Companies Slow to Deploy Data, Technology to Detect Fraud: KPMG

Fraudsters are more often caught by tip-offs and complaints, management review, accidentally, suspicious superiors and internal audits than by use of technology and data analytics.

According to consulting firm KPMG, North companies are not capitalizing on the use of data analytics and technology while fraudsters are finding new ways to use technology to commit fraud.

KPMG recently asked forensic specialists worldwide for details about 750 fraudsters investigated between March 2013 and August 2015 in 81 countries. The resulting report is titled, “Global Profiles of the Fraudster.”

KPMG’s analysis revealed that proactive data analytics was not the primary means of detection in any North American frauds, and organizations only used data analytics to detect three percent of fraudsters worldwide.

In addition, technology “significantly enabled” 29 percent of the 110 fraudsters analyzed by KPMG in North America and 24 percent of the 750 fraudsters analyzed worldwide.

In descending order, North American frauds were most often detected by tip-offs and complaints, management review, accidentally, suspicious superiors and internal audit.

“Companies can use advanced data analytics technology to search for suspicious and unusual business activity amid millions of daily transactions,” said Phillip Ostwalt, partner and Global Investigations Network Leader at KPMG LLP. “However, many are not capitalizing on such technology while fraudsters find new ways to gain access to confidential information, manipulate accounting records and camouflage misappropriations.”

In instances where fraudsters used technology to perpetrate frauds in North America, 35 percent included creation of false or misleading information in accounting records; 29 percent involved providing false or misleading information via email or another messaging platform; and 21 percent involved abusing permissible access to computer systems.

A higher proportion of frauds aided by technology may be skirting internal controls designed to detect them, according to analysts at KPMG, who found that 25 percent of frauds significantly enabled by technology were detected by accident rather than by other means, whereas 10 percent that did not use technology were spotted by accident.

Weak Controls

Fraud is less likely to occur in companies with strong controls that monitor for unusual transactions through deploying analytical routines, or where the company invests in resources to defend against fraud, such as an internal audit function, KPMG said.

However, despite the increasing threat of newer types of frauds, such as cyber fraud and continued traditional forms of wrongdoing, companies are not focusing on strengthening controls. Weak internal controls contributed to 59 percent of frauds in North America.

“In addition to ensuring internal controls are thoughtfully designed, companies should deploy effective training and instill a culture of integrity so that controls are properly executed,” said Ostwalt. “Companies should also adopt new controls as their risk profiles change. Ongoing risk assessments can help cost-constrained companies ensure they are properly investing in such controls.”

Additional Findings

Who is Today’s Fraudster in North America?
• 65 percent are between ages 36 and 55
• 39 percent are employed by the victim organization for over six years; most in operations, finance or office of the chief executive
• 42 percent operate in groups and 52 percent of collusive frauds involved external parties

Source: KPMG