We’ve not been shy about publicizing fraud and corruption in the defense acquisition environment. We’ve called out passive leadership, negligent leadership, and even actively corrupt leadership. We’ve called on public company senior leadership and Boards of Directors to invest in effective internal controls. We’ve called on the Secretary of Defense and the ranks of senior military officers to fight fraud and corruption. All in all, we’ve written nearly 50 articles that have something to do with internal controls, effective or otherwise.

Government auditors are taught to look for fraud and to report it when they find evidence of it. Indeed, they are taught to look for “fraud indicators” and are taught various fraud scenarios. While at times the training results in an attitude that goes a bit past “professional skepticism” and starts to look more like prejudgment, in point of fact there is enough wrongdoing by enough government contractors to justify an auditor’s sensitivity to fraud. The bottom line is that while some auditors take skepticism into the realm of adversarial bias, we as taxpayers very much want auditors to be looking for wrongdoing and to report it when they have evidence of it.

But more than that, we should want to create a culture of ethical decision-making and compliance. We should not wait for auditors to ferret out wrongdoing. We should not rely on after-the-fact audits to detect instances of fraud and corruption. We need to be fighting fraud on a regular basis, so that the auditors have nothing to find.

Another Apogee Axiom: You can’t audit an entity into compliance.

You cannot create a compliant state via audit.

The most an auditor can do is to detect instances of wrongdoing after they’ve occurred. When an auditor finds an instance of noncompliance, that means some individual or group of individuals chose not to comply. The organization created an environment where that person or those people felt it was okay to cut a corner or to do a little “gaming of the system.” Either the expectations weren’t made clear or the individuals didn’t receive appropriate training – or they ignored what they were told. In many cases, we suspect the individuals simply mimicked the behaviors they saw around them. Leadership set the example and the ranks mirrored it.

A study by the U.S. War College found that U.S. Army officers routinely lie. The study found “in the routine performance of their duties as leaders and commanders, U.S. Army officers lie.” That’s not us saying so; that’s the U.S. War College saying so in an official publication. CNN discussed the report, and wrote—

The study describes a ‘culture where deceptive information is both accepted and commonplace’ and where senior officials don't trust the information and data receive -- such as compliance with certain Army training requirements or forms outlining how a mission was carried out. But Army officers are faced with an increasing number of requirements and bureaucratic hoops, according to the study, and rather than work with a rigid military brass to reform a burdensome bureaucracy, officers will simply sidestep those requirements, lying on forms and often rationalizing their answers.

The result? ‘Officers become ethically numb,’ explains the study … ‘Eventually, their signature and word become tools to maneuver through the Army bureaucracy rather than symbols of integrity and honesty,’ the researchers wrote. ‘This desensitization dilutes the seriousness of an officer's word and allows what should be an ethical decision to fade into just another way the Army does business.’

And if military officers routinely engage in lies and deception, should we be surprised at the number of instances of bribery and corruption in the enlisted ranks being reported by the DoD Inspector General? And should we be surprised if the contractors start to mimic the behavior of their military customers, if only to survive?

Well, yes. We should be surprised. We should be surprised and appalled. But we’re not. Not really. We’re numb and a bit blasé to the notion of corruption within the Department of Defense and its contractors. It’s become the norm, hasn’t it? We have become so used to DoD IG auditors and DCAA Auditors and fraud investigators finding instances of fraud and corruption that we no longer question the source.

But you can’t audit an entity into compliance.

You can’t make employees accurately report time by conducting frequent timesheet audits and reporting instances of noncompliance. You can’t make buyers conduct a good source evaluation and selection by reviewing purchasing files months after the fact. You can’t detect bribes and kickbacks by making people fill out a form once a year.

You want an ethical cultural where compliance with expected standards is the norm? You’ve got to work for it. You’ve got to communicate expectations and train people. You’ve got to deploy rigorous internal controls. And most importantly, you’ve got to hold people of all ranks accountable for their decisions.

Creating an ethical culture is not the province of auditors; it’s the province of leadership. And academics studying leadership also study ethical cultures.

In one academic article, we read the following –

Individuals' intentions to report the ethical violations of others are also related to moral agency. If unethical behavior is to be addressed in organizations, authority figures must know about it and therefore must set conditions to promote follower reporting. Followers tend to keep their knowledge of ethical problems to themselves for a number of reasons, including fear of retaliation, a sense that nothing will be done, or habituation to silence in authority situations (Detert & Edmondson, 2011;Kish-Gephart, Detert, Treviño, & Edmondson, 2010). Ethical leadership and a strong ethical culture can be expected to enhance followers' willingness to speak up because they are more likely to feel protected from retaliation and to believe that positive actions will be taken to address their concern.

In sum, there are resources and people who can help guide cultures toward a state of compliance, but it won’t be the auditors leading the journey. Auditors exist to detect instances of noncompliance that the culture created, either through action or inaction. But until an entity, organization or culture reaches the desired state of ethical decision-making and compliance, auditors are all we’ve got.

And thus the need for resources to help auditors detect fraud, such as this great site hosted by the DoD Inspector General. The DoD IG site contains lots of resources for fighting fraud, including “Red Flags and Indicators,” “Contract Audit Fraud Scenarios and Resources,” and “Other Fraud Scenarios and Indicators.” Granted, some of the scenarios and indicators are intended for governmental use but they can be easily tailored for use by contractors.

There is even a set of quizzes to test one’s “Fraud IQ”. Go on, take the quizzes. You take all those quizzes on Facebook, don’t you?

But that’s not all.

We also found an Air Force Procurement Fraud Indicators Handbook, written in 2008. We located a 2012 PowerPoint slide deck from a presentation made by Jim Ratley (ACFE) to the Institute of Internal Auditors entitled Corporate Fraud Awareness in Today’s Global Regulated Environment. And we also dug up a book by the OIG of the National Science Foundation called Possible Grant Fraud Indicators.

And those were all returned within the first ten hits of a Google search using the phrase “fraud indicators.” We did not even look at the other 60 million hits Google returned.

The point is that there are many, many resources available for fighting fraud and corruption. And such resources need not be used only by auditors. They can – they must be – used by organizational leadership to drive behavior and decision-making toward a state where ethics and compliance is simply a part of the entity’s culture.

The resources to fight fraud and corruption are readily available.

But is the willingness?