An interesting trio of concepts isn’t it? A colleague of mine recently put me onto the following article through a LinkedIn ACL Community Group about an employee of KLM airlines who defrauded his employer for more than 145,000 Euros. Read a roughly translated version of this news story.
The long and short of it is that this fraudster worked in KLM’s Customer Service department. He allegedly filed a series of false complaints – that resulted in payments – which he subsequently approved. The payments were then directed towards his own bank account. Not only that, but he re-opened old claims, approved those and re-directed payment again to his bank account. Other than general dismay that yet another case of an employee defrauding his own company has hit the news, I also thought that data analysis could have identified this egregious behavior long before it racked up a whopping 140,000 Euros!
Why not establish an automated test set up that looks for matches between employee bank accounts (names and/or account numbers) and those of claims recipients? There is a reasonable chance that this fraud could have been detected as soon as the first flaky payment was made. Having safe and secure access to employee master data information like names, addresses and bank account numbers can be used for tests like this and for a range of others – such as phantom vendor identification or payroll fraud. That would definitely help you safeguard your organization against loss and provide much better assurance around this payment process.
Any other ideas on how this could have been detected or prevented?