Q 228. Fraud is causing organizations losses worth billions of dollars annually. What are some of the tools and mechanisms that help organizations detect and prevent frauds?

 

Note for website visitors - Two questions are asked every week on this platform. One on Tuesday and the other on Friday.

• All questions so far can be seen here - https://www.benchmarksixsigma.com/forum/lean-six-sigma-business-excellence-questions/
• Please visit the forum home page at https://www.benchmarksixsigma.com/forum/ to respond to the latest question open till the next Tuesday/ Friday evening 5 PM as per Indian Standard Time
• The best answer is always shown at the top among responses and the author finds honorable mention in our Business Excellence dictionary at https://www.benchmarksixsigma.com/forum/business-excellence-dictionary-glossary/ along with the related term

Application of Six Sigma goes beyond process correction & improvement. Some real powerful tools to detect fraud in accounting are utilized by organizations to ensure they remain profitable in business.   

1.      Tools/ processes are used to find anomaly in the system

2.      Find frequencies of these errors.

Financial Fraud can happen at lot of places e.g.

1.      Money Laundering

2.      E-Comm transactions

3.      Credit Card

4.      Insurance & Health transactions

5.      Subscription fraud

 

One useful tool can be use of Benford Law…This law uses principle that frequency distribution of 1^st digit from numerical data of processes should align to discrete distribution which is called Benford distribution.

The majority of profit and non-profit business organizations and individual businesses suffer a huge loss of revenue owing to fraud inside the organizations. Though all scales of business are vulnerable, the startups and small scale businesses are much more susceptible. The risk of fraud is increasing significantly, due to significant technology-related changes and advancement. Recent reports suggest organizations lose around 5% or more in revenues annually due to fraudulent activities.  

Types of business frauds:  Types of fraud can be of three general types: misappropriation of assets, corruption, and irregularities in financial statements.

 

 Asset misappropriation: This makes the majority of financial frauds, though they coast least among all types. In these types the employees steal organizational resources, for example-Stealing of cash, making false statements regarding financial reimbursements and taking non-cash or intangible assets of the organization. 

     

 Financial statement fraud comprised the least common way but by the way, the costliest one, causing a major loss to the organization. The best examples are a statement of false revenues, inconspicuous liabilities, spuriously raised assets.

 

Corruption ranks in between the other two types. In this type of fraud, employees generally use their clout to influence purchase transactions. Bribery, extortions, and conflict of interest are other ways to enact this kind of fraud. 

 

There are multiple ways  postulated for the prevention of different kinds of fraud through a multidisciplinary approach. 

 

These  are:

 

1. Knowing the employees well: It is very important to do the background check of the employees before hiring them. Even the employees, who are working for a long time in the organization, need to be monitored and any change in their behavioral traits to be noticed. Many of the times, employees who are rendered as very trustful are the ones, who commit this crime. So no one should be spared of strict monitoring. It is also very important to reward hard-working individuals periodically for the prevention of fraudulence.

 

2. Make Employees Aware/ Reporting System Awareness should be spread amongst all the employees, regarding the fraud risk policies. They should also be made aware that management is keeping a strict vigil on them.  The anonymous reporting system should be set in so that employees, vendors and even customers can report fraud without any hesitation and fear.

 

3. Implement Internal Controls: Stringent Internal controls system should be in place to make the organization be free of fraud. Segregation of duties and cross-checking of duties by different employees should be facilitated.  All manual works should be evaluated checked by an automated check system periodically. The stock of all inventories should be strictly maintained and also be stored in a digital platform. 

 

4. Monitor Vacation Balances: Pre and post-vacation balances of all the employees, especially in critical domains should be compared. It is also advisable to keep a rotational policy as far as possible in different domains.   If some employee is not taking a leave for a longer period of time, it may be also a warning sign and the employee needs to be evaluated.

 

5.  Experts Hiring : Certified Fraud Examiners (CFE), certified accountants need to be engaged for periodic internal audits of organization and financial forensic analysis of fraud.

 

6. Corporate culture: Professionals and a healthy work environment are imperative to prevent employee fraud and theft. There should be a well-defined organization structure, documented policies and standard operating procedures of all the practices. There should be an open communication of employees with management. Every employee should be accountable for their actions, regardless of position. 

