Don't gamble with your company's investigation process.

Learn about i-Sight software today

HR Risk Management: How to Address Your Organization's Red Flags

Stop misconduct before it happens by boosting your HR risk management.

Posted by Ann Snook on April 7th, 2022

In March 2022, video game company Activision Blizzard settled with the Equal Employment Opportunity Commission (EEOC) for a whopping $18 million.

Their crime?

Employees (many female) reported a toxic work environment where they experienced sexual harassment, pregnancy discrimination, and retaliation for complaints. Because the company’s culture was rooted in a “boys’ club” mentality, HR incidents occurred unnoticed or unaddressed.

Now, Activision Blizzard faces multiple lawsuits, fines, and bad press, which are not only bad for their reputation, but also their bottom line. All of these consequences could’ve been avoided had they worked to address the risk factors in their corporate culture.

Want to protect your employees and your company from the same fate? We’re here to help. In this article, we outline common risk factors of workplace misconduct, as well as HR risk management tips for each one.


Is your toxic work culture making you lose employees?

Employees are your greatest resource for voicing concerns and identifying parts of your culture that need work. Survey them to uncover the weak and problem areas of your company culture. Download this free cultural assessment template.

Get the Template

Power Disparities

 

If your organization has distinct power dynamics among employees, you’re at a higher risk of harassment, bullying, and discrimination incidents.

Workplace power disparities can come in many forms, including:

  • Organizational hierarchy (e.g. manager vs. intern)
  • Tenure (e.g. new hire vs. worked there 20 years)
  • Support vs. “regular” staff (e.g. janitor vs. lawyer at law office)
  • Gender (e.g. men vs. women vs. transgender/non-binary employees)
  • Race (especially if the majority of employees belong to one race or ethnicity)
  • Language and/or culture (e.g. immigrant employees vs. natural-born citizens)

 

Employees with less power might be afraid to report an incident, fearing that their complaint will be ignored, or worse, their aggressor will retaliate against them.

According to the EEOC, these employees might have differences in language, training, or education that could reduce their understanding or knowledge of your company’s complaint channels.

Those who hold more power might gaslight victims into thinking their behavior was acceptable. Managers might even fail to report issues to HR.

To reduce the impact of these dynamics, you need to build better equity and equality into your organization. Start with these steps:

  1. Help employees address their unconscious bias with training and by taking Harvard’s Project Implicit associations tests. They might legitimately not know or realize that they are treating others unfairly, and these tools can show them how to avoid that behavior.
  2. Apply workplace policies consistently, from the brand new intern to the CEO. This sets a precedent that no one is above the rules. It also encourages victims to come forward, since they know you’ll take their account seriously.
  3. Plan to make closing power gaps a job for everyone in the organization. “Leaders need to demonstrate advocacy and an inclusive mindset, but also encourage everyone to commit to calling out inequality and involve them in decision-making,” says Teresa Boughey, founder of Jungle HR.

 

Build equitable treatment into your culture, policies, and processes. This holistic approach should decrease power disparities organically.

 

Bureaucracy

 

In large companies (especially publicly-traded ones) and government workplaces, bureaucratic rules and systems keep things running smoothly. While multi-step procedures ensure consistency and compliance, they also slow down time-sensitive processes.

Bureaucracy “makes it really hard for the target to report [an incident] because there’s maybe 20 steps in order to report the behavior,” explains Catherine Mattice, founder of Civility Partners.

Let’s use an example of workplace sexual harassment. Keith often comes up behind Charlotte as she sits at her desk and rubs her shoulders without her consent. Charlotte has decided to file a complaint against Keith and fills out a formal HR report.

However, her company is slow to investigate complaints. In the time it takes them to address the issue, Keith has moved on to touching Charlotte’s back, knees, and rear end, as well as telling her lewd jokes. Charlotte becomes so frustrated and disgusted that she leaves the organization to get away from the situation.

Says Mattice, “bureaucracy creates a lot of opportunity for bad behavior, because the person engaging in the bad behavior can hide behind bureaucracy.”

For instance, Keith might know that Charlotte’s complaint won’t be investigated in a timely manner (if at all), or that she will have to go through so many steps to file a report that she just gives up. As a result, he will continue his behavior since he’s facing zero repercussions.

To boost your HR risk management in this area, make reporting easy. Offer multiple avenues for employees to submit complaints, such as a hotline, online form, and dedicated email address. Make each one user-friendly, and remind employees often that these mechanisms exist, where to find them, and how to use them.

Additionally, streamline your investigation process as much as possible. Case management software like i-Sight instantly creates a case file and assigns it to a team member as soon as you receive a report. This way, you’ll catch incidents early so they don’t escalate into broader problems.

 

Uncover your organization's risks before it's too late.

Use our free risk assessment template to stay organized as you analyze your risks and create an action plan to address them.

Get the Template

Remote or Hybrid Work Environment

 

Remote and hybrid work are a huge aspect of the New World of Work. In fact, “70 percent of employed Americans would prefer to work remotely on a full-time or part-time basis if given the option, and 35 percent would accept a salary reduction in return for that flexibility,” according to the Society for Human Resource Management (SHRM).

