The three key approaches to ensuring an ERP system is not the subject of internal fraud are controlling access, setting up Segregation of Duties, and setting up alerts on critical data. With EnterpriseOne, there are ways to monitor transactions at the database layer, but changes to critical and master data cannot be monitored effectively with this method. The database simply does not show the before values and does not identify the user who did the modification.
Fraud Detector fits very well with the Q Software tools for Access control and SoD, by enabling the user to selectively set up alerts against areas of the system that are concerning. Changes to key data entities such as the Address Book or even Payroll data can be monitored, and Management informed of suspicious activity. These tools together provide a complete pro-active control over fraudulent activity on the system.
PROACTIVELY MONITOR FOR COMMON FRAUDS
Unauthorized changes to master data should be investigated promptly as they could be a sign of fraudulent activity.
For example:
- Changes to the Address Book and/or Vendor Bank Account details could be symptomatic of “Dummy Company” fraud.
- A large increase in a Vendor Credit Limit may indicate procurement fraud.
- A high percentage rise in an employee’s salary may be suspicious and need investigating!
But native JD Edwards doesn’t alert you, so such activity can go undetected for a long time and result in huge losses.
Fraud Detector gives you powerful auditing tools which can alert you instantly to suspicious changes and make it easy for you to view and investigate them.
