The word “fraud” is growing in popularity, but certainly not in a good way. That’s because we hear about it frequently on the news nowadays. Heck, if you type “fraud” into Google News as a search query, you’re bound to find hundreds if not thousands of articles that pertain to fraud and e-mail fraud. It’s become such a prevalent topic that we’ve all practically become immune to it, almost to the point that we think that we’re the exception. Of course, this isn’t the case, especially in the cutthroat corporate world. I believe the Association of Certified Fraud Examiners said it best in its2014 Report to the Nations On Occupational Fraud and Abuse: “Fraud is ubiquitous; it does not discriminate in its occurrence”. That means even at your company, fraud is a real concern happening right now.
I apologize if I burst your bubble – nobody likes it when a threat hits close to home. Unfortunately, it’s just another part of reality. On the bright side, it’s better discovering it now and coming up with a plan of action, instead of being hit out of the blue.
It’s plausible that occupational fraud (when an employee defrauds the very organization he/she works for) hasn’t impacted your company YET. It’s even more likely that it’s happening right under management’s nose – but they haven’t caught on to it. In fact, according to the fraud report, the median fraud duration in 2014 was 18 months! In other words, a year and a half passed from the time the scheming began until it was detected. You don’t need me to tell you that a lot can happen in this time period – including losing money and damaging your reputation. As if that’s not bad enough, these are losses that may only be partially returned – on the off chance that they’re not lost forever. When this survey was taken, 58% of the organizations did not recover any of their losses.
So what’s the plan to tackle fraud? The data shows that external audits are the least effective method of catching fraud. Proactive detection methods are key to catching fraud earlier and reducing the monetary loss. We encourage implementing e-mail mining for fraud detectionbecause, believe it or not, so much fraud takes place via e-mail and simply isn’t detected. And when it is detected, it’s usually too little too late. To prove my point, I’ll show you three examples of corporate (you’ll know some of these companies!) fraud losses in the news that could have been prevented had the companies used e-mail mining for fraud detection.
Netflix filed a lawsuit against Mike Kail, the former Vice President of Information Technology Operations, for receiving bribes of 12 to 15 percent of the total deal value from two IT service providers. Considering that Netflix paid both IT companies a grand total of $3.7 million, Kail made off with $490,000 in kickbacks. It was not until after Kail left Netflix that the company uncovered e-mails discussing “referral fees” and showing invoices made to his personal consulting firm. According to Netflix, Kail got away with the crime because he was a “trusted senior employee” who had the authority to approve invoices. Had Netflix implemented an e-mail mining approach, they would have caught the fraudster in action.
(Although owners and executives only accounted for 19% of the fraud cases in 2014, they were responsible for a median loss of $500,000.)
HP filed a $5.1 billion lawsuit against Autonomy, the British software company that it acquired for $11.1 billion back in 2012. Just about two years later, HP realized that it had gotten itself into a big mess. It turned out that Autonomy overstated its finances – by a lot. HP claims that Autonomy was only worth half of what they paid for it - $5.55 billion. Thanks to the trail of e-mails between the former CFO and founder, it was evident that the company had misrepresented its finances. The e-mails contained the phrase “covered up” in the context of falling revenues, and the phrase “imaginary deals” as in what sales reps would be pursuing. Unfortunately, the e-mails were checked and the truth came to the surface only after the deal had gone through. Had HP chosen to use an e-mail mining approach during the due diligence process, they would have discovered this before a deal was made.
Keila Ravelo, a former law partner at Willkie Farr & Gallagher may have had “questionable communications” with the opposing counsel. It turns out the opposing counselor was a close friend with whom she formerly worked. The law firm found e-mails and attachments concerning the American Express litigation – a case in which Ravelo had no involvement. E-mails also indicated that the other counselor, Gary Friedman, sent Ravelo documents that may have been protected by the American Express litigation protective order. In this instance as well, e-mail mining would have benefitted both law firms so that they could have learned that confidential information was being shared.
As you can see from these examples, any company can suffer from internal fraud – whether it’s a big name corporation like Netflix or a small startup company. The point is that in many instances, it’s taking place across company e-mail and employees are getting away with it. It’s obvious that companies are feeling a financial burden from fraud and something needs to be done about it. You’ve seen enough fraud in the news – you don’t want your company to become the next headline. With e-mail mining for fraud detection, you can catch the bad guys in the act so your company doesn’t incur any embarrassing financial losses.