Using future anti-fraud tech tools wisely

Fraudsters wield technology like weapons to commit their crimes. Fraud examiners must match and supersede their foes with advanced high-tech tools. Here are the results of a recent ACFE survey that show how anti-fraud professionals are using technology and their plans for the future.

The army lieutenant general peers through his binoculars to view the opposing regiment three miles away. His 1,500 soldiers are prepared with the latest weapons and fighting vehicles. But his intelligence unit hasn’t yet been able to report on the enemy’s strength. And he has no idea when his opponents will attack. He thinks he’s ready, but who knows?

This is how many organizations often feel about their technological preparations to fight fraud perpetrators and deter them before they get anywhere near the front line.

As criminals find new ways to exploit technology to commit their schemes and target new potential victims, anti-fraud professionals must ensure they’re adopting effective technologies to navigate evolving threat battlegrounds.

But which technologies are most effective in helping organizations manage their fraud risk? Which tools provide benefits that outweigh the costs? How are organizations successfully harnessing the power of technology as part of their anti-fraud programs?

We know the answers to those and other questions can be crucial in gaining management buy-in and successfully implementing new anti-fraud technologies.

Consequently, the ACFE, in conjunction with SAS, conducted the Anti-Fraud Technology Benchmarking Report to help organizations understand the anti-fraud technologies their peers are using and to assist in guiding adoption of new tech tools.

See the detailed report at ACFE.com/techreport. ACFE members can view it at no cost. Non-members can purchase the report.

How are organizations using data analytics in anti-fraud initiatives?

Organizations use analytics software to identify trends, patterns, anomalies and exceptions in their data. While data analytics has many business uses, we asked survey respondents specifically about the ways their organizations use analytical tools and techniques to prevent, detect and investigate potential fraud.

Probably to nobody's surprise, the data shows that organizations most commonly use data analytics in monitoring of fraud in the purchasing (41%) and disbursements (38%) areas.

Beyond data analytics

Organizations use numerous other types of technologies to combat fraud. The report contains data about types of case management, digital forensics, online-evidence capturing and other technologies respondents use.

Part of effectively managing fraud cases involves tracking and reporting on the results of fraud investigations. The data indicates that only 39% of organizations use a formal case management software. Within those organizations, most use an in-house developed, proprietary program.

Seventy-four percent aren’t using digital forensics/e-discovery software. Only about one-quarter said their organizations have adopted such a program.

Many organizations collect data from online sources as part of their anti-fraud initiatives. The collection of online evidence often implicates privacy, verification and retention considerations that aren’t present when an organization captures or analyzes its own internal data. Because of the specialized nature of this type of data collection, various software programs have been developed to assist with collecting, documenting and preserving online evidence. However, the study shows that the use of this type of software is still relatively uncommon, with just 30% of organizations employing online-evidence capturing programs. Of those that do, many have developed their own in-house, proprietary programs.

Sources of data

Obtaining a full picture of potentially fraudulent activity often involves gathering and analyzing data from multiple sources, including structured data and unstructured data. (Structured data is formatted in recognizable and predictable structures, such as the data found in databases and spreadsheets. Examples include sales records, payment or expense details, and financial reports. Unstructured data is found outside structured databases and spreadsheets. Examples include text documents, email and instant messages, and image files.)

Nearly three-quarters of the organizations in the study use internal structured data to conduct their anti-fraud analytics tests. In contrast, only 30% of organizations use internal unstructured data, and 26% gather data from employee devices that are connected to the organization’s network. Some organizations are also bringing in data from outside sources, such as public records (43%), government watch lists (32%), social media (29%) and other third-party data sources (27%).

Data-sharing consortiums

Some industries and groups have established data-sharing consortiums, in which they feed certain data into an aggregated database that all member organizations can access. These initiatives are designed to help member organizations benefit from the collective data of the consortium to identify trends and protect themselves from known threats.

Budget and financial concerns are the biggest obstacle for many organizations in adopting new anti-fraud technology.

Benefits of data analytics to anti-fraud initiatives

Fraud examiners can have difficulty persuading management to invest in new anti-fraud technologies. Part of overcoming this challenge involves being able to articulate and prove the expected benefits. The survey asked respondents who currently employ data analytics in their anti-fraud programs how beneficial this technology has been with regard to these considerations:

• Volume, which enables them to review more transactions and identify more cases of suspected fraud.
• Accuracy, which results in a reduced false-positive rate.
• Efficiency, by automating time-consuming tasks.
• Timeliness, which allows them to detect anomalies more quickly.

