• The Journal of Asian Finance, Economics and Business
• /
• v.7 no.10
• /
• pp.717-728
• /
• 2020

The objective of this study is to explore the whole process of fraud risk management strategies that should be implemented by the organizations. Secondly, this study discusses the governance issues that arise at each stage of the process. For the purpose of this study, a content analysis of previous literatures is used as a technique for gathering data. This process usually involves codifying qualitative and quantitative information into pre-defined categories in order to derive patterns in the presentation and reporting of information. Based on our content analysis, we found that the fraud risk management process should be made of at least five stages which are inculcating the culture of managing risks in an organization, identifying the risks, evaluating the risks, determining preventive actions and implementing and reviewing stages. Our extended analysis of the fraud risk management process finds that a lot of governance issues arise in the fraud risk management process that should be solved by regulators and companies in order to ensure that fraud risk management process is embedded as corporate culture, not merely as a process. Among them are how to create the risk culture in an organization and whether auditors and risk management committees identify risks from each available source.

• The Journal of Information Systems
• /
• v.18 no.4
• /
• pp.41-57
• /
• 2009

Although financial information is a great influence upon determining of the group which use them, detection of management fraud and earning manipulation is a difficult task using normal audit procedures and corporate credit evaluation processes, due to the shortage of knowledge concerning the characteristics of management fraud, and the limitation of time and cost. These limitations suggest the need of systemic process for !he effective risk of earning manipulation for credit evaluators, external auditors, financial analysts, and regulators. Moot researches on management fraud have examined how various characteristics of the company's management features affect the occurrence of corporate fraud. This study examines financial characteristics of companies engaged in fraudulent financial reporting and suggests a model and system for detecting GAAP violations to improve reliability of accounting information and transparency of their management. Since the detection of management fraud has limited proven theory, this study used the detecting method of outlier(upper, and lower bound) financial ratio, as a real-field application. The strength of outlier detecting method is its use of easiness and understandability. In the suggested model, 14 variables of the 7 useful variable categories among the 76 financial ratio variables are examined through the distribution analysis as possible indicators of fraudulent financial statements accounts. The developed model from these variables show a 80.82% of hit ratio for the holdout sample. This model was developed as a financial outlier detecting system for a financial institution. External auditors, financial analysts, regulators, and other users of financial statements might use this model to pre-screen potential earnings manipulators in the credit evaluation system. Especially, this model will be helpful for the loan evaluators of financial institutes to decide more objective and effective credit ratings and to improve the quality of financial statements.

• Journal of Intelligence and Information Systems
• /
• v.23 no.3
• /
• pp.119-138
• /
• 2017

Recently, SNS has become an important channel for marketing as well as personal communication. However, cybercrime has also evolved with the development of information and communication technology, and illegal advertising is distributed to SNS in large quantity. As a result, personal information is lost and even monetary damages occur more frequently. In this study, we propose a method to analyze which sentences and documents, which have been sent to the SNS, are related to financial fraud. First of all, as a conceptual framework, we developed a matrix of conceptual characteristics of cybercriminality on SNS and emergency management. We also suggested emergency management process which consists of Pre-Cybercriminality (e.g. risk identification) and Post-Cybercriminality steps. Among those we focused on risk identification in this paper. The main process consists of data collection, preprocessing and analysis. First, we selected two words 'daechul(loan)' and 'sachae(private loan)' as seed words and collected data with this word from SNS such as twitter. The collected data are given to the two researchers to decide whether they are related to the cybercriminality, particularly financial fraud, or not. Then we selected some of them as keywords if the vocabularies are related to the nominals and symbols. With the selected keywords, we searched and collected data from web materials such as twitter, news, blog, and more than 820,000 articles collected. The collected articles were refined through preprocessing and made into learning data. The preprocessing process is divided into performing morphological analysis step, removing stop words step, and selecting valid part-of-speech step. In the morphological analysis step, a complex sentence is transformed into some morpheme units to enable mechanical analysis. In the removing stop words step, non-lexical elements such as numbers, punctuation marks, and double spaces are removed from the text. In the step of selecting valid part-of-speech, only two kinds of nouns and symbols are considered. Since nouns could refer to things, the intent of message is expressed better than the other part-of-speech. Moreover, the more illegal the text is, the more frequently symbols are used. The selected data is given 'legal' or 'illegal'. To make the selected data as learning data through the preprocessing process, it is necessary to classify whether each data is legitimate or not. The processed data is then converted into Corpus type and Document-Term Matrix. Finally, the two types of 'legal' and 'illegal' files were mixed and randomly divided into learning data set and test data set. In this study, we set the learning data as 70% and the test data as 30%. SVM was used as the discrimination algorithm. Since SVM requires gamma and cost values as the main parameters, we set gamma as 0.5 and cost as 10, based on the optimal value function. The cost is set higher than general cases. To show the feasibility of the idea proposed in this paper, we compared the proposed method with MLE (Maximum Likelihood Estimation), Term Frequency, and Collective Intelligence method. Overall accuracy and was used as the metric. As a result, the overall accuracy of the proposed method was 92.41% of illegal loan advertisement and 77.75% of illegal visit sales, which is apparently superior to that of the Term Frequency, MLE, etc. Hence, the result suggests that the proposed method is valid and usable practically. In this paper, we propose a framework for crisis management caused by abnormalities of unstructured data sources such as SNS. We hope this study will contribute to the academia by identifying what to consider when applying the SVM-like discrimination algorithm to text analysis. Moreover, the study will also contribute to the practitioners in the field of brand management and opinion mining.

