The Process of Internal Corruption Detection using the Criminological Approach based on Case-based Reasoning

Introduction

Corruption within a company is a very sensitive issue from the company’s point of view. In particular, internal corruption in a bank that handles funds can devastate the bank. Preventing and detecting internal embezzlement cases is important for an organization’s financial safety and for maintaining its credibility and reputation.

Ensuring financial security and establishing trust is critical for any organization, and even more so for financial institutions and companies. The urgency of this issue is highlighted by the Association of Certified Fraud Examiners (ACFE) 2022 Report to the Nations, which revealed that 2,110 occupational fraud cases were reported between January 2020 and September 2021 in 133 countries. In the U.S., 625 cases (29.6%) were reported, with over $1 billion in losses. The main method of detecting occupational fraud is tips from employees and customers, accounting for 40% of cases, followed by internal audits, management reviews, and document examinations. However, these methods have limitations, as they detected only 4% of cases (ACFE, 2022). This underscores the need for a new approach, as detecting occupational fraud through conventional methods is increasingly difficult. More cases involve creating false evidence, altering existing evidence, and deleting or destroying evidence. These methods usually take more than 12 months to detect and verify fraudulent activity after much damage has already been done.

While many fraud detection programs using artificial intelligence and machine learning (ML) have been developed and piloted, they are primarily aimed at detecting and stopping fraudulent activities from outside the organization, such as identity theft or hacking, and little effort has been made toward activities within the organization. Internal corruption, including embezzlement, breach of trust, and fraud by executives and employees, is especially critical to occupational fraud. These problems have been difficult to solve due to the lack of related cases, crimes and data, and evolving criminal methods (Baesenset al., 2015; Omar & Alturki, 2020).

In this study, with the participation of various experts, including lawyers, police, processors, and so on., we analyzed based on various data and cases to extract rules related to the internal corruption of companies.

In this context, we would like to develop a unique process for the internal corruption detection system using rules and Case-Based Reasoning (CBR). The methodology is based on criminology; it will be developed based on the rules based on cases and precedents. Detecting internal corruption using case-based reasoning involves analyzing past instances or examples of corruption within the company to identify potential patterns or causes of internal corruption.

CBR’s strength compared to other systems is its accurate modeling of human decision-making processes. It uses analogical or experiential reasoning to solve complex problems and learns from these problem-solving experiences.

Internal corruption in a company may occur at any time, but when it does occur, it can have fatal effects on the company. Companies have been managing it through internal audits, but as the methods of corruption become increasingly intelligent, management is difficult, and major accidents often occur.

Accordingly, along with the development of the fourth industrial revolution technologies, efforts to detect internal corruption using big data and artificial intelligence have begun, and this study also presents a method for doing so.

In addition, since internal corruption has been reluctant to be exposed to the outside world and has been discussed only internally, it has been difficult to collect and utilize corruption cases or related data. However, modern technology has made it possible to utilize various external and internal data and suggest methods of detecting corruption through various business analyses.

Internal corruption case-based reasoning involves analyzing past instances or examples of corruption within a company to identify potential patterns or causes of internal corruption. By reviewing these past cases, company officials and decision-makers can develop strategies to prevent and detect corruption in the future. This approach may involve auditing internal controls, enhancing due diligence procedures for hiring and promotions, and strengthening compliance and risk management policies to address vulnerabilities identified through case-based analysis. Overall, using internal corruption case-based reasoning can help companies maintain their integrity and avoid reputational risks associated with corrupt practices.

Company threat and corruption detection identifies potential threats and corrupt practices within a company’s operations, systems, and personnel. This involves implementing comprehensive monitoring and detection systems to identify unusual or suspicious activities, such as fraud, money laundering, and insider trading. These systems may include advanced analytics, machine learning algorithms, and AI-powered monitoring tools that can comb through large amounts of data and identify anomalies or patterns that suggest fraudulent behavior. In addition to technology-based systems, threat and corruption detection in companies also involves training staff on detecting and reporting suspicious activities, conducting regular audits, and implementing appropriate internal controls to prevent and detect corrupt practices. Companies can protect their reputation, maintain regulatory compliance, and safeguard their customers’ assets by proactively detecting and addressing threats and corrupt practices.

