What do NSA and Target Corporation have in common? They both have enormous databases of sensitive information about individuals that have been penetrated by the likes of Snowden, Wikileaks, and worse criminal conspiracies. According to James D. Ratley, President and CEO of the Association of Certified Fraud Examiners, cybercrime is one of the biggest emerging fraud threats in 2014.
Ratley mentions hacking schemes like the one that shocked Target, as well as other malicious activities like malware and phishing schemes. He rightly says that these schemes can be foisted on individuals, small or large businesses, or any type of organization.
But we think there is a very good reason why cybercrime could be the biggest emerging fraud threat for years to come. It is rooted in the fact that organizations will not forego the tremendous power of networked computers and huge databases, and these are rapidly evolving. Every innovation in automated business processes creates new opportunities for hackers. The prize at stake is huge. … Continue reading
The phrase “Due diligence” sounds complicated but in reality, it is simply the process of doing your homework before you make a major commitment, either on a business or personal level. Due diligence can be as simple as just asking the proper questions and making sure that a situation is “not too good to be true.” This idea of checking into the facts behind a transaction to ensure it is fairly valued is the source of the old adage, “let the buyer beware.”[i]
Most of us practice due diligence even though we may not think of it that way. For example, most people these days will do some research on the internet before making a major purchase, like buying a car. We scan websites to get an idea of a fair price, the dealer cost, and any low interest financing deals so we can be prepared to counter the ”rock bottom price” offered by the car salesman. In this process, we are doing our “due diligence” to get the best deal possible.
Due Diligence as a Defense
There are important legal uses of the term “due diligence.” It began as a term describing a legal defense in the Securities Act of 1933. Its purpose in that Act was to give broker-dealers a defense against an accusation that they had not disclosed information in a securities transaction. If they had performed “due diligence” in researching the company, they could not be held liable for information they did not discover.[ii] … Continue reading
You’ve seen the data before: Organizational fraud is a huge annual cost. Managers want to reduce the costs, so the real questions are to learn why fraud occurs and what to do about it.
The most compelling explanation for organizational fraud is the Fraud Triangle, as summarized in our recent infographic. Frauds occur when there is opportunity, one or more employees are under perceived financial pressure (incentives exist), and they can rationalize their fraudulent behavior. These 3 factors correspond to the legs of the triangle.
Control the Opportunities to Reduce the Chances of Fraud
In our experience, organizations can reduce the probability of organizational fraud by just removing one of those legs of the triangle. There are things you can’t control, such as employees’ spending habits, but if you remove the opportunity for employees to get their hands on an asset without the potential of getting caught, then you’ve reduced that probability by 50 percent. … Continue reading
A comprehensive Enterprise Risk Management (ERM) strategy can help protect your reputation by preventing events that damage it.
Reputation is an intangible asset. Much research and many seasoned observers agree that a good reputation enhances customer loyalty and purchase behavior, market value of the business, hiring and retention success, and brand image. Many of these factors are reflected in the asset we call “goodwill.”
Managing Reputational Risk in ERM
Reputational risk (or ‘reputation risk’) is one of the costs of events such as adverse actions for negligent hiring or publicized high-level fraud. Events like these are precisely the types of risky outcomes that your systematic ERM strategy aims to identify, evaluate, and mitigate. We do not have space to provide an exhaustive list of reputational risks, but we can illustrate the point that preventing selected negative outcomes can help protect your reputation, not to mention your bottom line.
Experience and research has enabled Lowers Risk Group to identify many ways companies can reduce or prevent fraud while protecting the organization’s most valued assets:
1. Set the “Tone from the Top”
Managers and owners of small-medium sized businesses should focus their control investments on the most cost-effective mechanisms, such as setting an ethical “tone from the top” for their employees, as well as those most likely to help prevent and detect the specific fraud schemes that pose the greatest risks to their businesses. … Continue reading
Experience and research has enabled Lowers Risk Group to identify many ways companies can reduce or prevent fraud while protecting the organization’s most valued assets: