Why Effective Data Analysis Is the Key to Preventing Insider Fraud in the Decentralized Workplace
Effective data analysis is the key to preventing insider fraud in the decentralized workplaces.
It’s perhaps no surprise that during periods of global economic uncertainty, levels of fraud tend to increase. Corporations around the world invest billions of dollars every year to identify and prevent fraudulent activity amongst customer accounts, often with high levels of success. However, there’s another type of fraud that can often prove much harder to protect against - internal fraud.
Committed by individuals working within the organization, who already have unfettered access to highly sensitive data and systems, internal fraud is not only extremely challenging to prevent, but also massively costly, accounting for an average of over $50 billion in losses for businesses across America yearly. It’s also been exacerbated further by the unprecedented shift towards remote or hybrid working in recent years, putting many workers outside the traditional security perimeter, and creating more opportunities for individuals to conceal fraudulent activity.
While insider fraud is nothing new, many experts believe global events of the past few years, from COVID-19 and the Ukraine conflict to high inflation and cost of living concerns, have created a perfect storm that’s causing levels of internal fraud to rise at an alarming rate. And while many instances of this type of fraudulent activity may start out as an accidental mistake, the potential for the easy payout to snowball into something much more nefarious is likely to grow the longer the fraudster goes undetected.
Reported cases of insider fraud are the tip of the iceberg
Internal fraud isn’t something institutions like to shout about, meaning officially reported cases are likely to represent just a small fraction of the true number. This is because bringing cases to prosecution attracts a large amount of unwelcome media attention that can quickly damage a business’ reputations and undermine customer trust – particularly if they are the first to detect the grift.
In fact, a recent report by the Association of Certified Fraud Examiners (ACFE), estimated that organizations lose as much as 5% of revenue to fraud each year. Interestingly, 42% of the cases highlighted in the report were detected due to a tip or internal whistleblowing, and 55% of those tips came from employees. However, with so many more people now working remotely, it’s much easier for those engaging in fraudulent activity to hide it from suspicious colleagues and co-workers. This places more emphasis on organizations and managers to put mechanisms in place that enable them to effectively supervise and monitor their employees.
Why are insiders so dangerous?
For example, a recent Carnegie Mellon University study entitled ‘Insider Fraud in Financial Services, found that “insiders pose a substantial threat to financial services companies by virtue of their knowledge of, and access to, proprietary systems, and ability to bypass security measures through legitimate means.” The fact is, hybrid work amid a prolonged period of organizational insecurity has generated a “culture crisis” of sorts, making the stakes higher than ever for employees who feel they have little to lose.
Unlike external bad actors, insiders don’t have to find a way through multiple layers of perimeter security to get inside a company’s IT network. Their insider status means they likely have authorized credentials that, depending on their role, lets them access a wide range of sensitive or confidential information whenever they like.
Furthermore, there is no clear profile of what a ‘corrupt employee’ looks or behaves like. Factors like age, gender, location, number of years of service — none of these factors provides a strong correlation with internal theft or fraudulent activity. In short, anyone can be a threat. For multinational enterprise organizations with thousands of employees around the world, that’s a lot of people to try and keep an eye on.
And organization should accept they might not see the lost money again. The recent ACFE report suggests that in 48% of cases there was zero recovery of lost funds in some regions.
Why do they do it?
What motivates an employee to commit fraud can be an extremely complex issue?
In some cases, they might feel disenfranchised from the organization, or have a sense of injustice that motivates them to act. Bear in mind that many hybrid or remote workers were onboarded over the thick of pandemic lockdowns and may have never had the chance to physically meet colleagues or managers in person, resulting in them feeling a sense of removedness from any guilt associated with their actions. In rare cases, they may be doing it under duress, at the direction of an outside party that’s blackmailing them. In other cases, still, they might simply have seen an opportunity to make a fast buck and acted on impulse. Similarly, the severity of the crime can vary wildly, from compromising proprietary company data to creating millions of fraudulent accounts.
How can companies protect themselves against insider fraud?
Protecting against the threat of insider fraud can be extremely challenging. For one, internal fraud detection procedures have historically heavily relied on on-site supervision tactics – something that is naturally impossible when employees are working remotely. Fortunately, there are a number of proven tools and tactics that firms can adopt to give themselves a better chance of detecting and preventing fraudulent activity. These include:
Monitoring employee access activity
Uncovering undisclosed conflicts of interest (outside business / financial interest)
Monitoring logon/access to IT and security systems (including changes made in contact details)
Anomaly detection around employees’ behavior
Sphere of influence detection (personal relationships)
Formalizing organizational learning based on past fraud events
Of course, successful implementation of these tactics requires careful data management and analysis as part of broader Decision Intelligence, particularly when a large hybrid workforce is involved. For example, an employee’s ‘sphere of influence’ can be ascertained by combining data from HR with other publicly available external sources.
Often, corrupt insiders try to avoid detection by transferring money, data, or other proprietary information into accounts controlled by personal associates and/or family members. But with a sphere of influence database and an effective analytic tool, any links between a corrupt employee and collaborators – including telephone numbers, addresses, social media links, family relationships, past transactions, and so on – will be flagged immediately.
Similarly, in cases in which a corrupt insider has improper interactions to or from commercial accounts, an effective analytics program can reveal links between that employee and receiving accounts.
Another key element of an effective internal fraud prevention program is Entity Resolution, which can ensure that common obstacles to resolving entities — variations in names, spelling, dates, addresses, etc. — do not prevent the clear, accurate resolution into a single entity, be that a person or a business. The more data that can be brought into a fraud monitoring system, and from a wider variety of sources, the better.
Effective data analysis is the key to insider fraud prevention
Sadly, growing economic uncertainty over the past few years means that fraud is once again on the rise. Insider fraud can be particularly damaging when left undiscovered for any period of time, which means businesses need to put effective mechanisms in place to detect and prevent it as fast as possible. Passively detected fraud – or fraud that runs rampant over time without being detected – can result in substantially more severe financial damage compared to fraud that is detected proactively. Often organizations don’t realize they even have a problem before it’s too late.
While it’s extremely challenging to spot corrupt insiders before a crime has been committed, having the right data analytics tools and processes in place means organizations are well placed to act quickly should the need arise, preventing much more costly damage further down the line.