An Analysis of Trust, Employee Trustworthiness, Fraud, and Internal Controls

An Analysis of Trust, Employee Trustworthiness, Fraud, and Internal Controls

Sanjay Kumar (Sam and Irene Black School of Business, Pennsylvania State University–Erie, Erie, PA, USA), Ashutosh Deshmukh (Sam and Irene Black School of Business, Pennsylvania State University–Erie, Erie, PA, USA), Jiangxia Liu (Dahlkemper School of Business, Gannon University, Erie, PA, USA) and Kathryn E. Stecke (Naveen Jindal School of Management, The University of Texas at Dallas, Richardson, TX, USA)
Copyright: © 2013 |Pages: 24
DOI: 10.4018/jsds.2013070104


We analyze important strategic relationships among trust, employee trustworthiness, fraud, and internal controls. A game is modeled between a manager and an employee, two rational decision makers. The manager makes control decisions based on the strength of controls and on employee trustworthiness, which are modeled as functions of monetary and psychic costs and benefits of committing and not committing fraud. We propose a rich definition of trustworthiness that incorporates an employee’s propensity to commit fraud and sensitivity to controls. Equilibrium strategies are identified that could be used to determine the best strategy and the optimum strength of controls to use by identifying trustworthy, untrustworthy, and opportunistically trustworthy employees. A relationship of trustworthiness with a probabilistic choice of controls by the manager is established. As the strength of controls increases, the trustworthiness of the employees also increases, but a minimum critical level of trustworthiness is required to make controls effective. A high level of control may be needed to deter fraud. Also, this increase in trustworthiness does not translate to a proportional reduction of controls by the manager. We caution against excessive investments in internal controls. A low strength control with high probability of controls may be a cost effective way to deter fraud. We also explore the interaction of controls strength with the losses to the manager when fraud is committed. We find that control is not always a viable strategy. Optimal payoffs indicate that, unlike simultaneous decision making, under sequential decision making, the manager’s best strategy is to choose controls and auditing an employee. Policy implications and managerial insights of these findings are discussed.
Article Preview


Formal and informal control systems are strategically chosen in corporations to motivate and control employees. The role of trust and trustworthiness in business and its relationship with controls and risk have been studied in the management literature. For example, Williamson (1993); Skinner and Spira (2003); Das and Teng (2004); Colquitt, Scott, and LePine (2007); Weibel (2007); and Earle (2010) characterize trust and controls as substitutes and complements. Other studies (Argyris, 1964; Enzle & Anderson, 1993) suggest that formal controls may affect trustworthiness of employees negatively. The nature of the relationship between trust and controls is still being studied. This research stream has developed independently of research in internal controls.

Internal controls are viewed as an amalgam of business models, organizational processes, organizational procedures, initiatives by employees, and information technology. A common element among various definitions of internal controls is that the internal controls are processes designed and installed by top management. The objectives of such processes are safeguarding assets of the business, providing relevant and reliable information, promoting operational efficiency, and complying with managerial policies and procedures. Since internal controls provide reasonable but not absolute assurance, the assumption of competent and trustworthy employees is crucial for effective controls.

Auditors, managers, and risk management practitioners informally evaluate the relationships among internal controls, risk of fraud and errors, and trust in the employees on a regular basis. Cunningham (2004) says, “Internal controls can be designed to mediate the tension between the need to repose trust and discretion in employees on one hand, and the imperative to supervise and impose checks-and-balances on the other.” The controls concept in the management literature is more general when compared to specific concepts of internal controls in the auditing literature. Major organizations that have articulated concepts of internal controls include the American Institute of Certified Accountants, Committee of Sponsoring Organizations, Information Systems Audit and Control Association, and Institute of Internal Auditors. These efforts are not independent. They evolve from each other.

Risk management practitioners and theoreticians have studied the relationships among formal internal controls, audit risk, and financial fraud. For literature reviews see Caster, Massy, and Wright (2000) and Nieschwietz, Schultz, and Zimbelman (2000). Important to all internal control systems are competent and trustworthy employees. All employees are trusted to some extent, and are subject to internal controls (Cunningham, 2004). However, top managers have overridden internal controls and committed frauds. Enron and WorldCom are examples that drew attention from governmental agencies, politicians, and the public. The Association of Certified Fraud Examiners (ACFE) issues a yearly report quantifying costs of fraud to the nation (ACFE, 2010). This report also details costs of corporate fraud committed by employees and top managers. Estimates of losses often run into billions of dollars.

One question is whether internal controls and penalties affect employee trustworthiness and propensity to commit fraud, and if so, under what business conditions? In order to answer this question, we examine the relationships among trust, employee trustworthiness, and internal controls, which have not been theoretically examined or empirically studied. To the best of our knowledge this is the first study that mathematically models a relationship between internal controls, trust, and trustworthiness. We contribute to the literature by examining games under simultaneous and sequential decision making by a manager and an employee. These models provide insights into employee trustworthiness, strength of internal controls, and strategic choices of trust and fraud by manager and employee, respectively. A rich and quantifiable measure of trustworthiness is proposed. This trustworthiness measure comprehensively incorporates aspects of trust, trustworthiness, employee types, and internal controls.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 10: 4 Issues (2019): 1 Released, 3 Forthcoming
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2015)
Volume 5: 4 Issues (2014)
Volume 4: 4 Issues (2013)
Volume 3: 4 Issues (2012)
Volume 2: 4 Issues (2011)
Volume 1: 4 Issues (2010)
View Complete Journal Contents Listing