Fighting Fraud

Dr. Gerald L. Kovacich has more than 40 years of experience in industrial, business and government security, investigations, information systems security, and information warfare, both in the U.S. Government as a special agent, in international corporations, and subsequently as an international consultant and lecturer. He retired as the Information Warfare Technologist, Northrop Grumman Corporation to pursue a career as an international consultant, lecturer and writer.

• PrefaceAcknowledgmentsIntroduction and PremiseSection I: An Introduction To The Wonderful World of FraudChapter 1 The New-Old Global Business EnvironmentIntroductionGlobalization of Business — Benefits to Nation-StatesExpansions of the Global Marketplace and their Areas of OperationsTypes of CorporationsCorporate Owners and LocationsCorporate ProductsThe High-Technology FactorNanotechnology1High-Technology Related Frauds and Other CrimesAdvent of the Superhighways4The Impact of Superhighways on Frauds and Other CrimesA Short History of Crimes and Other Frauds Via the I-WaySuperhighway Frauds and Other Crimes to I-Way RobberiesI-Way Robbery — Its Prevalence There Is No I-Way Patrol to Stop I-Way Robbers Global Connectivity Via the I-Way = Global Exposure toAttacks by Fraud-Threat Agents and Other Miscreants Capabilities and Limitations of Law Enforcement Challenges to Security Professionals and Others Case Study 1Case Study 2Summary Chapter 2 Corporate Assets, Frauds and Other Terms — What are They? Introduction Definition of General Fraud Specific Fraud Definitions Corporate Assets Other Terms and Definitions Case Study Summary Chapter 3 Fraud-Related Laws Introduction Some U.S. Federal Fraud-Related Laws Relevant Consumer Protection Laws for Fraud in the United States A Few Examples of U.S. Federal Enforcement of Fraud-Related Laws, Approach and Actions Mail Fraud Statutes (condensed and paraphrased) Money Laundering Financial Institution Fraud (Bank Fraud) Civil Litigation U.S. Treasury Collection Securities Violations Role of Phone Companies European Fraud-Related Laws EU Fight Against Frauds ASIA and Fighting Fraud Case Study "Blowing the Whistle" on Defrauders can be Dangerous Summary Chapter 4 Corporations Don't Commit Frauds, People DoIntroduction Are Defrauders a Product of Their Environment, or is it in Their Genes?Some Criminology Theories Fraud-Threat AgentsHuman Errors — Accidents Man-Made or Malicious Fraud Threats Potential Fraud-Threat Agents Capabilities Motivation Access Catalysts Inhibitors Amplifiers Fraud-Related Factors for Attacking Systems Relationship of Threat Elements Case Study Summary Chapter 5 Fighting Fraud — Whose Job is it Anyway? Introduction Role of Executive Management Role of Corporate Management Role of the Corporate Employees Role of the Ethics Director Role of the Auditor Role of the Fraud Examiner Role of the Chief Security Officer (CSO) Why the Corporate Security Professional? Case Study Summary Chapter 6 Where There is a Will There is a Way — Fraud Schemes Introduction Types of Fraud Schemes Financial Credit Card Skimming Mortgage Frauds Computer and Telecommunications Frauds ATM FraudsClick FraudClip-on FraudSecurities FraudsEmployment Application FraudsIdentity Theft Scams"Nigerian Scam"Accounting Fraud SchemesBribery and CorruptionConflicts of InterestPurchasing — Four Basic CategoriesInventory17Investments and Fixed AssetsPayroll and Personal ExpensesProcurement/ContractsTelemarketing FraudAdvance Fee SchemeCommon Health Insurance FraudsLetter of Credit FraudPrime Bank NotesThe Ponzi SchemePyramid SchemeCase StudySummaryChapter 7 Fraud Cases and Commentary — Learning by ExampleIntroductionActual Fraud and Fraud-Related CasesPhishers and TaxpayersFraud by Corporate ExecutivesForeign Exchange Trading FraudKatrina Waste and FraudsOrganized Crime and CybercrimeSecurities Fraud in CyberspaceComputer Hard Drives Lead to FraudsDebt-Collecting FraudsGovernment Contracting FraudFraud-Threat Agents Can Be Anyone in Any PositionU.S. Securities and Exchange Commission (SEC) Fighting FraudFraud in School SystemsDead Soldiers and E-Mail ScamsAnother Example of Insider FraudExecutive Management and Accounting FraudMerchandise Receipt and Exchange FraudClick FraudsMortgage FraudGovernment Contractors and FraudFrauds and Microsoft SoftwareY2K-Related FraudData Storage Conducive to Fraud-Threat AgentsAnother Example of Click FraudPyramid Schemes Move on to the InternetPrepaid Cellular Phone FraudIdentifying International CorruptionCredit Card Information Theft and FraudsHackers, Crackers, Phishers, Oh My!Urban Legends and FraudsMedical Research FraudsCorruption and the War in IraqComments on Identity Thefts as a Vehicle to FraudLobbyists