Organisations lose about 5% of their Revenue to fraud each year, which equals $3.1 billion, with individual fraud cases averaging $1.6 million. What’s even more concerning is that in 87% of fraud cases, the person committing the fraud is a first-time offender—someone who thought their actions weren’t really wrong.
To understand this, we look at the Fraud Triangle, a model created by criminologist Donald Cressey in the 1950s. It shows that fraud happens when three factors come together: pressure (a need for money), opportunity (the chance to commit fraud), and rationalisation (the mental justification that makes the fraud seem okay).
While organisations usually focus on controlling opportunity (like setting up audits or segregating duties), they often overlook the rationalisation part, which can be just as important.
Rationalisation Gap: When Organisations Stay Silent
Rationalisation is the process of convincing oneself that fraud isn’t really wrong. Without clear communication from an organisation about ethical behaviour, it becomes easier for employees to justify dishonest actions, such as thinking “I’m just borrowing this” or “I deserve this.” The uncomfortable truth is that when companies don’t openly discuss ethics, they unknowingly create an environment where rationalisation is easier. Studies show that 75% of employees admit to stealing from their employers at least once, not because they are bad people, but because they found ways to justify their actions.
Why Organisational Silence is Dangerous and could amplify Fraud Risk
When companies fail to discuss ethics, several harmful justifications take root. Employees who feel underpaid may think it’s okay to steal as a form of compensation. If employees don’t understand the real impact of fraud, it’s easier to downplay the harm caused. Weak or absent ethics messaging also creates pressure and expands opportunity for fraud. For example, if results are all that matter and methods don’t seem to be a priority, employees may feel more pressure to meet targets by any means. If there’s little focus on ethics, employees responsible for controls may not take them seriously. As a consequence, without clear ethical standards, employees may assume that fraud is the common way of doing business.
Small Organisations and Big Vulnerabilities
Small businesses are especially at risk. Those with fewer than 100 employees suffer the highest losses, Averaging $150,000 per Case. While small businesses often rely on trust, they still need clear ethical frameworks. Without them, even tight-knit teams can fall into rationalisation.
What Effective Integrity Messaging Looks Like
Leadership is key. If executives don’t prioritise ethics, employees will notice. A company’s culture reflects the messages from the top. If leadership regularly talks about ethics and holds people accountable, it’s much harder for employees to justify fraud. Effective integrity messaging isn’t just about having a code of ethics. It should be:
- Consistent and repeated in training, reviews, and communications.
- Specific with clear examples of what ethical behaviour looks like in everyday work.
- Demonstrated by actions: Ethical behaviour should be rewarded, and violations addressed.
- A two-way conversation: Employees should feel safe to raise ethical concerns.
- Connected to the organisation’s mission: Employees should understand that integrity is central to the company’s values.
Beyond Controls: A Comprehensive Approach
To effectively prevent fraud, companies need both strong internal controls and a strong ethical culture. This means that organisations need to regularly communicate on ethical expectations, taking swift, consistent action against violations, training employees to recognise and resist and making integrity a regular part of the conversation.
The Cost of Silence
Fraud prevention is far more effective than trying to recover stolen funds. Currently, only 22% of organisations recover a significant portion of their losses. Fraud doesn’t just happen because of opportunity and pressure—it’s sustained by rationalisation. It’s not enough to have controls in place; companies must also focus on creating a culture where integrity is constantly reinforced. By talking openly about ethics, organisations can make it harder for employees to justify fraudulent behaviour. Silence about ethics only fuels fraud, so it’s crucial to actively communicate and model the right values.