New UKFraud SIG Claims That Corporate Silo Mentality Increases The Risk Of Higher Fraud Levels

A Special Interest Group (SIG) set up by fraud prevention consultancy UKFraud (www.ukfraud.co.uk) is warning that fraudsters could benefit from the increasingly silo like segregation of key business disciplines including: compliance, risk management, IT security, fraud prevention and more. In their opinion, this compartmentalisation of corporate skills is the result of each of these areas growing their own specific ‘sector standards’, rules and practitioner associations; to the exclusion of other fields. ‘Effective fraud prevention’ says the SIG, depends heavily on ‘the integration of an eclectic mix of these skill sets’.

Recently established by UKFraud, the Corporate Fraud Prevention SIG consists of leading fraud prevention consultants coupled with representative input from a wide range of industry skill sets. The SIG was established in response to sector frustration at recent claims by the National Fraud Authority, that in the UK, fraud levels have risen significantly from £38bn in 2011 to £68bn in 2012. The aim of the SIG is to analyse the approach taken to fraud in both governmental and private sectors and to make recommendations for change at local, national and global levels.

The first study by the group has been to analyse the structure, conduct and performance of the corporate fraud prevention market at both a micro and macro- economic level. Amongst their findings were a number of key conclusions. These include:

The nature of corporate fraud has changed and is changing. It is no longer just the corrupt office manager or small weights and measures issues with suppliers. Rather, it is now more often a highly sophisticated skill, usually involving cutting-edge information technology and managed by highly intelligent fraudsters, often international teams of professional criminals and IT hackers. Fraud techniques used against corporates now range from scams targeting customers to frauds impacting on company credit cards and executive prepaid cards.

Consequently, fraud is getting far more complicated to manage and requires an eclectic mix of skills that need to be integrated to deliver an effective deterrent. These include: compliance, IT, risk management, legal, compliance, fraud and audit skills.

As fraud may be perpetrated through customer processes, e-commerce, card payments, IT systems, bogus internal controls or the supply chain, the complexity of large organisational processes have started to grow faster as such disciplines move further apart.

That the solution is to merge some of these skills into fraud prevention committees with expertise drawn from across the organisation as needed. This multi-skill approach means that it is crucial to have the CIO involved as much as it is the head of accounts, compliance manager or the company lawyer.

SIG member Malcolm Gardner, the CEO of fraud prevention consultancy Freevision Ltd., believes that the challenge of overcoming the silo mentality is complex, noting, “Organisations now have fraud people, compliance officers, risk advisors, IT security specialists, legal teams, treasury officials, financial managers and auditors. All of their skills are required to deliver a full and effective anti-fraud strategy; yet it is still comparatively rare that fraud prevention strategies will involve all these departments.

“The number of people, with different functional responsibility, tasked with defending the organisation from fraud are tripping over each other and allowing the fraudsters to slip in through the gaps. We need to encourage corporates to form new cross-fertilising enterprise-wide committees or units that can integrate these functional skills into a seamless and joined-up response.”

Bill Trueman UKFraud’s CEO welcomed Gardner’s comments adding, “Whether it’s a financial scam or a pure IT security issue, fraud within large organisations starts to grow when business departments start to move into silos. Now the problem is growing ever more demanding because even the anti-risk / anti-fraud functions are growing-out into the same types of silos too. This is because the risks are now so big that it is impossible for them to be managed in one place. Once the silos are in place though, the whole thing slows down to a crawl, whilst each silo works out how to talk to the next one. This process can then be even further aggravated as inter-company politics take over, and things start to drift.

“Unfortunately fraudsters and other criminals operate much more lithely, quickly and adeptly in changing their modus operandi. Corporates need therefore to maintain an 'act quickly' approach to defeat them. This simply can’t be done when such diversification of departmental responsibilities exist. By establishing the SIG we aim to redress the balance; by advocating that organisations take a holistic view to addressing the threat of fraud.”