Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • The Security Leadership Issue
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Leadership and ManagementPhysical Security

Enterprise Services

Best practices for detecting and managing fraud

A look at changes in the fraud management landscape, the building blocks of a strong fraud investigation process, and what to avoid.

By Sarah Ludwig Rausch
Detecting and Managing Fraud

AndreyPopov / iStock / Getty Images Plus via Getty Images

October 5, 2023

It’s important to recognize that fraud has many forms, says David Tindall, Chief Operations Officer at Sentinel Resource Group. “To many, fraud simply connotes financial crimes, but the mechanisms involved are far more complex and transcend bribery and corruption, asset manipulation and beyond,” Tindall says. “As such, each of these fraud classifications involve unique challenges in terms of detection, mitigation, investigation and remediation.” The common challenge in all categories, he notes, is “the persistent evolution and complexity of fraud and the mechanisms by which fraud is conducted.”

Both from a physical security and a cybersecurity perspective, there are lessons security leaders can learn from each other when it comes to fraud detection and management. Combining best practices from across physical security and cybersecurity investigations, security leaders can use innovative tactics to detect, manage and reduce fraud in their organizations.


The current landscape

The proliferation of electronic systems and the reliance of companies on these increasingly sophisticated systems has created additional fraud risks, says Brian Cesaratto, CISSP, CEH, a cybersecurity and data privacy attorney at Epstein Becker Green in New York City. “In the last few years, there has been an increase in integration of systems and partnerships between different vendors, so you have an expanded attack surface as a result,” Cesaratto says. This expansion of electronic systems has also increased reliance on third-party systems to provide services, escalating risk.

The increase in remote and hybrid work as a result of the pandemic is another pain point. “Again, there’s an increased attack surface because you have computers and other outside devices connecting with cloud-based services,” says Cesaratto. Remote work models have normalized the use of new technology and messaging apps in both professional and personal devices, leading to a rise in informal communication methods, says Juan Migone, a partner at global advisory firm StoneTurn in Washington D.C. Working remotely can also “create a more nonchalant approach to compliance rules and internal controls, which in turn creates larger issues for organizations,” Migone says.

Still, Tindall points out that while technology has enabled more sophisticated crime capabilities, it has simultaneously advanced the ability to detect these crimes. “One could argue that technology has merely offered another variant to perpetrate many of these old-school fraud types,” he says.

Security leaders

Fraud detection & investigations best practices

With decades of advisory experience between them, here’s what these experts consider best practices for managing and detecting fraud.

Have a written fraud prevention program. “It can’t be ad hoc or verbal — you need strong, well-written policies, procedures and guidelines,” says Cesaratto. “This is the foundational requirement because that’ll explain your process and your alignment to a fraud reduction framework.”

Have a strong internal audit and compliance program. “Invest in data analytics tools and teams who can not only get your program up to speed, but also manage its evolution over time,” says Migone. It’s smart to consider rotating audit personnel responsibilities too. “This creates more well-rounded teams and also ensures a fresh set of eyes on critical matters,” he says.

Build a strong foundation. This begins with setting up and enforcing ethics policies and behavioral foundations from the top down. “The most successful entities live their ethics and compliance in day-to-day behavior and tasks, ensuring it is ingrained within the DNA of their organization,” Migone says. This helps establish a robust, long-term anti-fraud program.

Know your fraud risk and risk tolerance. Understanding this pinpoints the type of fraud you’re susceptible to, your potential levels of exposure and the acceptable risk to your organization, allowing for a more detailed mitigation plan, says Tindall. “Taking an assessment of your corporate culture goes a long way to assess your actual risk tolerance and exposure,” he adds.

Take time to train staff. Cesaratto says training staff how to recognize and report fraud is crucial for fraud prevention, and Migone stresses the importance of doing this regularly. Why? “Long-term employees may be perceived as cooperating with all risk mitigation and compliance protocols,” he says. But they may get comfortable over time and skip steps, which can create risk.

Don’t overlook leadership training. “Often, anti-fraud and risk management programs focus on teams and employees,” says Migone, but it’s vital for leadership to participate in training and model ethics and behavioral policies. “No matter a person’s role in the organization, they must be held accountable,” he says.

