24 Nov 2011, Alexander Campbell, BAE Systems Detica , Operational Risk & Regulation
“I trusted some very intelligent people to decide where my money should go,” remarked one comedian recently, “and, apparently, they decided that most of it should go to them.”
Fraud and financial crime generally are rarely out of the news – and there are many reasons why this is so. No economies have yet recovered fully from the financial crisis, which has now moved into a new and more dangerous stage centred on eurozone sovereign risk. Growth remains weak, unemployment is high and financial markets are still volatile. In these circumstances, banks and the individuals who work for them are under severe economic pressure – leading them, in some cases, to break the rules in search of gain. In some cases, this can mean criminal fraud for personal gain; in others it can mean perpetrating or permitting ‘rogue’ trading in search of greater returns for the institution (and, potentially, larger bonuses for the individual).
There is also a delay between perpetration and discovery – the average fraud lasts three years, implying that many of the frauds initiated around the deepest point of the recession in early 2009 have still not come to light.
This isn’t the only reason for fraud to be a growing concern. As participants in our virtual Q&A noted, the growth of online banking, and the rapid development of new types of criminal software, have led to a significant increase in the threat of online attack. Online finance also means that attacks can be completed much faster – real-time monitoring of customer activity could now involve reacting to suspicious actions in milliseconds. And the push for greater convenience has also opened the way for social engineering frauds.
Has the increase in risk led to an increase in vigilance? Not always – in fact, it’s a continuing concern that control and audit functions may be first on the chopping block when budgets need to be reduced. And, partly as a result of this, most frauds are discovered by chance or due to a tipoff – not because fraud prevention mechanisms have worked as designed. In particular, too much attention is paid to external fraud when the more common – and more dangerous – threat comes from within the organisation. Companies need to pay more attention to their employees and corporate culture to keep the new wave of fraud under control.
The results of the Operational Risk & Regulation/Detica NetReveal Financial Crime Survey 2011 will be published in the January 2012 issue of the magazine.
Click here to view the full report in PDF format.