When employees work from home part or all of the time, you’re not off the hook for incidents. Employees don’t have to interact in person to break company policies. In fact, some are easier to break outside of the supervision of the office.

 

Security Risks

 

In a physical workplace, only the boldest of employees would commit theft fraud against your company. However, when they’re not under their manager’s watchful eye, they might be tempted to steal assets.

If your organization’s data isn’t properly secured, employees could swipe it for their own benefit. They might take your trade secrets and start a rival company. Or, they could sell your customers’ sensitive data on the black market. They may even pop a fake vendor into your accounts payable list that sends money to an account they hold.

Remote work also increases your risk of external cybersecurity risks. Employees’ roommates and family members, not to mention strangers at coffee shops or other popular remote work locations, could easily peer over their shoulder or access or steal the employee’s device when they leave the room.

“BYOD has become a huge security headache,” explains Dean Iacovelli, Director of Secure Enterprise at Microsoft. Unless your employees use company-provided devices with strong security measures installed, you don’t know what viruses or spyware employees could be installing.

To mitigate these risks, try these fraud prevention tips:

  • Require passwords as well as multi-factor authentication (MFA) to access company files and programs
  • Limit access to data to just those employees who need it for their tasks
  • Ask employees to connect via secure WiFi or, even better, wired internet
  • Issue devices with virus protection software and firewalls installed to remote employees
  • Train employees on common types of cyberattacks and how to avoid falling victim to them (e.g. phishing, smishing, spear phishing)

 

RELATED: 4 Fraud Risks You Face with Employees Working Remotely

 

Harassment Risks

 

A common misconception is that if employees aren’t interacting in person, there is little opportunity for harassment. In fact, the opposite is true. “There’s more [risk of a] toxic work environment in a remote work setting,” says Mattice.

Employees can “hide behind” their screens, she explains. “Before if somebody yelled in the hallway, everybody might hear it, but now, maybe nobody hears it because I’m talking one-on-one to my team member on a Zoom call.” The combination of fewer potential witnesses and not having to see their victim’s reaction emboldens workplace bullies in remote settings.

In addition, Mattice shares, “we’re all stressed out and burnt out.” Remote and hybrid employees might feel lonely, find work-life balance hard to achieve, and have lingering fears and mental health struggles from the COVID-19 pandemic. These emotions can build up into a powder keg ready to explode if a coworker says the wrong thing to them at the wrong time.

To prevent these behaviors, make your remote workspaces as collaborative and communicative as possible. Here are some ideas to get you started:

  • Avoid one-on-one meetings where one employee could victimize another
  • Plan social gatherings and activities, whether virtual or online, where employees can interact to bond and combat loneliness
  • Ask managers to check in with their employees’ mental health
  • Encourage employees to balance personal and work-related responsibilities, setting boundaries and taking breaks as needed
  • Address every complaint of uncivil behavior between employees, no matter how small

 

RELATED: Employees Working Remotely? Beware of These 6 HR Issues

 

Remote work opens up a whole new can of worms when it comes to employee misconduct.

Learn how you can manage these risks and more effectively investigate remote misconduct in this free webinar.

Watch the Webinar

Isolated or Decentralized Workplace

 

Not every red flag for HR incidents comes from your company culture. Some risks increase due to the nature and/or location of your workplace.

Do your employees work alone or in small teams in isolated areas? This is common for construction, home health care, janitorial jobs, trucking, and domestic services. However, “physical isolation can make workers more vulnerable by placing them in work environments with harassers and few witnesses,” according to the TIME’S UP Foundation.

When a bad actor (whether it’s another employee, a stranger, or a client) sees your employee alone, perhaps miles away from the nearest person they could turn to for help, they are more likely to strike, as they don’t think they’ll get caught. As a result, you’re at higher risk of theft, sexual assault, physical violence, and other serious incidents.

Improve your HR risk management in this area by increasing security in your work environment. Equip employees with walkie-talkies or portable radios to call for help. Install security cameras or give employees body cameras to capture potential incidents. If possible, send employees to work in teams of at least three to reduce employee-to-employee incidents.

Decentralized workplaces can cause similar accountability issues. For example, if your workplace is one location of a global corporation, resolving issues at your office might be difficult.

Employees might not understand how to report misconduct. Managers or your HR or compliance staff could be unaware of how to handle incidents according to the organization’s protocols and not want to contact the head office to ask. If issues are all investigated through a central headquarters, incidents could take months to resolve, allowing them to escalate.

To address these risks, the EEOC suggests taking the following steps:

  • Requiring consistent training (including ethics and compliance) to employees at all levels across the organization
  • Training for managers that “includes their responsibility for sites under their jurisdiction”
  • Creating “systems for employees in geographically diverse locations to connect and communicate”

 

RELATED: 4 Ways to Boost Your Human Resource Risk Management

 

“Us” Vs. “Them” Mentality

 

When employees don’t respect coworkers who don’t belong to their perceived group (whatever that’s based on), they could engage in anything from minor incivilities (such as rude comments or social exclusion) to major incidents (such as violence or hiring discrimination).

