September/October 2008 / Features
Detecting and Investigating IT Department Fraud
Directors of Information Technology departments are in a unique position to commit certain kinds of fraud, the authors say. The opportunity is there, it’s relatively easy, and it can be immensely lucrative. While the vast majority of IT directors are honest, he says, all companies would be wise to at least understand how IT fraud typically takes place, what the signs are that something is amiss, and how to proceed if fraud is suspected.
For mid-size companies, kick-back schemes and sweetheart vendor deals should be a particular concern. A common scenario involves a new IT director who brings in new vendors, often without competitive bidding or other safeguards. Be especially alert for invoices that lack customary data (like phone numbers or tax ID numbers) and vague descriptions of work performed. “IT director kickback schemes are often a stew of gross overcharges for services actually provided and invoices that are pure fiction,” the author says.
Investigations in this area present some unique problems. The subjects of hte investigation may have access to the very emails and phone calls that normally would be part of an investigation. The author advises caution, and even some unusual countermeasures, like setting up temporary email addresses not on the company servers. Strong investigative skills may be required. The author advises contacting legal counsel at an early stage.