Focusing On Technology-Based Fraud Solutions
Fraud is a dominant form of white collar crime that continues to extract a tremendous toll not only on the organizations that fall prey to it, but also on investors, financial institutions, and the economy in general. There are several issues that make effective fraud management a particularly challenging task. These include enormous and ever-expanding volumes of data; growing complexity of systems; the changing behavior of users, business activities, and fraudsters; continuous evolution of newer fraud to bypass existing detection techniques: risks of false alarms; and social issues such as privacy and discrimination.
The Nature Of Fraud
In its 2002 "Report to the Nation on Occupational Fraud and Abuse," the Association of Certified Fraud Examiners (ACFE) defines occupational fraud as "the use of one's occupation for personal enrichment through the deliberate misuse or application of the employing organization's resources." Frauds generally fall into three broad categories: asset misappropriations, corruption or fraudulent statements. Asset misappropriations typically include fraudulent disbursement, skimming revenues and payroll fraud. Common examples of corruption include accepting kickbacks and engaging in conflicts of interests. Fraudulent statements generally involve falsifying an organization's financial statements by overstating revenues and understating liabilities and expenses. The vast majority of frauds surveyed in the ACFE study fell into the first two categories (85 percent and 12 percent respectively).
In addition to the direct dollar costs of fraud, organizations must cope with a range of indirect costs. Damage to a company's reputation can have substantial fallout--and lead to punishing market setbacks. Loss of customer confidence translates directly into reduced revenues and profits. And employee morale can suffer, impacting organizational productivity and the ability to attract and retain qualified staff.
The Extent And Costs Of Fraud
The ACFE estimates that 6 percent of organizations' revenues will be lost in 2002 as a result of occupational fraud and abuse. Within the United States, this translates into losses of approximately $600 billion or about $4,500 per employee. The ACFE's 2002 "Report to the Nation on Occupational Fraud and Abuse" covered 663 occupational fraud cases that caused more than $7 billion in losses. More than half of the frauds in this study caused losses of at least $100,000 and nearly one in six caused losses in excess of $1 million.
The UK chapter of the ACFE participated in a 1998 survey of fraud in Europe conducted by Dr. Paul Barnes and David Sharpe with help from Business Defense Europe Ltd. Overall losses in Europe due to fraud were estimated at 90 billion [pounds sterling] annually. The results were consistent with the U.S. findings, with survey results indicating frauds primarily occur because of circumventing or overriding internal controls (17 percent), failing to separate duties (13 percent), and failing to make periodic checks (10 percent). The most common corruption frauds are those involving bribery and kickbacks. Frauds involving collusion between internal and external perpetrators are, on average, the largest frauds (median loss of 250,000 [pounds sterling]).
How Fraudsters Exploit Complex Systems
In order to catch a fraud, one must "think like a thief, not an auditor," says fraud consultant Nigel Lyer, Managing Director at Hibis Scandinavia. An organization's internal controls can provide a false sense of security, so auditors and fraud examiners must look beyond the controls, as a criminal does, to find loopholes in the system where fraud could occur.
Typically, fraudsters detect or stumble upon areas with weak cross-departmental or cross-organizational controls, often the site of the interfaces between two computer systems. …