Turning Passive Detection into Active Incident Management

Greg Keating.png

Effective incident management programs do not just exist, they are celebrated. The best programs achieve this by operationalizing their incident management programs into their organization’s DNA. This turns passive reporting channels into one of your organization’s primary tools for proactive incident prevention and detection.

Active & Passive Incident Detection

According to the Association of Certified Fraud Examiners’ (ACFE) 2016 Global Fraud Study, there is a correlation between “the manner in which fraud is initially detected and the amount of financial harm the scheme causes.” The manner in which fraud is detected can be defined as either active or passive. Active methods are characterized by a deliberate searching out of misconduct. Passive methods are more incidental in the way they surface misconduct.

Active detection methods usually result in smaller financial loss to the organization.  

For instance, performing an internal audit with diligent evaluation of processes and practices is an active means of identifying wrongdoing. Alternatively, a whistleblower hotline is a passive form of detection that is only triggered after an employee decides to report. Because of the ability to identify incidents more quickly, active detection methods usually result in smaller financial loss to the organization.  

Now, pair this with another finding in the study: whistleblower reports (referred to as “tips” by ACFE) are responsible for the highest volume of fraud detection. This is true for small and large organizations alike.

“As in previous years, tips were the most common detection method by a wide margin, accounting for 39.1 percent of cases.”

So consider what would happen if you transformed your highest producing incident identification process – whistleblowing – into your most timely method – active detection. This would result in earlier detection of a higher number of incidents, ultimately reducing the potential loss from each incident.

Activating Your Incident Management Program with Employee Awareness

Your incident management program is not a field of dreams. Just because you build it, does not mean they will come. It is essential that programs are paired with robust awareness and outreach efforts. Here are five steps an effective awareness plan should take.

  1. Determine the Actions You Would most Like to Be Reported 

Of course you want all misconduct to be reported; however communication plans are most effective when an audience is given specific boundaries in which to focus attention. Are you looking to ensure alignment with the standards in your organization’s code of conduct? Is your organization at elevated risk for conflicts of interest, bribery and corruption, discrimination or harassment? Your messaging should clearly emphasize the actions you are trying to eliminate.

  1. Communicate Clear Definitions

To encourage employees to say something when they see something, you need to first educate them on what that “something” is. After determining the actions you’d most like to eliminate, outline the specific words, phrases and characteristics that will give employees a well-defined picture of those actions. For example, tell employees exactly what is meant by terminology like “accounting irregularities” or “insider trading.”

  1. Identify Your Target Audience

It is counterproductive to provide one compliance message to all job levels and functions at your organization. Employees will quickly dismiss ethics and compliance messages that do not apply to them. This aversion may then also be associated with future compliance messages, conditioning employees to believe that all communications coming from your office is a check-the-box exercise.

Consider department, job title, job level, location, team size, travel frequency and any other indicators that reveal unique ethics and compliance risk relevant to each employee cohort.

  1. Mind Your Medium

Messaging channels and materials need to be varied and tailored to employee learning preferences. Consider these communication options:

  • Awareness posters
  • Staff meetings
  • Wallet cards
  • Emails
  • Shared news articles
  • Brochures
  • Screen savers
  • Employee newsletter
  • Intranets

Sample Awareness Materials


  1. Evaluate Current Perceptions

Your whistleblower program awareness efforts should accommodate employee perception of your organization and compliance office. If your organization enjoys a trusting speak-up culture, your messaging can be direct and informative. If your organization is rebounding from a deteriorating culture, legal action or general negative employee sentiment, ensure your messaging acknowledges and speaks to employees’ concerns. Regardless of your existing culture, clearly communicate that retaliation against individuals for good faith reporting will not be tolerated.

Through the awareness efforts above, active incident management programs should foster transparency and boost employee morale by forging open communication with multiple reporting channels.

Through the awareness efforts above, active incident management programs should foster transparency and boost employee morale by forging open communication with multiple reporting channels. Today, incident management is more than just a whistleblower hotline. Your awareness efforts should effectively direct employees to the channels that fit their reporting preferences.

Furthermore, active incident management programs are not just best practices for early detection of wrongdoing. They are also critical to being seen as “effective” in the eyes of regulators. The Whistleblower Protection Advisory Committee (WPAC) – on which one of the authors of this article (Keating) served for four years – wrote and recommended a set of best practices. Those best practices were used as a model for the Recommended Practices for Anti-Retaliation Programs issued by the Department of Labor earlier this year. One of the five core recommended practices was to implement an effective incident management system with multiple channels for employees to report concerns.

So, activate your incident management program to meet effectiveness standards and evolve your highest producing detection method into one of your most timely and protective methods as well.


Definitive Guide: Incident Management 


What do you have to say? Share your thoughts in the comments below or join a discussion group on Compliance Next.

Ironic Lessons Learned From the Higher Ed Bribery Scandal
Expert Answers for Questions on Retaliation in the Workplace

Compliance Meaningfulness: Hard to Achieve, Easy to Destroy

Meaningful work motivates us, drives us and provides us more satisfaction. This leads to heightened performance and increased levels of commitment to our jobs, colleagues and employers. When an organization makes ethics and compliance meaningful, its gives employees a larger purpose and extended vision to fuel their work.
Previous/Next Article Chevron Icon of a previous/next arrow. Previous Post

Policy Management Lessons From the VHA

What policy and procedure management lessons can we learn from the largest healthcare system in the United States? Running more than 1,200 clinics and serving 9 million veterans each year, the Veterans Health Administration is learning how to manage hundreds of compliance documents through the entire policy life cycle. That’s no easy task. And we can all learn a lot from their successes and challenges.
Next Post Previous/Next Article Chevron Icon of a previous/next arrow.

Comments