The U.S. Federal Bureau of Investigation (FBI) has set up a telephone hotline for reporting incidents of public corruption, the Associated Press reports. FBI and U.S. Department of Justice officials say the hotline is meant to deter public officials from using their positions for personal gain — what FBI Special Agent Michael Caste calls "the FBI's No. 1 criminal priority." Officials point to recent incidents such as the former treasurer of a Missouri fire protection district who pleaded guilty to embezzling more than US $1.5 million, as well as the Jackson County, Kans. Circuit Court administrator who pleaded guilty to making US $78,000 in personal purchases with a court-issued credit card and entering into a fraudulent contract with a fake company that was actually a front for one of her friends.
The FBI's new anti-corruption hotline illustrates just one of the measures that public-sector organizations have taken to address the rising tide of fraud and corruption. Over the past year, this column has discussed what internal auditors can learn from examples of fraud cases, not only involving public officials who have engaged in fraudulent and corrupt activities for their own financial and personal benefit, but also a wide range of other fraud cases and topics. As this is the last Fraud Findings column for 2013, this is an opportunity to look beyond any one particular case to consider more broadly what key fraud risks and opportunities may dominate headlines in 2014.
Five top fraud risk trends include:
Instances of fraud, bribery, and corruption perpetrated by public officials — whether at the national, regional, or local level — will continue to appear in news headlines and may increase. A combination of factors, such as an uncertain economy, skepticism/cynicism regarding respect for the values of honesty and the public good (including costly incidents of private-sector fraud), weak internal controls in public organizations, increased media attention, and reliance on whistleblowing/hotline mechanisms may be contributing to a greater number of fraud cases involving public officials. While the number of such cases occurring in North American and European countries may be well below that of other countries, any increases in such fraud cases, along with the attention they receive, ought to be of great concern to leaders, lawmakers, auditors, and law enforcement officials. The ability to detect and prosecute such cases may be improving, but further deeper analysis leading to appropriate actions is needed on the fraud prevention front.
Cyber fraud will continue to grow and evolve faster than fraud detection and prevention measures. Fraudsters are focusing on mobile opportunities (smartphones, tablets, and laptops) and developing tailored malware to exploit busy people on the move. As a countermeasure, some U.S. mobile carriers are starting to block premium or paid text message charges ("cramming") used to monetize mobile fraud, but newer techniques will no doubt emerge. On other cyber fraud fronts, the use of bank card/account skimming and "pharming" attacks — in which computer/mobile users of specific websites such as electronic shopping are unknowingly redirected to proxy servers so that personal and financial data can be stolen — will expand, with fraudsters working relentlessly to better mimic real websites and to develop more sophisticated skimming techniques. These kinds of attacks will continue to proliferate from wider sources around the world — such as China, Eastern Europe, Latin America, and others — particularly as online/mobile banking accelerates globally.
Perceived corruption and bribery risks will continue to coexist uneasily alongside significant global growth opportunities. With rapidly growing economies and increasingly sophisticated consumer markets, multinationals continue to invest heavily across a wide range of industry sectors. However, with a level of corruption that is perceived as unacceptable, global regulators will continue to press large, global financial institutions, credit card issuers, and insurance providers to address money laundering, trade sanctions, and bribery and corruption issues. It is far from a new observation that bribery and corrupt practices are pervasive in many countries. Staying on top of differing anti-corruption laws and standards, particularly in markets where the rule of law is not always clear, will remain a challenge. Continued attention to effective global corporate oversight, compliance processes, and overall internal control enhancements can be expected, along with an increased number of bribery and corruption investigations.
Big data and data analytics represent a significant opportunity to ask and answer fraud risk questions and develop better fraud risk mitigation programs, but progress will be uneven. In recent years, the feasibility, timeliness, and cost-effectiveness of implementing these techniques has increased and migrated into internal audit, compliance, and corporate oversight functions. Experiments with both macro and forensic data analytics may help organizations develop a better understanding of how these techniques can be used to transform data into information — if not intelligence — to help detect and prevent potential fraud incidents. But organizations will need to make upfront investments in systems, software, and analysis routines, which many may be reluctant to make during tight economic times. Going down the big data path also poses challenges to traditional management culture and decision-making. All of these obstacles can be overcome, but proponents will need to be persistent, innovative, and persuasive.
Dealing with the potentially increasing volume and complexity of fraud risks and fraud cases will be a bigger challenge to internal audit functions than ever before. Internal audit groups within both the public and private sectors continue to be under pressure to do more with the same or fewer resources. In some cases, evaluation, risk, and conflict of interest functions are being added to core audit responsibilities. This underscores the need for auditors to be highly focused on determining and going after the biggest fraud risks, as well as effectively leveraging strategic partnerships with regulators and law enforcement agencies.
Do you agree or disagree? What predictions do you have? I would welcome hearing your thoughts in our comments section.