ARTICLE
13 November 2024

Trust Isn't A Control – The Insider Threat

FC
FTI Consulting

Contributor

FTI Consulting is an independent global business advisory firm dedicated to helping organisations manage change, mitigate risk and resolve disputes: financial, legal, operational, political & regulatory, reputational and transactional. Located in all major business centres worldwide, we work with clients to anticipate, illuminate and overcome complex business challenges and opportunities.
Often organisations focus on external fraud threats with limited focus on the insider threat.
Australia Criminal Law

Often organisations focus on external fraud threats with limited focus on the insider threat. This International Fraud Awareness Week (17-23 November 2024), we are shining a light on internal fraud – how it happens, why it happens and how organisations should best mitigate and manage this risk.

When investigating internal fraud for our clients, we are often told the employee was trusted and in the role for a number of years. Trust, however, is not a control and the employee's tenure has allowed them to determine how to best circumvent organisation controls and hide their tracks. The fraud is often discovered years later, when the damage to the organisation's reputation and/or the quantum misappropriated is significant.

How Does Internal Fraud Happen?

Employee fraud typically occurs through procurement, expense reimbursement, payroll or misappropriation of inventory or company assets. Financial misstatement is another internal fraud type we see. For example, to game key performance indicators ('KPIs') to meet performance expectations, falsify the existence of underlying assets and rates of return, cost misallocations to come within budget and fake bank accounts without customers' knowledge to name a few. In these cases, controls haven't been sufficiently designed or tested to prevent internal fraud from occurring and detect internal fraud in a timely manner.

Why Does Internal Fraud Happen?

We often see internal fraud occur more as a result of gambling addiction or greed/ a desire to impress others through material possessions rather than due to financial hardship. In significant Australian cases, employees have gone on spending sprees at high-end stores, bought property and art, and put private school fees and personal travel through company expenses. In some cases, they even fled the country with funds sent offshore.

How Should Organisations Best Mitigate and Manage the Risk of Internal Fraud?

  • Prevention - Have a robust fraud and corruption control framework, with internal fraud risk typologies mapped to controls on your risk register.
  • Detection - Run proactive, targeted fraud analytics regularly to help identify suspicious transactions and relationships.
  • Response - When there is a suspicion of fraud or corruption, it is important not to taint evidence that later may need to be court admissible. Make sure the evidence is obtained and preserved appropriately.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.

Mondaq uses cookies on this website. By using our website you agree to our use of cookies as set out in our Privacy Policy.

Learn More