TechnologyAccounting SoftwareNew warning on IT for anti-fraud projects

New warning on IT for anti-fraud projects

Internal IT staff should be not be involved in the development of anti-fraud systems, warns consultancy Detica.

Companies should store and analyse data about their IT systems to tackle fraud but not use their IT department to do it, according to Martin Sutherland, head of security at Detica.

Companies should build data warehouses based on the data usually discarded by IT departments. This data can be searched to find abnormal behaviour that could suggest fraud. ‘There’s not enough data mining being done like we see with marketing,’ he said.

‘From a fraud perspective this data is interesting because it shows when people log in and where and what they look at and print. It’s good for finding abnormal behaviour.’

Sutherland added: ‘Fraud is the cinderella part of the business – it doesn’t get the money but the marketing people do and they have some technology [CRM] that could be very interesting. The data warehouse should be used to record just about everything.”

But he warned that companies should not use their internal IT staff to set up the project because they could be party to fraud. ‘You should have a separate IT team to look after the projects,’ he said. ‘Internal IT people are a big risk. If you work in IT, you have the opportunity that most users won’t have. It’s not like they are bad or worse but they have the opportunity.’

Detica discovered one case where IT equipment was being ‘sold’ internally inside a multinational company. Although the equipment was only being moved from one division to another, the move was generating a commission for the sales people.

Detica found the same servers were being moved around constantly, generating commission as they went.

Sutherland said: ‘It was a fraud that need the collusion of the IT people but the benefit went to the sales people. It would be hard to see how the sales people could work it out for themselves. You needed to understand the mechanics at an IT level. We weren’t even convinced that the equipment existed in the end – it may have been sold on elsewhere.’

The National Hi-Tech Crime Unit has warned IT staff may become involved with organised crime, either through threats and kidnapping or by being paid to hack business systems.

Related Articles

Accountancy in the digital age: Flexibility, agility, efficiency

Accounting Software Accountancy in the digital age: Flexibility, agility, efficiency

3w Pegasus Software | Sponsored
Sage purchases Intacct in its largest ever acquisition

Accounting Software Sage purchases Intacct in its largest ever acquisition

5m Alia Shoaib, Reporter
5 tips for SMEs to protect cash flow

Accounting Software 5 tips for SMEs to protect cash flow

5m Alia Shoaib, Reporter
UK behind foreign markets in digital accounting, but gap is narrowing

Accounting Software UK behind foreign markets in digital accounting, but gap is narrowing

7m Alia Shoaib, Reporter
The rise of the progressive accountant

Accounting Software The rise of the progressive accountant

7m Emma Smith, Managing Editor
Making Tax Digital: Revolution or revolt?

Accounting Software Making Tax Digital: Revolution or revolt?

8m Emma Smith, Managing Editor
Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

Accounting Software Making Tax Digital: Is HMRC’s recent system fault a cause for concern?

8m Emma Smith, Managing Editor
Four reasons why SME owners should switch to cloud accounting

Accounting Software Four reasons why SME owners should switch to cloud accounting

9m Emma Smith, Managing Editor