 

Fraud Detection: A well-documented fraud detection plan should be in place to detect the fraud immediately in addition to the implementation of prevention strategies. Association of Certified Fraud Examiners (ACFE) states that the control and detection should be clearly visible and well communicated to the employees so that they become aware that management is actively watching and they should be versed that there is zero-tolerance for frauds, so  that they would refrain from committing frauds. These plans usually link external information with internal data. 

Ensuring Compliance and Risk Mitigation are vital elements in organizations Fraud Detection and Risk Management Framework

Fraud Detection is inevitable in organizations because “Undetected fraud encourages more fraud”

 

In banking environment, Fraud Detection and Prevention are done more proactively compared to other domains.

Below are some of the methods followed to detect frauds:

• Using Intrusion detection systems – It is passive system which monitors and notifies user
• Transaction monitoring for any suspicious activity and operating procedure violations
• Alert User and Risk response team when there is unusual activity detected (based on spending behavior and location)
• Real-time monitoring for high value transactions
• Using advanced firewall to auto detect and block traffic based on IP Port number  

Below are some of the frequent scheduled activities and best practices to prevent frauds:

• Using Intrusion prevention systems – it is active system which monitors and automatically defect attacks
• 2FA (two-factor authentication or multi-factor authentication) security process is an extra layer of protection to ensure security of online transactions
• Blocking debit/credit cards when repetitively wrong pin entered
• OTP and secure code authentication for online transactions
• Limiting transfer value for online transfers for new beneficiary for first 24 hours, Limiting to add number of beneficiaries with in 24-hour window
• Auto Logoff after when user is idle, and no activity detected

Commonly used security Tools in financial institutes include:

• Proxy Piercing - This tool helps in tracing fraudster's true location 
• Device fingerprinting - This tool captures transaction pattern associated with the device and flags    
• Blacklisting - This tool blocks traffic initiated from specific user/domain/location/country (dark web monitoring)
• Velocity Checking - This tool watches repeat purchase from same user and flags

Adopting to multiple fraud detection tools and methodologies is the only way to effectively fight back with online frauds.

These tools can help in

• Payment fraud prevention
• New Account fraud prevention 
• Account takeover protection 
• Payment authorization
• Dynamic checkout
• Charge-back guarantee
• Representment  
• Content Integrity 
• CNP fraud protection 

In Insurance environment, especially during claims, organizations were following traditionally measures such as relying on expert judgement, Special Investigation Team and adjusters. However, Organizations should leverage technology to mitigate, prevent and combat fraudulent activities: for instance

• Using Analytical Techniques such as Artificial Neural Networks (ANN) to flag an unusual claim
• Using Data Mining methods such as clustering based on specific customer UID’s and segments
• Using Pattern Recognition Algorithm and models to identify patterns in comparison with the historical records
• Text mining and logical regression techniques to identify claimant records

Categorization can be done based on available date such as Clean Claim, Standard Analysis and Critical Investigation

Clean Claim – For Fast Track Settlement

Standard Analysis – With Normal processing TAT

Critical Investigation – For potential fraudulent claim

 

Lemonade Insurance Company reports claim paid in 3 seconds with no paperwork

Source: Insurance Innovation Reporter

For companies like Lemonade, fraud detection and prevention system should have apex standards to maintain reputation and customer relationship

 

What is Fraud Detection?

 

The detection is a business analysis tool focused on identifying cases before they occur and prevent them from happening in future.

The Fraud detection tool functions by predicting the frequency of numbers in a naturally occurring data-set. If  a certain number appears where it shouldn't, it's called a anomaly. When viewed next to the probability distribution of each digit, the anomalies are the first one to appear. Once the suspicious data set has been identified it helps in shedding light on similar type of data sets/anomalies, leading back to the source of the problem. It will then highlight the extent of the issue at hand. Like any Six sigma issue the more one knows about issue the more you are prepared to handle it.

 

Using root cause analysis, DMAIC will get us to the root of the issue in conjunction with the below mentioned tools for fraud detection.

 

 

 

Some of the examples of tools used for detection and prevention are as follows:-

 

1) Fraud Propensity Model-In an Insurance domain, in order to improve the claim process, being familiar with the claims lifecycle and data is important to build the hypothesis that the text entries captured during various parts of the process could reveal scripted patterns indicative of suspicious fraudulent activities, all these are not visible during manual activities and hence will not be flagged. By building a text mining algorithm and generating a fraud propensity score that combined the business rule classification with the authenticity of textual entries some of the suspicious text entries patterns through the model indicated collaboration between various entities involved in the claim process which the field unit investigated further to prevent the fraudulent entries leading to an outcome of increased savings.

