It's complicated: FIs seek solutions for insider fraud in hybrid work environment

Fraud and Financial Crime

Hagai 1

Hagai Schaffer

Sep 8, 2021

The Economist calls them “the new bank robbers.” They’re the insiders, the employees that are taking advantage of data access at organizations in all industries – financial services included - to leak data or manipulate data to steal funds. The Association of Certified Fraud Examiners’ 2020 survey estimates that companies lose 5 percent of their annual revenues to internal fraud on a global scale. The report showed that the typical insider fraud case lasts 14 months and rings up $8,300 per month against the victimized company. Additionally, a recent Ponemon Institute study found that the cost of investigating this type of fraud increased by 86 percent over the past two years, and that cost increases if the organization is unable to detect and address the problem rapidly.

The issue of insider fraud has been magnified by the new hybrid work environment, in which employees work from home as well as in an office. As reported in the Harvard Business Review, Google’s research shows that workplace activity in London, New York, and San Francisco is running at half what it was before the pandemic. And a survey by the London Chamber of Commerce showed that the city’s senior executives expect workers to remain remote five days per week. The workforce’s activity and access to sensitive data is of course easier to manage when everyone is at the office. So, the hybrid work environment has done nothing to alleviate insider fraud. In fact, it has complicated the situation as banks try to find effective controls for the new work environment.

The most devastating consequence of this type of fraud is data leakage, which can lead to publicly facing breaches and lasting damage to a company’s reputation. It’s not just money that’s at stake here, although it is certainly a key consideration. While big banks may have thousands of employees that have access to data, the illegal behavior of just one of them could be devastating to an organization.

There are two main challenges in mitigating insider fraud and information leakage. The first is the lack of information on how employees access corporate systems, especially while working from home. The second is the time it takes to investigate an insider fraud case (as we have seen that this cost rose by 86% in the last 2 years). The same technology can be applied to both challenges by capturing all the data that is required for monitoring employee activity, especially while working from home, and by investigating the alerts generated on suspicious events.

For example, if an insider is surfing through inactive accounts in order to find good candidates for diverting funds, current solutions that are based on analyzing application log files will typically miss this activity. The reason is that most applications include only update/ delete/ add actions performed by end-users, when a user just browses through customer data – this is typically not included in log files.

A more effective approach will allow FIs to monitor what employees are doing by recording their activity (data) from the company's network and reconstructing the user sessions screen by screen. This can be done regardless of whether the users work from their homes or from their offices without invading their privacy. This information avoids the reliance on log files and gives the maximum amount of information both to the anti-fraud analytics and to investigators It addresses the challenge of collecting relevant data as well as the issue of conducting effective investigations because the data will produce a picture of what the employee in question actually did.

The Bottomline: Organized crime rings invest heavily in recruiting bank insiders for leaking customer-sensitive data and diverting funds. These attempts proliferate while monitoring employees becomes more challenging as work from home is here to stay and more applications are moved to public clouds. Advanced user monitoring solutions including cloud monitoring combined with smart analytics will help to address this growing concern.


For further insight into the payments and banking industries, subscribe now and stay up-to-date on the latest tips, trends, and topics. You can also check out The Payments Podcast, where experts engage each other on the real-world factors impacting your industry.

Hagai 1

Posted by

Hagai Schaffer

Hagai Schaffer is the Senior VP, Innovation & Technology of Cyber Fraud and Risk Management at Bottomline. With over 15 years of experience in the financial crime market, Hagai drives the creation of innovative products that help organizations reduce risk, prevent fraud and meet regulatory compliance requirements.
Browse all posts
footer curve