Excerpted from a Security Blog by Russ Law

Employee misconduct is a big problem that is too often ignored. Counterproductive work behavior costs U.S. companies $200 billion per year, and the Association of Certified Fraud Examiners estimates that fraud alone costs a company 5% of its revenue per year.

Bring this up in front of a CEO, Human Resources (HR) director or loss prevention executive, and they will certainly acknowledge the damage misconduct can do (i.e., to people, reputation and culture), yet the company may continue to use the same broken process over again expecting better results when it comes to insider theft detection, loss prevention and employee screenings.

There are two main reasons for this:

Instituting a Proactive Screening Process
When evaluating insider threats, employee misconduct, or even counterproductive work behaviors of employees, it’s essential for organizations to take a step back and evaluate the employee screening process. Screening candidates before the hiring process is an overlooked part of a solid insider threat program.

Let’s take a look at a few of the tools that can be used as a part of an employee screening process:

Is the Vetting Process Owned by the Correct Team?
In theory, it makes sense that the candidate screening process be owned by the Human Resources department as HR deals with all aspects of human capital within businesses.

So, what is wrong with HR managing the process for screening candidates for counterproductive behavior? HR screening processes are rarely, if ever, measured on metrics related to counterproductive work behavior. That responsibility is typically owned by the security or loss prevention department, which end up investigating cases of employee misconduct — but, of course, those investigations occur after an employee has been hired and the behavior warrants investigation.

Logically, it makes more sense for the security or loss prevention team to own the employee screening process, since:

Solutions to Boost Employee Screening Efficiency
Taking a look at organizational ownership over employee screening and vetting is an important consideration for all organizations. The next step is evaluating the processes and solutions being used for employee vetting and screening. In many cases, employers continue to use the same process for decades without reevaluation.

In a recent conversation with the head of talent assessment at a Fortune 100 telecommunications company, I was informed that they are stopping criminal background checks entirely for their retail stores. Their reason is that they analyzed the results of hiring candidates without a background check and found that there was no meaningful rise in theft. Therefore, the organization decided that they could save money by stopping the background checks and writing off the same amount of theft they had before. But, I would argue that this does not address the real problem.

There are a number of processes, technologies and procedures that organizations can implement during the hiring process and after to not only mitigate theft, but also workplace violence and other potential insider threats. Organizations can implement targeted and specialized interview training for hiring managers to learn to conduct structured, investigative interviews that can arm an organization with intelligence it may not have garnered previously to help aid in hiring decisions. There are also technologies that can automate interviews to detect counterproductive work behaviors and gather information directly from the employee or potential employee.

Prevention Begins with Culture
While screening and continual vetting are important tools for organizations when it comes to preventing insider threats and misconduct, a proactive approach to risk mitigation begins with evaluating who owns the role, as well as evaluating the organization’s culture and understanding that culture can have a significant impact on preventing counterproductive behaviors in the future.

For the full story, please click here.