Finance

Using Information Technology as a Management Control Lever

Fraud and information technology are two business phenomena that can be taken uniquely and differently or they can be taken in perfect congruence. Fraud, with all its intents and consequences, can be as potent as its combination with information technology (IT), with all the latters technical usefulness. The combination of fraud and IT may be taken both in sharp contrast as a conspiracy as when IT is utilized to commit fraud or IT can be used as a control mechanism to prevent the commission of fraud or simply detection of errors at the least. (Miller, 1978)

In 2003, the HM Treasury identified several fraud risks occurring in the UK area such as theft, false financial accounting, bribery and corruption, deception and collusion. Experts identify the major fraud elements as people whether insiders, outsiders or both in conspiracy assets to acquire serving as motivations the intent to defraud and the opportunity to commit. Because of the nature of the intent, fraud is usually difficult to detect and even prevent. Clearly, the prevention and detection of fraud require the active participation of people in the organization creating a strong ethical dimension of work, policy statements, appropriate risk assessment and adoption of management control measures to prevent its commission. Prominent here is credit card fraud , that although online fraud went down by 67 per cent in 2007, credit card fraud went up by 42per cent. (APACS, 2007) This however, went down 23 per cent in 2009.
           
Adding the banking system into the formula of credit card fraud and information technology may likely create an area of sensitivity that can provide both breadth or breach of security. Admittedly, the banking system is perhaps one of the major industries and sectors heavily impacted by the use of information technology. Indeed, IT can facilitate, even enhance, the commission of credit card fraud or it can entirely prevent its occurrence as when IT is used to protect and secure an organization against itself. Here, credit card fraud appears to be as sophisticated as the credit card technology concept itself. Hence, the banking system becoming its primary target with about 60 billion dollars losses in 2009.

Management Issue in the research project.
The management issue being addressed in the research project focus on the role of IT in preventing credit card fraud and fraud risks in the banking system through a set of management control systems. Here, use of IT is directed towards strengthening the management control systems to make it an effective tool in the prevention and detection of frauds in the UK banking system.  

2-  Research Questions
IT and credit card fraud as experienced in the UK banking system presents the core of the study. Clearly, the antecedent here is that credit fraud in the UK banking system is on the rise and IT can be considered as a management control lever to insulate sensitive banking transactions from simple fraud and breach of security. The study attempts to identify the credit card fraud risk areas in the UK banking system in general, and the role of IT in fraud prevention in the UK banking system in particular. The study will recommend strategic measures to utilize IT primarily as a management control lever to prevent, detect and correct fraudulent banking transactions.

In the process, this study aims to address the following sub-problems
Describe the credit card fraud risk phenomenon inherent in the UK banking system
How, where and possibly why specifically are this credit card fraud risks perpetrated in the UK banking system

(3) What and how can IT capability be used to obviate the identified credit card fraud risks in the UK banking system

(4) What specific strategic management control lever system may prove effective in terms of prevention and detection of credit card fraud risks in the UK banking system

3- Aims of the research project
The study covers the credit card frauds risk areas of the banking system as it relates to the inherent character of the UK financial systems, including the use of mobile and internet banking technology and a more vulnerable area of ecommerce. The study identifies the credit card fraud risks reported over the last ten years as indicated and validated by key informants in the banking system such as funds and credit clients, bank managers and decision makers, government examiners and regulatory agencies, legal experts, among others. Likewise this attempts to (Bowman  Ambrosini, 2003)
Increase awareness of credit card fraud risk areas through theoretical and empirical literature as well as practices in the UK banking system
Reduce the vulnerability of the UK banking on this credit card fraud risk
Increase and sustain IT capabilities which may prove effective in credit card fraud risk control
Raise the level of effectiveness of management control systems and thus help prevent and detect credit card fraud risks in the UK banking system.