This paper presents a unique criminology-based process for detecting internal corruption, such as embezzlement. This process is expected to evolve into an AI-based intelligent system and contribute to detecting internal corporate corruption.

Background

Threats to a business include threats from the outside and threats from the inside. Threats from the outside are disguised as systems, etc., but one of the things that causes the greatest damage is internal threats, such as internal corruption (Albrechtet al., 2019).

In criminology, embezzlement is a typical example of internal corruption within a company. The problems of embezzlement accidents in companies are as follows.

The first is the need for a work ethic. Work is a precious place where we can support our families and realize ourselves for a long time. Most workers do their best for the company they belong to. Employee embezzlement incidents are only a small part of the problem.

The second is the need for more management oversight. This will not happen if thorough supervision is conducted and normal approval procedures are followed. Accidents can be prevented by double-checking each other and checking original documents and company books so that documents are not manipulated. Criminal activity can be prevented if strict management supervision is followed in the enterprise.

Third, a person should only work briefly in one department dealing with money and finance. Regular personnel transfers are necessary so that mutual checks can be made. Criminal activity in the workplace requires step-by-step approval and strict supervision.

Lax management and negligent management are the causes of criminal activity. Corporate headquarters should ensure that embezzlement incidents do not recur through thorough management and training. Thorough work ethics education and moral restoration can prevent these criminal acts.

Internal corruption detection methods involve various techniques to identify any signs or indicators of corrupt practices in a bank. Some common methods are:

● Internal Auditing: This is the systematic review of a bank’s operational and financial processes to identify loopholes or weaknesses that could be exploited for corruption.

● Anti-Money Laundering (AML) Compliance: AML regulations require banks to conduct customer due diligence, monitor transactions and report suspicious activities. This method helps banks to detect and prevent money laundering, which is often an indicator of corruption.

● Data Analytics and Machine Learning: Banks can use advanced technology like data analytics and machine learning to monitor transactions and identify unusual or suspicious behavior that suggests fraudulent activity.

● Whistleblowing Hotline: Banks can set up a hotline where employees, customers, or suppliers can report fraudulent or unethical behavior without fear of reprisal.

● Fraud Risk Assessment: Banks evaluate the likelihood and impact of fraud risks and develop appropriate controls to mitigate them.

● Regular Training: Banks can offer regular training to employees on identifying and preventing corruption within the organization.

These methods help banks proactively detect and respond promptly to any signs of corrupt practices, mitigating the risk of financial and reputational loss.

CBR is an artificial intelligence system and technology gaining widespread acceptance (Becker & Jazayeri, 1989; Thrift, 1989). Schank (1982) provides the foundation for the work in CBR in Dynamic Memory. This work is the first to describe a memory-based approach to reasoning and to give an architecture for building that type of reasoning system on a computer (Barletta, 1991). The basic principle underlying CBR is that human experts use analogical or experiential reasoning to solve complex problems and to learn from problem-solving experiences (Brown & Gupta, 1994). However, in searching their memories, human experts may suffer from primacy and recency effects (Brown & Gupta, 1994). CBR allows a systematic search of a case library (memory) to retrieve cases that most closely match the problem. A CBR system can augment an expert’s memory by retrieving a larger and more relevant set of cases than human memory can retrieve (Kolodner, 1993).

CBR has been shown to model human decision-making processes accurately. For example, Morris (1992, 1994) developed a CBR system that evaluates EDP controls and generates information system control recommendations. Morris (1994) notes that auditors use past cases to compare controls, to remind them of previous incidences where controls failed, to generate expectations about client controls, and to justify or explain their control recommendations. Morris validates her system by comparing its performance against human subjects. The CBR system outperforms human subjects in generating control recommendations. Further evidence that CBR accurately models human decision-making processes is provided by Biggset al. (1987) and Meservyet al. (1986), who both note that auditors reason by analogy to prior experiences. Brown and Gupta (1994) claim that the ability of CBR to augment human memory and facilitate machine learning is a significant contribution to the study of intelligent systems.

