How Blockchain checks financial fraud in companies
Over the past two decades, accounting scandals have cost companies and investors billions of dollars. The Enron scandal (2001), Lehman Brothers (2008), Satyam scandal and many others have caused huge losses to both companies and people.
According to PWC’s Global Economic Crime and Fraud Surveys 2022, property abuse – or insider fraud – was one of the top three financial frauds after cybercrime and customer fraud within a company. The larger the organization, the greater the chances of misappropriation of assets.
The survey further showed that misappropriation of assets accounted for approximately 24% of all three types of fraud in a company size between $1 billion and $10 billion in revenue. This type of fraud rises to 31% in companies with revenues over $10 billion. In terms of sectors, the government and public sector accounts for about 33% of property abuse cases, followed by retail and consumer (31%) and industrial manufacturing (28%).
Companies spend millions on securing their systems against outside cyberattacks (32%), which is only 1% higher than insider fraud (31%), but have done relatively little to check insider fraud.
It is a major challenge to ensure that data has not been changed, replaced or manipulated by a company or its employees. We often assume that the data is accurate thanks to techniques such as private keys and user permissions. However, we are unable to formally or mathematically demonstrate that data included in a typical application database is completely free of manipulation. Our next, and perhaps most expensive, line of defense is revision.
How can we really secure a company from an insider attack?
Immutability: If you can’t change it, you can’t fudge it
Blockchains are made to be resistant to data modification by design. A blockchain can effectively act as an open, distributed ledger that can efficiently and permanently record transactions between two parties. Blockchain can also be used to verify transactions that have been reported. Using the technology, auditors could simply verify the transactions on easily accessible blockchain ledgers instead of requesting bank statements from customers or contacting third parties for verification.
Blockchain technology achieves this immutability by matching cryptography with blockchain.
Each transaction that the blockchain network considers valid is time-stamped, embedded in a ‘block’ of data and cryptographically secured by a hashing operation that connects and integrates the hash of the previous block. This new transaction then joins the chain as the following chronological update.
Metadata from the hash output of the previous block is always incorporated into the hash process of a new block. Since the subsequent blocks in the chain will reject any attempt to modify the data after it has been authenticated and added to the blockchain – as their hashes would not be valid – this crucial step in the hashing process makes the chain “unbreakable”. In other words, the blockchain will crash if the data changes, and the reason will be obvious. Traditional databases do not have this feature; there the data can be easily added, changed or removed.
The blockchain essentially acts as a time-stamped ledger of facts. These Bitcoin statistics include details of transfers between addresses.
Blockchain-based ledgers can ensure that an application has a complete history and data trail, because once a transaction is added to the blockchain, it remains there as a representation of the ledger until that point. By simply recalculating the block hashes, the integrity of the chain can be verified at any time; if there is a disagreement between a block’s data and its matching hash, the transactions are invalid. This enables companies and industry authorities to quickly identify data manipulation.
Blessing for audit firms
Currently, a low-value transaction on the blockchain takes about 10 minutes to be verified because only one block verification is considered necessary. The associated transactions are more immutable further along the chain, or how many blocks must pass before a transaction is considered validated. Usually, it takes about an hour (6 blocks) to confirm a high-value transaction.
Compare this to conventional financial transactions, where the deletion of information can take a month or longer. The audit process may be affected by this pseudo-real-time verification blockchain feature. Audit companies will be able to carry out ongoing online assessments in the period under audit instead of assessments at the end of the year, or interim.
This technology appears to be a foolproof system that is likely to change the financial system for good and check for both internal and external fraud.