The rapidly evolving world of regulation continues to present challenges for corporates as they seek growth. According to the ‘Ernst & Young 2012 Global Fraud Survey’, pressure for revenue growth targets is undermining executives’ commitment to comply with law and policies, with financial mis-statement emerging as an important risk across many jurisdictions.
The irony is that executives are well aware of the higher scrutiny by authorities. Against this backdrop, the question arises as to whether new or more regulations will address the risk of fraud among organisations.
Regulation: The More the Merrier?
The use of regulation should not, and is never intended to, stifle the growth of the organisation. While regulations are needed to safeguard the interest of the respective stakeholders, in particular those of investors, there must be a balance between achieving regulatory compliance and growth.
In the simplest sense, the weakest link in fraud management is the people who make up an organisation. The impact of regulations in mitigating fraud risk will be limited if people do not change their mindset, attitudes and behaviours. Hence, regulation in itself should not be viewed as a defence against fraud; instead it should be complemented by a proper tone from top management and an internalised culture against fraud risk across the organisation.
Additionally, increasing regulation may send the wrong signal to investors that their investment is secure as it is being watched by the authorities. While this is true to some extent, they may derive too much comfort and take less responsibility for monitoring their own investments. When an investment fails, due to fraud or otherwise, and the authorities react with more rules, the misleading notion that fraud prevention is primarily driven by regulation is reinforced.
Over the years, we have witnessed increased regulation when fraud scandals were exposed yet this has not deterred perpetrators as fresh incidents continue to come to light. Hence, the fight against fraud should not be driven only by the authorities. It should incorporate the combined effort and diligence of investors and corporations, including treasury with its many transactions and links to supply chains.
Technology Aids the Fight
Historically, transactions have been recorded on paper. Information about suspicious transactions would ordinarily come through audits of paper records or whistleblowers. In this modern age, where transactions are now completed electronically, it is no longer sufficient to rely on such detection measures. Pattern-spotting behavioural software is instead required, as well as data analysis to reveal trends.
Today, business communications and transactions are more commonly conducted through emails, text messages and chats, so electronic software is required. In order to cope with these changes, fraud detection methods will need to evolve in tandem. Hence there has been an upswing in the use of data analytics to enhance the processes in fraud detection and management in many organisations, particularly in the banking, insurance and healthcare sectors.
Such use of technology in fraud detection is not isolated to corporates, as governments are also taking the same initiatives. For example, in the US the Obama administration uses advanced predictive technology models (PTMs) to fight healthcare fraud. In Singapore, the recent spate of procurement fraud involving certain public agencies also saw the government exploring the use of data analytics to continuously monitor its procurement and improve its procurement-related processes.
Data Analytics: Uncovering What Lies Beneath
To fully leverage the value of data analytics as a tool against fraud the quality of data is imperative; otherwise it will only generate false positives. At the same time, data analytics need to be complemented with the right expertise and modeling techniques and co-ordination across the organisation.
Beyond data analytics for structured data, there is a need to assess unstructured data such as email communication to proactively detect potential fraud risk. Many companies have already developed technology tools to carry this out, or to assist in early fraud assessments. Corporations can find effective partners if they look for them.
The application of analytics for both structured/transaction-related data and unstructured data will continue to pave the way forward for organisations in the fight against fraud. It is not an easy task, and definitely not one that can be resolved through more laws and policies. That said, organisations can leverage technology and should put in place an anti-bribery and corruption compliance programme to give them an edge in the fight.
Many banks around the world, large and small, continue to experience major security failures. Biometric systems such as pay-by-selfie, iris scanners and vein pattern authentication can help.
The implementation date of Europe's revised Markets in Financial Instruments Directive, aka MiFID II, is fast approaching. Yet evidence suggests that awareness about the impact of Brexit on MiFID II is, at best, only patchy and there are some alarming misconceptions.
Banks might feel justified in victim blaming when fraud occurs, but it does little for customer confidence.
Politicians have united in urging the Reserve Bank of Australia to lend its backing to the digital currency by officially recognising it.