An effective detection and prevention strategy should integrate multiple approaches to detect and prevent internal corruption within a company. Companies can detect and prevent internal corruption by regularly monitoring transactions, analyzing vendor and personnel data, conducting regular audits, training employees, and implementing advanced technology.

Expert and knowledge systems use rules-based CBR to obtain high-level knowledge for problem diagnosis and solution retrieval (Hajar & Lee, 2005; Tunget al., 2010).

AI (Artificial Intelligence) has great potential to make fraud detection faster, more effective, and more efficient. However, implementing these systems effectively is challenging, especially for smaller institutions that need access to large numbers of in-house data scientists and engineers (Yu & Rha, 2021).

Detecting frauds in company data sets while minimizing false positives is a particularly difficult problem for AI-based systems: the low concentration of frauds compared to the genuine transactions in data sets provides very little information to train AI-based models. At the same time, the number of different fraud types is large, and customers exhibit (Chen & Burrell, 2001).

The system must learn to recognize and accommodate a wide range of behaviors. Only the largest and best-resourced organizations can refine and implement these systems internally. For most, a fully supported plug-and-play system that addresses company fraud will prove the only realistic option.

Ideally, any such system should incorporate secure ways for statistical information on suspect transactions to be shared between different companies using the system so all can benefit from access to a wider pool of information. However, these complex AI-based systems must also be fully explainable to users and the public. Regulation of AI-based applications is becoming stricter, and companies must expect to face increasing scrutiny over their use of AI.

Many companies use a Fraud Detection System (FDS) that supports pre- and post-response to financial fraud. Recently, due to the development of digital technology, factors such as the diversification of financial transaction media, rapid increase in data volume, and new fraud techniques have made it more difficult to respond to financial fraud using FDS, and thus, sophisticated and advanced FDS is required.

The FDS components comprise information collection, abnormal transaction analysis, and response (Fig. 1).

Fig. 1. FDS process.

The log collection system collects real-time transaction information, refines large amounts of data, and transmits them to the abnormal transaction analysis system. The abnormal transaction analysis system comprehensively judges the data received from log collection, customer information, and external information to determine whether a transaction is abnormal. The response system performs automated system actions such as blocking user access and sending a confirmation alarm to the person in charge according to the response scenario for each type of transaction determined by the abnormal transaction analysis system. The artificial intelligence detection model learns about newly discovered transaction patterns to improve performance and periodically reflects it in the abnormal transaction analysis system.

FDS analysis methods are divided into two types: misuse detection and abnormality detection.

Misuse Detection Technique

A misuse detection technique can identify abnormal transactions by applying multi-rule-based conditions to newly occurring financial transactions by regulating and conditioning the main characteristics of existing abnormal or fraudulent transactions. This method has a fast and simple structure but has the disadvantage of being difficult to respond to new patterns.

A representative example of a misuse detection technique is related to account transfer or card payment transactions by a group of experts. It can be understood as a method of warning about unusual outliers that anyone would recognize as abnormal transactions. For example, if an amount 100 times larger than the monthly average amount that a specific customer traded is transferred to an account that has never been traded in the early morning hours, FDS identifies this transaction as an abnormal transaction and issues a warning to the person in charge of the business, as it is an anomaly in terms of amount, time, and account correlation.

Anomaly Detection Technique

The anomaly detection technique can be understood as detecting singularities by modeling based on attribute information such as customer basic information and transaction information stored in the RDBMS. This method comprehensively judges data with a complex structure and finds abnormal and fraudulent transactions difficult to detect. However, it has the disadvantage of requiring a high-performance system for real-time processing.

Insurance claim transactions are a representative example of anomaly detection techniques. These techniques utilize customers’ static and dynamic variables, which change according to transaction information. They analyze them by linking customer information that external organizations managed by other companies can reference.

Internal Corruption Detection Process

The company corruption detection method uses case-based reasoning, which involves analyzing specific past instances or examples of corruption within the company and using this knowledge to identify potential patterns or causes of internal corruption. This approach enables companies to examine past cases that may share similar characteristics, such as the modus operandi or the individuals involved, to identify potential red flags and vulnerabilities that could lead to corrupt practices.

Fig. 2 shows the environment creation and method design for data analysis, which is a key process in the methodology for embezzlement detection and prevention.