and CorruptionInternet Scams are InternationalFaking a Medical ConditionInternet Fraud SweepATM FraudSocial Security ScamStamp FraudBanker and Identity TheftAccounting Firm FraudLawyers and Medical Rip-offsAnother Mention of the "Nigerian" Scams — Variations on a ThemeCase StudySummarySection II: Establishing and Managing an Anti-Fraud ProgramChapter 8 The International Widget CorporationIntroductionIWC Background InformationKey Elements for the CSO to ConsiderGetting to Know IWCIWC's Business PlanStrategic Business PlanTactical Business PlanIWC's Annual Business PlanIWC and the History of Its CSOKey Elements of IWC's Annual Business PlanAnti-Fraud Program PlanningIWC's Departments of Primary Importance to the CSOIWC Vision, Mission, and Quality StatementsPlansOther IWC Plans and CSO SupportCase StudySummaryChapter 9 Establishing an Anti-Fraud ProgramIntroductionIWC's Anti-Fraud ProgramAnti-Fraud Program Project PlanningIWC Anti-Fraud Program Project Planning and ManagementAnti-Fraud Program Project TeamAnti-Fraud Drivers — The First Major Task in Anti-Fraud Program DevelopmentIWC Anti-Fraud Program Requirements — Policies96Risk Assessment — The Second Major Task in Developing an Anti-Fraud ProgramBasics of IWC's Risk Assessment Process97ThreatsNatural ThreatsMan-Made ThreatsVulnerabilitiesRisksAssets Protection Risk AssessmentsAssets Protection Risk AnalysesDeveloping Anti-Fraud DefensesThree Key Ingredients in an Anti-Fraud Program's DefensesIWC's Anti-Fraud PoliciesAnti-Fraud Requirements and Policy DirectiveAnti-Fraud ProceduresThe CSO and Security Department's Anti-Fraud AccountabilitiesOff-Site Corporate FacilitiesRecruiting Anti-Fraud ProfessionalsCase StudySummaryChapter 10 Managing an Anti-Fraud ProgramIntroductionCSO LeadershipManagement versus LeadershipMeeting Customers' ExpectationsIWC Internal CustomersIWC External CustomersIWC Executive Management Expectations of a CSOManaging RiskSecurity's Vision, Mission, and Quality StatementsManaging the IWC Anti-Fraud ProgramPlanningSome Aspects to Incorporate into an Anti-Fraud Program PlanBudgetingControllingQuality, Process Improvement, and Assessment of Organization PerformanceProcess ManagementPerformance ManagementUsing Technology to Deliver Anti-Fraud Program Support and ServicesManaging Quality and Management OversightWhat is Risk Management As It Relates to IWC's Anti-Fraud Program?Managing and Reducing Risks to Corporate AssetsProgram for Managing Anti-Fraud Defensive RisksResponding to Fraud IncidentsManaging Fraud ThreatsCase StudySummaryChapter 11 Winning through TeamingIntroductionAnti-Fraud Program Team BuildingExecutive Management as Team MembersTeaming with IWC Executive Management Through a Business ApproachTeaming with Corporate PeersTeaming and Dealing with Office PoliticsTeaming with Your Security ManagersTeaming with Your Security StaffTeaming and Dealing with Satellite Offices in IWC Headquarters in the United StatesTeaming and Dealing with Satellite Offices in Foreign LandsCase StudySummaryChapter 12 Anti-Fraud FunctionsIntroductionAnti-Fraud Project Team Functional TasksAnti-Fraud FunctionsAnti-Fraud Program's Non-Security Team Functions and MembersCase StudySummaryChapter 13 Are We Winning the Battle? How Do We Know?Measure it!IntroductionMeasuring an Anti-Fraud Program's Costs, Benefits,Successes, and FailuresCommon LOE Measurement Techniques for Each FunctionExamples of Metrics by FunctionInvestigations and NCIS Metric CharesExamples of Anti-Fraud Investigations MetricsProcess MeasurementsCase StudySummarySection III: The Fraudulent FutureChapter 14 What Will the Fraudulent Future Hold for Corporations?IntroductionGlobalization of Business to ContinueEmployees of the FutureThe Future Global CorporationFuture of Fraud Attacks on CorporationsFuture Anti-Fraud Protection Needs of CorporationsCase StudySummaryChapter 15 The Impact of High Technology on FraudIntroductionHigh-Technology FraudsHigh-Technology Anti-Fraud DefensesCase StudySummaryChapter 16 What the Security and Other Anti-Fraud Professionals Must Do Now to Personally Prepare to Combat Tomorrow's FraudsIntroductionBecoming and Staying Proactive and Aggressive in Fighting FraudGetting a Fraud EducationGaining Fraud-Related CertificationsAssociationsGaining Anti-Fraud ExperienceTo Conduct or not to Conduct Fraud Lectures and Write Fraud ArticlesCase StudySummaryChapter 17 Summary and Final ThoughtsIntroductionSummaryFinal Thoughtshat Others Think About the Anti-Fraud LeadershipPosition in a CorporationToby J. F. Bishop, CFE, CPA, FCA, President and ChiefExecutive Office, Association of Certified Fraud ExaminersWorld HeadquartersIn Conclusion-My ThoughtsSome ReferencesEnd of LineAbout the AuthorIndex