10 Golden Tenets of Fraud Prevention and Deterrence, Part 2
/SPECIAL TO THE WEB
Vivek Krishnan, CFE
Possibly the toughest task for any fraud examiner is preventing and deterring fraud. Some believe that fraud control and prevention is at its best when the process of detection remains a secret. However, one of the best corollaries to this school of thought is the opposite: Be open about it. Below Krishnan continues his discussion of the remaining five golden tenets of fraud examination. (Read Part 1.)
RULE NO. 6: PRACTICE THE ART OF OBSERVATION AND LISTENING
I remember a conversation in the movie "Jurassic Park." The main characters pass the enclosures containing Velociraptors, which are extremely intelligent. The park's game warden says about one of the deadly dinosaurs, "When she looks at you, you can see she's working things out. That's why we have to feed 'em like this. She had them all attacking the fences when the feeders came." One of the scientists asks, "The fences are electrified, right?" The game warden replies, "That's right, but they never attack the same place twice. They were testing the fences for weaknesses, systematically. They remember."
This is true in organizations, too. Fraudsters find flaws by constantly testing "the fences" of verification processes. We need to anticipate the weakest parts of the fences by:
- Knowing what/where/which controls to place.
- Knowing the effectiveness of the controls already placed.
During a visit to one of our offices, I saw an interesting ad in a nearby shop. It offered help in procuring Permanent Account Number (PAN) cards. (PANs are unique registration numbers provided by the Indian government's income tax department.) The shopkeeper assured three services: premium, regular and non-resident Indian (NRI). Premium would be delivered within a week, regular would be up to one month and NRI was for Indians who were settled abroad. This was at a time when the regular process required 45 days minimum to get a PAN card request processed.
One of the documents we were accepting for ID proof was the PAN card, so it was critical to stop locals who were forging these cards. We had to connect with officials and update our teams on identification mechanisms provided by the issuing authority to counter such schemes.
To date, such market visits help us validate the effectiveness of our controls.
RULE NO. 7: BEWARE OF DECOYS
The most important lesson for this rule is derived from rule No. 1: Never underestimate customers, support groups, internal employees, etc. The popular card game "Bluff" comes to mind. The best strategy is to be true in large turns (three to four cards at one go) and turn in single false additions. A good player spots the bluff. That's where fraud examiners come in.
I remember a time when business scaled up, the market was in its boom period and the volumes were high. Cases were bottlenecked at various stages, our teams were struggling with large volumes and the underwriters spent long hours fitting cases correctly into portfolios while also looking at their specifics and authenticity.
To ensure quality, special task forces were asked to do sampling. The sampling pattern adopted by this group was taken in the pattern 1, 4, 9, 11, 14, 19. We investigated a standard 15 percent of the cases.
The sampling was representative. The underwriters were satisfied because the results were the same — 100 percent positive on verifications. Because we knew the past history of patterns identified in that particular city, a bird's-eye view suggested that it needed deeper review.
We changed the sampling pattern slightly, and the results changed. We realized that the teams had been observing the pattern of sampling and somehow were aware of the sampling percentages. They converted these percentages into "targets." What would be the winning situation? They put the cases in the files they knew were accurate in the orders of 1, 4, 9, 11, 14, 19 so that proposals would go through smoothly without reworking them.
Many times our control mechanisms are identified without our knowledge. The executives threw in decoys knowing very well that we would catch them and therefore hoped we'd miss the loans that weren't sound investments for the banks. We checked the decoys and found them in perfect order. A sampled representative case (decoy case) that checks out is rarely checked again for other triggers of fraud. We checked the decoys and uncovered the true fraud.
Read the final golden tenets of fraud prevention on Fraud-Magazine.com.