What it Takes to Fight Fraud

Credit EligibleAs a HealthcareInfoSecurity.com annual member, this content can be used toward your membership credits and transcript tracking. Click For More Info

July 26, 2010 - Upasana Gupta, Contributing Editor

Jack McCoy is an internal fraud investigator.

Currently the VP of corporate security at Discover Financial Services, McCoy previously spent 29 years as a special agent with the Federal Bureau Investigation. While in the FBI, he worked a variety of criminal matters -- bank robbery, extortion, organized crime, and white-collar investigations.

Since joining Discover 10 years ago, McCoy has found that his role has evolved. Instead of just dealing with street criminals and combating fraud locally, he now is investigating high-profile international crime groups that represent technology savvy criminals who are sometimes situated half a world away.

"In over a decade at Discover, I have observed fraud change from non-receipt, fraudulent applications and account takeover to where skimming is the major fraud type today, and where the fraud may likely have more of an international nexus than it did when I first started," McCoy says.

Because fraudsters are constantly creating more diverse and complex schemes using advanced technology, reacting to fraud is no longer acceptable, McCoy says. The role of a fraud investigator has evolved to be proactive. One must understand the nature of fraud, predict where the attacks are expected. Which technologies are likely to be in use? What are the vulnerabilities, and how can we be safe? "Just as technology is impacting our daily lives," McCoy says, "It has impacted fraud."

Changing Face of Fraud

Brad McFarland is a fraud investigator and director of corporate security with The South Financial Group, a South Carolina-based financial services holding company. "At one time, fraud simply meant a theft of cash; however, now we see criminal activities ranging from the theft of data, customer records to intellectual property," he says. "That is where a huge risk lies in terms of reputational risk, financial risk and regulatory risk."

Internal fraud investigation has evolved from working in silos to more of a collaborative role that involves integration with business units and processes across the organization. "It is combating fraud and ensuring that the company's business products, investments and consumer reputation are protected at all times," says McCoy.

Whenever Discover launches a new product, McCoy plays an active role in understanding the offering and its potential market. This way he has a better sense of what type of fraud the company can expect, as well as the adequate measures to ensure that the product and company are safe.

"Today, internal fraud investigation is a full-fledged career evolving to senior management roles," says McFarland. "Fraud has transformed from being a risk to becoming a priority issue for some corporations."

The types of fraud investigators face include external crimes such as corporate account takeover, payment card fraud as a result of skimming devices and internal fraud, including insider theft, loss of data and intellectual property.

For McFarland, check fraud is the biggest fraud category he routinely investigates. He finds these cases originating from foreign lottery scams, internet auctions, and work from home schemes that are conducted by organized crime groups located outside the US. These groups often recruit willing participants to deposit counterfeit checks into their own accounts for a commission. Fraudsters think that this is an easy way to make money. "In most instances individuals don't realize that they are an unwitting participant to a criminal act," says McFarland.

McCoy, on the other hand, is routinely confronted by skimming incidents, which is the fastest-growing electronic-fraud risk, according to the U.S. Secret Service, accounting for more than $1 billion in annual losses.

Both their roles involve a 24/7 vigilance, staying abreast of the bad guys and ensuring safety, which comes with its own set of challenges. "To me, internal fraud is the most challenging because of the time lag that is typically experienced between the initiation of the fraudulent activity and its detection," says McFarland. "The greatest issue with internal fraud is risk - because of the time period, number of parties and businesses involved, nature of fraud committed and the reputational impact on the company."