The Human Factor: Behavioral Insights into Fraud and Insider Threats

During The AACAS Counter-Fraud Breakfast Roundtable last weekend, Saturday, February 17, 2024, I was on the panel with Pattison Boleigha , Mr Bright Anyanwu as moderated by Anthonia Alebiosu . We discussed the topic “The Human Factor: Behavioral Insights into Fraud and Insider Threats.” It was clear that fraud has become endemic, and if we don’t understand and act on the behavioral insights in the human elements of a business organization, fraud will obliviate these businesses. These are some of my responses to the issues asked.

Are there industry-specific behavioral trends that organizations should consider when formulating and enhancing their fraud prevention strategies? Are there any notable instances where these insights have proven pivotal?

?

The country is facing economic challenges like other developed and developing countries. Japan just confirmed that it is in economic recession, with a shrink in its GDP for two quarters in a row. The United Kingdom slipped into recession in December 2023 with a fall in GDP by 0.3%. The United States is showing tenacity, which economists say may not last this quarter.

Nigeria is experiencing a scarcity of forex, increasing exchange rates, persistent increase in commodities, and clear hardship on the people. These appear to create visible PRESSURE on the people and justification to commit fraud for survival.

Notwithstanding the nation's current state, every business organization must observe employees with unexplainable lifestyles and those refusing to go on annual leave. While these behaviors may not indicate such employees are stealing, it will clear the air of suspicion and provide the required assurance. Anyone cooking books will be uncomfortable handing such a dirty deal to anybody. However, once the organisation's policy is clear and enforced, the OPPORTUNITY for fraud is weakened.

?

How can organizations leverage behavioral insights to enhance their understanding of fraud patterns and potential insider threats?

?

Behavioral insights/analytics focuses on analysing patterns of behavior and activities within an organization’s network or system to detect and mitigate security threats. By leveraging behavior analytics, organizations can gain insights into user behavior, identify potential threats and risks, and respond swiftly to security incidents. This enhances the overall security posture by complementing traditional security measures and providing a proactive approach to fraud detection and mitigation.

Most companies deploy customer behavioural tools without considering the need for employee behavioural tools and analytics. For instance, analytics can be integrated into the Identity and Access Management (IAM) solutions to assist the organization in gaining insight into usual and unusual access to applications like authorised access, time, duration, location, IP address, device, etc. All relevant business applications and databases should be pointed to Security Information and Event Management (SIEM) tools to collect and analyse user data for unusual events. Likewise, the implementation of a rule-based transaction monitoring solution will assist business organizations to identify and act on unusual transactions in ledgers. All these increase the PERCEPTION OF DETECTION and reduce the incidence of fraud.

?

What role do employee training and awareness programs play in mitigating insider threats, and how can organizations ensure they are impactful?

?

If you don’t train them, you don’t blame them.

Training and awareness put everyone in the organization on the same page on potential threats. Training employees reduces cases of ignorance.

Ignorant users are the most dangerous and weakest link in the security and counter-fraud operations chain.

TRAIN and RE-TRAIN employees to improve transparency and the control environment. There will be adequate awareness of potential violations, and if a colleague does something which is not permitted, another colleague will find out about it. It evenly distributes the responsibility of adequate checks to detect unethical conduct.

Therefore, to make it impactful, the leadership must show good examples in their conduct. The senior leadership must show their belief in promoting an ethical corporate culture. The training and awareness should be interactive and assessed. When you see something, say something should come with a reward and recognition. Lastly, the formulation and implementation of the whistleblowing policy should protect the whistleblower.

?

How can organizations strike a delicate balance between nurturing a culture of trust and implementing robust security measures to safeguard against insider threats, ensuring a harmonious and secure work environment?

?

Businesses can achieve corporate objectives, including competitive advantage in the atmosphere of trust. Trust enhances collaboration and teamwork, grows innovation and increases productivity. Meanwhile, fraud is when the trust is betrayed with the intention to make personal gains. To strike a balance between trust and security, organizations should implement a layered approach to fraud prevention that includes robust security measures such as:

·?????? Establishing strong internal controls in all the processes of the company in a manner that will manage the inherent risks and ensure the corporate objectives are achieved.

·?????? Conducting regular audits to provide assurance on the efficiency and effectiveness of the risk management and internal control systems.

·?????? Implementing whistleblower hotlines to allow people to report any violation without fear of reprisal anonymously.

·?????? Fostering an ethical culture through value-driven corporate articulation, leadership effectiveness, process integrity and transparency.

·?????? Investing in fraud detection technologies as automation directly impacts the efficiency and effectiveness of controls.

·?????? Investing in counter-fraud awareness education and training.

·?????? Business organizations must imbibe a culture of mutual respect, participatory decision-making process and solicit feedback.

I say well done to Dr. Rabiu Olowo , Funmi Ajayi, CFE and @oreoluwa adegoke of The AACAS for organizing this monthly.

?