What indicators are important for detecting malicious employees?

After an employee in a company commits embezzlement, steals valuable property, or discloses confidential business information, his colleagues and superiors recall his suspicious behaviors, but at the time they did not consider them relevant to take any action. They needed stronger evidence that this employee was malicious. Indeed, the real evidence would come a bit later, but usually in multi-digit damages.

The security mechanisms of companies are most often focused on external security risks. Indeed, competition, malicious clients and business partners, and professional and various opportunistic thieves and fraudsters can represent a serious threat, so security mechanisms need to be directed toward them as well. However, we should not forget that all of them often need the help of disloyal employees. Often the biggest threats to the company’s business are the employees themselves.

There is no room for panic, as a rule, there are not many such employees in the company, but even a relatively small number of them can cause great damage to the business. A frequent thought that we can hear from the management structures of the company is that there are no “such” employees in their company and that they trust their employees. The reality is usually somewhat different. The question is not whether there are employees who cause damage to the company, but how many there are and what the consequences are.

Not a single company was spared the so-called internal risks. Numerous discovered and undiscovered cases in which employees embezzled money, falsified business documents, or favored clients or business associates show that this problem should be actively dealt with. Therefore, managers at all levels, corporate security experts, internal auditors, and fraud experts should be trained to recognize typical indicators of security risk and harmful behavior of employees so that they can undertake additional monitoring, investigative and preventive activities on time.

Indicators of harmful behavior can indeed be numerous, from general ones that can be found in most companies to specific ones that depend on the activity, size of the company, or individual workplaces. We can roughly divide them into general personal, psychological, ethical, interpersonal, safety, or work indicators. For the sake of illustration, we will highlight some of the indicators, which of course should be interpreted correctly in the context of a particular case:

  • the unexpected change in behavior
  • excessive secrecy within the collective
  • unjustified absences from the workplace
  • unusual engagement in performing certain jobs
  • unauthorized access to confidential business information
  • downloading a large amount of data from the internal network
  • higher material standard than appropriate
  • financial problems etc.

In addition to the recognition and correct interpretation of risk indicators, it is important at the company level to develop a methodology for dealing with such indicators, as well as precise knowledge of the methodology for conducting internal investigations and securing the evidence necessary for further procedures.