Log in / Register
Home arrow Business & Finance arrow Fraud and fraud detection
< Prev   CONTENTS   Next >


In the data analysis process, "Detecting a fraud is like finding the proverbial needle in the haystack."2 Typically, fraudulent transactions in electronic records are few in relation to the large amount of records in data sets. Fraudulent transactions are not the norm. Other anomalies, such as accounting records anomalies, are due to inadequate procedures or other internal control weaknesses. These weaknesses would be repetitive and will occur frequently in the data set. Sometimes, they would regularly and consistently happen at specific intervals, such as at month- or year-end. Understanding the business and its practices and procedures helps to explain most anomalies.


The Association of Certified Fraud Examiners (ACFE) in the 2012 Report to the Nations3 outlines the three categories of occupational fraud and their subcategories in Figure 1.1.

Occupational Fraud and Abuse Classification System

FIGURE 1.1 Occupational Fraud and Abuse Classification System

Source: Association of Certified Fraud Examiners

It was found that:

As in our previous studies, asset misappropriation schemes were by far the most common type of occupational fraud, comprising 87% of the cases reported to us; they were also the least costly form of fraud, with a median loss of $120,000. Financial statement fraud schemes made up just 8% of the cases in our study, but caused the greatest median loss at $1 million. Corruption schemes fell in the middle, occurring in just over one-third of reported cases and causing a median loss of $250,000.4

Among the three major categories—corruption, asset misappropriation, and financial statement fraud—there are far more types of occupational fraud in the asset-misappropriation category. There are many known schemes and areas where fraud may occur. Thefts of cash on hand have been occurring ever since there was cash. With globalization and the availability of the Internet, newer and more innovative types of fraud are coming to light.

An example is the case study published in Verizon's security blog titled "Pro-Active Log Review Might Be a Good Idea."5 A U.S .-based corporation had requested Verizon to assist them in reviewing virtual private network logs that showed an employee logging in from China while he was sitting at his desk in the United States. Investigation revealed that the employee had outsourced his job to a Chinese consulting firm at a fraction of his earnings. The employee spent most of his day on personal matters on the Internet. The blog notes that the employee's performance reviews showed that "he received excellent remarks. His code was clean, well-written, and submitted in a timely fashion. Quarter after quarter, his performance review noted him as the best developer in the building."

Clearly there was no dispute with the quality of work submitted and he had met all deadlines. While the employee did misrepresent that the work was his, the company did not suffer any direct financial loss. Other than violating security policy of permitting unauthorized access to the network, at most, the employee abused company resources by browsing the Internet for most of his workday.

Would any of this have been an issue if the employee were a contractor who subcontracted his work out (assuming that there were no objections with the login procedures)?

Found a mistake? Please highlight the word and press Shift + Enter  
< Prev   CONTENTS   Next >
Business & Finance
Computer Science
Language & Literature
Political science