Sizing Up Internal Fraud
0 comment(s)
Ask 10 people in loss prevention to estimate the size of the internal fraud problem and you are likely to get 10 different answers. The fact is that internal fraud is notoriously difficult to estimate. One reason is that financial institutions have a vested interest in making sure these events never end up in the public realm. No bank wants to stand up and say, "our employee was stealing your money, but don't worry, we caught him after 5 years"!
But we can paint in broad strokes and the picture looks more like Munch's "The Scream" than Monet's "Haystacks". Insider fraud is not perpetrated by those you suspect. It's the friend in your department, your boss or the employee most active in the community. Statistics from the industry back this up.
- 50% of incidents involve 40 – 49 year olds.
- Most have been on the job at least 3 years.
- Only 3% of perpetrators have a criminal record.
There are also statistics we can use to get a better understanding of how long the typical incident lasts and how costly it is to financial institutions. The average internal incident lasts over 24 months and costs $175,000. Why? Remember these are the people that have the access they need, they know the processes and procedures and the defense mechanisms in place. And they know how to cover their tracks making detection more difficult. A PriceWaterhouseCoopers study found that 1/3 of all internal fraud cases were discovered by accident!
It's difficult to pin point the size of the internal fraud problem but there are some data points we can use. The analyst firm Celent estimates that 60% of all fraud is due to insiders. Think about how much your financial institution wrote off last year. Now take over half that number and attribute it to theft performed by the person sitting in the next cubicle, on the floor below or in the server room. Pretty scary huh? BREAK How much attention are you paying to the internal threat?