Skip to content
text

The Modern Approach to Fraud Prevention and Detection

Published
May 22, 2024
By
David Sumner
Kristen Herman
Jerry Ravi
Topics
Share

Financial crises, increasing regulations, public health and natural disasters, blockchain, and artificial intelligence have greatly impacted the past two decades in one regard: they set the stage for fraudsters. Fraud remains a significant risk in our financial reporting and economic environment. Organizations, no matter the size or industry, fall victim to fraud from internal or external sources daily. Employees, business partners, and people with no connection to your business still seek out, or stumble into, opportunities to commit fraud

The Association of Certified Fraud Examiners (“ACFE”) Occupational Fraud 2024: A Report to the Nations outlines the following: 

  • From 2016 to 2022, the median fraud loss declined from $150,000 to less than $120,000. In 2024, however, the median fraud loss increased notably to $145,000.
  • From 2015 to 2022, the time to detection of fraud schemes declined from 18 months to less than 12 months. In 2024, the downward trend stopped, and the average time to detection remained at approximately 12 months.
  • More 50% of the frauds analyzed by the Report had pandemic-related factors that contributed to the fraud scheme.
  • Organizations have implemented anti-fraud measures—such as fraud training, hotlines, and anti-fraud policies—at a higher rate than in 2016. 

All is not lost, however, as good governance usually prevails. And with automation of controls, machine learning, and increased processing power and data storage to allow timely access to transaction summaries and details, organizations have the tools to detect and prevent fraud sooner than ever before.  

Foundational Anti-Fraud Methods 

The basics of fraud detection and prevention have not changed drastically over the years but have evolved to address new threats and leverage technology. The time-tested methods to combat fraud include: 

  • Preventative controls, including segregation of duties, access controls, three-way matching, job rotation, user access controls, system workflow approvals, disbursement and expense policies, and reconciliations.
  • Detective controls/procedures include internal audits (surprise or planned), data analytics, disbursement review, analysis of payable, and receivable aging reports.  
  • Management review controls (analysis of estimates, budget versus actual, and quarter-over-quarter variance analysis).
  • Fraud training and a publicized (confidential) whistleblower hotline. Even with the rise of advanced tools and detective procedures, tips remain the leading method for detecting fraud and have been for many years, according to ACFE reports. 

Using Technology to Combat Fraud 

Many of the methods described above have been enhanced or the time to analyze reduced with the increase in technology capabilities. In addition to making the above procedures more powerful and timely, technology has also provided better tools to combat fraud. 

Access to Real-Time Data Analytics 

Historically, many businesses had to wait until monthly reporting was finalized to get summary-level data. Accessing the transaction-level data would then require another wait. Currently, many data analysis tools can provide near instantaneous access to underlying transactional- and summary-level data to the consumers of that data. Tools like Tableau and PowerBI give these consumers powerful sorting, filtering, and transactional detail right on their desktops without the need for any data technologists. 

Artificial Intelligence (“AI”) 

AI can analyze communications, transactions, and other large data sets to identify higher-risk transactions. Predictive analytics can look at very large data sets very quickly to then provide a subset of transactions for a human to further analyze. 

Big Data 

Access to large datasets can build models for predictive analytics and automated identification and analysis of anomalies or unusual transactions. The integration of big data into anti-fraud strategies has significantly enhanced the ability to safeguard assets and sensitive information.

Biometrics 

Additional access controls based on biometric data reduce the risk of unauthorized access to systems or physical locations.  

Blockchain 

The advent of blockchain, including smart contracts, allows transparency and immutability of data within an organization or with external parties. 

Social Media 

This is more for awareness purposes to alert your employees, customers, and vendors of potential fraud and ways to protect oneself. Social media can also help detect and monitor for fraud. Platforms can monitor conversations (posts) and trends that could indicate fraud schemes in their infancy. For example, a sudden spike in posts complaining about unauthorized transactions or breaches can alert a company to potential security issues. 

Responding to Possible Fraud 

Despite all the controls and advances in technology, fraud is still a distinct risk for every industry and every size organization. How your organization responds to possible instances of fraud can also have a bearing upon how vulnerable you are going forward. 

Best practices to follow when you suspect fraud in your organization 

  • Take every allegation seriously. It is important for organizations to have a documented and consistent process when evaluating fraud allegations. Someone independent of the business unit or function should be part of the reporting and evaluation process. For smaller organizations, independent board members or trusted advisors can be used to help evaluate the allegation.
  • Bring the right people in to investigate the allegations. Independence is key for matters that might be reviewed by external parties such as external auditors, investors, and regulatory agencies.  
  • Monitor the progress of the investigation without influencing its findings. Investigations can be expensive if left unchecked, but you also don’t want to limit the scope of the investigator, which could be perceived as trying to hide something or protect someone.
  • Maintain consistent discipline. Terminating a staff for improper T&E fraud but then slapping the wrist of an executive for the same offense will create a two-tiered system within your organization that will negatively impact morale and may foster further incidents.
  • Learn from prior fraud events and share the stories with your organization. Let everyone know what worked and what didn’t and how the organization is changing procedures. Talking about the event and holding fraud training for employees bring the issue into the light and recruit all your employees to be on the watch for fraud, which is much less expensive than paying for an investigation.
  • Conduct an annual fraud risk assessment (“FRA”). The first FRA can be a learning experience, but each successive FRA can be a meaningful process that can help to make your organization more fraud resilient. 

Whether you are a global Fortune 500 company or a small nonprofit, your organization is a potential victim of fraud. In most cases, it’s a matter of when not if fraud will occur. Acknowledging that fact and talking about it with stakeholders can help address fraud threats. There are many methods to deter fraud in your organization. Reach out below if you need help to establish or upgrade your anti-fraud program. 

What's on Your Mind?

a man in a suit

David Sumner

View Profile
a woman in a black suit

Kristen Herman

View Profile
a man in a suit

Jerry Ravi

View Profile

Start a conversation with the team

Explore More Insights

a group of people walking in a city
Article

SEC Cybersecurity Incident Disclosures for Publicly Listed Technology and Life Sciences Companies

  • Public Companies
  • Technology
Read More
Video

Private Fund Adviser Rules: Best Practices Part 1 - Fairness or Valuation Opinions in Adviser-Led Secondaries

Read More
a satellite image of a hurricane
Article

Preparing for a Business Interruption Claim

  • Disaster Recovery
Read More
close-up of hands on a keyboard
Article

Recent Executive Order Looks to Protect Americans' Sensitive Personal Data

Read More
a close up of a computer chip
Article

Estate Planning with Loan Valuation Discounts

  • Tax
  • Trust & Estate Services
Read More
Article

Information Security and Cybersecurity in Real Estate

Read More
a computer circuit board
Article

The Three Lines of Defense Model for Public Company Risk Management

  • Public Companies
  • SOX Compliance
Read More
a close-up of a person working on a calculator
Article

Agile Solutions in IT SOX Environments

  • Public Companies
  • SOX Compliance
Read More
a close-up of a calculator and a pen on a paper
Article

Valuation Guidelines for Alternative Asset Managers: Best Practices and In-House vs. External

Read More
graphical user interface
Article

SEC’s Cybersecurity Risk Management Rules for Funds and Advisers

Read More
a group of people sitting around a table
Article

Efficiency Boost: How to Optimize Your SOX Program

  • Public Companies
  • SOX Compliance
Read More
a close-up of some scales
On-Demand Webinar

Building Resilience | Strategies for Thriving Amidst Change in a Law Firm

Read More
View All Insights

Receive the latest business insights, analysis, and perspectives from EisnerAmper professionals.

Subscribe