Internal practices and policies always have to be designed with an eye toward what can go wrong. Because too often, what can go wrong, does go wrong -- even when you're just giving out free meals. Food for thought if you're a general counsel.

Take the case of the Meta Platforms Inc. employees who recently lost their jobs over free food. Meta is well known for the free gourmet food it provides to employees each workday at its Menlo Park headquarters -- three meals a day, with Asian offerings, pizza, BBQ, health food. It's so good that you could almost just work, eat, and live there without ever leaving (which is, of course, the whole point).

Other large Meta offices have elaborate food cafeterias as well. But the company can't set up elaborate internal food operations in all their small offices, and employees in those small offices want free food, too. So Meta gave employees in the smaller offices vouchers for services such as UberEats and Grubhub to buy their own in-office meals -- up to $20 for breakfast, $25 for lunch, and $25 for dinner every day.

A nice perk, meaningful even if you're making a big tech salary (the median Meta salary is reportedly over $350,000). But the food vouchers came with rules. They had to be used for food only, and the food had to be delivered to the office. Presumably, the policy was designed to comply with federal tax laws that require free employer-provided meals to include everyone, and be served in the office, to qualify as "tax free" to the employee.

We don't know how much effort Meta made to highlight the rules when it rolled out the food vouchers. But whatever education they attempted, it didn't work. Word leaked out that around 24 Meta employees in the Los Angeles office were caught systematically abusing the policy by ordering items such as toothpaste, laundry detergent, and wine glasses, or by ordering the food and having it delivered to their homes. They were all fired. Other employees who occasionally violated the policy were given a warning.

Online reactions to the firings have been as varied as the Meta food court lunch buffet. Some condemned the employees for a lack of integrity -- privileged techies stealing from the company by taking liberties with a too-generous food policy. Perhaps that's fair. A lot of people would love a free lunch every day, and for these employees, that wasn't good enough. They screwed up and paid a heavy price for their mistake.

Of course, others blamed Meta for overreacting. C'mon, you were willing to pay for the meals anyway; do you really care if they used the money on laundry detergent? Give them a slap on the wrist and move on. Some have even pointed out that the food firings coincided with a fresh round of "efficiency" layoffs at Meta. Maybe it was just easier, and cheaper, to fire someone for voucher fraud than lay them off.

Truth is, no one looks good here, and it all could have been avoided. When you're crafting employee policies, you can't underestimate human inclination to fudge a little bit. People easily rationalize bending a rule. "What do they care what I spend the money on? I don't eat lunch, so I'm just getting the same food for dinner. It would be crazy to waste the benefit. Meta makes billions, and this is just a drop in the bucket."

Fudging on rules is contagious. Your friend is doing it, and nothing happens to them, so you do it, too. It doesn't feel wrong when the whole office is routinely playing loose with the vouchers. And the behavior spreads.

The lesson is that good policies are ones that are so well designed, they can't be violated. For example, one tech company brought an Italian mother into their Milan office every day, and she fixed a big lunch for everyone right in the office. At another company, employees were given a login to an online service that allowed you to pick out a meal from one of a selected group of local restaurants, and the company delivered the meals to the office. Simple.

Good self enforcing policies aren't just about food. For example, if your business has customer data, don't simply tell employees not to access it without a good reason -- work with your information security team to ensure that only employees who routinely need to access customer data can access it, and set up controls that send alerts for unusual activity.

The consequences of Meta's bad policy will reverberate for some time.

Lost productivity, as the fired employees are no longer there, and as the wait to hire new employees and train them begins.

Anger, as employees who remain resent the fact that their former colleagues were fired over a seemingly minor offense.

Bad PR. Questions and cynicism around how the company drew the line between systematic and occasional abuse.

Fear, as employees in other small offices go back in their mind over their own voucher use.

And lawyers, thinking about how company policies might be better crafted to avoid this whole mess in the future.