How poor Access Management can lead to fraud

Information systems fraud is about as high a set of stakes as you can get. Millions of dollars can be lost over time, as some historical examples have shown us. Also, should you be found out of compliance with regulations, resulting legal action from clients and governing bodies can add fees and fines to the financial burden.


One of the more surprising areas of opportunity for this is poor access management. Sofy’s Access Management tool help businesses to identify these potential pain points for fraud.


Here is how poor access management can play out.

The road to fraud

Bad or outdated access management systems, lacking the speed and capacity to catch malicious elements, can lead to fraud potential. For example, if someone was to obtain a CEO’s device and use it to access his email, an up-to-date access management system would alert a team of any suspicious activity. Access from a suspicious time zone or location would result in an instant red flag. Older access management systems, while providing this information, often lack speed and urgency. This means that sensitive information could already be compromised before the breach is common knowledge.


Another path to fraud is using an access management system without proper segregation of duties. One of the easiest ways to minimize fraud is to make sure as few people have access to sensitive data or finances as possible. Some legacy systems lack the means to do this and cannot track users with past violations within the system. This can make it more difficult to pinpoint suspicious activity.

Improving your Access Management

With there being so much to lose, what can professionals in the field do to improve their access management? You can start by centralizing your approach. Growing businesses should especially pay attention to this, as it is more likely that they are adding more and more devices to the network. More centralization not only helps with security, but also makes for a more user-friendly experience.

Equally important is taking the time to phase out legacy systems. This can be a headache for companies which have them embedded in their workflow, but ultimately, these systems are going to have areas of vulnerability that never really go away. It is still probably worth it to try and upgrade regardless. Many of these legacy items may lack the compatibility with other modern options you intend to implement.


Perhaps the most important thing is making sure that you have a reliable access management software solution. You need to be able to have something that matches the compliance needs of your industry, while providing optimized functionality. Sofy is a perfect match.


Do you want to learn more? Request a free demo here.

Start finding the value in your data

Request a free demo and one of our experts will take you on a little tour! During the demo, we will show you all the functionalities within the Sofy platform. Find out how Sofy can help you optimize your workflows and make better business choices!

© 2020 KPMG N.V., registered with the trade register in the Netherlands under number 34153857, is a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative ('KPMG International'), a Swiss entity. All rights reserved. KPMG International Cooperative ('KPMG International') is a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm.