Addressing cyber complexity: An operational fraud programIt's Friday night at 7 p.m. and your cellphone (CELLular telePHONE) The first ubiquitous wireless telephone. Originally analog, all new cellular systems are digital, which has enabled the cellphone to turn into a smartphone that has access to the Internet. rings. It's your organization's information security manager who informs you that suspicious activity seems to be occurring within several accounts managed by your organization. It appears account holders external to your organization have become aware of these suspicious activities. The information security manager has received calls from several government agencies and industry fraud colleagues for assistance on activities around these accounts. You soon learn from your internal public relations public relations, activities and policies used to create public interest in a person, idea, product, institution, or business establishment. By its nature, public relations is devoted to serving particular interests by presenting them to the public in the most manager that the media has also contacted your organization and would like to know if your company can comment on the story that they are preparing for the Monday edition newspaper involving these suspicious activities that may be fraud related. Does this scenario sound familiar' Do you have an enterprise-wide incident response plan or operational fraud program to address the occurrence of fraudulent activities, identity theft incidents and insider threats' How does operational fraud play a role in reducing these demands' Operational fraud is the risk of incurring fraudulent loss to assets due to an organization's exposure to deception, theft, diversion or mismanagement mis·man·age tr.v. mis·man·aged, mis·man·ag·ing, mis·man·ag·es To manage badly or carelessly. mis·man  age·ment n. of transactions, customer information, account information and data transfers. Operational fraud blends traditional fraud, corporate security, forensic investigation and information security disciplines, and infuses information sharing See data conferencing. with the law enforcement community and industry colleagues to reduce potential fraudulent risks and losses.
As cyberterrorist exploits evolve, fraudulent schemes Noun 1. fraudulent scheme - an illegal enterprise (such as extortion or fraud or drug peddling or prostitution) carried on for profit illegitimate enterprise, racket -- such as phlishing, identity theft or account takeovers -- become more complex. It is incumbent on fraud departments to understand these schemes as they evolve so that anti-fraud monitoring activities and countermeasures That form of military science that, by the employment of devices and/or techniques, has as its objective the impairment of the operational effectiveness of enemy activity. See also electronic warfare. can be developed and incorporated into organizational business processes. By taking these proactive measures In antiterrorism, measures taken in the preventive stage of antiterrorism designed to harden targets and detect actions before they occur. to recognize warning signs of fraudulent activities and identify potential countermeasures, the impact of operational fraud activity to the organization may be reduced. Communication strategies are key aspects of operational fraud programs. As incidents are identified within an organization, fraud departments should leverage information sharing (as defined in the communication strategy) with appropriate local, state and federal stakeholders Stakeholders All parties that have an interest, financial or otherwise, in a firm-stockholders, creditors, bondholders, employees, customers, management, the community, and the government. to establish and maintain a data sharing The ability to share the same data resource with multiple applications or users. It implies that the data are stored in one or more servers in the network and that there is some software locking mechanism that prevents the same set of data from being changed by two people at the same time. platform to track, trend and analyze fraudulent patterns so that the organization can mitigate fraud risks. An operational fraud program should have three core program areas: governance, approach and maintenance. Establishing these core programs areas will help create and support a fraud resilient culture.Governance: An effective operational fraud program starts with a ‘tone at the top' charter and definition of the control environment. An operational fraud policy should be developed by incorporating relevant elements of the organization's code of conduct/ethics policy to help establish authority and visibility. Once governance is established, the approach or implementation phase should begin.Approach: This phase involves outlining the elements and supporting detail involved in implementing a formal operational fraud program. The operational fraud approach phase should incorporate the following key elements: operational fraud risk assessment program (to identify potential threats and vulnerabilities related to fraud controls or safeguards), operational fraud procedures and practices, anti-fraud and social engineering awareness training program (for employees), continuous monitoring activities, operational fraud countermeasures, communication strategy and memorandum of understanding A Memorandum of Understanding (MoU) is a legal document describing a bilateral or multilateral agreement between parties. It expresses a convergence of will between the parties, indicating an intended common line of action and may not imply a legal commitment. (for sharing information with industry colleagues and the law enforcement community), and an information sharing platform (specific, repeatable, measurable and actionable procedures for sharing fraud information with industry colleagues and the law enforcement community (i.e., FinCrime.com, Financial ISAC ISAC Illinois Student Assistance Commission ISAC Istituto di Scienze dell'Atmosfera e del Clima (Italy) ISAC International Society for Analytical Cytology ISAC Iowa State Association of Counties ISAC Information Sharing Analysis Center , etc.).Maintenance: The operational fraud maintenance phase is a crucial pillar. In order to effectively integrate the operational fraud program into business processes, the plan should be regularly tested and audited. Fraud program metrics should be established and provided to executives in order to objectively demonstrate where progress has be made and where program improvements are needed. The operational fraud maintenance phase should include, at a minimum, a program testing plan (regular drills and tabletop exercises), program audit plan, integration with organization's existing enterprise risk management program (i.e., incident response plan, disaster recovery plan, business continuity plan), a program adjustment procedures (change management process), and metrics and reporting. The operational fraud strategy will align with an organization's existing security model. This fraud strategy supports the security concept of ‘protection in-depth' as the strategy focuses on deterring, delaying, detecting, denying and preventing an adversary from exposing an organization to losses resulting from fraudulent activities. Operational fraud risks will continue to evolve and will require organizations to proactively evaluate and expand capabilities to maximize the value and effectiveness of anti-fraud controls. There are several key regulatory or industry mandates requiring fraud control reviews to reduce or mitigate fraud. These regulatory mandates include, but are not limited to, the Identity Theft Red Flags under the Fair and Accurate Credit Transaction Act of 2003, USA Patriot Act USA PATRIOT Act [Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorists], 2001, U.S. and the Money Laundering The process of taking the proceeds of criminal activity and making them appear legal. Laundering allows criminals to transform illegally obtained gain into seemingly legitimate funds. Suppression Act. The key focal point focal point n. See focus. to reducing fraud risk from emerging threats is transitioning toward a resilient fraud enterprise.This article was co-authored by Rich Baich, principal, and William Anderson William Anderson or Bill Anderson may refer to:
|
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion