Investigate fraud with these best practices

Fraud by its very nature cannot be eliminated, but only contained. Here are guiding principles to investigate fraud after an incident has been reported.

Most people in India do not know that fraud is a legal term and not a concept that changes with time. Fraudulent incidents in the information age have devastating effects. Every single piece of information in today’s knowledge driven era has a value attached to it, and is thus prone to fraud. Information leakage and technology or people failure in an organization result in major financial losses. Traditionally, audit was the best way to investigate frauds; however, in recent times with economies going from boom to bust, this profession has innovated drastically.

Recruiting a proficient team

A person investigating fraud must understand that every organization is susceptible to fraud as human behavior cannot be controlled, unlike policies, laws, and hierarchy. Hence, the question is how to investigate fraud after an incident has been reported.

Investigating fraud is not a one-man job and requires a competent and experienced team. The fundamental of any investigation is to have professionals with the right skills, knowledge, and experience. This team needs to be focused on the assignment and ensure resolution within a reasonable timeframe. Inexperienced or under-trained personnel could hinder the fraud investigation process. 

Depending on the magnitude of the incident, the fraud investigation team should consist of:

•         A legal attorney/professional who is able to identify applicable compliance provisions, statutory regulations and their violations. In majority of frauds detected, the evidence obtained is purely circumstantial in nature and thus requires special skills to put forth the point in an appropriate manner and visualize the implication in the court of law.

•         A forensic accountant/auditor, who is not necessarily an accountant but an individual with a techno-functional background in specialized areas like business, finance, Information Technology (IT), and law.

•         A cyber forensic expert with appropriate technical knowhow and experience. Today, computer is a tool as well as a victim in financial crimes. Cyber forensic expertise is one part of forensic accounting practice that deals with various aspects of digital evidence, data recovery, data analysis, password recovery, and risk profiling of user. These crimes are most difficult to probe and prosecute because of jurisdictional issues and many times are cross-border in nature.

•         A field investigator who based on requirements of a forensic auditor collates the evidence, which is crucial for any investigation to be successful. Awareness of legal environment is critical for a field investigator and all evidence should be gathered and collected with respect to law of the land. Any violation of the same may result in the evidence getting tainted and becoming unacceptable in the court of law.

Using the SPEC (scope, plan, execute, close) model

Having an initial investigative hypothesis of the incident helps to understand where exactly the fraud investigation should commence. The SPEC model can be used to investigate fraud. 

•         Scope: Post incident reporting, investigator/s need to gain maximum first hand information of the actual job. Understand and evaluate various factors such as cultural, regulatory, and legal to investigate a fraud. Speculate on different levels of investigative hypothesis, by approving and/or disapproving facts of the incident/s and the process of gathering evidence for the same. It must be noted that this is not the planning stage.

•         Plan: Plan the fraud investigation in a phased manner to maintain its intent and purpose. The plan stage includes establishing the investigative hypothesis, process mapping, scheduling timeframes, resource allocation, and reacting appropriately to facts/information while executing an investigation.

•         Execute: This includes supervision of the case, proving and/or disproving facts/information, and triggers raising such incidents. While investigating a fraud, the investigators should apply their knowledge, expertise and skills to deduce potential outcomes based on different theories such as the Fraud Triangle by Dr. Donald Cressey.

•         Close: This is the final stage of a fraud investigation, where the case is closer to completion. Investigation outcomes of the incident and appropriate recommendations are documented in a logical, coherent report.

An important fact is that corporations in India today do not update themselves on the different and continuously developing types of frauds and methods to investigate frauds. Corporations “act” or rather “react” only when a fraud occurs in their own backyard. Review of internal procedures and technological advancements not only in audits but also various departments assist in reducing fraudulent activities. Training the staff regularly by organizing fraud awareness programs keeps them abreast of the changing nature of frauds and ways to combat them effectively.

About the Author: Nikhil Parulkar is MFA, CFE, CAME, ISO27001-LA and an associate consultant – Forensics and Fraud Risk Management at Mahindra SSG.

The views expressed in this article are those of the author and do not necessarily represent the views of and should not be attributed to Mahindra SSG.

Read more on IT risk management