Protecting organisations against huge fraud losses caused by ghost employees

A number of important South African companies could suffer large losses as a result of “ghosts,” or “paper employees,” who work for companies or government agencies but are not there in person.

This problem is more criminal than paranormal in nature; among the most common forms of occupational fraud are ghost employees, which are spread through illegal payroll operations and have the potential to cause significant losses for the organizations involved, whether they be government agencies or commercial enterprises.

Furthermore, South Africa is not alone in the fight against this kind of payroll theft; numerous cases have been documented throughout Africa and beyond. For example, the Nigerian police force has found over 80,000 ghost workers; the Mozambican government has found 30,000 ghost workers; and scams involving ghost employees have also been reported in Zimbabwe and Kenya.

Ghost workers are not just a problem for the public sector; they can also pose a threat to large, varied organizations. Leaders need to invest in technology that can precisely define positive identity in order to limit risk, safeguard organizations, and ensure data integrity and trust. This technology can also enforce accountability.

With over 90,000 members, the Association of Certified Fraud Examiners (ACFE) is the largest anti-fraud organization in the world. According to an ACFE research conducted worldwide in 2022, payroll fraud caused significant financial losses overall and its main component—the existence of ghost employees—accounted for 9%[2] of incidents that were reported worldwide.

According to the ACFE report, “organizations cannot prevent all fraud; an employee will eventually commit fraud if an organization is in operation for a long enough period of time.” As such, having the ability to identify fraud rapidly is essential. According to our research, the mean time elapsed between the initiation of a scam and its detection is 12 months, which is known as the median duration of fraud. Furthermore, the financial damage increases with the length of time a scam goes undiscovered[3].

How can phantom employees get into the system?

There are several ways for ghost workers—fictitious employees loaded onto payroll and business systems with the sole intent of committing fraud or other crimes against the company—to get into the system. These include being introduced by threat actors seeking to accomplish more than merely cheat the payroll, or being loaded or left in the system by dishonest personnel.

As they oversee a massive network of databases, systems, and computers that do not uphold the highest standards of data integrity, many government organizations struggle with the persistent problem of ghost employees. If the company even knows that the ghosts exist, tracking them down is an impossible process.

In order to effectively manage and overcome the challenges associated with accurately counting employee heads, as well as to ensure comprehensive visibility into the complexities surrounding ghost employees, duplicate records, and potential insider threats, it is imperative that public sector organizations and large businesses worldwide establish comprehensive integrity management systems.

So … To whom will you give a call?

The famous protagonists of the “Ghostbusters” films are known to proclaim, “I ain’t afraid of no ghost,” but in the digital age, this proverb won’t hold up as well.

As an alternative, Datacentrix, a top hybrid ICT systems integrator and managed services provider, advises businesses to think about implementing a special transaction security solution like its own eDNA identity and access management (IDAM) system, which establishes employee accountability for all vital business apps. By utilizing a secure biometric identification system to verify personnel, this solution aims to eliminate fraudulent transactions and ghost employees from both public and private organizations. To guarantee that the activities of the payroll and other crucial applications are linked to a specific individual, this would entail forensically reviewing and evaluating particular transactions. This would provide legally reliable proof of each action made in the systems. This offers organizations a remarkable extra degree of preventive security.

eDNA offers nine processes for reliable data.

The eDNA solution from Datacentrix uses a trusted data management and authentication procedure to guarantee that the individual identities and data of an organization are protected in the following order:

1. Secure enrollment in accordance with Electronic Communications and Transactions (ECT), POPIA, and Positive Identity Governance;
2. Three-factor digital authentication with a smartcard as the last factor after a PKI certificate and biometrics;
3. a secure access gateway that restricts logon access to those who have completed eDNA’s three-factor digital authentication;
4. Transactions involving sensitive customer data are carried out and must be safeguarded;
5. Sensitive transaction data is tracked using established business rules;
6. eDNA transactions are sealed and signed at the location of the data;
7. constructing client frameworks for business rule tracking and reporting on the foundation of an alert and business intelligence system;
8. The solution makes it possible to provide forensic evidence derived from legally recognized data; and
9. A system that is impervious to tampering that guarantees that all computing facilities follow the highest level of data security and end-to-end protection.
10. The frequency of ghost workers is a reflection of larger problems with corruption and unethical behavior, which can have a detrimental impact on society as a whole.

According to Emmanuel Ikechukwu Okoye, a professor of accounting in Nigeria, fraud has emerged as one of the biggest threats to the global economy. It is a worldwide issue that affects not just our big businesses and important financial institutions but also smaller businesses and the general population, who end up footing the bill for the losses through higher prices for goods and services.

Thus, eliminating ghost workers and making sure that mechanisms are in place to keep them out of the office are crucial tasks for any organization. Send an email to [email protected] to reach Rainer Jeske with questions about Datacentrix’s eDNA product. By Rainer Jeske, Consultant at Datacentrix