Fig. 2. Case-based detection methodology development process.

The first step is data collection, which involves collecting data from various sources to build a database of embezzlement cases. We collect data from cases, precedents, online systems, etc.

Second is a setup database of various data, cases, and precedents. This step involves structuring embezzlement data, cases, and precedents, converting them into quantifiable forms, and loading them.

The third step is new case detection. This step determines whether a new event within the organization is embezzled by comparing it to rules or patterns derived from existing cases and precedents regarding internal corruption.

The fourth step is monitoring notification; this step periodically monitors events within the organization, notifies managers when the risk of embezzlement increases, and detects it.

Fig. 3 shows the system process of internal corruption detection, which includes several steps:

1. Data Collection and Preprocess Data: Collecting data from past internal corruption cases and precedents, including details such as the type of fraud, perpetrators, and factors that allowed the fraud to occur. In addition, historical case data and corruption indicators can be converted into a suitable format for model training. This may involve feature engineering and data cleaning to ensure the data is consistent and well-prepared. In this context, collecting enough relevant cases is one of the most critical steps for the successful development of detecting internal corruption systems utilizing CBR. There have been many ways of internal corruption, such as financial statement fraud schemes, including fictitious revenues, timing differences, improper asset valuation, concealed liabilities and expenses, improper disclosures, asset misappropriation with cash receipts or fraudulent disbursements, or inventory and other assets.

2. Case analysis and DB construction: We collect and analyze cases and precedents related to internal corruption, such as corporate corruption, and create a database. Above all, experts participated and applied unprecedented criminological methods to derive criminal methods such as embezzlement and regularized them according to the unique patterns of their criminal tendencies. In particular, a criminological approach was used to derive corruption methods such as embezzlement using data, cases, and examples. Analyze the data collected to identify patterns or factors contributing to internal corruption incidents. This process may involve looking at common factors, such as job roles or departments, vendors or customers involved, and fraudulent activities. Identify specific patterns or indicators of corruption, such as irregular transaction amounts, unusual account activity, or unauthorized access to sensitive information. Analyzing the data collected and identifying patterns or factors contributing to fraud or corruption. This process may involve looking at common elements, such as job roles or departments, vendors or customers involved, and fraudulent activities. Create a database or knowledge repository that stores relevant information from previous corruption cases and precedents. Include details such as date, involved parties, transactions, and supporting evidence.

3. Model Training: Train using the preprocessed historical case and precedent data. This can be done through supervised learning, where the inputs are the corruption indicators and the outputs are binary labels indicating whether a case involves corruption. This stage is the derivation and modeling of criminal methods through a criminological approach, which is the core of this study.

In particular, we have developed rules and patterns of internal corruption from cases and precedents based on a criminological approach. Although various AI methods will be applied to this model later, its basis is criminal methods derived from criminology. These criminal methods create rules, and the model is created based on these.

4. New case detection: This step determines whether there has been embezzlement by comparing daily events that occur continuously within the organization with previous cases. Use case-based reasoning algorithms to compare current transactions with the historical case base. Look for similarities in patterns, behaviors, or indicators. Compare the current transactions flagged by the neural network with the historical case base. First, we use data analysis techniques other than case-based reasoning for embezzlement detection. Secondly, we use anomaly detection, a technique for detecting outliers different from normal patterns. Outliers can indicate numerical or behavioral patterns related to embezzlement or fraud. For example, suppose a specific employee’s monetary transaction volume is significantly higher or lower than others. In that case, anomaly detection techniques can be applied to the employee’s behavior to detect the possibility of embezzlement. Thirdly, we use network analysis, a technique for identifying patterns related to embezzlement, by analyzing connections and relationships within an organization. It can be used to find traces of fraud by analyzing interactions between employees, fund transfers, and use of authority. For example, network analysis can detect signs of fraud by analyzing whether employees with a high probability of embezzlement are highly connected to other employees or show unusual patterns in financial transactions or data access. Fourth, we use statistical analysis, a technique that analyzes data within an organization to detect statistical patterns related to embezzlement. Statistical inference and modeling can be used to assess the possibility of fraud. For example, statistical analysis can be used to analyze data such as monetary transaction volume, cost composition, and budget distribution to find abnormal patterns related to embezzlement, and statistical models can be used to predict the possibility of fraud. Fifth, we use text mining, a technique that analyzes text data (emails, documents, memos, etc.) within an organization to extract information related to embezzlement. Using natural language processing and machine learning, it can identify negative language, keywords related to embezzlement, etc. For example, text mining can detect keywords related to embezzlement, negative statements, etc., in email content or internal documents to find evidence of fraud.

