27 May 2009

SOC: Statement of Truth...

Global transnational organizations who provide executive security protective details are on the rise. Corporate personnel who must travel to high risk regions of the globe realize the requirement for a minimal, yet comprehensive security envelope.

Back at the "Security Operations Center" (SOC) you will find a team of subject matter experts working in concert, to continuously enhance the Operational Risk Management matrix. One set of analysts are tasked with the media review and intelligence collection from Open Sources. One example could be CNN or even more regional sources such as Alhurra:

Alhurra (Arabic for “The Free One”) is a commercial-free Arabic language satellite television network for the Middle East devoted primarily to news and information. In addition to reporting on regional and international events, the channel broadcasts discussion programs, current affairs magazines and features on a variety of subjects including health and personal fitness, entertainment, sports, fashion, and science and technology. The channel is dedicated to presenting accurate, balanced and comprehensive news. Alhurra endeavors to broaden its viewers' perspectives, enabling them to make more informed decisions.

Another set of analysts are sifting through online intelligence portals such as Opensource.gov or Data.gov . However, when you have a specific executive who is traveling to a specific country there are more detailed plans and advance work that takes place. These facets of corporate enterprise risk and operational risk management are vital to protect human assets and the ongoing continuity of business operations. Situational awareness enhancement is a 24/7 x 365 day process.

Whether your business takes you to Pakistan, Mexico or South Africa the risk of bombing, H1N1 or criminal elements are a real potential threat:

Rob Watson of the BBC reports on the latest explosion in Lahore:

What is striking about this latest attack, and so worrying for the Pakistani authorities, is the timing and choice of target.

It occurred near the offices of both the local police chief and of the national intelligence agency, the ISI, and comes as the Pakistani military is engaged in a massive campaign against militants in the north-west. So the initial speculation is that this is in some way a revenge attack.

Questions will again be raised about the inability of the authorities to stop the attack altogether given they were clearly expecting reprisals and were on a heightened state after the two other recent attacks in the city.


Executive Protection Detail's have been utilizing the compendium of wisdom and research that is found in Gavin De Becker's latest publication, "Just 2 Seconds" and for good reason:

Think of every assassination you've ever heard about. For most people, a few of these major ones come to mind: Caesar, Abraham Lincoln, John Kennedy, Martin Luther King, Mahatma Gandhi, Indira Gandhi, Anwar Sadat, John Lennon, Israel’s Prime Minister Rabin, Pakistan’s Benazir Bhutto.

From start to finish, all of these attacks — combined — took place in less than one minute. And the hundreds of attacks studied for this book, all of them combined, took place in less than a half-hour. Those thirty minutes, surely the most influential in world history, offer important insights that can help today’s protectors defeat tomorrow’s attackers.


Operational Risk is far more pervasive than detection of fraud, mitigating the loss events from internal information theft or intellectual property. It's been said here in the blog before and it's worth repeating again this statement of truth:

"Attackers use tools to exploit a vulnerability to create an action on a target that produces an unauthorized result to obtain their objective."

Whether you utilize this statement within the context of your digital domains, physical domains or the vast set of processes within the enterprise, it does not matter. What does matter, is that those individuals responsible for the survivability and the defensible standard of care of the organization, never forget it...

20 May 2009

OPS Risk: Military Lesson for Wall Street...

Air Force Brig. Gen. Mark W. Graper, the 354th Fighter Wing commander at EIELSON AIR FORCE BASE Alaska has captured the essence of Operational Risk Management. Corporate Executives and mid-level management should have this made into a poster for their office and hanging in every hallway:

Summer is just around the corner, and many of us are planning for our favorite warm weather activities - fishing, hunting, hiking, motorcycling, camping and more. All of our summer plans can be fun if we keep in mind the basics of operational risk management: Accept risk when benefits outweigh the cost; accept no unnecessary risk; anticipate and manage risk by planning; make risk decisions at the right level; assess and mitigate risk. Stated more simply, have a (prudent) plan, have a backup plan and have a wingman.

Whether you are focused on the safety and security of your personnel, the integrity and confidentiality of your information or the continuity of your business operations it's a fact that effective "Operational Risk Management" will improve your organizations resilience factor. The brilliance of Brig. Gen. Graper's emphasis on this subject away from the flight line or "The Office" , is his understanding that most of us will become more complacent the minute we hit the parking lot. You see, OPS Risk is not just something being advocated in the workplace. It's just as pervasive at home or in our own leisure activities. Whether you are climbing "Denali" or entertaining friends around the backyard pool, you have to be continuously in OPS Risk mode, or it could bring harm to life, limb or your own reputation.

Operational Risk includes the risk of litigation and there is one item you can be certain that is a threat to your corporate integrity. Employees, partners and suppliers to your organization:

Freddie Mac investors have filed expanded court claims accusing the mortgage finance company and three former executives of committing fraud by misleading them about risky loan practices and manipulating financial results.

The allegations, contained in a nearly 300-page court complaint filed late on Tuesday, are based in part on interviews with more than 100 former company employees and others who are described in the lawsuit as having knowledge of Freddie Mac's operations and finances.

One of the unnamed employees cited in the lawsuit is a former director of operational risk management at the company, who was quoted in the complaint as saying that Freddie Mac was an "appallingly run company" and that it was clear as far back as August 2007 that its capital position was inadequate.

