The Hindu Business Line : Most cos ill-equipped to handle fraud: KPMG Forensic

A recent survey by global consulting firm KPMG Forensic, involving over 1,000 private and public companies in India, reveals that most organisations are ill-equipped to handle fraud — be it prevention, detection or response to fraud.

Majority of respondents belonged to information technology, financial services and manufacturing sectors with revenues between Rs 50 crore and Rs 100 crore.

"Past surveys and working with companies showed that most of them do not implement the compliance policies they have on paper, such as Clause 49," said Mr Rajan Sethuraman, Director-Advisory, Forensic Services, KPMG India. Clause 49, prescribed by the Securities and Exchange Board of India, includes sections on risk management and internal control mechanisms.

White Paper

To help companies implement anti-fraud policies, KPMG has published a white paper on how to prevent, detect and respond to fraud. It includes proactive measures such as data analysis to identify hidden relationships between people, organisations and events, means to analyse suspicious transactions and ability to analyse large volumes of transactions in reduced time.

Scope International Private Ltd, a wholly owned subsidiary of Standard Chartered Bank, UK, has adopted information technology to analyse up to 80 million global transactions a year to prevent money laundering. "IT has helped identify exceptional transactions and also separate those that can be processed faster from those which would take more time," said Mr Sreeram Iyer, Chief Executive Officer, Scope International Private Ltd, at a press conference.

Detection Mechanisms

The paper also recommends company-specific anti-fraud policies as organisations face niche risks. "Industries dependent on external vendors and third party contractors, like pharmaceutical companies, must have an anti-fraud policy covering every aspect of multiple party interaction," said Mr Rajan.

A financial services firm faces risks of information theft and unsolicited phone calls indicating that one's personal information is available to unauthorised sources. A senior manager of a public sector bank said scrutiny of documents submitted to avail loans was incomplete despite various fraud detection mechanisms. "Even lawyers who inspect the documents are unable to detect forgery," he said.

Quality Compliance

IT organisations face risks of employees not having common ethical and cultural orientation towards business. "Mass recruitment is a disturbing trend. In their race to meet hiring targets, companies are failing to focus on personnel management and quality compliance processes," said Mr Rajan.

Mr S.R. Kannan, Head, Security Services, Sify Ltd, in a press conference on information security, cited the example of Kevin Mitnik who hacked into information security systems at the Pentagon (the Unites States Department of Defence) — posing as an employee.

The KPMG paper recommends the need for increased security of IT-based systems. According to the survey, about 60 per cent of respondents allocated less than 10 per cent of their annual security budget towards IT security.

`Phishing'

IT related fraud is common when unsecured networks are used in communications. When a large private sector bank launched its Internet banking portal a few years ago, customers complained of inaccessibility to their account after typing their login id and password. The bank declared it a case of `Phishing' and asked customers not to use the facility until notified through post.

The paper advises companies to complement conventional security with IT security. Mr Rajan of KPMG cited an example of how IT security had helped the retail sector move from being perceived as a `high risk' sector in 2002 to a `low risk' now.

More Stories on : Trends | Economic Offences | Marketing Research

Article E-Mail :: Comment :: Syndication :: Printer Friendly Page