Download to read offline
Uploaded byMustapha Mugisa
Effective Fraud risk management 101.pptx
The document outlines a comprehensive fraud risk management strategy termed 'PDR'—Prevent, Detect, Respond—emphasizing the importance of fostering a culture of fraud awareness and implementing preventive controls. It highlights the roles of various teams and tools for managing fraud risk, including predictive detection, robotic process automation, and advanced analytics. The strategy aims to align with organizational risk appetite while ensuring compliance and ethical standards.
Effective Fraud risk management 101.pptx
- 1. be transformed 9/22/2023 Effective fraudrisk management using “PDR” approach Mustapha B. Mugisa, Mr. Strategy www.summitcl.com
- 2. be transformed 02 03 01 Prevent Detect Respond Cultureof fraud risk awareness and preventive controls Fraud alert line process and investigation Fraud response plan The ‘PDR’ fraud management strategy
- 3. be transformed 1. Prevent– The 3 lines of defense… 9/22/2023 3 Board of directors Audit committee Cybersecurity team Legal team Compliance and ethics staff Develop a strategy to assess and manage risks that align with risk appetite and strategic plans. Regularly assess the organization’s cyber risk exposure Document policies and regulations that the compliance program must cover. Oversee the assessment and monitoring of the organization’s fraud, compliance, and ethics risks. Proactively foster a compliant and ethical culture.
- 4. be transformed 4 2. Detect– the top 3 tools Source: “ACFE Report to the Nations” 2018 Global Study On Occupational Fraud and Abuse
- 5. be transformed 2. Detect– management reviews – automated. 9/22/2023 5 1 align analytics to Strategic Vision 1 Predictive detection 2 Internal process efficiency 3 Robotic Process Automation (RPA) Threat assessment identifies current and future risks to the current state of fraud management. Optimization of fraud management processes and tools to develop appropriate customer authentication strategies, business rules and other anti-fraud measures Eliminate manual checks. Deploy robotic process automation (RPA) to capture and interpret applications for processing a transaction, manipulating data, triggering responses and communicating with other digital systems.
- 6. be transformed 2 Apply acriminal mindset to fraud analytics CRIMINAL MINDSET 1 ANALYTICS EFFORTS Build anti-fraud analytics efforts on a unified, cross enterprise foundation 4 Think about authentication, fraud management, and customer experience simultaneously, not individually. CUSTOMER EXPERIENCE 3 THREAT INTELLIGENCE Leverage threat intelligence-driven models for proactive fraud management) Personal and Team anti fraud principles
- 7. be transformed PROJECT INNOVATION 01 02 03 Advanced Analytics Integratedmonitoring and unified data flows Customer-focused experience A high level introduction to anti fraud tech
- 8. be transformed High-quality datasources Advanced analytics Sophisticated modelling techniques Automation technologies Digital communications Geospatial data Satellite imagery Natural-language generation Cognitive-computing algorithms Machine learning Deep learning Natural-language processing
- 9. be transformed Integrated monitoringand unified data flows 9/22/2023 9 9
Editor's Notes
- #3 01 Culture of fraud risk awareness and preventive controls Evaluate the current status and effectiveness of the organisation’s anti-fraud control environment - this involves assessing the culture, attitude, and awareness amongst employees about their knowledge of and response to any issues of fraud or misconduct. Prevent instances of fraud and misconduct from occurring in the first place. Assess organisational needs based upon the nature of fraud and misconduct risks and existing antifraud programs and control. 02 Fraud alert line process and investigation Evaluate management’s existing fraud risk management framework to detect potential gaps of antifraud controls in the processes. Detect instances of fraud and misconduct when they do occur. Design of programs and controls in a manner consistent with legal and regulatory criteria as well as industry practices that companies and other organisations have generally found to be effective. 03 Fraud response plan Develop a fraud response plan to address cases of alleged or confirmed fraud Incorporate identified fraud risks and schemes into fraud risk management framework based on findings from investigation Take appropriate and corrective action when integrity breakdowns arise.
- #4 Board of directors: Develop a strategy to assess and manage risks that align with risk appetite and strategic plans. Set an appropriate tone, including realistic expectations of management. Ensure that fraud, compliance, and ethics are on the agenda regularly. Recognize fraud, compliance, and ethics risks, as well as their potential impact. Make ethics a priority in hiring and firing decisions. Proactively monitor and evaluate the anti-fraud, compliance, and ethics activities. Audit committee: Oversee the assessment and monitoring of the organization’s fraud, compliance, and ethics risks. Receive regular updates on the status of reported or alleged fraud and misconduct. Meet regularly with key internal parties to discuss identified fraud, compliance, and ethics risks and the steps taken to address these risks. Provide external auditors with evidence of the committee’s dedication to compliance, ethics, and fraud risk management. Compliance and ethics staff: Assist in promoting and embedding ethical values throughout the company. Serve as a resource for employees with compliance or ethics questions. Assist in developing or providing training to other staff members. Legal team: Advise on whistleblower issues Investigations into incidents
- #6 Predictive detection Encompassing user authentication (e.g., determining whether the transacting party is in fact a customer), Customer due diligence (e.g., low/high-risk fraud profiling as a factor in exception decisioning) Transaction risk (e.g., whether hallmarks of fraud are present in the context of other transactions for the account, customer, and household). This can come in the form of in-house custom analytics models, commercial off-the-shelf software-enabled detection, or public partnerships with emerging technology companies, like HSBC’s relationship with Ayasdi. 2. Internal process efficiency Capacity forecasting and Providing analysts with context detailing the reasons a transaction failed an initial screen. 3. Robotic process automation (RPA) Quality RPA software can understand what’s happening on a screen, navigate through systems, find and gather data, complete keystrokes, and more. It can do the same sorts of things that humans can do. Fraud is often a problem in the finance industry, and it could be missed with a manual check. It might also be purposefully overlooked with a manual check. The RPA software can find fraud and even let you know before fraud happens. Adding RPA in the finance department can help to reduce the need for humans to handle many of the common, mundane tasks. The longer-term value—including enhanced compliance and the reallocation of employees to higher-value tasks—is likely even greater.