Look for aggressive metrics that are constantly being met. Examples include bonuses, sales goals or performance milestones. “Use data to determine trends that are statistically improbable,” Migone says. “Know the metrics and check for adjustments at the end of the period that help teams meet their bonus targets.”

Institute an insider threat prevention program. This includes background checks for potential hires and monitoring employee activity consistent with what systems they have access to, says Cesaratto. “The more risk there is for fraud, the more stringent you want the hiring, vetting, supervision and monitoring to be,” he says.

Follow your regulatory (such as Sarbanes-Oxley [SOX]) and enterprise controls. Migone notes that this might be painful at first and even slow things down some, but if they’re implemented correctly, controls can be highly effective in preventing and identifying issues. Additionally, don’t take any failure in controls lightly. “Security and compliance officers need to understand that breakdowns even in the smallest controls that are not addressed could lead to issues escalating in a future period,” he says.

Create an independent whistleblower program. No matter how small they seem, listen to complaints about potential threats or bad behaviors, Migone says. Investigate and communicate the results clearly. “The downfall of many otherwise successful whistleblower programs is lack of communication around the action,” he says. “Even when claims initially seem unfounded, it is critical to express that action was taken.”

Verify and assess fraudulent activity. “A strong fraud investigation will almost always begin with a verification of fraudulent activity, identification of the parties responsible and potential impact of the fraud,” says Tindall. Before any mitigation or recovery steps are taken, assess the scope and magnitude of the fraud. “Strong risk-based data analytic tools, qualified or independent investigators, the realization of patterns and the ability for early intervention strategies all lend to minimize fraud-related damage to both an organization and potential consumers,” he says.

Remember that small details matter. “Teach people to watch for the minutia, as missteps on smaller details can lead to larger issues down the road,” says Migone. Don’t ignore red flags, no matter how trivial they seem. “We all know the analogy of the iceberg: What may seem small on the surface can be indicative of a larger issue underneath,” he says.

Confirm and test everything. “Always verify what people in the organization are telling you with evidence and data,” says Migone. He says it’s also important to test your controls and people regularly.

Conduct a postmortem review. Once the fraud investigation is complete, there should always be a review with the goal to prevent future losses, says Tindall. Consider items such as lessons learned, how to strengthen control weaknesses and how to mitigate other potential consequences.

Using these best practices to inform fraud detection and investigations can help security leaders better hone their anti-fraud measures. From building a strong anti-fraud organizational culture to conducting thorough reviews of potentially fraudulent activity, fraud prevention professionals can create and sustain a robust program.


Potential pitfalls to avoid

When conducting fraud investigations, Tindall says he runs into numerous pitfalls that are found to be root causes of fraud. Some of the most common include:

  • Not having a comprehensive risk assessment
  • Over-relying on technology and/or having limited data analysis
  • Failing to update controls
  • Lack of monitoring
  • Neglecting employee training
  • Overlooking third-party and insider risks
  • Failing to collaborate with key stakeholders and partners
  • Not assessing your corporate culture
KEYWORDS: fraud detection Fraud Investigations fraud prevention investigations leadership

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Sarah Ludwig Rausch is a Contributing Writer to Security magazine.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

From animal habitats to bustling crowds of visitors, a zoo is a one-of-a-kind environment for deploying modern security technologies.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • crypto-sec-freepik1170.jpg

    Best practices for cryptocurrency firms and digital currency firms managing money

    See More
  • Matt Price podcast headshot

    Best practices for cryptocurrency fraud investigations

    See More
  • SEC0719-Privacy-Feat-slide1_900px

    Privacy and Security: Current Challenges and Best Practices

    See More

Related Products

See More Products
  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • Risk-Analysis.gif

    Risk Analysis and the Security Survey, 4th Edition

  • physical security.webp

    Physical Security Assessment Handbook An Insider’s Guide to Securing a Business

See More Products

Events

View AllSubmit An Event
  • November 14, 2024

    Best Practices for Integrating AI Responsibly

    ON DEMAND: Discover how artificial intelligence is reshaping the business landscape. AI holds immense potential to revolutionize industries, but with it comes complex questions about its risks and rewards.
View AllSubmit An Event
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • The Security Leadership Issue
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!