Internal Fraud: Big Brother Needs New Glasses
Insider fraud accounts for approximately 60% of bank fraud cases where a data breach or theft of funds has occurred. Internal fraud prevention solutions are a key component of a solid, larger scale enterprise-wide fraud management and prevention program.
The press is engulfed with stories about fraud in the financial services industry. From identity theft to hacking, phishing, social engineering, and the like, the overwhelming focus is on the customer and the risks presented to them. While consumer fraud is an extremely important issue that must be addressed, it pales in comparison to the consequences that are presented by internal fraud.
Within the financial services industry, insider malicious fraud accounts for a relatively small percentage of all financial services data breaches. From 2005 to 2008 YTD (cumulatively) insider fraud accounted for just 9% of all data breaches. This begs the question of how many incidents are actually communicated to affected customers. Celent estimates that up to 50% of all insider fraud incidents go unreported. Although a fair percentage of incidents are communicated, those that are not communicated in a timely manner are also problematic. This delay poses a substantial risk, as the public backlash can be strong. Incidents that go undetected pose the greatest risk to financial institutions.
Internal Bank Fraud Accounts for 60% of Cases Involving a Data Breach or Theft of Funds
Given how serious the consequences of fraud can be, banks have to be quite particular about the policies and procedures they put in place. The breadth and depth of fraud solutions are of the essence, as banks must protect their physical and logical assets. In order to block and prevent potential internal fraud, banks should limit the use and display of social security numbers. They should also set policies regarding the use of personal digital storage (e.g. MP3 players, digital cameras, etc.) at the workplace, in addition to developing and adhering to a sound and timely notification process, and requiring ongoing security awareness and training.
Celent believes that banks need to take internal fraud prevention to the next level. Banks must adopt internal fraud solutions that will allow them to intercept problematic issues before they actually rise to the surface. These solutions can also detect instances of fraud that have been taking place under the bank’s nose for some time. In addition to a dedicated internal fraud solution, banks should consider biometrics, which are, in Celent’s opinion, best suited for internal use at banks.
"Employees and insiders have the potential to devastate a bank...ruin its business, trash its reputation, swindle the bank and its customers, and demoralize employees," says Jacob Jegher, senior analyst with Celent's banking group and author of the report. "The challenge of sniffing out would-be fraudsters and actual malicious attacks has become more complex in recent years, and banks need to embrace technology solutions that will allow them to be a step ahead of the game."
In a new report, Internal Fraud: Big Brother Needs New Glasses, Celent examines and analyzes the state of internal fraud at banks. The report begins by delving into statistics in order to determine the prevalence of internal fraud. It then explores the policies, procedures, and best practices that banks must undertake to curb internal fraud. Finally, the report provides recommendations as to the technology solutions that banks should adopt in order to help them proactively monitor and prevent internal fraud.
This 30-page report contains 12 figures and 4 tables. A table of contents is available online.
of Celent's Corporate Banking and Retail and Business Banking research services can download the report electronically by clicking on the icon to the left. Non-members should contact firstname.lastname@example.org for more information.