Discover the Loopholes First
Fraudsters adapt faster than we do, so we need to learn to think like them. We tend to think about how to catch fraud before we think about how to commit fraud. That is backwards. We end up limiting ourselves to finding the fraud that is easiest to catch. If I were a criminal, I’d pick the frauds that are hardest to catch, yet still easy to commit. How do we catch them, if the scam is designed to be hard to catch? I never said fraud detection was easy, but if we don’t think about what would be hard to catch, we have no hope of finding this fraud. If we do think about it, we may be able to track it down or even prevent it.
Here are five questions to ask yourself as you look for fraud:
- How would you steal the money?
- What could be done to stop your scheme?
- What could be done to catch you?
- How would you evade the new controls?
- How can you incorporate this process into your fraud control plan?
Using this method, I’ve come up with ideas that I will not write about. They would be too easy to do and too hard to find. If you have a little creativity, you’ll realize that it is probably not too hard to cheat your system, and it would be pretty easy to hide your cheating.