"All of these companies have been using data mining for years externally, but less than ten percent told us that they were using it internally to fight fraud, which doesn't make sense," Orad said. "Less than 50 percent said they had any form of automation in place to fight fraud, which tells us, the majority have been using reactive processes or manual reporting to investigate suspected problems, which isn't going to prevent incidents from happening and only addresses the issue after the fact."
Among the types of scams that Actimize was told about by the respondents were instances of self-dealing, skimming, data-theft, embezzlement and collusion.
In the case of one of the most common methods for carrying the schemes out, so-called "identity shielding," through which perpetrators gain access to data using another worker's credentials, only 28 percent of those participating in the survey said they had some manner of stopping or detecting the attacks.
While data-handling regulations such as the Sarbanes-Oxley Act and the Payment Card Industry (PCI) compliance requirement have been proposed by some experts as helping to solve the insider fraud issue, those surveyed by Actimize said that isn't necessarily the case.
An overwhelming 70 percent of respondents said that government regulation or standards regarding employee access to customer accounts and data would actually "hinder" their company's ability to detect or prevent employee fraud.
As with many other types of IT projects, the shortfall in more comprehensive insider fraud protection can be tied largely to a lack of sufficient budgeting for tools such as those his company markets, Orad said.
"We see some visionaries who are making the commitment to buy technology that will help automate the process, and it's a growing group, but it is still a comparatively small minority of all businesses," Orad said. "All of these companies know that they want to keep their names out of the headlines related to fraud, and most recognize that it is a problem they aren't adequately prepared to deal with, but as with a lot of IT issues, the biggest obstacle appears to be a lack of budget."