Mattice explains that if your organization lacks diversity, employees are likely to form an “us vs. them mentality.” This outlook, in turn, can lead to harassment, discrimination, and other incidents.

Employees might divide themselves into groups based on a wide range of features, including:

  • Age
  • Gender
  • Race
  • Language
  • Cultural heritage or background
  • Tenure at the organization
  • Socioecomic status
  • Position within the organization
  • Ability

 

To reduce your risk of incidents motivated by “us vs. them” feelings, improve your organization’s overall DEI.

Start by creating a more diverse workforce. Commit to hiring candidates of different ages, races, genders, cultures, and mental and physical abilities. By ensuring no group is a majority in your workforce, you decrease the risk of cliques forming.

Then, encourage employees to mix and mingle outside of their typical crowd. Host social or sporting events where employees must team up with new people for activities. Form social clubs that bridge perceived differences (try a book club or a chat group about your local sports teams).

Finally, require DEI training that teaches employees how to show compassion, empathy, and respect. In your module, include bystander training, which shows employees how to step in if they witness harassment, bullying, or other unacceptable behavior.

 

 

Employee Health Concerns

 

Since the COVID-19 pandemic began, employees’ mental and physical health have risen to the top of many organizations’ priority lists. Putting employee’s needs first makes happier employees, better work, lower turnover, and fewer incidents.

Even though restrictions have been lifted in many parts of the world, employees may still live with medical fear, chronic physical symptoms, burnout, fatigue, and anxiety.

Some employees might feel overwhelmed by this extra stress and anxiety. Left unaddressed for too long, anxiety can turn into anger, causing these employees to lash out at their coworkers through bullying, harassment, and violence.

Prioritizing employee health can prevent these outbursts.

Be flexible when employees have medical appointments to attend during traditional work hours. Give employees plenty of sick leave, perhaps even building “mental health days” into their paid time off. Include an Employee Assistance Plan (EAP) in your benefits package, where they can access mental health services to deal with personal and professional stresses. Offer a “wellness credit” that employees can use to pay for anything that makes their mind or body feel good, from exercise classes to acupuncture.

When employees aren’t running on empty, mentally and physically, they’re less likely to take their frustration out on others, and they’ll contribute more to the organization, too. In fact, 80 per cent of employees who receive mental health treatment report higher work effectiveness and satisfaction, and employees overall are 13 per cent more productive at work when they’re happy.

 

How do you keep employees feeling their best while also ensuring an efficient business?

Download this free infographic for helpful tips on establishing a mentally healthy workplace where employees will thrive, including a list of resources to share with employees when they aren’t sure where to turn for help.

Get the Checklist

Poor Tone From the Top

 

In many organizations, the C-suite sets the ethical tone. If managers openly bully their employees, ignore policies, or communicate aggressively, lower-level employees might think they can do those things too.

Even worse, upper management might ask or encourage employees to break company rules. “Being forced to break a certain rule by a boss may be a small stint of action. It may be a single time request. Or it may be a policy, a norm,” according to the HR Digest.

To ensure HR incidents don’t trickle down from the top, you need to ensure that the C-suite gets on board with your HR risk management measures.

Managers will need to not only verbally agree, but match their actions to their words. It’s all well and good for your CEO to send a company-wide email condemning discrimination, but if he only wants to hire white men, employees will see the words are empty.

Employees likely won’t buy in to a more ethical culture unless managers do. To get employees at every level on board, take these steps:

  • Update training, with separate modules for managers and employees
  • Apply policies and discipline consistently, regardless of employee level, tenure, or department
  • Encourage employees to report misconduct

 

 

Your HR risk management approach won’t be the same as any other organization’s. To create the most effective plan, first review the risk factors above and determine your risk level for each one. Reviewing that data can be a huge task, so choose a case management system like i-Sight that organizes your historic case data into graphs and other visuals in just a few clicks.

Once you know the patterns of employee misconduct and areas of risk within organization, make a plan to address each of these with preventive measures.

Spotting the red flags of discrimination, harassment, and other misconduct before incidents occur protects your employees, your reputation, and even your bottom line.

 

When was the last time you updated your code of conduct with best practices?

New policies show employees what behavior is (and isn’t) tolerated in your organization, helping to prevent misconduct. Get started with our free code of conduct template.

Get the Template

Ann Snook
Ann Snook

Marketing Writer

Ann is a marketing writer at i-Sight Software. She writes about issues related to investigations of fraud, employee misconduct, corporate security, Title IX, ethics & compliance and more.

Related Resources


Book A Demo

To our customers: We’ll never sell, distribute or reveal your email address to anyone. Privacy Policy

Want to conduct better investigations?

Sign up for i-Sight’s newsletter and get new articles, templates, CE eligible webinars and more delivered to your inbox every week.