How to Combat Insider Fraud Using Analytic Tools

During periods of economic crisis or contraction, financial institutions detect more fraud as hidden issues come to light. Insider fraud, however, is constant and more driven by motive and opportunity than changing economic conditions. The sudden shift to remote working due to the global pandemic has created even more opportunities for corrupt insiders to operate.  

Is the incidence and risk of insider fraud growing?  Many experts believe it is. 

The Rise of Insider Fraud – Why Now? 

The number of insider bank fraud cases is likely to be under-reported as financial institutions are often reluctant to publicize these events. Bringing cases to prosecutors means bringing them into the public eye, which creates concerns about undermining customer trust and creating negative exposure. 

But that’s not to say that most banks don’t recognize the risks. According to the Kroll ‘Global Fraud & Risk Report 2019/2020’, 64% of financial services professionals ranked internal fraud as one of their top priorities. 

Insiders pose the greatest risk to financial institutions because they have the knowledge and insight to manipulate their organization’s systems. Carnegie Mellon University’s Software Engineering Institute’s study on ‘Insider Fraud in Financial Services’ found that “insiders pose a substantial threat to financial services companies by virtue of their knowledge of and access to proprietary systems and their ability to bypass security measures through legitimate means.” 

All banks and financial institutions face this problem to some degree. In other words – no bank is exempt. 

Challenges to Combatting Insider Fraud 

One of the key challenges for those responsible for preventing insider fraud is that there is no clear profile of the “corrupt bank employee”. Age, gender, demographics, location, number of years of service — none of these factors provides a strong correlation with insider theft or fraudulent activity.   

What motivates an employee to engage in unethical and illegal activity is complex, whether it is dissatisfaction because they feel undervalued or it is simply opportunistic. To add to this complexity, while some corrupt employees use the money they steal for personal gain or to fund their lifestyle, in many instances, employees find themselves compromised by others –– such as organized crime groups — and, willingly or not, become accomplices, providing access to bank records and customer information or taking other actions that enable these thefts to occur.  And the illegal activity may not always be outright theft — it could be the facilitation of money laundering or other illegal activity.  

In recent years, the prevalence of social media has become yet another boon to criminals seeking to compromise or groom vulnerable bank employees. These often poorly monitored platforms have made so much personal information available at the click of a button, which in the wrong hands can be misused and exploited.  

While the challenges to tackling insider fraud are vast and pervasive, there are now proven tools and tactics banks can use to improve their detection and prevention of fraudulent criminal activity. 

Six Best Practices for Insider Fraud Detection & Prevention 

There are several detection tools and methods which, if properly and consistently executed, can help combat insider fraud. These include:

1.  Monitoring bank employee transaction activity
2. Sphere of influence detection (personal relationships)
3. Anomaly detection re: employees’ behavior
4. Uncovering undisclosed conflicts of interest (outside business / financial interest)
5.  Monitoring logon/access to IT and security systems (including changes made in contact details)
6.  Formalizing organizational learning based on past fraud events

Successfully implementing these tactics as part of a complete fraud prevention program requires utilizing a range of data and data types and having effective IT tools that enable the analysis of that data. 

For instance, data from Human Resources can be combined with open source and other external data sources to enable an effective system for employee “sphere of influence” monitoring. Corrupt insiders often try to avoid detection by transferring money into accounts controlled by personal associates and/or family members, but with a sphere of influence database and an effective analytic tool, any links between a corrupt employee and collaborators – including telephone numbers, addresses, social media links, family relationships, past transactions, and so on – will be flagged immediately. 

Similarly, in cases in which a corrupt insider makes improper transfers of money to or from commercial accounts, an effective analytics program can reveal links between that employee and receiving accounts. 

Another key element of an effective insider fraud prevention program is Entity Resolution, which can ensure that common obstacles to resolving entities — variations in names, spelling, dates, addresses, etc. — do not prevent the clear, accurate resolution into a single entity, be that a person or a business.  The more data that can be brought into a fraud monitoring system, and from a wider variety of sources, the better. 

Data is Fundamental in Preventing Fraud 

It is encouraging that more and more banks have recognized the value of using analytic tools to prevent fraud. The same Kroll research report cited above found that in Financial Services, data analytics was rated the most effective method of detecting incidents (by 75% of respondents). 

One further challenge when working with financial institutions evaluating additional investments in their fraud prevention technology relates to cost accounting.  Often, one department’s budget may be expected to absorb the full cost of the project, but in fact, benefits of an improved data analytics system are virtually always spread over a range of areas and — viewed properly — can be documented as contributing to many departmental and organizational objectives, not solely to insider fraud prevention.  

The banks that recognize this fact are guaranteed to have a strategic advantage.