• Journal of Information Technology Applications and Management
• /
• v.18 no.2
• /
• pp.91-108
• /
• 2011

Enormous losses of shareholders and consumers caused by the risks threatening today's business (e.g., accounting fraud and inside trading) have ignited the necessity of international regulations on corporate ethics and internal control, such as Basel II and SOX. Responding to these regulations, companies are establishing governance system, applying it consistently to the core competency of the company, and increasing the scope of the governance system. Recently occurred security related incidents require companies to take more strict accountability over information security. One of the results includes strengthening of legislation and regulations. For these reasons, introduction of information security governance is needed. Information security governance governs the general information security activities of the company (establishment of information security management system, implementation of information security solutions) in the corporate level. Recognizing that the information security is not restricted to IT domain, but is the issue of overall business, this study develops information security governance framework based on the existing frameworks and systems of IT governance. The information security governance framework proposed in the study include concept, objective, and principle schemes which will help clearly understand the concepts of the information security governance, and execution scheme which will help implement proper organization, process and tools needed for the execution of information security governance.

• Asia pacific journal of information systems
• /
• v.23 no.4
• /
• pp.103-128
• /
• 2013

When a consumer needs a product or service and multiple sellers are available online, the process of selecting a seller to buy online from is complex since the process involves many behavioral dimensions that have to be taken into account. As a part of this selection process, consumers may set minimum trust expectation that can be used to screen out less trustworthy sellers. In the previous research, the level of consumers' trust expectation has been anchored on two important factors: product involvement and perceived risk. Product involvement refers to the extent to which a consumer perceives a specific product important. Thus, the higher product involvement may result in the higher trust expectation in sellers. On the other hand, other related studies found that when consumers perceived a higher level of risk (e.g., credit card fraud risk), they set higher trust expectation as well. While abundant research exists addressing the relationship between product involvement and perceived risk, little attention has been paid to the integrative view of the link between the two constructs and their impacts on the trust expectation. The present paper is a step toward filling this research gap. The purpose of this paper is to understand the process by which a consumer chooses an online merchant by examining the relationships among product involvement, perceived risk, trust expectation, and intention to buy from an e-tailer. We specifically focus on the mediating role of perceived risk in the relationships between enduring product involvement and the trust expectation. That is, we question whether product involvement affects the trust expectation directly without mediation or indirectly mediated by perceived risk. The research model with four hypotheses was initially tested using data gathered from 635 respondents through an online survey method. The structural equation modeling technique with partial least square was used to validate the instrument and the proposed model. The results showed that three out of the four hypotheses formulated were supported. First, we found that the intention to buy from a digital storefront is positively and significantly influenced by the trust expectation, providing support for H4 (trust expectation ${\rightarrow}$ purchase intention). Second, perceived risk was found to be a strong predictor of trust expectation, supporting H2 as well (perceived risk ${\rightarrow}$ trust expectation). Third, we did not find any evidence of direct influence of product involvement, which caused H3 to be rejected (product involvement ${\rightarrow}$ trust expectation). Finally, we found significant positive relationship between product involvement and perceived risk (H1: product involvement ${\rightarrow}$ perceived risk), which suggests that the possibility of complete mediation of perceived risk in the relationship between enduring product involvement and the trust expectation. As a result, we conducted an additional test for the mediation effect by comparing the original model with the revised model without the mediator variable of perceived risk. Indeed, we found that there exists a strong influence of product involvement on the trust expectation (by intentionally eliminating the variable of perceived risk) that was suppressed (i.e., mediated) by the perceived risk in the original model. The Sobel test statistically confirmed the complete mediation effect. Results of this study offer the following key findings. First, enduring product involvement is positively related to perceived risk, implying that the higher a consumer is enduringly involved with a given product, the greater risk he or she is likely to perceive with regards to the online purchase of the product. Second, perceived risk is positively related to trust expectation. A consumer with great risk perceptions concerning the online purchase is likely to buy from a highly trustworthy online merchant, thereby mitigating potential risks. Finally, product involvement was found to have no direct influence on trust expectation, but the relationship between the two constructs was indirect and mediated by the perceived risk. This is perhaps an important theoretical integration of two separate streams of literature on product involvement and perceived risk. The present research also provides useful implications for practitioners as well as academicians. First, one implication for practicing managers in online retail stores is that they should invest in reducing the perceived risk of consumers in order to lower down the trust expectation and thus increasing the consumer's intention to purchase products or services. Second, an academic implication is that perceived risk mediates the relationship between enduring product involvement and trust expectation. Further research is needed to elaborate the theoretical relationships among the constructs under consideration.

