by Norman D. Marks, CPA, CRMA

Businesswoman Using Headset MicrophoneOne of the troubling aspects of the recent penetration of the JP Morgan Chase system is that finding out what happened took a long time – months. If an organization wants to minimize potential losses from fraud, it must detect it and respond quickly.

Some companies depend on software that is run on a periodic basis (perhaps by internal audit) to detect potential anomalies in the data, patterns that indicate the possibility of fraud or error.

But a periodic report, requiring time to review and investigate apparent exceptions, does not enable detection and response at speed.

There are a couple of reasons why these reports are only run periodically instead of continuously:

  • Analyzing millions (or more) of transactions takes time and consumes computer resources
  • The software often requires either a download of data from the enterprise systems to a data warehouse (or similar) before it can be accessed and analyzed, or an interface routine that is often quite complex (it has to convert multiple standard and custom transaction codes). Both methods are subject to error. (I was at a company where the inventory was re-organized but the extract of inventory-related data into a data warehouse for use in an analytics report was not changed.)

I believe every organization needs fraud detection that lets management respond at speed.

I also believe that when you use software that is designed to operate with your enterprise applications, it is a lot easier to obtain useful and reliable information when you need it. There is no need for complicated interfaces and the software ‘understands’ the data.

And I believe that you need software that has the ability to analyze and provide insight into data, even when there are millions of transactions, multiple times each day. In-memory technology provides that capability and I consider that a huge advantage.

Studies show, including those from the Association of Certified Fraud Examiners (ACFE), that organizations are slow in detecting fraud. According to the latest Report to the Nations on Occupational Fraud and Abuse, “The median duration — the amount of time from when the fraud commenced until it was detected — for the fraud cases reported to us was 18 months.” It also says “The longer frauds last, the more financial damage they cause.”

It’s time to implement more continuous fraud detection.