50% of organisations cannot preempt insider threats

The Financial Investigations Division (FID) is calling for businesses, particularly those in the financial sector, to strengthen their technological investments and policies to mitigate insider threat risks.

Chief Technical Director of the FID, Selvin Hay, referenced the Ponemon Institute’s 2022 Cost Of Insider Threats Global Report, which showed a 44 per cent increase in insider threat incidents from 2020 to 2022. The costs per incident also increased by over a third, to US$15.38 million. The study revealed that 56 per cent of insider threat incidents were related to negligence, 26 per cent were malicious, and 18 per cent were related to theft of user credentials.

Hay highlighted the importance of being vigilant about keeping employees and associated individuals in check, and investing in more robust systems for checks and balances.

Inspector Brenton Williams, the head of the Constabulary Financial Unit (CFU), supported Hay’s call for action and identified several trends in institutional and individual vulnerability.

These included customers with large bank account balances, entities with weaknesses in internal processes, and organisations that accept deviation from established processes.

He also noted that 50 per cent of organisations cannot detect insider threats or can only detect them after the damage is done.

To mitigate insider threats, Williams recommended investing in systems that test internal controls, applying regular auditing that includes direct confirmations from clients, clearly documenting and consistently enforcing policies and control, and having knowledge of the relatives and close associates of employees.

Williams urged businesses, particularly those managing investments and deposits, to strengthen their compliance and monitoring systems.

“There are too many of these matters where the insider threat is the issue,” he said.

Williams cited 13 cases of insider threat being investigated and/or prosecuted by the FID over the period 2019-2022. He identified trends in institutional and individual vulnerability to include:

–        Customers with large bank account balances

–        Customers who are not technologically savvy

–        Entities with weaknesses in internal processes and/or supervision

–        Organisations which have a culture that accepts deviation from established processes.

–        Institutions that are significantly influenced by clients with a high net worth

“You must look at employees with overlapping roles and responsibilities. Oftentimes we see the same individual who is approving certain processes being the same one who initiated it,” said Williams.

He also shared statistics related to how the incidents of insider threat were detected:

–        20% via internal network monitoring.

–        35% via intelligence supplied to the entity and/or law enforcement.

–        45% via affected customers/clients contacting the entity and/or law enforcement. 

The FID biennial conference was a joint initiative with the UK government under the theme, ‘Widening the use of the Proceeds of Crime Act (POCA) Through Collaboration’. The conference aimed to bring together a wide range of local and international stakeholders, including law enforcement, regulatory, compliance, financial entities, and legal professionals, to discuss how to combat financial crime.