To accommodate remote work requirements, organizations continue to make changes to technology infrastructure. For the information technology team, remote work is common but there are many other departments for whom this may be the first time. Over a few weeks, many organizations continue to make emergency changes to ensure the business continues without interruption. As a result, organizations are exposed to cybersecurity vulnerabilities and a lot of information is shared on how to manage cyber threats.
The other most important area that needs attention is “Fraud” and many small to medium organizations are not ready or have not considered fraud risk. We thought some ideas about fraud will be useful to IT employees.
Use of Technology to Detect Fraud
Technology is a useful tool for detecting and preventing fraud. Techniques like data analysis, such as link analysis, data visualization, predictive modeling, and other analytic testing are useful in identifying anomalies, patterns, and specific associations. The use of artificial intelligence technologies in fraud detection include the following techniques:
- Data Mining: Extracts knowledge from analysis of large populations of data.
- Neural Networks: Proprietary neural networks translate any database to neurons “interconnected processing units” without user intervention.
- Smart-Agents: Learns the specific behaviors of a given entity. For example, monitor the behavior of a specific cardholder.
- Case Based Reasoning: Experience based approach uses past solutions or cases to prevent and detect fraud.
- Business Rules Management System: BRMS based solutions analyze company data through business rules. Involves use of patented rule algorithm that can accept the number of rules.
- Fuzzy Logic: Traditional and classical logic typically categorizes information into binary patterns like “black/white, yes/no, true/false, day/night.” Fuzzy Logic handles uncertainty in data.
- Long-Term Profiling: To understand their normal behavior, building a profile for each individual entity (ATMs. merchants, cardholders, etc.).
- Adaptive Learning: Allows models to learn and make effective changes at runtime.
- Real-Time Profiling: Uses real-time profiling to evaluate and analyze behaviors.
Types of Fraud
In today’s blog, we have shared information about fraud basics and quick tips. Fraud schemes such as internal and external defraud companies, and other techniques such as Ponzi schemes, identity theft, skimming, etc. defraud individuals.
Internal Fraud – Committed by employees, manager, officers, or owners of the company
External Fraud – Committed by customers, vendors, and other parties
Internal frauds are illegal acts of employees against the company and examples include:
- Trading – Unauthorized trading, misappropriation of assets, insider trading
- Corporate Finance – Misuse of sensitive information, loan fraud, transaction not reported
- Other Examples – Theft of cash, not charring friends/families, supplying receipts for refunds, destruction of assets, forgery, impersonation, bribery, corruption, etc.
External fraud covers a broad range of schemes by customers, vendors, and other parties. The threat of security breaches, stealing intellectual property, tax fraud, hacking, bankruptcy fraud, and loan fraud.
According to 2018 Association of Certified Fraud Examiners (ACFE), common occupational fraud schemes in various industries are as follows:
| Industry | Schemes (2018 ACFE Survey Report) |
| Banking/ Financial Services | Corruption, Cash on hand, Cash larceny, Check and payment tampering, Noncash, Billing |
| Manufacturing | Corruption, Billing, Noncash, Expense Reimbursement, Cash on hand |
| Government/Public Administration | Corruption, Billing, Noncash |
| Health care | Corruption, Billing, Noncash, Expense Reimbursement |
| Retail | Noncash, Corruption, Billing, Expense reimbursement |
| Education | Corruption, Billing, Cash larceny, Cash on hand, Noncash |
| Technology | Corruption, Billing, Noncash, Expense reimbursement, Financial statement fraud |
Per 2018 ACFE report, the common asset misappropriation sub-schemes with greatest risk are:
Noncash, Billing, Cash and Payment Tampering, Cash Larceny, Skimming, Payroll, Expense Reimbursement, Cash on hand, Register Disbursement
Corruption represents one of the most significant fraud risks for organizations in many industries and regions. Common corruption schemes include conflict of interest, bribery, kickbacks, illegal gratuities, economic extortion, etc.
Other common types of fraud include but are not limited to:
- Invoice manipulation through collusion
- Billing for services not rendered and collecting the cash
- Seizing checks payable to vendors
- Adding fictitious employees and collecting the paychecks (impersonation)
- Not removing terminated employees from payroll and collecting the paychecks
- Paying for personal expenses with business cash
- Recording fictitious transactions on the books to cover up a theft
- Falsifying timesheets for a higher amount of pay
- Pilfering stamps
- Stealing (e.g., cash, petty cash, supplies, equipment, tools, data, records, etc.)
- Forgery (not just check forgery, e.g. forging department head signatures on purchase orders)
- Pocketing payments on customers’ accounts,
- Issuing receipts on self-designed receipt books
- Not depositing all cash receipts
How do you respond?
- A consistent and credible disciplinary system is a key control that can be effective in deterring fraud and misconduct.
- Investigations allow the management to minimize the impact on business operations.
- The next step will be corrective action such as disciplining those involved, examining the root cause to identify control circumvented, and taking steps to mitigate risk and harden the controls.