 

2) Data mining approach to build credit scoring model-The purpose of creating credit scoring model was to predict default clients and reduce credit risk by applying data mining algorithm in order to find patterns of recognition of default clients and thus support decisions making process for credit approval. Data mining algorithms and methods can be used in detecting behavior that might indicate fraud. Analytical methods can used to indicate deviations from the norm, highlighting records that are abnormal and worthy of further investigation. 

 

3) For identifying high or low grants applications following approaches of fraud detection can be used:-anomaly detection and an modelling approach, together.

 

The control proposal as seen below shows location of fraud detection in the control phase of DMAIC/six sigma methodology.

With Six sigma one can built a company culture of identifying and eliminating any possible threats of potential fraud.

 

Six Strategies for Fraud Prevention in Your Business

 Fraud is significantly problem faced by all type of organization. All organization would like to believe that employees are loyal and working for the benefit of the organization (most of them do) Although there are many reasons why employee do fraud.

Research shows that the typical organization loses 5% of its annual revenue each year due to fraud. Prevention and detection are important to reducing the loss.

Every organization should have a plan in place as preventing fraud is much easier than recovering your losses after fraud has been committed

Type of business fraud

There are many types of frauds. Majorly we can categorize it into three categories 1. Asset misappropriation, corruption and financial statement fraud. Asset misappropriation is comment and found in 90% cases as per studies. In this scheme employee steals or exploits its organization resources, Example – misappropriation is stealing before and after it has been recorded, making false expense reimbursements, taking non-case assets of the organization

Financial statement fraud is less than 5% of case in total fraud. In which involve omitting misstating information in company financial report .it may be fictitious revenue, hidden liabilities.

Corruption is in the middle and it is happened in one third of cases, Corruption is happened when employee use this influence in business, transition of there benefits by violation the rules and duties, corruptions are bribery, extortion and conflict of interest

Fraud prevention

Every organization must have fraud prevention plan in place .it is no matter it is a large or small organization. A study of fraud cases in the ACFE 2014, report says that the fraudulent activities studied lasted an average of 18 month before being detected.

There are ways by which we can we can control or detected the frauds in the business

1. Know Your employee: -

Frauds committers often display by behavior traits. Observing and listening to employee helps to identify the potential fraud risk. Organization must involve with their employees and take time to know them for this we can change the attitude the employees. We should talk with the employee and resolve the internal issue like – if they feel lack of appreciation. It may no only reduce the fraud but make the organization better.

2. Make Employee aware and setup Reporting system:-

Organization must make aware to their employee. every employee must aware about the organizational Fraud risk policy including type of frauds and consequences associated with them.

3. Implement Internal Control: -

Organization must implement the internal controls to safeguard the company assists and ensure the integrity of financial record and prevent the frauds. separation the duties is one type of internal control .it may be reducing the risk of fraud. for example -A retail store has on cash register employee. The cash and check register receipts should be checked by one employee while other prepare the deposit slips and third should deposit inti the bank.

4. Monitor Vacation balances: -

Manager might be impressed with the employee who have not missed a day and have 100%attendence. This thing may like a loyal employee however it may be a sign that this person has something to hide and he worried that someone will detect their fraud if he was out of office for some time it is good idea to rotate the employees to many jobs with in the company. we can allow to second person to review the activities of first.

 5.Hire Expert: -

 Certified Fraud Examiners (CFE), who are Certified in Financial Forensics (CFF) can help organization in establishing antifraud policies and procedures. They can provide a wide range of services from complete internal control audits and forensic analysis to general and basic consultations

6. Live the corporate culture: -

Organization must build a positive work environment it can help to prevent to the fraud and theft. There should be a clear organization structure, written procedure & policies. Open door polices do also prevention of fraud.

Fraud Detection

In addition to prevention strategy. organization must have the detection mechanism in place and it should be visual to employee. It is important to continuously monitor and update your fraud detection strategy and ensure they are effective. These plans take external information and consider linking with internal data. The results of your fraud detection plans improve your prevention controls. It is imperative to document one's fraud detection strategies including the individuals and/or teams responsible for each task. Once the final fraud detection plan finalized, It should be communicate to all employees how it will be implemented.

All answers are correct.

 

Mohamed Asif's answer has been selected as the best as he provided inputs on specific tools that are used for Fraud Prevention and Detection