ISCAP Proceedings: Abstract Presentation
Teaching Case: Routine Processes Gone Awry - the $26M Payroll Debacle
Laura Atkins
James Madison University
Leigh Mutchler
James Madison University
Abstract
On September 5, 2019, thousands of people experienced financial distress when their recently deposited paychecks were withdrawn from their accounts without warning and for no clear reason. These employees all worked for organizations that were clients of MyPayrollHR, a cloud-based provider of automated payroll services. Unknown to all, the MyPayrollHR CEO, Michael T. Mann, had transferred the funds flagged for payroll distribution to his personal accounts. This meant the automated payroll deposits were made from an account that didn’t have the required funds, which led to a reversal of the deposits. This debacle and the series of events that followed raised questions about how Mann’s actions could have happened in the first place. This case study explores the events leading up to the scandal, the fraudulent activities conducted by Mann, and the $26 million impact on employees and banking partners.
The field of Computer Information Systems (CIS) encompasses the use of computing technologies to solve business problems. Courses in the CIS curriculum introduce students to the components of information systems including hardware, software, data, people, and processes, and a case study can help students examine and understand the interactions and dependencies amongst these components. The concepts in this case include inter-organizational workflows, processes, and the exploitation of both technology vulnerabilities and business relationships. The real-world incident in this case inspires questions that can lead to rich classroom discussions in many different IS courses. The broad nature of CIS allows students to explore issues from other viewpoints as well. Teaching notes will include suggestions for analyses from several different perspectives including information systems development, business process analysis, security and risk analysis, trust and consumer relations, and ethics. Instructors may choose to implement this case from one or more of these perspectives.
This case has been used in a senior-level Digital Ethics course but has applications in undergraduate information systems courses such as introduction to MIS, security, ethics, system design, and others. It works well for generating discussion over two consecutive class periods. The discussion and initial introduction of the case can be done with the entire class, then students can work in groups to develop their responses to the discussion questions. It could also be incorporated into a unit that covers security, outsourcing, or systems development.
Keywords: Teaching case, Computer information systems (CIS), Insider Threats, Inter-organizational Workflows, Fraud, Risk analysis