Fraud PreventionLevel 1

1

Presented by Charanjeet Singh-MBA, CFE,CISMplease contact at batiaic@yahoo.com

Contents• Objective

• Components of Fraud Prevention Program

• Fraud Awareness

• On boarding Checks

• Policy/process reviews

• Deterrence Action

Presented by Charanjeet Singh-MBA, CFE,CISMplease contact at batiaic@yahoo.com

Objective

As the age old adage says, prevention is better than cure, in any effective Fraud Risk Management program, Fraud prevention plays a major role. It allows the organisation to utilise limited resources in an effective manner and shift the focus from reaction to proactive action.

This presentation is 2nd in the series of Knowledge sharing presentations published by me. In due course, I intend to publish advance versions.

Presented by Charanjeet Singh-MBA, CFE,CISMplease contact at batiaic@yahoo.com

Components of Fraud Prevention Program

Key components of an effective Fraud Prevention Programs includes :

• Fraud Awareness - To make stakeholders aware about fraud risks and mitigating measures

• On-boarding checks - To ensure existing/new Staff, Customers and Vendors are screened against negative database and to conduct due diligence to validate they are what they claim to be.

• Process/policy reviews-To identify fraud risks and mitigating measures before the process/program is rolled out by addressing any zero day vulnerabilities. These also include transaction level controls.

• Deterrence action - To keep cost high for fraudsters and make the organisation least attractive for fraud attacks

Presented by Charanjeet Singh-MBA, CFE,CISMplease contact at batiaic@yahoo.com

Fraud AwarenessFraud awareness empowers the stakeholders with relevant knowledge so fraud prevention gets imbibed in daily activities of the organisation. Irrespective of the contents, key theme revolves around - What is it about, how it affects, and call for action I.E reporting.

Various activities can be performed to accomplish this goal and these primarily include:

• Generic training programs for the organisation• Customised training programs for critical functionsBoth these could be combination of online and classroom sessions.• Screen savers - Key messages / fraud reporting channels• E-mailers/SMS/letters/Statements/Publications -

Internal/External• Intranet/Internet and any other internal/external channels

like IVRs/ATMs etcPresented by Charanjeet Singh-MBA, CFE,CISMplease contact at batiaic@yahoo.com

On-boarding Checks Purpose of on-boarding checks is to validate whether the person who is being on-boarded is really who he / she claims to be. Each organisation has its own criteria for choosing employees, customers and suppliers and based on information provided by them in the relevant documents people are shortlisted/selected for on-boarding. It is important to validate whether the information provided on those forms/documents is correct. At the same time organisation also wants to ensure that it doesn’t on-board a known blacklisted entity/individual or a person with questionable past undeclared behaviour .

Some common activities which can help in performing these checks include:

• Sampling and verifying the documents provided with the issuing authority

• Reference checking

• Public information checking including social and professional media checks.

• Checking the unique details of potential On - boarding individuals/entities against internal/external blacklist data

• Rule based checks and logical analysis to identify potential mis-information, these require some level of automation.

Presented by Charanjeet Singh-MBA, CFE,CISMplease contact at batiaic@yahoo.com

Policy/process reviews

This is done to identify potential fraud risks so that at the product (services sector) / process design stage itself potential vulnerabilities can be identified and mitigating measures can be inbuilt. Some key aspects of this activity are:• Mandate to ensure each process/product is reviewed• Create a master list of high level risks — maker/checker,

internal collusion, ID theft etc and customise it as per the process/product characteristics

• Recommendation tracking and if possible, tracking potential saves due to these.

• It is useful to gather information regarding market practices, as it helps in getting stakeholder buy-in.

Presented by Charanjeet Singh-MBA, CFE,CISMplease contact at batiaic@yahoo.com

DeterrencePurpose of deterrence action is similar to having a fire ring outside your tent when you are in a jungle, it helps in keeping unscrupulous entities away. This also increases the cost of committing fraud and fraudsters usually prefer low cost options.

It could be in the form of having detection controls in place and communication of consequences to internal/external entities/individuals. This can only be effective if promised action is followed through, empty threats which are not actioned won’t have any impact.

If any unwanted attempt is identified, appropriate action depending upon the organisation policy should be undertaken, which may include reporting it to law enforcement authorities, updating relevant databases , etc.

Presented by Charanjeet Singh-MBA, CFE,CISMplease contact at batiaic@yahoo.com

Thank you

Presentation contains my personal views, expressed for sharing with fellow anti fraud professionals and my employer is not responsible for any of these.

Presented by Charanjeet Singh-MBA, CFE,CISMplease contact at batiaic@yahoo.com