Using Digital Forensics to Investigate Internal Fraud
According to a recent study by the Association of Fraud Examiners, organizations worldwide lose 5 percent of their revenue to fraud each year. The study also found that fraud is extremely costly – the median loss caused by occupational fraud was $140,000 and that more than one-fifth of these frauds involve losses of at least $1 million.
As the usage of personal devices by employees has become virtually ubiquitous companies have become confronted with a growing array of challenges and opportunities when it comes to detecting and proving fraud. However, organizations must be precise in their efforts to use technology to prove the guilt of employees, to ensure that the rights of the employee are not violated and innocent employees are not wrongly accused.
Digital forensics is a rapidly expanding field that involves the recovery and investigation of material found in digital devices. This field has grown rapidly to include data from mobile devices – which presents multiple challenges for an investigator.
Companies of all sizes, particularly larger corporations with a significant amount of devices and data within its enterprise, look to digital forensics to keep up with the blazing pace of technology and the sophisticated crimes that advance with it. Smartphones and tablets have become standard issue for corporate employees. These devices are essentially high-powered computers with infused cellular technology that can prove to be a valuable source of information regarding employee misconduct when the legal situation allows for such information to be extracted and analyzed. For this reason internal investigation units continue to expand their use of these tools.
There are a number of settings in which digital forensics now plays a central role in addressing and investigating fraud. The use of digital forensic tools to facilitate sanitation of devices of terminated employees has become commonplace. Additionally, the tools are also being used to investigate a wide range of activities from embezzlement and fraud to the unauthorized use of a company issued phone. These capabilities are also being used to investigate the unauthorized storage of sensitive and confidential company documents by personnel. They can even be used to search for malware and spyware.
There are software-based forensic applications in the marketplace that enable investigators to recover deleted documents, messaging app data, call logs and all Text/MMS messages. Because of the wide range of devices out there, it’s essential that investigators utilize solutions which offer broad coverage of handsets and ensure the depth of data recovered, which is regularly updated. This enables investigators to keep pace with the evolution of the latest applications in the marketplace. This has proven to be incredibly valuable to both corporate and criminal justice settings.
The growing acceptance of "Bring Your Own Device" (BYOD) policies present an interesting challenge to corporations that want to afford their employees the latest technology but ensure separation of "work and play" from devices that are the personal property of the employee. As such, internal investigations units must have the right tools and training to examine today's most advanced and mainstream smartphones and tablets. The tools should include the capability to bypass device security for uncooperative employees, decode potentially crucial application data, and recover deleted data when circumstances warrant. Investigators should also be afforded similar investment in training on the use of these tools to ensure they can explain their findings in any subsequent legal proceedings.
When fraud is ongoing, particularly in cyberspace or via a company’s networks, in many instances, every second counts. Especially in the case of companies with a number of office locations or global operations, responders often need the ability to rapidly perform multiple examinations anywhere and see the results immediately. Moreover, those acting to respond to the situation will often require analytic tools to discover connections between different devices while providing timelines, geo-mapping to quickly understand the scope of a criminal act so that they respond appropriately to prevent further damage. These features, which are available as part of a larger suite of capabilities on some cutting edge, software-based solutions are now being leveraged by an expanding group of companies worldwide.
The available data has shown that the deployment of technology-driven anti-fraud programs has worked not only to increase the power and precision of investigations but in many cases has decreased the incidences of attempted fraud and abuse considerably. By enabling responders to be more accurate and efficient in their work, these tools will continue to become a centerpiece for companies working to stem the rising tide of occupational fraud around the world.