• Journal of Internet Computing and Services
• /
• v.18 no.3
• /
• pp.71-83
• /
• 2017

In recent years, by utilizing the greatest strengths of process mining, the various research activities have been actively progressed to use auditing work of business organization. On the other hand, there is insufficient research on systematic and efficient analysis of massive data generated under big data environment using process mining, and proactive monitoring of risk management from audit side, which is one of important management activities of corporate organization. In this study, we intend to realize Hadoop-based internal audit integrated real-time monitoring system in order to detect the abnormal symptoms in prevent accidents in advance. Through the integrated real-time monitoring system for purchasing audit, we intend to realize strengthen the delivery management of purchasing materials ordered, reduce cost of purchase, manage competitive companies, prevent fraud, comply with regulations, and adhere to internal control accounting system. As a result, we can provide information that can be immediately executed due to enhanced purchase audit integrated real-time monitoring by analyzing data efficiently using process mining via Hadoop-based systems. From an integrated viewpoint, it is possible to manage the business status, by processing a large amount of work at a high speed faster than the continuous monitoring, the effectiveness of the quality improvement of the purchase audit and the innovation of the purchase process appears.

• Korean Security Journal
• /
• no.41
• /
• pp.387-408
• /
• 2014

South Korea already became an aging society, and is now in the process of becoming an aged society. With increasing elderly population, elderly safety issues such as traffic accidents and elderly suicides are becoming important problems. Elderly victimization are increasing, and elderly safety accident is also becoming an imporotant social problem. The police is doing various activities for elderly safety. The police is conducting programs for the elderly, such as a prevention program for fraud against elderly, and safety checks and traffic safety education for preventing elderly traffic accidents. Also, there's a program of providing regular visits for a lone elderly, expansion of CCTV network and fingerprint registration to prevent elderlies with Alzheimer's disease going missing. However, these programs are not done on a national scale, but rather limited to local police stations. The purpose of this study is to seek police roles for enhancing elderly safety, due to lack of police activity in this area. Recommendation for police roles in enhancing elderly safety is to first conduct routine crackdowns on fraud against elderly and also conduct education programs for preventing fraud. Also, crimes such as elderly abuse is lead by elderly protection agencies, but considering elderly abuse is a crime, the police should take a leading role. Also, to prevent elderly suicide, meticulous management of elderlies with high suicide risk is necessary, and elderly protection areas should be designated to prevent traffic accidents. Also, elderlies should be induced to turn in their driver's license. To conduct these matters of elderly safety, an organization exclusively charged with elderly safety is necessary. Elderly safety is a broad concept, and since police alone cannot handle the task of ensuring elderly safety, the police should take on a leading role in cooperative efforts with various institutions of the government, non-profit organizations and the community to establish a social saftey net for elderly safety.