3 strategies to prevent fraud from former Enron CFO Andrew Fastow

“The only reason I'm here today is because I went to prison. That's my distinction.”

Andrew Fastow reminded the audience of that when he stepped on-stage at OnRamp 2025. The former Enron CFO was at the center of one of the most notorious financial fraud scandals in history, making him uniquely positioned to explain how misconduct creeps into the gray areas of finance.

Fastow was sentenced to six years in federal prison after pleading guilty to two counts of securities fraud in 2004. Now, after taking full responsibility for his actions at Enron, he uses his experience to help businesses avoid similar mistakes and the crises that can follow. At OnRamp, Fastow shared steps business leaders can take to minimize risk and make ethical decisions.

1. Identify gray areas and be wary of loopholes

Fastow advises finance leaders on how to navigate “gray areas” that can expose businesses to risk.

Fraud doesn’t usually begin with obvious crimes. Instead, it often emerges when rules are unclear, incomplete, or don’t make sense. Fastow noted that these are precisely the places where decision-making becomes risky.

“The area of risk that gets the least amount of attention is the gray area. The area where rules and regulations can be complex, ambiguous, is where companies make the biggest mistakes.”

He emphasized that most corporate disasters begin in these gray areas. He pointed to examples like Enron, Boeing, and Silicon Valley Bank — companies that appeared compliant on paper but were blindsided by risks hiding between the lines.

Fastow concedes that businesses can use some rules to their advantage. But beware of loopholes: these are gray areas, and leaders need to be cautious when operating here.

“We're trained to find every advantage we can. We're trained to find every way to exploit the rules to our advantage. Now, I'm not going to stand up here and tell you not to do them. The problem is that when we go into that area, the guardrails that we have aren't clear.”

This is where Fastow emphasizes that leaders need to be self-aware and consider risk from multiple angles, even when they are following the rules. Too often, they rely solely on guidance from advisors, just as Fastow did.

“Once we get those opinions, something happens to our brains: We stop thinking,” he said. “Our brains are good at blocking out the information that might contradict what we are looking for. Why do we do that? Because we already know the answer we want.”

When operating in gray areas, companies can take extra steps to ask questions, critically evaluate the answers, and provide transparent disclosures around major decisions — even when not required by law.

2. Ask: Would a reasonable person act this way?

At Enron, Fastow relied on his own finance team, lawyers, and external auditors to confirm that transactions were technically legal. But he failed to ask a basic follow-up: would an ordinary person view these actions as fair and responsible, even if they’re technically legal?

“When I was CFO of Enron, the only standard I had, the only question I asked: ‘Is it legal?’ That was it. And if the attorneys and the accountants said ‘yes,’ I did it. I never asked the obvious follow-up question, which is simply, ‘Would a reasonable person, under normal circumstances, behave this way?’”

The problem with that, Fastow explained, is that legality doesn’t consider safety, fairness, or sustainability. When scandals erupt, regulators, journalists, and the public don’t care if a lawyer signed off. They care whether the actions feel fair and appropriate.

Compliance programs must be paired with a culture that values intent. Encourage employees to ask not only “What do the rules allow?” but also “Why do these rules exist?” Rules are meant to protect shareholders, customers, and society. The intention behind rules should be part of your decision-making.

When he was in prison, Fastow’s rabbi offered a metaphor that helped him fully understand the importance of this idea:

“A person can follow the 612 commandments to the letter of the law and still be a completely unholy person, unless he is also considering the spirit of the law,” Fastow quoted. “When I read that, I cried, because I realized at that moment they were writing about me.”

“I always tried to technically follow the rules. But not only did I not consider the spirit of the rules, I actively subverted the spirit of the rules.”

3. Raise concerns by focusing on risk, not ethics

Speaking up can be difficult for employees, especially when questioning decisions may appear to challenge a leader’s ethics. Fastow suggested focusing the conversation on objective risk.

“Don’t ever talk about ethics, because as soon as you say, ‘Is this ethical?’ then everyone else gets defensive. Talk about risk. ‘Have we thought about all the risks associated with this? Can we get sued? Can people misinterpret what we’re trying to do?’”

Reframing the conversation around risk makes it less personal and more constructive, giving leaders space to rethink their choices without feeling accused. Operate under the principle that everyone’s goal is to safeguard the company from fraud.

Fastow explained that Enron’s downfall wasn’t a compliance failure but a cultural failure. His story is a warning for every leader: fraud happens in the gray areas. But when finance leaders build a culture of openly evaluating and discussing risk — whether reputational, legal, or financial — they make better decisions that protect their company’s best interests.