Survey: Data Analytics Falls Short in Detecting Fraud
The growing list of technologies being used in the cat-and-mouse game of detecting financial fraud apparently does not include data analytics, according to new study.
KPMG, the corporate consulting firm, reported this week that its global survey of about 750 “fraudster” investigations revealed that perpetrators actually hold the upper hand when it comes to leveraging technology. The survey found that 29 percent of the 110 fraudsters analyzed in North America and 24 percent of the survey’s universe of 750 were “significantly enabled” by technological prowess.
The survey also warned that technology is more frequently used in committing fraud than in detecting it. Examples of technology-enabled fraud included gaining unauthorized electronic access to confidential information, and posting accounting journal entries to hide misappropriated funds.
More troubling, the survey found that “proactive data analytics was not the primary means of detection in any North American frauds, and organizations only used data analytics to detect 3 percent of fraudsters worldwide.” The study also found that instances of fraud in North America were most often detected accidentally, through tip offs and complaints, management reviews and internal audits.
“Companies can use advanced data analytics technology to search for suspicious and unusual business activity amid millions of daily transactions,” Phillip Ostwalt, KPMG’s global investigations network leader, noted in a statement. “However, many are not capitalizing on such technology while fraudsters find new ways to gain access to confidential information, manipulate accounting records and camouflage misappropriations.”
The auditor identified weak controls as a “major culprit” in the surge of financial fraud, adding that internal controls used to monitor usual transactions could be strengthened through the deployment of “analytical routines” along with internal audit functions. Weak internal controls contributed to 59 percent of fraud in North America, the survey found.
Echoing earlier surveys, KPMG found that the majority of fraud threats come from within companies, with 56 percent of North American perpetrators employed by their victims. More than half are company executives working in “operations,” finance or the CEO’s office, and two-thirds of fraudsters are men between the ages of 35 and 55. The largest group, 38 percent, was found to have worked for the company more than six years.
Misappropriation of assets (47 percent), primarily embezzlement and procurement fraud, was the leading scenario, followed by fraudulent financial reporting (22 percent). The survey identified 86 instances of fraud that cost companies more than $5 million.
“Companies have to design anti-fraud mechanisms that look both ways, inside and outside,” the survey authors noted. “They need to be aware of the possibility that a lone, inside fraudster may be working with a sizeable group of people on the outside.”
The KPMG study also warns that companies must act quickly to tip the technology balance back in their favor. “The key anti-fraud technology is data analytics, a tool that can sift through millions of transactions, looking for suspicious items,” the survey noted. “But only 3 percent used pro-active anti-fraud data analytics in detection of the fraudsters surveyed.”
Emerging anti-fraud tools like analytics will be needed as technology-based fraud such as ransom ware becomes a nearly weekly occurrence. “Cyber fraud, an important form of technology-based fraud, is emerging as a growing threat and many companies are aware of the issue but seem to be doing little about it,” the surveyed warned.
In the case of ransom ware attacks on hospitals, victims often simply shut down affected systems and employ disaster recovery techniques to retrieve stolen records. Some also have paid ransom demands to retrieve stolen patient records.