When something has happened and an investigation is warranted, what is your primary purpose? To punish the wrongdoer? Your event and incident management tools can – and should – be leveraged to do more. It’s really important to your business to learn the “why’s” as well as the “how’s” behind the misconduct. Consider it a form of hindsight if you want, but also see this tack as a form of business intelligence.
If fraud has taken place, take the time to look at the incident both in terms of what happened as well as what can be learned. Is additional training required? Did a process or compliance subsystem fail? How did the incident come to light? Are there loopholes that need to be closed? Is the issue isolated, or systemic?
Compliance leaders are often stereotyped as dirt-diggers, right up there with the internal affairs department of the best TV crime drama. But it’s good to know the image is changing, at least a little. Part of that is because compliance teams and investigators are collaborating on the process, not just the incident itself, to uncover the real dirt. Together, they are asking questions about how issues affect the business and how best to correct the situation so that the incident doesn’t occur in the future. That’s preventative planning at its best. Even better, leveraging not only what you know about the outcome of an investigation but also what you know about the root cause of the issue gives you a checkpoint for policies and procedures going forward.
So remember to use your findings for a constructive purpose – not just for punishment or to resolve just one incident.