Jeffrey M. Klink (jklink@klink-co.com) is President and CEO of Klink & Co., headquartered in Pittsburgh, Pennsylvania, USA.
Hotlines can often be the most valuable tool in the compliance, legal, and human resources toolbox. The Association of Certified Fraud Examiners’ “Report to the Nations: 2018 Global Study on Occupational Fraud and Abuse”[1] found that most fraud is identified and resolved because of a tip reported through the company hotline. In fact, hotline reports often notify organizations about serious problems long before they come to light through other organizational controls.
Different types of monitoring
Organizations can use multiple lines of defense to protect against fraud and misconduct, including hotlines and external and internal auditors. Although having all three resources ensures greater protection, relying on a working hotline is often more effective and a better use of department dollars.
Why are hotlines so effective? Simple. Employees are the first line of defense, and they see firsthand when fraud, harassment, or other misconduct occurs. Having an employee or even a third party, such as a vendor, with direct knowledge of a problem be able to anonymously or directly report a concern is extremely valuable to compliance, legal, and human resources professionals charged with keeping an organization safe.
Second to hotlines, internal auditors are in a position to find potential or ongoing problems in an organization. However, there are limitations in their processes and objectives. Internal auditing units are often minimally staffed, because they are not considered a profit center. Few internal audit staffs are large or well-endowed with money and resources. Therefore, having eyes and ears on every happening in an organization is impossible. Another obstacle for internal auditors is that they are often asked to focus more on minutiae (e.g., making sure that employees are following company travel and entertainment policies), rather than on material problems (e.g., managers creating shell companies as vendors, the vice president initiating inappropriate actions with his staff).
Outside auditors should serve as the last line of defense. They often fail to uncover problems that are obvious to employees and vendors, because finding fraud and other misconduct is beyond the scope of the auditor’s tasks. Outside auditors typically perform “financial statement audits” that, due to the objectives of the audit, cannot possibly find well-hidden kickback schemes or ongoing sexual harassment scenarios. External auditors must rely on the information the client provides to them. This is not an effective way to find problems that others are trying to hide.
Reliance on other tools to find problems simply is not as effective as having a working, effective hotline. Those resources, although skilled, often don’t find glaring problems, but not because they don’t know what they are doing. Rather, they cannot possibly be everywhere and be asked to know everything at all times.