.

There are many other criminal insider theft justifications including lay-off and not getting the desired annual salary raise, promotion or bonus. The justification belief system on the part of the corrupt insiders is sometimes so real and strong that they don't believe they are doing anything wrong.

Dissatisfaction is also another major reason for committing fraud although when insiders commit fraud, they don't really have a plan about what to do with the stolen information. However, if they can end up working with a competing company as they consider other place of work while they execute their plans, their desire for revenge increases. Often, an employee motivation is so strong that employee’s concern for being caught is reduced and deception becomes explicit which should be alarming to company management as a fraud red flag.

In cases where revenge satisfaction is not a major contributor to an employee’s justification for stealing business information, manipulative leaders within the organization may be able to convince some employees to collude and steal business assets for rewards. Such pre planned theft of information assets is often committed for foreign governments and competing companies for rewards but also to start new companies.

Opportunity or excessive access to confidential information enables corrupt insiders to execute their plans easily. Without direct access to information or access to other employees who have access to such information, their plans may not be executed as fast as they hope to execute. Although detection controls may be able to detect such criminal acts, they are often too little too late to recover from damages. When fraud and theft preventive controls such as access restrictions or segregation of duties exist, corrupt insiders are slowed down and their plans are delayed because the internal controls if operating effectively will force them to readjust their schemes as their tasks become more difficult to accomplish.

As adequate preventive controls are implemented and tested to make sure they are operating effectively, there are also options for organizations to be on the lookout for signs of information theft as preventive controls can be eventually bypassed by smart employees. Monitoring employee behavior, emails, chats, and other activities should provide some clues for identifying and closely watching potential insiders. An organization must not solely rely on preventive controls and should consider the eventual by pass of such controls, thus, behavioral and technical monitoring processes must be placed in operations to detect the corrupt acts of insiders early on.

Return to workplace information protection after reading about corrupt insiders.