While the hospitality industry tends to be ahead of the curve when it comes to physical security, it seems to be lacking proper internal loss control programs. With the primary focus on guest comfort and service, unfortunately, the door is left open to extra opportunities for theft and loss. Instituting internal controls and providing fraud awareness training to all employees should help you identify irregularities within your organization. Although this article was written in the UK, the message is relevant to hotels across the globe. HotelOwner, Howard Shaw, points out some the industry’s largest offenders of fraud.
Global fraud risk surveys, regularly published by a number of organisations, show the leisure, hotels and travel sector towards the bottom of dishonesty league tables implying that, comparatively, this sector suffers less fraud than others.
This is not our experience and indeed specific hotel sector research supports our anecdotal experience; that hotels in particular suffer unacceptable levels of dishonesty perpetrated internally, externally or by collusion between the two.
The reasons for high levels of fraud and other crime affecting the industry is well known and intuitive. In the hotel sector where service is paramount, professional scepticism is suppressed adding to other enablers of dishonesty, resulting in an industry highly vulnerable to the actions of rogue employees or, more worryingly, the attention of organised criminal networks.
Dishonesty can involve customers, employees, external parties or any mixture of the three. It can range from the front desk staff committing fraud with a customer’s credit card, customers making false theft claims against the hotel or computer hacking of hotel data from a far off place.
Although sophisticated integrity risk management programmes, designed to manage the risk of dishonesty affecting a business, are increasingly being embedded into hotel operations, we are reminded by frequent stories, such as the one report in this magazine, that the easiest crimes to commit should be the ones prevented first.
In that particular case a hotel manager stole £350,000 over a 7 year period by simply submitting false agency staff invoices. Reading this story, I’m struck by three particular, and familiar, points:
- Firstly, and most importantly, the manager was a well trusted member of the team. This led to reduced oversight. It’s important to remember – trust is not a control.
- Secondly the manager was described as dominant and ‘strong’. He was not tolerant of challenge or scrutiny and thus managed to prevent or deflect queries.
- Thirdly the hotel did not have a ‘whistleblowing’ mechanism in place whereby suspicions could have been raised. A trusted whistleblower programme would have led to the discovery of this crime long before the hotel owners had to borrow money (ironically from the perpetrator) to keep their business going. Tip-offs are consistently the biggest source of fraud discovery.
A simple whistleblowing mechanism that provides comfort to staff who wish to raise concerns should be the cornerstone of an integrity risk management programme.