Investigation of External Fraud Schemes


In this chapter:

  • Corporate Espionage
  • Investment Schemes
  • Pyramid or Ponzi Schemes
  • Securities Fraud
  • Hidden Income or Assets
  • Insurance Fraud
  • Bankruptcy Fraud

Companies are becoming increasingly aware of the potential for corporate espionage to play a part in sabotaging the business or giving away trade secrets and other highly confidential information. From the book:

Theft of or infringement upon the intellectual property or secret information of a company is the goal of corporate espionage. This type of scheme can include the theft of client lists, strategic plans, pricing plans, marketing data, confidential financial information, development information on future patents, personnel data, or other secret data that contributes to the success of an operation.

Information like this can be compromised by computer hackers who get into a company’s system and steal information directly or set up nefarious software that will regularly send information to unauthorized third parties. Dishonest employees can also be responsible for leaking confidential data, taking hard copies of secret documents, or e-mailing (or otherwise transmitting over the Internet) digital copies. Companies can become victims of corporate espionage in the most ordinary of ways:

  • Social engineering. A thief could convince an employee that he is supposed to be let in the building, or could gather information over the phone or via e-mail by convincing someone that he’s supposed to receive the information.
  • Dumpster diving. Employees who aren’t careful when throwing away papers with sensitive information might allow secret data to be available and intact for those willing to go through the company’s trash.
  • False pretenses. Someone intent on stealing corporate information could get a job with a cleaning company or other legitimate vendor specifically to gain legitimate access to the office building.
  • Viruses and Trojan horses. With every click on the Internet, a company risks having its system infected with nefarious software that is set up to harvest information from the company servers. Without proper computer security, this would be easy for an experienced criminal.
  • Corporate identity theft. Use of a company’s credit, business information, or reputation without management’s knowledge.

Detecting corporate espionage may require assistance from people with specific expertise. Computer-based risks require the assistance of a computer security person who can help a company monitor systems for unauthorized access and track what employees are doing with data. Physical security experts may be needed to help address risks from apparently legitimate vendors who do nefarious things. Management needs to actively monitor a company’s credit accounts and government registrations for any unauthorized activity.

In general, a company needs to aggressively monitor its intellectual property and other assets that are susceptible to infringement and theft. It is in management’s best interest to make sure the company is asserting its rights and taking action against internal and external actors who will compromise the integrity of the assets.