{"id":4364,"date":"2025-12-30T21:55:45","date_gmt":"2025-12-30T21:55:45","guid":{"rendered":"https:\/\/prosecure.com.tr\/the-question-is-not-whether-there-is-misconduct-in-the-institution-but-how-open-the-institutional-structure-is-to-misconduct\/"},"modified":"2026-01-28T08:37:46","modified_gmt":"2026-01-28T08:37:46","slug":"the-question-is-not-whether-there-is-misconduct-in-the-institution-but-how-open-the-institutional-structure-is-to-misconduct","status":"publish","type":"post","link":"https:\/\/prosecure.com.tr\/en\/the-question-is-not-whether-there-is-misconduct-in-the-institution-but-how-open-the-institutional-structure-is-to-misconduct\/","title":{"rendered":"The question is not whether there is fraud in the institution, but how open the institutional structure is to misconduct."},"content":{"rendered":"<p><strong>The question is &#8220;<\/strong><strong>how open the institutional structure is to fraud&#8221;,<\/strong><strong>not &#8220;is there active fraud in the organization?&#8221;<\/strong><\/p>\n<p><b style=\"font-size: 16px;\">ACFE<\/b><span style=\"font-size: 16px;\"> according to the data; <\/span><b style=\"font-size: 16px;\">One in 20 organizations is currently in active misconduct <\/b><span style=\"font-size: 16px;\">and each year the average revenues of the companies <\/span><b style=\"font-size: 16px;\">5% is lost through abuses. <\/b> <\/p>\n<p>When cases of internal misconduct become public, the question is often asked: <strong><i>&#8220;How did he do it?&#8221;<\/i><\/strong><\/p>\n<p>However, the real question to be asked is this: <b>&#8220;How did this institution allow the misconduct to take place?&#8221;<\/b><\/p>\n<p>This is because internal misconduct is not a singular, isolated or &#8220;unfortunate behavior of a malicious employee&#8221;, but rather <b>a consequence of the corporate structure<\/b>. In other words, misconduct is not an accident, but the manifestation of a systemic weakness. <\/p>\n<p><b><br \/>\nWhat does ACFE say?<\/b><\/p>\n<p>The biannual <i>Report to the Nations<\/i> published by the <a href=\"chatgpt:\/\/generic-entity?number=0\">Association of Certified Fraud Examiners<\/a> (ACFE) clearly demonstrates this reality. According to recent reports:<\/p>\n<ul>\n<li><b>On average,<\/b> organizations lose <b>5% of<\/b> their annual revenue due to employee misconduct.<\/li>\n<li><b>In 85%<\/b> of cases, there is at least one <b>control weakness<\/b>.<\/li>\n<li><b>42%<\/b> of fraud cases are uncovered through <b>whistleblowing<\/b>, not through internal audit or internal control mechanisms.<\/li>\n<\/ul>\n<p>These data show that misconduct is not &#8220;unpredictable&#8221; but rather a <b>predictable and preventable<\/b> risk.<\/p>\n<p><b><br \/>\n&#8220;We don&#8217;t have it&#8221; Misconception<\/b><\/p>\n<p>Many managers rely on the following assumption when evaluating their own organization:<\/p>\n<p><i>&#8220;We are a family, we trust our employees.&#8221;<\/i><\/p>\n<p>But the fundamental truth that the ACFE reveals is this:<\/p>\n<p><b>Fraud occurs not where there is trust, but where there is weak control.<\/b><\/p>\n<p>Fraud occurs when three key elements come together (Fraud Triangle):<\/p>\n<ol start=\"1\">\n<li><b>Pressure<\/b> &#8211; Financial, performance or personal pressures<\/li>\n<li><b>Opportunity<\/b> &#8211; Weak controls, confusion of authority, lack of oversight<\/li>\n<li><b>Rationalization<\/b> &#8211; &#8220;Everyone does it&#8221;, &#8220;It was my right anyway&#8221;<\/li>\n<\/ol>\n<p>Managers often ignore the first two elements and focus on the third. However, organizations <b>themselves<\/b>create the third element, especially <b>the opportunity element<\/b>. <\/p>\n<p><b><br \/>\nCase Example: Single Signature Authorization<\/b><\/p>\n<p>A common type of case in the ACFE database is the following:<\/p>\n<p>In a medium-sized company, the accounting manager is responsible for supplier identification, payment ordering and bank reconciliation. Over the course of three years, he creates fake suppliers, costing the company approximately <b>1.2 million dollars<\/b>. <\/p>\n<p>Question:<\/p>\n<p>Is this person to blame, or is it <b>the institutional structure that disregards the principle of separation of powers?