The vast majority of organizations experience substantial benefits from their use of anti-fraud analytics, with 83% to 90% of organizations rating their analytics programs as being either very beneficial or fairly beneficial in each of these four areas. The top benefit realized pertains to volume; 64% of survey respondents said the increased volume of transactions they can review using data analytics is very beneficial to their anti-fraud programs.

Emerging technologies and challenges

Organizations often vary in how quickly they implement emerging technologies for various purposes. Our data shows that, with regard to new anti-fraud technologies, some companies prefer to be early adopters, while others wait to see if the benefits are there before investing. Of those surveyed, 26% currently use biometrics (fingerprint, facial and keystroke recognition, etc.) as part of their anti-fraud programs; another 16% expect to deploy biometrics by 2021.

Organizations are also beginning to use 1) blockchain/distributed ledger technology and 2) robotics, including robotic process automation, at 9% each, but in the next two years 26% expect to use the former and 20% plan to implement the latter.

The technology least likely to be adopted as part of anti-fraud programs is virtual or augmented reality; only 6% of organizations currently use it, and nearly two-thirds don’t expect to employ virtual or augmented reality as part of their anti-fraud initiatives.

Not surprisingly, 80% of the respondents said that budget and financial concerns are the biggest obstacles for their organizations in attempting to adopt new anti-fraud technology. Other common challenges include limitations in staffing and in-house skill sets (73%), concerns about poor data-quality or integration issues (70%) and a lack of perceived return on investment (69%).

Though the organizations might feel squeezed by budgetary restraints, 55% expect to increase their budgets for anti-fraud technology over the next two years — 17% significantly and 38% slightly. Another 40% expect to have their budgets for such technology remain level. Only 6% of the organizations anticipate having their financial resources for anti-fraud technology reduced over the next two years.

Weapons at the ready

The ACFE hopes that the Anti-Fraud Technology Benchmarking Report will help sharpen anti-fraud professionals’ technology plans and enable them to implement more effective weapons to counter, prevent, and deter fraudsters and cybercriminals.

Andi McNeal, CFE, CPA, is the ACFE research director. Contact her at amcneal@ACFE.com.

Explore further survey results in an interactive video from SAS and read more about the methodology and demographics for the Anti-Fraud Technology Benchmarking Report.

Explore further survey results in SAS interactive video

The ACFE developed the Anti-Fraud Technology Benchmarking Report in partnership with SAS. As part of their support for this project, SAS offers complimentary access to a SAS visual analytics report where readers can further explore the survey results with interactive charts based on various demographic categories, including industry and geographic regions. View the report at sas.com/fraudsurvey.

Methodology for Anti-Fraud Technology Benchmarking Report plus demographics

In February, the ACFE sent a 19-question survey to 41,181 randomly selected ACFE members. Respondents were asked to provide information about their organizations’ use of various technologies as part of their anti-fraud initiatives. Survey responses were collected anonymously.

The ACFE received 2,255 survey responses — 1,055 of which were usable for purposes of the report. The report provides a summary of respondents’ answers to the survey questions.

More than half (55%) of the respondents stated that they work in-house and conduct fraud prevention, detection or investigation activities within a single company or agency, which means their use of anti-fraud technology likely affects only their employing organization.

In contrast, 23% of respondents work for professional services firms that perform anti-fraud engagements on behalf of other entities, and one-fifth work for a government, regulatory or law enforcement agency that conducts fraud investigations involving outside parties. Respondents in the latter two categories likely use anti-fraud technology in ways that pertain to their clients or investigation targets, which means their use affects numerous organizations — not just their employers.

Resources and budgets can vary widely by organization size, so understanding how many employees the respondents’ organizations have can be helpful for context in analyzing the use of anti-fraud technology. Respondents’ organizations were fairly evenly distributed among size categories, with a slightly larger proportion (29%) working at organizations with 1,000 to 9,999 employees.

Nearly half of the organizations in the study are in the U.S.; 13% are in Western Europe, and 12% are in Sub-Saharan Africa.

The top three industries covered by our survey responses were banking and financial services (21%), government and public administration (17%) and professional services (16%).