Understanding the common actions of fraudsters
Table of contents
Fraudster personas
Fraudsters are a committed adversary, consistently finding ways to evade the controls we put in place to counter them. Yet while fraud schemes vary in their complexity and creativity, fraud intelligence and investigations reveal that those who commit fraud tend to also use common tried and tested methods to mislead or exploit the system.
Controlling fraud risk is an equally creative yet methodical process, and it helps to think like a fraudster to identify risks. The 8 Fraudster Personas can help you anticipate how a fraudster might target your organisation’s programs, activities and functions so you can put the right controls in place to counter them.
An innovative approach is to combine Fraudster Personas with business process mapping. By identifying different risks across a business process, you can better understand where and how a program, activity or function might be susceptible to common fraudulent actions. This will also help you communicate these risks to stakeholders and decision-makers, and co-design proportionate and effective controls at the right point in the process.
A template with instructions on how to map business processes and apply a fraud lens to identify vulnerabilities is available for download on the IPSFF Fraud Control Testing Framework page.