Accounting, Edition 46

Potential fraudsters: E-mails that reveal the possibility of fraud

Dirección Estratégica. La revista de negocios del ITAM. Edición 46By: Yanira Petrides
Instituto Tecnológico Autónomo de México

Esperanza Huerta and TerryAnn Glandon
The University of Texas at El Paso

Fraud committed by company employees is a growing concern among business owners and regulatory entities, given the steady increase in both the number and the scale of cases.1

To counteract this trend, companies can introduce technological solutions to detect fraud. For example, there are information systems that identify suspicious patterns of financial transactions that can be due to fraud.

Detecting fraud when committed serves to punish fraudsters and communicate to the rest of the employees that such crime will be prosecuted, but with a fraud already committed, the damage is done and the possibility of repairing the harm is reduced. It is more efficient and less costly to prevent fraud, to detect it before it happens. If one could identify the employee who is planning to commit a fraud, what measures would management take? It sounds like science fiction, not to mention the ethical implications of doing so.

However, there are non-invasive ways to infer what is on a person’s mind. Our communications reflect what we think and feel. The written word, on paper or in electronic form, endures and reveals our intentions and reasoning. Electronic communications (texts and e-mails) have been entered into evidence in trials. For example, in the Enron trials, the prosecution used as evidence e-mails exchanged by the auditors and senior managers to show that they had knowledge of the accounting strategies that were employed2. Recently, the e-mail message that Fabrice Tourré (former employee of Goldman Sachs) sent to his girlfriend, in which he said that the mortgage market was about to collapse, was presented as evidence that he made misleading recommendations to investors.3

If e-mails express what we think, then they could be examined to identify employees who are planning to commit fraud. This way, the e-mails would serve not as evidence after the fraud, but as an indicator that a possibility exists that fraud may be committed and actions could be taken to prevent it. This is the aim of new information systems to prevent frauds that are already on the market. These systems analyze thousands of employee e-mails to detect clues about potential fraud.

What does a potential fraudster state in his or her communications that can give him away? It is unlikely that an employee would send an e-mail that says: “I am going to defraud the company.” Experts know that fraud is a complex phenomenon involving the convergence of many factors that set the conditions so that fraud can be committed. Fraud occurs when three elements – known as the “fraud triangle”– are present: motivation, opportunity and rationalization.

Motivation refers to a real or perceived need to commit fraud. Besides the obvious goal of obtaining money, a fraudster may commit fraud because of the psychological need to be admired or to always be a winner. Opportunity refers to the real possibility to commit fraud, with or without help of another person or employee. Rationalization is the mental process that the fraudster follows to justify an action that is unethical. For example, an employee may rationalize that what he or she takes wrongfully from the company is not actually theft, but a way to make up for how poorly paid he or she is.

The systems conduct a linguistic analysis of the e-mails, seeking subtle clues that indicate rationalization, motives or collusion. For example, an employee can constantly express his or her dissatisfaction with the company, which can be a form of rationalization. The employee may also talk about a money problem that calls for an immediate solution, or he or she carries on personal associations with employees who are responsible for areas which perform tasks that are separated by internal controls.

The linguistic analysis that systems carry out is much more than a keyword search as they have to take into account the context in which the words are used and discern sarcasm or jokes. After analyzing the e-mail messages, the system yields a report on those authors of messages that point to potential fraud. Based on the report, management should determine if the analysis is on target and what to do if it is suspected that fraud might take place.

Systems that analyze emails to detect potential fraud are a step forward in the prevention of fraud. However, they also pose many challenges for companies. Next we will consider five decisions that management must make before using these systems. As with all management decisions, there are no right or wrong answers. The business person should assess the advantages and disadvantages of each option and decide what is most appropriate for his company.

Privacy of electronic mail

Management should make sure that the use of these systems is not illegal in the country where it wants to utilize them. In some countries, like the United States, there are specific laws that state that communications by way of the company’s e-mail system belong to the company, and employees, as such, have no privacy rights. In Mexico there is no law that specifically provides that the company owns electronic communications that employees send by internal mail, but the general consensus is that if the communication is done with company resources, it is subject to scrutiny.

Disclosing the use of the system

Management must decide if it will tell employees that it is using a system that analyses e-mail. Any decision can create a negative work atmosphere. If the use of the systems is revealed, employees may perceive top management as a big brother who wants to observe and control them. If the system is not announced, employees who find out will resent that they were not informed.

Responsibility inside or outside of the company

Management must decide whether the e-mail analysis system should be controlled by an internal department or whether to hire a third party. This decision is similar to any outsourcing decision where the cost of each option is weighed. For example, the costs of hardware and software should be considered, as well as the hiring of qualified personnel. A risk is taken with these systems when a third party is allowed access to the company’s private communications. The company’s decisions and business operations are carried via e-mail; a leak of this information can have huge negative consequences.

Continuous or specific evaluation

Management must decide if the e-mail analysis should be done consistently, at a specific time or with a specific frequency. A continuous analysis is costly, but it increases the chances of detecting the possibility of fraud being committed – in time to prevent it. An analysis at a given moment or during a specific period of time is cheaper, but it can detect potential fraud too late.

Following up on reports

Management should establish a procedure when potential fraud is identified. Who will be responsible for monitoring? What resources will be used for monitoring? A system needs to be put in place to assess the risk of fraud and to respond quickly to prevent it.

Uncertainty in reports

When using these systems, it is important to understand that there is a margin of error in the detection of potential fraudsters given that linguistic interpretation is very subjective. Besides, the presence in the messages of expressions that reflect motivation or rationalization does not mean that it is certain that fraud will be committed. There are employees who may feel constantly unhappy with the company, but who would not commit a fraud. Conversely, employees who never express dissatisfaction or elements of rationalization can commit fraud.

The reports generated by these systems do not indicate with full certainty that there is some possibility that a fraud will be committed. Management must make decisions based on reports that reflect ambiguous situations: the message is suspicious and may imply fraud, but not necessarily. When evaluating a report, management must determine whether there is sufficient evidence to commit resources to a follow-up investigation. To the contrary, management may consider the evidence is not enough and not follow it.

Whatever decision management makes based on reports bearing uncertain results has implications for the allocation of resources to follow up the case and to detect fraud. For this reason, we conducted a study to determine the effect that this uncertainty has on management decisions. In our next article we will describe the results we obtained and the implications for business management.


1. ACFE. 2010 Report to the Nations on Occupational Fraud and Abuse, 2010, cited 20 de julio de 2011, , accessed at ACFE.

2. Hunter, P., Email meets Enron to bring lawyers down on big corporations. Computer Fraud and Security, 2007. 2007(5): 18-20.

3. Baer, J., C. Bray, y J. Eaglesham, ‘Fab’ Trader Liable in Fraud — Jury Finds Ex-Goldman Aide Tourre Misled Participants in Mortgage Security, Wall Street Journal, 2013.

Post a Comment

Your email is never published nor shared. Required fields are marked *


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>