The Golden Pin: 20 years as a Certified Fraud Examiner.

How things have changed, and stayed the same, in 20 years.

HENRIK (to Mikael): "The man who hires the detective should always be kept on the suspects' list."

The Girl with the Dragon Tattoo movie (2011), Henrik Vanger played by Christopher Plummer, Mikael Blomkvist played by Daniel Craig. Screenplay by Steven Zaillian, based on Stieg Larsson's novel

I received a golden '20 years' pin along with a nice letter to celebrate my 20 years as both a Certified Fraud Examiner (CFE) and my being a member of the Association of Certified Fraud Examiners (ACFE) . This kind and unique gesture from the ACFE 's President John Gill, CFE ? brought a barrage of memories.??

20 years ago, being a CFE was still something new, and I was relatively new to it too.

I was the first female certified fraud examiner in my firm, and back then, one of the very few women assigned to billable cases that could be potentially life threatening - one of my former bosses got brutally beaten up in the parking lot walking to his car by whom we (still) assume was the fraud perpetrator and his team (my former boss lived to tell the tale, but the police was never able to find the culprits).? That's when we knew we were on the right track to cracking the case and none of us quit the case.? For what's worth, I was fearless back then.

Here’s what nobody told me 20 years ago about the anti fraud and cybersecurity profession:

1. This job would take me around the world with the most exciting cases and investigations that were truly, once upon a lifetime;
2. My love and curiosity for this profession would be everlasting. Like a timeless Chanel suit, it didn't go out of fashion and it's a safe bet to say that it won't;
3. Fraud investigations will continue to grow in importance and complexity. In fact, every CIO/CTOs survey shows that cybersec will be one of their major budget spending allocations from now until 2030;??
4. I would never forget my cases (and failures) in the years before joining the ACFE:

In my first case I had already wrapped up the case with a "no fraud conclusion."? I was heading out the client’s building, decided to stop by the restroom. One analyst saw me and told me "oh I thought about it and decided to tell you something... here's where I think the fraud happened."? I had to reopen the case along with the loss of credibility [Insert here facepalm]

In my second case I wasted 3 precious days on the wrong track (got scolded pretty badly and had to "eat" those hours)

In my third case, the fraudster menaced me by beating me up, in front of my boss. I didn't know how to answer so I froze.? He was a very tall guy.? I still didn't quit the case and ensured I got enough evidence (I’m telling you, I was fearless back then);

In my fourth case the guy who hired us was the one who committed the fraud! Hence, I learned to keep the person who hires the detective on the suspects list.

Things got even better and more exciting in cases #5 and onwards. Someday I'll write about all of that.? This leads me to my last point:

5. I joined the ACFE after 2 years in the antifraud profession. I wanted to learn the theory and obtain the certification.? And then I discovered that there was much more to being a CFE:

Whenever I met a fellow CFE, regardless of the country where we were, we smiled to each other and we knew, we JUST knew what we were going through: the difficulties of our profession, the stress of missing something, our commitment to become better at our craft, the ridiculous long hours, eating chips and soda from the office's vending machine for dinner several nights in a row, always keeping a folded fresh change of clothes in our backpacks (that’s where I got my respect for wrinklefree clothes) for the days we worked 36 hours in a row without being able to go home [Side note: a fellow CFE told me that her firm provided new Brooks Brothers shirts to everyone whenever they had to work overnight].?

And how much we loved our work anyway.??

Being in this profession is some kind of a calling, and the ACFE created a very much needed siblinghood.

My job these years centers around strategy and AI and cybersec trends, yet I still comply with my requirements to keep my CFE license every year. Not only because I know I'm learning from the best, but also because cybersecurity continues to evolve, it becomes darker, more complex and yet more fascinating.??

The tools for XDR, EDR, ZeroTrust, were coined less than 20 years ago.? There are no more piles of paper receipts, yet there is a larger darknet, there are more professional cyber criminals openly recruiting abroad, and the software has become more sophisticated with ramsomwares and other schemes. What is still constant, 20 years later, is the chase:

Cybercriminals only need to get it right once to hit the jackpot.? CFEs need to get it right every single time.?

So thank you ACFE and John. Looking forward to a pin with a #30 on it, a decade from now.?

Oh and President Gill, in 2034 please don't forget to ship some nice champagne along with the pin and the letter please! Somehow the champagne got lost in the mail this time and I only got the pin and the letter ??