<\/b><\/p>\n<p>In such cases, the employee is often not alone; the real perpetrator of the misconduct is <b>the faulty processes they have designed<\/b>.<\/p>\n<p><b><br \/>\nHow Do Institutions Invite Fraud?<\/b><\/p>\n<p>Common institutional mistakes that inadvertently pave the way for abuse include the following:<\/p>\n<ul>\n<li>Over-centralized authority structures<\/li>\n<li>Controls removed on &#8220;trust&#8221; grounds<\/li>\n<li>Outdated job descriptions<\/li>\n<li>Companies with a code of ethics but not implemented<\/li>\n<li>Structures without a whistleblowing mechanism or unreliable structures<\/li>\n<li>Internal audit is seen only as a &#8220;formal obligation&#8221;<\/li>\n<\/ul>\n<p>According to ACFE, <b>in organizations with an effective whistleblowing hotline,<\/b> losses due to misconduct are reduced by up to 50% and cases are detected much earlier.<\/p>\n<p><b><br \/>\nCase Example: Performance Pressure and Sales Abuse<\/b><\/p>\n<p>Another common type of case is related to sales targets.<\/p>\n<p>Sales managers in an international company are measured by targets that are almost impossible to achieve. As a result, some managers create false sales records, recognize revenues early and receive bonuses. The misconduct leads to serious distortions in the company&#8217;s financial statements.  <\/p>\n<p>At this point the question arises again:<\/p>\n<p>Were these people abusive, or did the organization push them to abuse?<\/p>\n<p><b><br \/>\nWhat should be the question?<\/b><\/p>\n<p>Therefore, the right question is this:<\/p>\n<p><b>&#8220;How open is the institution to fraud?&#8221;<\/b><\/p>\n<p>To answer this question honestly, managers need to question the following areas:<\/p>\n<ul>\n<li>Is there really a separation of duties in critical processes?<\/li>\n<li>Do the controls work on paper or in practice?<\/li>\n<li>Do employees believe they will be protected if they report ethical violations?<\/li>\n<li>Are internal audit and compliance functions independent?<\/li>\n<li>Does senior management really set an example in terms of ethics?<\/li>\n<\/ul>\n<p><b>Internal misconduct is not only an individual error but also a result of deficiencies in corporate governance and control mechanisms.  <\/b>Employees can be replaced, but the risk will not go away unless weak systems are changed.<\/p>\n<p><b><strong><br \/>\nIt should not be forgotten that:<\/strong><\/b><\/p>\n<p><b>What prevents fraud is well-designed systems with good people.<\/b><\/p>\n<p>Without realizing it, you may be paving the way for fraud in your organization. Therefore, the question is not &#8220;is there an active fraud?&#8221;, but <b>&#8220;how much does the structure I manage make fraud possible?&#8221;<\/b>. <\/p>\n<p>And this question should be at the center of every boardroom table.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The question is &#8220;how open the institutional structure is to fraud&#8221;,not &#8220;is there active fraud in the organization?&#8221; ACFE according to the data; One in 20 organizations is currently in active misconduct and each year the average revenues of the companies 5% is lost through abuses. When cases of internal misconduct become public, the question [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":4365,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[19],"tags":[],"class_list":["post-4364","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-article"],"_links":{"self":[{"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/posts\/4364","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/comments?post=4364"}],"version-history":[{"count":2,"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/posts\/4364\/revisions"}],"predecessor-version":[{"id":5054,"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/posts\/4364\/revisions\/5054"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/media\/4365"}],"wp:attachment":[{"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/media?parent=4364"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/categories?post=4364"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/prosecure.com.tr\/en\/wp-json\/wp\/v2\/tags?post=4364"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}