Corporate scandals can occur for many reasons. In many headline-making instances, it is the actions of the board or senior management that are the source of wrongdoing. But in other cases, scandals can be traced to individuals or small groups of employees who ignored or broke the rules to personally benefit. For example, sales teams have conspired with salespeople in rival firms to share information so they can hit targets. Traders in financial services firms have also broken or circumvented rules to secure bonuses. Such “rogue” behavior can even happen when employees just want to be seen as good performers who are eager to please their employers—even if it means violating company policy to do so.
Whatever the motive, the ramifications of such behavior can impact companies for years. Regulatory investigations can be slow, demanding complete cooperation and a lot of time and money for organizations to identify, root out, mitigate and prevent criminal conduct. Misconduct can also bar companies from bidding for public sector or government contracts, restrict them from certain markets and lead to other serious financial implications.
Traditionally, many organizations have relied on employee screening methods to identify rogue employees, but the focus has often been on pre-screening potential candidates rather than monitoring the performance and conduct of employees once they are on the job. Experts now believe that pre-employment checks alone are unlikely to be effective without also conducting continuous monitoring and other efforts to improve organization-wide compliance. To avoid the negative consequences of rogue employee actions, companies need to understand the most effective ways to detect signs of misconduct and the proactive steps they can take to prevent wrongdoing in the future.
More Is Not Always Better
While there may be more advanced tools available for organizations to monitor employee activity in the workplace and on social media, more information does not necessarily mean better detection or better employee compliance. Even with these new methods, rogue behavior is still extremely difficult to detect. “Background checks, reference checks and credit reports provide some insight into a prospective employee’s background,” said Marcus Denning, a senior attorney at law firm MK Law. “Nonetheless, they tend to be poor predictors of future behavior, particularly in high-stress situations where the employees may be tempted to behave in an unethical manner.”
Instead, some experts recommend that companies audit and track performance to uncover warning signs at an early stage. Typical red flags will include major variance in the performance of different team members and achieving abnormally high targets. Companies should watch for patterns, not necessarily results. “Sudden changes in behavior, like unusual secrecy, resistance to monitoring or outperforming peers in ways that cannot be explained, can be telling,” said Kelsey Szamet, partner at Kingsley Szamet Employment Lawyers. “Such patterns can warrant a closer look, particularly in high-risk areas such as finance or sales.”
Some companies have turned to screening technologies that incorporate data analytics and AI-based algorithms to examine employee behavior. Such tools can follow patterns, identify anomalies and even warn managers about suspicious activities before possible problems arise. For example, change detection software can flag edits, timestamps and user access across shared drives and payroll runs, alerting companies to potential warning signs like if an employee changes a formula on a spreadsheet to defraud the business.
But technology has its limits, warned Nic Adams, CEO at tech security firm Orcus. AI, social media checks and psychometric screens can provide a lot of data, but not all of it is useful. Blanket key-logging rather than targeted screening often leads to amassing great volumes of data that are difficult to trawl through. In most cases, it will likely not show signs of wrongdoing since the vast majority of employees will be trying to comply, he said. Further, excessive surveillance and over-collection of data breeds mistrust and drives bad actors to simply use encrypted personal devices that make in-house monitoring even more difficult.
“More information does not equal more prevention,” said Michael Goldfarb, CEO of software vendor Guardian HR. “Technology alone does not solve this problem. Culture does. Policy does. Enforcement does.” He believes the solution is “hiring slow, firing fast, monitoring performance and behavior, and most importantly, giving managers the authority and training to spot red flags before they become front-page news.”
Warning Signs of Rogue Behavior
According to Guillermo Triana, CEO of HR services provider PEO-Marketplace.com, the biggest mistake companies make is “treating rogue behavior like it comes out of nowhere,” he said. “It does not. It simmers for months. When someone breaks the rules, they were usually bending them first—you just did not catch it.”
