One of the biggest struggles for enterprises these days is oversight and a lack of big-picture vision. Operating across jurisdictions and working with large teams means it’s hard for leaders to get a clear picture of the operations. And without a clear picture, your company is exposed to the risks of fraud and unauthorized transactions. But having these risks play out – having fraudsters actually break through your operations and steal from your business – is a worst-nightmare scenario. Not only will your organization be subjected to huge financial losses, but it’s likely that potential partners, suppliers, and customers will hold the mistakes against you and worry about your integrity. Ignoring the risks is not an option. That’s why detective controls are so important. They help you spot the risks before the worst case happens, and get a handle on the most suspicious behavior. Read on to learn more about efficient control systems to set up in your company.
At Trustpair, we automate detective controls on the payment chain so you’ll never miss a suspicious payment again. By working with us, you can ensure that your company is powerful in preventing fraud without increasing the workload of your employees. Contact one of our experts to learn more!
What are detective controls?
Detective controls are your finance team’s arsenal of defense. They are tools and measures that can be used to combat poor practices, fraud, and non-compliance to regulation. Through detective control measures, your finance processes are under constant monitoring so that you can spot anomalies, irregularities, and fraudulent operations in the worst-case scenario.
Here are a few examples of detective controls:
- Manual inventory count and record keeping: this will show your team if unsold products are missing. You can spot internal breaches or frauds.
- Accounting and internal audit: this is a full-scale review of your operations and a ‘double-check’ procedure to confirm your financial reports are accurate. Internal auditing is critical in large companies that have scattered teams and locations.
- Suspicious activity reports: regulated financial entities must fill out a suspicious activity report in case they see a customer who is depositing more than $10,000. This type of reporting can deter fraudsters from committing malicious violations.
Detective controls vs preventive controls
While detective controls help you identify problems as they are occurring, preventive controls aim to stop losses from happening altogether. Preventive controls refer to measures such as accountability on digital invoices and a payments approval system, for example. Detective controls lead to corrective actions, whereas preventative controls are supposed to stop risks from actually occurring.
Industry specialists widely regard the most well-rounded approach as a combination of the two. This is the most thorough and risk-averse way to protect the b2b processes in your business against vendor fraud.
Fortunately, anti-fraud software is one of the only multipurpose measures that help with both detective and preventive control measures. Trustpair is the leading provider of anti-fraud software. Find out what Trustpair can do for you in a personal demo from one of the team members.
What are the benefits of detective controls?
Essentially, the primary benefit of using detective controls is that they provide information on how well your preventive strategy is working. Detective controls measure the effectiveness of your policies and can make you reshape your internal control framework if needed.
For example, measuring data quality is important to determine how well your data governance strategy is working.
However, there is also a huge secondary benefit: detective controls highlight attempts of fraud while they are in progress. This is hugely beneficial since your company can act to stop the attempt before losing their money or sensitive information. These monitoring activities might detect cyber-attacks or phishing attempts for example.
Moreover, implementing detective controls helps your business comply with regulatory requirements. America’s Sarbanes Oxley Act (SOX Law) requires compliant finance teams to remain accountable and operate with financial transparency, for example.
Examples of detective control | Effects of detective control | Benefits of detective control |
Implement software to monitor network security and financial activity | Spot irregularities, large, or multiple payments to the same account | Detect fraud attempts and avoid intrusion and financial losses. |
Two-factor authentication | Verify the identity of a customer or supplier | Find fraudsters and fast incident response to protect your funds before they leave the account |
Internal-audit through financial statement manual review | Check for errors, vulnerability, or internal fraud within the company’s financial statements | Comply with regulations |
Case study: how are detective controls used in a real business?
Global sportswear company, Decathlon, has used detective controls to completely transform the way that they pay suppliers. In the last ten years, the company has been the subject of many attempted fraud cases, with three of those attempts actually going undetected.
Fraud attempts went easily undiscovered at the company because their third-party database (made from almost 23,000 suppliers and partners) was full of errors. Accounts had not been updated in years and almost one-third of the time, payment details were wrong. This a good example of insufficient internal control procedures, on top of improper compliance with laws.
The finance team struggled to verify real fraud attempts and distinguish them from simple erroneous information. Weaknesses like this and their messy database prevented the company from complying with the local Sapin II Law and placed them at risk for a cyber attack.
Now though, Decathlon’s finance team uses Trustpair to get reliable information about suppliers within 30 seconds. It means that team members are well-informed before they press ‘send’ on a payment and that anomalies are easily identified in the ‘clean’ database. The control structure is improved and frauds have been wiped out.
Since detective controls like screening and payment rejection alerts are done automatically through our platform, the Decathlon team experiences better data without the heavy lifting. Post-implementation, there have been zero successful cases of fraud.
Do you want to learn more about payment fraud in large companies? Check out our free study!
What’s the impact of detective controls on b2b risk management?
Detective controls help to protect your b2b processes against outside criminals and hackers. It’s harder to ‘see their impact’ when detective controls are actively being used in the fight against fraud, but much easier to see when detective controls aren’t in place.
For example, most small businesses lack good internal control as a detective measure against fraud. In fact, this absence is the reason for susceptibility to fraud 42% of the time. This is just 25% in larger organizations because better protections are in place. The same report shows us that this contributes to an average of 5% losses to fraud in small businesses, whereas larger companies only lose 3.5%.
B2B processes are not just at risk of attack from seasoned fraudsters; they also expose your business to internal fraud attempts like the leak of sensitive data or the hijack of company funds.
For example, the British company Carillion collapsed in 2018. Due to very poor internal methods to control risk, their financial statements had been easily manipulated by leaders and the accounting team to convey a healthy balance. In reality, the company was in huge levels of debt.
The fraud was reported after continuous monitoring by their accounting auditor KPMG, which proved the success of detective measures. But not before it was too late, with the company owing over £2 billion to pension schemes and a further £2 billion to their suppliers.
Having the right detective controls in place is the only way to safeguard your business against fraud risk.
Why use an anti-fraud platform for your detective controls?
Working with the leading anti-fraud platform leaves it up to the professionals. It means that your firm can operate with confidentiality without exposure to fraudsters, with market-leading security policies to protect your payments. Financial management can also focus on high value tasks rather than conducting manual controls.
At Trustpair, we’ve built software that is effective and efficient at continuously auditing your supplier base. As well as automatically verifying the details of your partners, we monitor the risks of fraud without leaving room for error. Security controls are made directly within the platform and communicated clearly on dashboards and reports.
Take a look at what the platform can do for you:
- Secure your payments against interception and trace changes to supplier details so you don’t pay the wrong account.
- Screen, enrich, and clean your partner data to manage the risks associated with third parties
- Comply with SOX Law, due diligence, and anti-money laundering regulatory requirements
Request a demo of Trustpair today to regain ownership over your operations and protect your business from fraud.
In Summary:
- Detective controls are measures that help you carry-out investigations when something is not right with your financial records or business operations
- Examples of detective controls include account detail verification and two-factor authentication
- Detective controls are different from preventive controls, and they help your company comply with laws and regulations.
- Small businesses are more at risk of fraud since they don’t have good internal controls in place
- Working with enterprise risk management software like Trustpair means continually auditing your supplier base and continually detecting the risks of fraud