Preventing white-collar crime in the 21st century with big data: are you prepared?

Author: Aman Chee

September-12 2016

Aman is a Senior Director of Clutch Group, a leading consultant in the legal, risk and compliance industries.

Change is the only constant in a fast-paced, digital era. If you think back to your own childhood, the differences between then and now are overwhelming. Today, children are digitally savvy, using the latest technologies in the blink of an eye. These same children aren’t interested in ethics, but are more focused on convenience and immediate results. Many will think nothing of illegally downloading a movie, not because they are trying to steal, but simply because they want it now. This mindset sets the stage for an increase in future cybercrime.

As technology continues to transform our world, one of the most disconcerting changes we’ve witnessed is the way crime has been impacted. Today, you’re less likely to read headlines about a physical bank robbery than you are to read news about cybercrime, cross-border money laundering, fake banking websites, phishing email fraud, or social engineering threats. The use of technology not only increases business opportunity and efficiency, but it also provides cyber criminals with new ways of deceiving, bribing, and laundering money without having to show face. According to statistics from the Hong Kong Police, the number of technology crime cases increased from 1,506 in 2009 to 6,862 in 2015, with a respective increase in financial losses from HKD45 million to HKD1828—not to mention the unreported incidents.

In the digital age, big data is growing rapidly, and with it, so will cybercrime. People and enterprises are increasingly conducting business online with e-payment transactions, email communications, and instant messages. The risks will only continue to grow. So how, in this ever-changing world, can companies manage big data to investigate and prevent new types of crime?

Dealing with the data itself is only one piece of the puzzle – there are three factors your company needs to consider in order to lay the foundation of big data management.

Breaking down silos

Today’s cyber criminals are highly skilled, and pose a serious threat to the security of corporations. In order to build a solid defense, your entire organization needs to be on the same page, with complete fluidity between departments and groups.

It’s not uncommon to see large enterprises setting up in-house investigation teams. Sometimes big corporations would expand their financial crime compliance team in order to address various risks, including whistleblower allegations. Other corporations without in-house investigative teams may need to rely on internal departments such as legal, compliance, internal audit, finance, or human resources to conduct investigations.

It’s crucial to break down silos and form partnerships across an organization. Partnerships need to include both internal and external; internally everyone works together as one team—knowing when and where to share confidential information on a need-to-know basis; and externally, the organization needs to cooperate fully with regulators and/or law enforcement agencies in their inquiries and investigations. This is not only important from a reputational standpoint, but also in setting a tone of zero-tolerance from the top, to build a culture of integrity and to prevent criminal liability.

Additionally, internal departments need to consider when and who to share information with, and must be transparent when it comes to big data. If every department is only focused on their piece of the puzzle, then they might miss red flags, and are at risk of missing the bigger picture. This enables criminals to exploit weaknesses or even use the same tricks on different departments of the same organization.

Though the importance of breaking down silos may be obvious, it is not always easy to achieve—especially when it comes to changing company culture, values, and practices. However, building a united workforce is the only way to prepare your company for upcoming challenges.

Knowing and sharing the latest regulatory updates

Are you aware of the latest regulations affecting your business that deal with financial crime and have a global impact? Take anti-bribery regulations as an example. In Hong Kong, the Prevention of Bribery Ordinance (POBO) maintains a local focus; with the exception of Section 3, it governs public servants accepting advantages outside Hong Kong. In the U.S., the Foreign Corrupt Practices Act (FCPA) is applicable outside the country, and has been increasingly enforced in recent years. The new U.K. Bribery Act was enacted in 2011 after decades of discussions, with unlimited penalties and a near-universal jurisdiction.

Anti-money laundering is another area we see having a great impact on the financial sector globally. Banks and other financial institutions adjust their organizational structures and headcounts to cater to new requirements, and to comply with regulations. Knowing and sharing regulatory changes within an organization is important to ensure your employees are aware and can comply with efforts to prevent, detect and investigate financial crime.

Below are more examples of important regulatory changes on the subject matter:

  • In September 2015, the U.S. Department of Justice (DOJ) issued a new policy of “Individual Accountability for Corporate Wrongdoing”, commonly known as the “Yates Memo”, stating that for companies to receive cooperation credit on a DOJ investigation, they must completely disclose all relevant facts about individual misconduct, hence individuals can be held liable for corporate wrongdoing and may be subject to prosecution.
  • In April 2016, the Fraud Section of the Criminal Division of the U.S. DOJ also released a policy titled, “FCPA Enforcement Plan and Guidance” to bring greater transparency to the benefits corporations would achieve by voluntarily disclosing FCPA issues, and cooperating with DOJ investigations.
  • In May, the Hong Kong Monetary Authority launched the “Cybersecurity Fortification Initiative” (CFI) to further enhance the cyber resilience of the banking sector in Hong Kong.

New regulations are enacted all the time. Not only do you need to stay on top of these changes, it is imperative to let employees know about them right away. It is important to break down silos so that the message can get to the right people across your organization and ensure compliancy.

Using Technology Assisted Review (TAR) for big data management

Once your company is working together across departments to ensure compliancy with the latest regulations, it is then time to focus on how to use big data in preventing and investigating white-collar crime.

Overall, big data is the future of supervision and investigation. In January 2015, the Hong Kong Police established the Cyber Security and Technology Crime Bureau (CSTCU) to strengthen its capabilities in combating technology crimes more effectively, and to monitor the cyber security of Hong Kong. In November 2015, the U.K. Financial Conduct Authority issued a Call for Inputs on Big Data, in order to better understand the impact of big data in retail general insurance, and whether the regulatory framework would affect such big data development.

How does your company manage information internally? With the advancement of technology, there are tools available to help corporations manage data in terms of identification, preservation, collection, process, review and production, and to develop facts in response to litigation and investigations arising from regulators or law enforcement agencies.

This is where Technology Assisted Review (TAR) can help. TAR is the use of software or various platforms to search and sort terabytes of data consisting of documents, texts, emails, chats, pictures and audio data, filtering only what’s relevant for investigations. TAR helps corporations prevent crime by using keyword searches, filtering and sampling to automate portions of document review. The goal is to reduce the number of irrelevant and non-responsive documents that need to be reviewed manually, saving both time and cost in conducting a proactive review, as well as conducting an investigation involving big data.

Some companies struggle to manage the ever-growing mounds of audio data. Manual processing is expensive and inefficient. Automated, phonetic-based systems also lack precision. However, there is an audio solution available that has the ability to understand what data is communicating, finding meaning in the data by capturing, searching and analyzing rich meta-data to recognize patterns, discover links, and capture audio and text. Clutch Group has developed and launched an innovative platform called Audio.IQ – a fully managed service simplifying not only corporate investigations and/or compliance work, but also allowing proactive monitoring and business function analytics.

We are continuing to experience rapidly evolving technological landscape, which will provide opportunities for business professionals and cyber criminals, alike. Now is the time to prepare, by having your A-team in place, staying on top of global regulatory changes, and using advanced technologies to manage these new challenges as they arise.

Just a little bit more...

Discover more from InnoXcell.