One indicator is “process drift,” Triana said. “If a report that used to take three hours starts taking seven, you have to ask why. If an employee keeps changing the way they pull vendor data or starts asking for read-only access to accounts they never needed before, that is your audit trigger. Most people do not commit fraud out of nowhere; they prep the ground. So, when a pattern changes, you freeze it until you get answers.”
Rogue employees rarely look sloppy, Triana warned. “In fact, the cleanest-looking Excel sheets are where I start,” he said. “If someone controls too much without rotation or review, they are running a shadow system. That is where the damage happens. I have seen teams lose $80,000 in one quarter just because a mid-level analyst kept rerouting vendor credits to an unmonitored general ledger. He was the one teaching others how to use the software, so no one questioned his edits.”
Companies must partition access and decouple influence to mitigate risks. “Anyone who can both approve and edit payment schedules is a risk,” Triana said. “Segregation of duties means you do not trust anyone with total control. People start taking liberties when they stop thinking they will get caught. So, you make it easier to get caught.”
However, companies must not assume that employee misconduct is purely the fault of the individual and has nothing to do with the company. “Most rogue activity happens when the pressure to hit numbers is higher than the pressure to follow policy,” Triana said. “That is a management problem. When your bonus structure rewards volume but not accuracy, you are asking for it. Every fraud case I dissect starts at the compensation plan and ends with bad oversight. Pay less attention to ethics posters and more attention to incentive plans.”
In her experience as an employment lawyer, Szamet warned against characterizations of rogue employees that might be used to hide more systemic problems. A key factor is when organizations do not apply robust internal controls. “Much rogue activity happens when companies do not have proper checks and balances,” she said. “Separating duties, rotating tasks, and mandating dual approvals on high-value transactions can restrict opportunities for mischief.”
Patrice Williams-Lindo, CEO at HR consultancy Career Nomad, also believes that rogue employees do not just appear out of nowhere. “They slip through archaic systems that were never built to catch them in the first place,” she said. “In reality, these are often high performers who have been rewarded for skirting the edge until they crossed the line. The warning signs were there, but ignored—why? Because they delivered.”
She added that misaligned incentives “are the breeding ground” of rogue behavior. “If your compensation plan turns a blind eye to ethics in favor of metrics, you are not managing risk—you are manufacturing it,” she said. As a result, companies should track recognition—not just performance—and audit their reward systems like a forensic accountant.
Developing a Culture of Transparency and Accountability
To tackle the problem of rogue employees, Williams-Lindo believes HR and risk teams need “to get proactive, not just punitive” and create a culture in which speaking up is not a career killer. Companies need to empower employees by providing appropriate channels to express their concerns about possible abuses of corporate policy without any fear of victimization. “Whistleblowers often spot rogues first, but if your internal reporting system feels like it has a reputation of being a trap, no one is going to talk,” she said.
Setting the correct tone from the top is vital if companies are going to root out rogue employees and uncover potential criminal activity. To promote this culture, executives and senior management must demonstrate the kinds of behavior the company wants to highlight. This can also help to more effectively reveal those who are breaking the rules. “A culture of transparency and accountability is the best way of identifying the bad apples,” Denning said, because rogue employees will be more prone to hide errors and poor performance, thereby bucking the organizational trend.
Szamet also believes it is critical that leaders focus on building compliance culture. This includes taking swift action based on early signs of wrongdoing, rewarding good behavior, and “ensuring top leaders are held to the same expectations as those below them,” she said.
Identifying rogue employees before they can cause harm is never going to be easy, but companies can at least assess where the risks and incentives are and clamp down on those. Obvious red flags include bonus schemes that offer high rewards without questioning performance and operational areas where employees are in charge of monitoring and approving their own work. Uncovering these high-risk areas should also prompt an internal conversation about whether the company’s own governance is contributing to—rather than resolving—the problem and should make executives, HR and risk teams think about what steps the organization should take to change the situation.