Sizing the Risk Posed by Internal Fraud
Posted: 25 May 2010 | Source: Fiserv
In times of economic unrest, financial crime tends to flare. So it’s no surprise that financial institutions are finding that fraud is adding to balance sheet stress. Identifying internal fraud risk and overcoming it is a primary objective of internal audit and compliance managers and fraud prevention departments. Technology can make fraud detection, documentation and prevention more efficient and effective for these stakeholders. Pivotal to understanding and reducing fraud loss is the ability to easily monitor the behavior of insiders and to have an enterprise view of transactions and activities to uncover not only threats, but also systemic issues that expose the institution to further attack.
According to the Association of Certified Fraud Examiners (ACFE) 2008 Report to the Nation on Occupational Fraud & Abuse, the average U.S. organization may be losing 7 percent of annual revenues to fraud totaling upwards
of $994 billion in yearly losses. And, incredibly, 60 percent of all that fraud involves employees.
The KPMG Forensic Fraud Barometer, published in February 2009, revealed that in the U.K., employee fraud and fraud in general were at almost record highs in 2008. According to the report, cases involving some £1.1 billion of fraud went to court. And, if this recession is like the last one, the level of internal fraud will continue to increase as the economic crisis works
to correct itself.
In all likelihood, the figures from ACFE and KPMG are just estimates because many internal fraud schemes go unnoticed and fearing headline risk, many firms neglect to report fraud. This makes it difficult to determine the total impact of such crimes.
Although most fraud involves insiders, when it comes to allocating fraud-prevention resources, most financial institutions spend most of their budgets on external fraud detection and prevention. This leaves them with only scarce resources to detect and stop internal fraud.
One reason for the lack of focus on internal fraud might be the perception that external attacks are often regarded as easier to spot. With internal fraud, financial institutions are often unaware when fraudulent activity is taking place and they are unable to ascertain the extent of the damage until well after an investigation begins.