Fraud specialists have long debated whether it is possible to develop a fraudster profile that is accurate enough to help organisations catch fraudsters. Predicting a crime before it occurs is, at least for now, the subject of science fiction. However, analysing the constantly changing nature of fraud and the fraudster can help organisations improve their defences against these criminal activities. Forewarned is forearmed.
Profile of a Fraudster is based on analysis of 596 frauds investigated by the member firms between 2011 and 2013. It also includes interviews with KPMG member firms’ investigation leaders which explore the relationship between the fraudsters’ attributes, motivations and the environment in which they flourish.
The profile of a fraudster
Based on their crimes, we believe traditional fraudsters (36 – 45 years old, acting against their own organisation and in an executive positions) will be replaced, or added to, by ’seeker bots‘. These will continuously test a company’s cyber defences to find security gaps. The report warns that, on finding a weakness, the bots will analyse fraud potential and launch a specialised ‘attack bot’. The bot will be uniquely designed to suit the type of business, size, infrastructure and victim’s data setup. The aim will be to move assets to a virtual delivery location which the fraudsters can then access.
At the same time, the report identifies that fraudsters are by nature collaborative, preferring to collude with others instead of following the reclusive loner stereotype. The data reveals the proportion of collusion cases rose from 32 percent in 2007 to 61 percent in 2011 and 70 percent in 2013. Often, perpetrators were highly respected (39 percent of all cases), regarded as sociable (35 percent) and/or an extrovert (33 percent).
Using external criminals
An important form of collusion is where it happens between employees and individuals outside the organisation. This is especially the case in certain fraud types, e. g. procurement fraud, where invoices are inflated. Many organizations fail to conduct due diligence of their suppliers and corporate customers. For 43 percent of frauds, the collusion involved an organisation’s individuals working with external criminals.
Alex Plavsic, Head of Forensic for KPMG in the UK says: “In the UK more than 60 percent of bribery and corruption investigations relate to problems in other jurisdictions. This is not about more or less corruption in different countries, but the fact that the further away from head office you go, the more the message dissipates, especially in the face of significant pressure on people to achieve results.” He adds that: “the ultimate defence in today’s environment is to ask whether you are doing business with and through people you can trust”.
Unravelling future fraud
The best investigators will be able to reduce large amounts of data to specific fraud events. Some skills will stay current, with successful defence requiring an ability to work across borders and share intelligence to ensure quick reach help organisations track behavioural patterns quickly.
While some things will surely change, and the cyber fraudster’s invisibility concerns us, we must not forget fraudsters are typically long-standing, trusted employees. The one you may never have suspected…. right in front of your eyes, remaining unnoticed.
Click here to view the full report and click here to access the Profile of a Fraudsters map.