4- Objectives of the research study
The main objectives of the study are the following
Explain the nature and impact of the fraud risks in the UK banking system through theoretical and empirical literature
Identify and explain the vulnerability of the UK banking system and the environment of fraud motivation in the UK banking system
Identify and evaluate the various existing IT capabilities, processes and determine their potential cost effectiveness and advantages in the fraud risk prevention and detection
Explain what and how management control systems can help sustain fraud risk controls.
     
In terms of significance, the study brings open banking policies, services and practices in areas vulnerable to credit card fraud risks. Clearly, the extent of management control systems such as ethical practices, good governance, confidentiality as well as privacy requirements are provided emphasis and priority to protect stakeholders commencing from the university academic and curricular planning. IT vulnerabilities are identified and secured. Future researchers may likely be benefitted by predicting emerging credit card fraud issues and credit card derivatives as subjects of additional control levers. (Simons, 1994)  Here, the aspect of management control as a lever of prevention and detection is emphasized and supported.        

5  Three main sources and annotated bibliography
The following main sources will be used extensively in the theoretical and empirical support of the research inquiry
Management Control Systems (2003) by Robert Anthony and Vijay Govindarajan. This book is designed to allow managers gain knowledge, insights and analytical skills related to how a firms management can go about designing, implementing and using planning and control systems to implement the firms strategies. This comprehensive source can serve as handbook for managers, consultants, IT-based system designers in addressing the complexities and realities of the 21st century corporate operations. The authors are distinguished experts and are notably connected with Harvard University and Dartmouth College respectively. .
 
Financial Stability Reports, periodically issued by the Bank of England. This authoritative paper issued by the Bank of England gathers and analyzes the various issues confronting the UK banking system, the risks confronted by the system and the pockets of measures. Likewise, this report provides an authoritative reference to the structure, risks, shocks and prospects faced by the UK banking system. This report additionally recommends risk mitigation measures for the UK banking system.

LexisNexis IT Solutions and Services. This company makes use of research-based content-enabled workflow and strategic solutions specifically designed for IT and business professionals in the legal, risk management, corporate, government, law enforcement, accounting and academic markets. LexisNexis is a pioneer in online information systems with its Lexis and Nexis services. A member of Reed Elsevier, LexisNexis serves customers in more than 100 countries with 18,000 employees worldwide.  Current practices by the company make this portal of great importance in identifying solutions to prevent and detect credit card fraud risks in the UK banking system.

6- Peer-reviewed journal articles  
The following peer-reviewed journal articles are being used for this research undertaking. These are considered relevant and timely. These are authored by experts who, through their expertise are able to explain the rigors of the thesis problems on hand and its environment.
Bowman, C and Ambrosini, V. 2003. How the resource-based and the dynamic capability views of the firm inform corporate-level strategy. British Academy of Management. British Journal of Management. Vol. 14, 289-303 (2003)

Frow, N, Marginson, D  Ogden, S. 2005. Encouraging strategic behavior while maintaining management control Multi-functional project teams, budgets, and the negotiation of shared accountabilities in contemporary enterprises. Elsevier. Management Accounting research 16 (2005) 269-292 doi. 10 1016 j mar 2005.06.004 www.elsevier.comlocatemar

Kaminsky GL, Reinhart,CM  Vegh,C 2003. The unholy trinity of financial contagion. The Journal of Economic Perspectives, Fall 2003. 17, 4 ABIINFORM Global pg. 51

Miller, L 1978.  Has artificial intelligence contributed to an understanding of the human mind A critique of Arguments for and against. Cognitive Science A multidisciplinary journal. DOI 10.1207S15516709COG0202_2 URT httpdx.doi.org10.1207 S15516709COG0202_2

Simons, R 1994. How new top managers use control systems as levers of strategic renewal. Strategic Management Journal. May 1994. 15,3 ABIINFORM Global pg. 169.

