There are basically two kinds of people who get involved in unethical actions in business.

In one case, they are proactive and premeditated in their actions. In the other case, it just sorta happens.

The first type is the common criminal.

You can’t predict who they are or when they’ll strike, because from day one their goal is to deceive. But, you do know that someday you and your organization may become a victim. All you can do to prevent their success is to take the standard precautions (background checks, references, etc.) and make sure you have processes that create checks and balances.

The second type of person is that regular person right next to you. They lapse into a crisis of ethics because they work in a culture or they have a boss that softens the boundaries of ethics and makes the unthinkable seem reasonable.

Their organizational culture gives them the excuse to rationalize what, in any other part of their lives, they would consider “bad behavior”.

The second kind of person is more dangerous to the company because in the wrong culture, it won’t be just “one person” it could be “everyone”.

There are three lessons to take away from this:

1. To thwart the common criminal, you have the responsibility to take preventative steps. Make it more difficult for a criminal to be a criminal.
2. Criminal activity is much less common than unethical behavior. Therefore, from a practical point of view, unethical behavior is actually the greater risk and likelihood. Further, unethical behavior can eventually transpose into criminality.
3. Since there is a greater chance that unethical behavior can happen in the office, steps must be taken to address that greater risk. Setup a culture that generates integrity and ethical outcomes as side-effects. Making a rule that makes people good is impossible, but one can create a system that makes bad behavior difficult.