"CONFIDENTIAL WITNESSES"

Other so-called "confidential witnesses" cited in the complaint include a former Freddie Mac vice president of investor relations and an ex-senior examiner with the Office of Federal Housing Enterprise Oversight, the company's regulator, now part of the newly formed Federal Housing Finance Agency.


What most organizations the size and complexity of Freddie Mac under estimate, are the speed of change and the socially "connected" market economy. The blur of business combined with the "Holistic Blindness" of what risks are a threat today or this week, can bring an enterprise to it's knees and then to it's ultimate demise.

Whether it's buying and packaging financial assets to sell on Wall Street or keeping your F-22 Raptor in the air to defeat hostiles, OPS Risk is the differentiator. Your survival depends on it.

12 May 2009

Economic Impact: Hedge Funds Beware...

In a recent ACFE study on the impact of an economic recession, the results are eye opening. More than half (55.4 percent) of respondents said that the level of fraud has slightly or significantly increased in the previous 12 months compared to the level of fraud they investigated or observed in years prior.

Additionally, about half (49.1 percent) of respondents cited increased financial pressure as the biggest factor contributing to the increase in fraud, compared to increased opportunity (27.1 percent) and increased rationalization (23.7 percent).

The survey also found that:

  • Employees pose the greatest fraud threat in the current economy. When asked which, if any, of several categories of fraud increased during the previous 12 months, the largest number of survey respondents (48 percent) indicated that embezzlement was on the rise.
  • Layoffs are affecting organizations' internal control systems. Nearly 60 percent of CFEs who work as in-house fraud examiners reported that their companies had experienced layoffs during the past year. Among those who had experienced layoffs, almost 35 percent said their company had eliminated some controls, while 44.2 percent said the layoffs had no effect on controls and only 3.2 percent said their company had increased controls.
  • Fraud levels are expected to continue rising. Almost 90 percent of respondents said they expect fraud to continue to increase during the next 12 months. Additionally, the fraud most expected to increase is embezzlement.

These results are not too surprising. Internal control systems could be an issue if there are layoffs in the risk management departments or reallocated enterprise resources. The embezzlement schemes come in many forms and they know where and what areas will be neglected in oversight during the economic belt tightening.

Most of these fraudsters are brilliant "con men". They know how to prey on the human factors of greed and fear. Powerful emotions must be monitored by a "Corporate Vigilance" and awareness program. This preempts potential breaches and crisis incidents that will ultimately impact personal and corporate reputations.

Three factors are generally accepted as being necessary for a fraud to occur: pressure, opportunity, and the ability to rationalize illegal behavior. Unfortunately, the presence of each of these factors may rise in periods of economic hardship. Organizations and individuals alike can experience the pressure of increased financial strain. Opportunities for fraud could proliferate as many companies cut their workforces and otherwise reduce expenditures, perhaps leading to reduced internal controls and fewer proactive fraud prevention measures. And bombardments of bad financial news could cause mounting feelings of helplessness, pessimism, and isolation, which may, in turn, allow individuals to rationalize previously unthinkable acts.

So what can you do to detect early the potential existence of a suspected fraudster in your organization without subjecting current employees to retribution or put them into harms way? One effective strategy is to hire an outside entity to perform ongoing interviews and investigations that is independent of the internal audit department or OPS Risk staff. The other step is to compartmentalize the unit in terms of information exchange and to increase overall operational security.

Harry Markopolos, who is responsible for investigating Bernie Madoff for 8 or 9 years did exactly this and for good reason. His team was operating in the field under his direction and was kept secret even while he was talking to the SEC. Why? Some of the off-shore funds Madoff was doing business with were only a few steps removed from organized crime, according to Markopolos. If these firms new that Mr. Madoff was stealing them blind, they could have put some adversarial actions into play.

Once the fraudster gets the indicator that any one is getting close to the point of questioning their behavior, you can bet the evidence will begin to be destroyed or masked. This destruction of evidence can begin with simple deleting of e-mails, documents or the creation of new e-mails or data to mask or cover up the trail of fraudulent activities. This is when the use of Digital Forensic examinations on weekends or evenings while employees are away from the workplace can help reveal the presence of "Anti-Forensics."

The presence of anti-forensic tools to cover their tracks, e-mails or where they are visiting on the Internet might be the first sign that you may have an actual fraud scheme in operational mode. Hidden or encrypted files found on an employees laptop or desktop utilizing unauthorized sofware tools or downloaded freeware is a huge "Red Flag."

It's important for any investigator to consider the human factors and the behavior associated with people under pressure and close to the end of their hidden occupational fraud operation. These typically have been going on for up to 24 months before they are discovered and you can be sure that they have thought about the day when they are finally discovered. The fight or flight mode kicks in at this point and organizations are obligated to mitigate the risks of harm to fellow employees.

Effective Corporate Integrity units in global enterprises require the right internal resources, independent outside expertise and a comprehensive OPS Risk framework to be more successful.

Hedge Funds have been on alert for months now. Marc Dreier, the New York law firm founder accused of defrauding hedge funds by selling $700 million in phony promissory notes, might face life in prison after pleading guilty to fraud charges.

According to prosecutors, victims of the fraud included Amaranth Group Inc., Perella Weinberg Partners, Eton Park Capital Management LP, Concordia Advisors LLC, Novator, Meyer Ventures LLC, Blackstone Group LP’s GSO Capital Partners and Elliott Management Corp.

The case is U.S. v. Dreier, 09-cr-85, U.S. District Court, Southern District of New York (Manhattan).