What measures should companies take against internal fraud? Explaining the causes of fraud, case studies, and key points for prevention

Internal fraud" by mid-career retirees and current employees is no stranger to any organization, as are cyber attacks from outside. Here, we explain the current state of internal fraud, the risks to which companies are exposed, the causes of fraud, and other basic knowledge. Specific examples and countermeasures to prevent fraud are also introduced.

What is internal fraud?

Internal fraud refers to fraudulent acts committed by related parties or former related parties of a company or organization, and includes not only intentional acts for financial gain but also operational errors. There are various types of internal fraud, including information leaks, such as the unauthorized removal of confidential information or information assets; financial embezzlement, such as padding of bills or illegal kickbacks; accounting fraud, such as window dressing of financial information; and falsification of quality inspection results or experimental data.

Current Status of Internal Fraud

According to the "Information Security 10 Major Threats 2023," a ranking of information security incidents that had a significant social impact during the year, "information leakage due to internal fraud" ranked fourth. It is up one rank from the fifth place of the previous year, and its social impact is increasing.

*Reference Information Security 10 Major Threats 2023 (IPA) https://www.ipa.go.jp/security/10threats/10threats2023.html

Corporate Risks from Internal Fraud

If an internal fraud causes damage to customers or business partners, the company will incur economic losses such as compensation for damages. The company will also lose social credibility and competitiveness in the industry. In addition to threatening the company's very existence, in the worst case, the company may be subject to criminal penalties.

Causes of Internal Fraud

The following is an explanation of the causes of internal fraud and the mechanism of fraud based on the "fraud triangle theory.

Fraud Risks Based on the "Fraud Triangle" Theory

The Fraud Triangle Theory is a theory that models the process of fraud and is commonly used in the fields of fraud investigation and risk management. It defines that there are three factors that cause fraud: motivation, opportunity, and justification.

The "motive" is the individual's motivation to commit fraud. Motivation can also be a financial problem or desire, a heavy quota imposed by the company, or a desire to cover up a business mistake. Opportunity means having the opportunity to commit fraud in an environment where internal controls and oversight systems are not functioning, or in a position where they can be ignored. And "justification" refers to being in a psychological state that justifies one's wrongdoing, such as "it's the company's fault" or "everyone around me is doing it too.

Technical and Human Factors

There are two types of factors that contribute to fraud: technical factors and human factors. Technical factors include access to confidential information by unauthorized employees, failure to keep logs, etc. Failure to take such technical measures provides "opportunities" for fraud. Human factors include dissatisfaction with personnel evaluations, the company or organization, and stress from work or personal relationships. It is also important to maintain an organization that does not create undue burden or frustration for employees.

Examples of Internal Fraud

The following are some examples of internal fraud that have actually occurred in Japanese companies.

Dishonoring of money

At Company A, a former executive fled the country on the night of his retirement by using a senior manager's computer to make electronic transfers to an offshore account. This was due to the failure to deactivate his electronic key card on the night of his retirement.

Leakage of confidential information to outside parties

At Company B, a former employee of a business partner illegally took research data and provided it to an overseas company to which he had changed jobs. The reason was that the employee failed to restrict the use of storage media at the time of resignation and to monitor logs of access history to important information, etc. Dissatisfaction with the treatment was the motive for the illegal act.

Tampering with programs

At Financial Institution C, an employee dissatisfied with management tampered with a program to gradually increase the risk of transactions in a risk assessment program for bond trading. This was due in part to the lack of controls, such as the regular use of a tool that compares hash values of files.

*Reference Guidelines for Prevention of Internal Fraud in Organizations Appendix I: Internal Fraud Case Studies https://www.ipa.go.jp/security/guide/hjuojm00000055l0-att/ps6vr7000000jvcb.pdf

Measures to Prevent Internal Fraud

This section describes measures that companies should take to prevent internal fraud such as the case studies.

Technical measures such as access restrictions and password authentication

The first measure is to prevent unauthorized access from within. Technical measures such as access control and multi-factor authentication are used to limit who can access important information. Physical measures such as restricting access and destroying unnecessary storage media are also effective.

Reinforcement of monitoring systems such as access logs and entry/exit record management.

The second measure is to strengthen the monitoring system. To ensure that any attempts by anyone to commit internal fraud can be detected and dealt with immediately, control of entry/exit records, records of terminals taken out of the office, and access logs should be thoroughly monitored. Since it is difficult to detect internal fraud if authority is concentrated in the hands of a specific person, it is also important to distribute authority and establish a system of mutual monitoring.

Establishment of internal fraud guidelines and organizational education

The third measure is to establish guidelines and provide security education. The lack of clear policies and rules against internal fraud is another reason to justify internal fraud. It is important to thoroughly inform employees of the risks involved when it is discovered, and to prevent them from being motivated to do so or to justify it.

*Reference Guidelines for Prevention of Internal Fraud in Organizations (IPA) https://www.ipa.go.jp/security/guide/insider.html

When internal fraud occurs, "forensic investigation" is necessary

If internal fraud still occurs, companies need to conduct a "forensic investigation.

What is a forensic investigation?

It is a forensic investigation that reveals evidence of criminal or fraudulent activity. By determining the cause, measures can be taken to prevent recurrence, and by clarifying responsibility, companies can prepare for litigation if it develops into a lawsuit.

AI-based forensic investigations are also available.

The use of AI (Artificial Intelligence) is now essential in modern forensic investigations, where digital data is the main target and the volume of data is enormous. By having an expert look through a small number of sample files and having AI learn criteria, it can sort large amounts of data into relevant and irrelevant categories. This allows a small number of people to perform simple data sorting tasks that must be done at the beginning of a survey in a short period of time, which not only improves the efficiency of the survey, but also improves accuracy by concentrating expert resources.

You should consult a survey company instead of conducting your own survey.

In situations where internal fraud is suspected in the first place, the validity of the evidence will be undermined if forensic investigation is conducted by in-house personnel. It is better to use an outside vendor to ensure neutrality.

For more information on forensic investigation, please also see this page.

For forensic investigation requests, contact FRONTEO, which has a wealth of experience and a reputation for AI technology.

FRONTEO has been a pioneer in fraud investigation in Japan since its establishment in 2003, and has been working to solve problems for a wide range of companies. We have an established reputation for our technology and know-how based on our outstanding experience.

By combining our experience in handling cases with our self-developed AI engine, we have achieved a high level of accuracy and efficiency that no other company can match.

We have data centers in Japan and South Korea, and we have full security measures in place. We seamlessly provide services to our clients' headquarters, local subsidiaries, and law firms. We provide prompt support through our global operations.