Turner, J. L., T. J. Mock and R. P. Srivastava. 2003, An analysis of the fraud triangle. Viewed January 29, 2010 at website httpaaahq.orgauditmidyear03midyearpapersResearch20Roundtable203-Turner-Mock-Srivastava.pdf

The research project identifies various journal publications and articles that empirically addresses the literature support of the fraud risk triangle (Turner, Mock  Srivastava, 20032002) of opportunity, the incentive or pressure prevailing and the rationalization as the potent conceptual illustration of the existence of fraud in the UK banking system. In figure 1, the opportunities may likely represent IT risks and vulnerabilities specifically in the Internet and mobile banking services as well other IT-related processes. A great number of fraudulent acts, both internal and external basically follow the same pattern  

The UK banking system is one vulnerable area for fraud despite advances in the use of IT processes. During the period 2005 to 2006, total credit card frauds amounted to more than 800 million pounds with online banking frauds increasing to 33.5 million pounds from 23.2 million a year-ago. (FinFacts, 2007) In addition, check fraud losses in 2006 amounted to 30.6 million pounds from 40.3 million. Experts see phising of security details as among the more common frauds committed. Clearly, scams of this type registered 33.5 million pounds, an increase of 44 per cent or 14,156 attacks on UK banks.                          

FinFacts data (2007) implies that there is no one-size-that-fits-all approach to handling and dealing with banking fraud anywhere.(Ramos, 2003)  Although certain measures such as the Chip and PIN has had a significantly positive impact on preventing fraud losses in UK business shops.(Visa, 2010) Clearly, cards embedded with the cutting edge microchip are able to store  150 times more information than magnetic-stripe-type cards. The additional capacity is expected to provide users, shops and cardholders greater convenience, reliable security payment flexibility. However, non-users of Chip and Pin remain vulnerable to frauds especially those heavy on the use of internet and phone. Unsecured banks are especially at greater risk. (Frow, Marginson,  Ogden, 2005)

Credit card fraud is likely to develop to more sophistication as the use of IT in the banking system. Clearly, credit card fraud crimes cannot be addressed with single-layered approach. Preventive and detective measures may need to come through collaboration of the public and private sectors. Here, fraud can be spawned from within, as well as externally. (Kaminsky  Reinhart  Vegh, 2003) Here, a phenomenon of crime committed by sectors tasked to secure the system remains an industry concern. Hence, developing and implementing strategies, sharing of data and government interventions to eliminate existing barriers are moot and academic. The enactment of the Fraud Review and the Serious Crime Bill is expected to introduce better, more strategic use of new and existing powers to disrupt criminal activities and prosecute those responsible through the creation of a Serious Organised Crime Agency. (HL Bill 27 2006-2007).

7.1 Literature search and review
Documentary sources will serve as secondary data identified and analyzed in support of fraud risk incidents. Internet sources specifically from the peer-reviewed journal portals of Elsevier, Science Direct, Questia, Lexis Nexis or Psychology Press are to be explored for comprehensive empirical and theoretical literature.
Primary data obtained through interviews and surveys are considered appropriate as these will provide the key explanations on the nature, character and disposition of credit card fraud crimes resolved and documented. A researcher-designed survey questionnaire that will provide answers to the research problems are to be pilot-tested and submitted for approval for purposes of generating valuable and credible data. (Cooper  Schindler, 2008)

7.2 Data collection and sample
The scientific process of inquiry will make use of the descriptive survey using both quantitative and qualitative processes. This will involve the identification of the survey respondents from samples of respondents and key informants  the list of key bank officers of the UK banking system including credit card companies occupying direct controls over the IT infrastructure internal anti-fraud and risk management officers and operations head as well. Government examiners and regulators tasked with handling credit card fraud crimes in the UK banking system are included.

The qualitative approach will be provided by the analysis of critical incidents of fraud from ground data gathered as provided by key informants. The phenomenological and grounded theory approaches will be used in this regard. Grounded theory is an inductive technique developed Glaser and Strauss (1967) and has its roots in the various data from which it was derived and is based on symbolic interaction theory. .

Thus, data in support of the need to identify the credit card credit card fraud risk will come from surveys and interview of key banking executives and practitioners in the UK area as well as documents evaluated from the files and records of the Bank of England, Financial Times, Credit Card issuers or Scotland Yard credit card fraud archives.