5. Monitoring and alarm: This is the step of periodically monitoring events within the organization and notifying managers when the risk of embezzlement occurs or increases. Monitor and analyze ongoing transactions within the company continuously to identify any potential signs of corruption. This could involve data analytics techniques to detect anomalies and flag suspicious activities. If the analysis finds a potential match or significant similarity to past corruption cases, alert the appropriate authorities or internal audit teams for further investigation. If AI-based and rule-based analyses find a potential match or significant similarity to past corruption cases, alert the appropriate authorities or internal audit teams for further investigation. Using case-based reasoning, a company can gain insights into past corrupt practices, use this knowledge to identify vulnerabilities and develop control techniques to mitigate the risk of internal corruption. This approach can help companies proactively identify and address internal corruption, minimize reputational damage, and prevent financial losses due to fraudulent activities. Using case-based reasoning, internal corruption in a company is detected by analyzing historical corruption cases and comparing them to current transactions or behavior patterns. Detecting internal corruption requires a proactive approach integrating data analysis, pattern recognition, and continuous monitoring. Collaboration between different departments, such as IT, legal, and compliance, can help enhance the effectiveness of the detection process. Detecting internal corruption in a company using rule-based analysis and case-based reasoning with neural networks can further enhance the accuracy and efficiency of the detection process. Integrating neural networks with case-based reasoning can provide a more accurate and automated approach to detecting internal corruption in companies. However, it is important to continuously update and improve the neural network’s training with new cases to maintain its effectiveness.

Fig. 3. System Process of Internal Corruption Detection.

Concluding and Future Works

This paper presents processes for detecting internal corruption, such as embezzlement. Based on CBR (Case-based Reasoning), this internal corruption detection process uses rules developed by experts.

The unique method is based on the criminological approach derived from the cases and precedents about internal corruption.

Internal corruption detection methods strengthen organizations’ financial safety and reliability. These methods help organizations respond effectively to embezzlement by providing processes and tools to identify and prevent insider corruption risks.

This paper presents a unique process for detecting internal corruption, such as embezzlement.

This process is expected to evolve into an AI-based intelligent system and contribute to detecting internal corporate corruption in the future.

Developing a fraud detection methodology is vital in enhancing an organization’s financial safety and reliability. This methodology provides processes and tools to identify and prevent fraud risks, helping organizations respond effectively.

The embezzlement detection methodology will consist of the following main steps:

First, identify and analyze potential embezzlement factors within the organization. This identifier detects potential embezzlement areas by examining business processes, financial transactions, authorization, etc.

Second, review and strengthen the organization’s internal control system. This means establishing a system that can prevent and detect embezzlement by separating roles and authority, strengthening approval procedures, and strengthening access control.

Third, develop and implement a model that detects embezzlement using data analysis techniques. Case-based reasoning is used to find very similar cases. Techniques such as anomaly detection, network analysis, statistical analysis, and text mining are utilized for unidentified problems.

Fourth, build a notification system that detects and notifies of embezzlement detection results in real-time. This helps to take countermeasures promptly by immediately notifying the relevant person if abnormal behavior occurs.

Finally, the embezzlement detection methodology will be continuously monitored and improved. Establish performance metrics and collect data to evaluate the methodology’s effectiveness and derive improvements.

In conclusion, the embezzlement detection methodology is important for enhancing organizational transparency and ethical behavior and preventing and detecting fraud. Through continuous monitoring and improvement, the methodology can help improve an organization’s financial safety and credibility.

Furthermore, detecting internal corruption is important for strengthening organizational transparency and ethical behavior and preventing and detecting cheating. The methodology is expected to help improve organizations’ financial safety and reliability through continuous monitoring and improvement.