Did you know that insider fraud accounts for more than half of all financial fraud? Dr. Jennifer Hesterman walks you through what you need to be aware of and how to plan for your company’s protection.

The fear of fraud is a constant for businesses. Unfortunately, fraud is increasingly committed by employees on the inside, the very people who are supposed to support and protect an organization. Unrestricted access and intuitive knowledge of company operations makes their activities even more lucrative than fraud perpetrated by outsiders. In fact, insider fraud accounts for more than half of all financial fraud.

Even highly regulated industries such banking and insurance are susceptible to insider fraud. In these cases, insider fraud is highly damaging, as employees have access to extremely sensitive and personal data, including customers’ social security numbers, monetary account information, driving and criminal records, and medical information. The loss of funds is worrisome enough, but if you add identity theft and vulnerability to extortion, the possible consequences of insider fraud is even worse.

The cost of fraudulent activity can be staggering. According to the FBI, insurance fraud is a $30 billion a year industry. Sadly, fraudsters often prey during periods of confusion or chaos in the company. For instance, disaster-related fraud was so rampant after Hurricane Katrina, a special task force was created to address it. That operation eventually evolved into today’s National Center for Disaster Fraud.

The Perpetrators

Unfortunately, it’s hard to predict who might commit fraud at an organization since a vast majority of perpetrators are first-time criminal offenders. Statistics indicate that 75% of corporate insider fraud is committed by employees working in accounting, operations, sales, upper management, customer service, purchasing, and finance. Seventy-one percent of all fraud doesn’t even require technical knowledge of systems—it is committed using systems and processes that employees have authorized access to every day.

According to David Debenham, co-chair of the Fraud Law Group at McMillan, many insiders operating today are acting out of disenchantment with their social or economic standing. “The typical insider is approaching middle age, has been with the same employer for over a decade, has frustrated career aspirations, believes they earn less than they deserve, and feels under-appreciated by the employer. These fraudsters begin to embezzle to maintain a lifestyle they believe they are entitled to in the face of peer pressure of an over-achieving social group, the additional costs of an affair or divorce, or some form of addictive behavior.”

Warning Signs

79% of perpetrators display behavioral warning signs. The most common are:

Living beyond means
Financial difficulties
Unusually close association with a vendor or customer
Excessive control issues
A general “wheeler dealer” attitude involving unscrupulous behavior
Recent divorce or family problems

Activities Associated with Insider Fraud

According to NAIC, National Association of Insurance Commissioners, these are the fraudulent activities we need to look for in the workplace:

Forgery
False filings with regulators
Kickbacks
Marketing and pyramid schemes
Embezzlement
Bribery and improper influence
Money laundering
Investment in over-inflated assets
Destruction of records
Operating without proper licensure
Falsification of records
False and misleading financial statements
Policy misrepresentation
Sequestration, diversion or rental of assets
Manipulation of reserves
Manipulation of claims reserves and settlements
Intentional financial failure
Destruction or manipulation of computers or computerized data

Keep Those Electronic Devices in Check

The use of electronic devices to conduct business opens the company to the possibility of being hacked and the loss of sensitive and valuable data. Studies show that 81% of employed adults use at least one personally owned electronic device for work, and 50% of organizations experienced a data breach due to unsecure electronic devices.

Do you know who is using your network? If not, you’re are not alone—only 10% of organizations say they’re “fully aware” of all the devices accessing their network. Unauthorized users also open your company up to hacking, phishing attempts and viruses.

Remember this number: 50 billion. This is the estimated number of goods or services on the “Internet of Things” that will be sharing data over the Internet by 2020, including sensors in cars and household appliances. Sharing data online is estimated to grow tenfold, increasing the chances of data being compromised. Consider all of the bring-your-own-devices coming into the workplace and the vulnerability, and recognize that perhaps it’s time for a new policy or administrative guidance regarding their use.

Prevention and The Investigative Approach

Insider fraud is a serious problem, but there are ways businesses can detect and prevent this stealthy crime. Here are a useful series of steps to get started.

(1) The first step is identifying the ‘crown jewels’ in the company you must be protect at all Then identify who has access to these critical assets and build a program to detect and mitigate their possible criminal behavior.

(2) Develop a solid foundation for an insider threat program. Companies must hold education and training sessions for all employees (from the mailroom to the boardroom) to help them understand their role in any potential breach. This training can also serve as a deterrent when employees know the company is serious about detecting and stopping internal fraud.

(3) Have a culture of safe reporting, where employees can anonymously give tips about suspicious information. Remember that 40% of all inside fraud at financial institutions is discovered through an employee tip. Offer several reporting avenues to collect fraud tips. Data shows 39% of all tips are delivered via phone hotlines, while 34% are sent via email. Organizations with reporting hotlines are almost 20 percent more likely to detect fraud through tips than organizations without a hotline.

(4) Consider a whistleblower program to protect your employees who do come forward.

(5) Take special care of employees under investigation, those disciplined or fired as they are under intense pressure and may seek revenge against the company.

Naturally, we want to believe our employees are all loyal and trustworthy. However, beware of falling into the NIMO trap—“not in my organization.” Everyone has a public life, a personal life, and a private life. The latter is an area employers may not know about. For instance, money problems, marital problems or drug or alcohol addiction may be affecting your employees. These private issues may drive an otherwise honest employee towards criminal activity or worse. Having a reporting system will go along way to shining a light in the dark corners of your organization.

Watermark can help deal with issues such as insider fraud and insider threat. Call us today for a confidential discussion about your concerns and leverage our vast experience to build solutions to protect you, your organization, employees and customers.

Sources used in this article:

www.acfe.com/rttn2016/docs/2016-report-to-the-nations.pdf

www.fdic.gov/regulations/safety/manual/section9-1.pdf

www.fbi.gov/file-repository/stats-services-publications-fiff-2003-financial-institution-fraud-and-failure-report-2003

www.resources.sei.cmu.edu/asset_files/Brochure/2012_015_001_28207.pdf

www.forbes.com/sites/markfidelman/2012/05/02/the-latest-infographics-mobile-business-statistics-for-2012/#71ad3ae12025

https://www.financierworldwide.com/defending-against-insider-fraud/

https://www.naic.org/store/free/IMP-OP.pdf

https://www.fbi.gov/news/stories/investigating-insurance-fraud

https://www.infoglide.com/blog/insiderfraud_part_1/

Working with Watermark