“How did this happen?” asked Bloomberg’s host in reporting on a massive fraud at Wells Fargo, uncovered yesterday afternoon involving more than five thousand employees. The banking giant has fired almost two percent of its entire global workforce for falsely opening accounts for customers in order to game compensation systems. They will also pay a fine of $185 million to the Consumer Financial Protection Board.

But how did it happen — and go on for five years before being discovered? Jesse Hamilton actually has few answers:

The Washington Post doesn’t have many answers, either, but outlines the fraud itself clearly enough. Employees incentivized to open new accounts, such as credit and debit cards, simply started making up customers or adding accounts to existing customers without their consent:

Chasing “compensation incentives,” employees went as far as to create phony email addresses to enroll existing customers in online-banking services and issued them debit cards they didn’t request, government regulators alleged. Some even created fake personal identification numbers. Customers were then often hit with assorted fees totaling millions of dollars for accounts they never authorized, the regulators charged. The pervasive practice dates back to at least 2011, regulators said. “This widespread practice gave the employees credit for opening the new accounts, allowing them to earn additional compensation and to meet the bank’s sales goals,” the federal Consumer Financial Protection Bureau said in a statement. “Consumers, in turn, were sometimes harmed because the bank charged them for insufficient funds or overdraft fees because the money was not in their original accounts.”

That explanation would cover a few rogue employees, or a core conspiracy among several dozen or so, but that’s not what Wells Fargo had. The bank fired 5300 employees for this fraud, which would be roughly 2% of its global workforce as of 2015. Over two million accounts were fraudulently opened, very few of which actually generated revenue. Those numbers even go beyond conspiracy (how can a conspiracy of 5300 people go unnoticed for five years?) and into an expression of corporate culture.

Where was management all this time? Incentivizing the fraud through both carrots and sticks, Bloomberg’s Matthew Levine wrote this morning:

Two basic principles of management, and regulation, and life, are: You get what you measure. The thing that you measure will get gamed. Really that’s just one principle: You get what you measure, but only exactly what you measure. There’s no guarantee that you’ll get the more general good thing that you thought you were approximately measuring. … Not that the workers were happy: These tactics seem to have been less a fun way to put one over on the bosses, and more a desperate attempt to stop the pain. Some of them still sound pretty traumatized by all the berating: “When I worked at Wells Fargo, I faced the threat of being fired if I didn’t meet their unreasonable sales quotes every day, and it’s high time that Wells Fargo pays for preying on consumers’ financial livelihoods,” Khalid Taha, a former employee, said in a statement.

Having spent almost two decades measuring employee performance through objective metrics, I can attest to Levine’s two principles — and could tell lots of stories about the challenges it produces. No one wants to let people off the hook for committing fraud, but the corporate culture that produced these incentives needs to be changed, too — and there isn’t much indication from Wells Fargo that they’re being addressed. Surely some of the 5300 fired came from management ranks, but how many? How many managers and executives were aware of this practice and either tolerated or condoned it? How many of those are still with Wells Fargo?

This also raises questions about how many other of the “too big to fail” banks operate under the same corporate culture. My bank used to plague us with constant phone calls about opening up credit cards and loan products, until they suddenly stopped a couple of years ago. I didn’t question the change — I appreciated it, but didn’t question it — until this story emerged yesterday. Thankfully I keep a close eye on my accounts through online banking, and have seen nothing amiss. Perhaps the moral of this story is that consumers had better exercise vigilance — and get out when things go wrong.