Managerial crime controls include policies setting down how the organization deals with things like conflict of interest, employee dishonesty, money laundering, investment and lending, human resources (hiring, promotion, firing, compensation), etc. These policies drive development of procedures that are more specific than policies, as well as audit procedures to check that the documented procedures have been implemented and continue to be applied.
The policies that drive procedures are usually proposed by senior management for approval by the board of directors.
The policies may also be initiated by the directors.
What is crucial is that the board and executive management use the policies to drive the process of ensuring that the organization is in control.
An organization in control has the appropriate security and risk management policies, processes, procedures, equipment, training, audits, budgets, and security are part of the organization’s strategic planning process.
A reasonable and practical version of the control philosophy will permeate the organization.
Where an organization is in control and has a good relationship with authorities, criminals are less likely to attempt to commit a crime there. Crimes driven by need, perhaps to support a drug or gambling addiction, may still happen, but instituting the proper security procedures will control the amount of loss and quickly get the organization back to a normal mode of operation.