FRAUD
The evolving threat from within
A recent briefing,“ The Threat from Within: A Growing Concern,” 1 jointly published by ACAMS and Cifas, 2 offered a framework for understanding the shifting landscape of risks posed by insiders operating within both public and private sector organizations.
Once narrowly defined as rogue traders or disgruntled employees, insider threats now encompass a broader range of risks. These include collusion with external threat actors, such as organized crime gangs, malicious insiders embedded for long-term exploitation( sometimes placed by state actors) and internal complacency leading to critical financial crime or cybersecurity control failures. This article unpacks this concerning phenomenon through the lens of several recent case studies that expose the breadth, complexity and cross-sectoral nature of insider-enabled fraud, money laundering, cybercrime and other malicious schemes.
ACAMS and Cifas highlighted a critical evolution: Insider threats are no longer confined to isolated incidents but are increasingly part of complex fraud and geopolitical money laundering schemes. Insiders may act as facilitators, enablers or gatekeepers ― knowingly or through negligence ― making internal oversight essential but difficult.
In all the cases reviewed, insiders were pivotal to both the successful execution of the crime and the circumvention of existing controls.
All these cases involve a variety of environmental factors and should be considered based on their unique characteristics, such as predicate crime, organizational features and control frameworks.
Case studies:
1. A recent case emanating from Kenya demonstrates the potential scale of the risk insiders can present to a single financial institution( FI). 3 An Equity Bank audit uncovered a $ 11.6 million( KSh 1.5 billion) insider fraud spanning a 90-day period. Stolen IT credentials from a senior payroll manager enabled over 40 unauthorized transfers to external accounts via payroll and mobile wallets. Staff across all levels and departments, including senior managers and junior clerks, were implicated ― some due to direct collusion, others for failing to report suspicious activity. Ultimately, over 1,200 employees were sacked or laid off as part of an internal purge.
The fraud involved multiple methods: misdirection of mobile payments, unauthorized interbank transfers( including offshore) and the acceptance of customer“ tips” or bribes.
The scale of the purge exposed systemic governance weaknesses in internal controls and culture, anti-fraud personnel and routine forensic audits. The case illustrates how insider risk can permeate seemingly routine transactions, highlighting the need for proactive monitoring of employee behavior.
2. In May 2024, a former U. S. State Department budget analyst pleaded guilty to embezzling over $ 650,000 from her employer. 4 She manipulated vendor records and submitted false payment authorizations, exploiting internal trust in her role as a financial officer. This typifies the“ privileged position risk,” where access to systems, combined with insufficient segregation of duties and a lack of transactional oversight, enabled sustained fraud. This case illustrates how internal process gaps can amplify critical vulnerabilities across institutions. Enhanced due diligence and anomaly detection in procurement and vendor payments are as vital as customer-level monitoring.
3. In June 2025, a case was highlighted where a senior executive at the CFA Institute, a financial education group based in the U. S., misappropriated millions through fake expense reimbursements and phony vendor payments. 5
38 acamstoday. org