By Vinaya Parvate, Global Head, Fraud Risk Oversight for Institutional Client Group and Citi Commercial Bank, Citi
Interview ahead of the 3rd Annual Fraud and Financial Crime Europe Summit, taking place 1-2 April in London
What, for you, are the benefits of attending a conference like the ‘Fraud and Financial Crime Europe’ and what can attendees expect to learn from your session?
The best part of attending a conference like Fraud and Financial Crime Europe is the opportunity to hear from and interact with other industry practitioners. Fighting fraud is a team sport, and the more we exchange ideas, work closely, the more successful we can be as an industry in keeping the criminal elements at bay.
One of the more difficult aspects of fighting fraud is when trusted employees or vendors act fraudulently. My session will shed light on some of the challenges and approaches in this space.
What are some of the challenges in vetting individuals when they join an organisation?
The biggest challenge in vetting individuals is that there is no direct or simple measure of character. Typically on-boarding checks are focused on background screening using public searches, law enforcement records, credit checks, verifying educational qualifications, etc.
Reference checks may be used but have limited value as the references are provided by the individual themselves. Unless the individual has a history of repeated fraudulent activity at multiple employers, any intent to defraud is very unlikely to be uncovered through such vetting.
What are key indicators that identify when an individual is aiding in fraudulent activity from within an institution?
Even with significant automation, there are many operational activities that are carried out by various individuals which can be manipulated to carry out fraudulent activity. There are some leading indicators like reconciliation breaks and accounting controls that are worth monitoring, however they may indicate errors as much as fraudulent activity.
It is not an easy task to find red flags to identify fraudulent activity without making the organisation into a surveillance state. My personal view is that such approaches are counter-productive as they have significant adverse impact on employee morale and culture with limited risk mitigation benefits.
How does an organisation counter the risk of internal fraud?
In fraud, we talk about the triangle of opportunity, motive, and rationalisation. Designing controls keeping in mind segregation of duties, related persons policies to manage collusion risk, and having independent checks and balances help minimise opportunity.
Fair pay, healthy HR policies that provide growth and development opportunities to all staff, and creating a high level of employee engagement all reduce motive as well as the chance of rationalisation. Employees with a sense of pride and belonging are the best defence against internal fraud.
What do you see ahead for the future of fraud management and mitigation?
The future can be and needs to be much more efficient. The core principles of assessing which processes have risk of internal fraud and designing controls to manage it will not change. The main change is in how those controls are executed.
Automation can enable those controls to be very efficient with human scrutiny on targeted items. For example, to monitor segregation of duties, there are tools today that can help identify instances of password sharing. Employees have access to multiple systems with varied entitlements.