The airline industry is losing millions of dollars to fraud annually, according to a new report.
Delloite surveyed airlines across the world of all sizes and business models. Comments came back from all continents and a variety of airlines, including network, low cost and charter companies.
“In 2006, the average loss to fraud was estimated at US$3.3 million whereas today it sits at around $2.4 million… however, the real cost of the losses to fraud goes a lot further than the figure that appears on the books, as any concerns over an airline’s security can have a highly negative impact on the image of the company,” read the report.
Relationships with suppliers could also be damaged as could the workplace culture.
On analysis of the responses, Deloitte said there are four distinct areas of risk that can be managed.
Business practices, policies and procedures determine the way an organisation operates. Clear fraud reduction plans or codes of ethics for staff are checked. Technology is a particularly vulnerable area, as airline information systems do not have methods to track or manage fraudulent attacks in nearly half those surveyed.
It is also vital that management information is available for leaders to understand what is going on. Without central management of information, airlines cannot develop robust prevention strategies. Finally, employing people with correct skill sets and staffing levels is important.
The survey said that 43 per cent of airlines had a policy, compared to 65 per cent at the time of a 2006 survey. Whistle-blowing mechanisms and codes of ethics, plus such a policy agreed at a high level to cover the entire organisation, were key elements, said the analysts. Three steps to a fraud detection plan could be discovery and detection to find out where fraud is occurring, and then developing a robust plan to correct faults and introduce monitoring. This should be both ongoing and long-term. Tracking the benefits would help evolve solutions.
Almost half those surveyed said credit card fraud had increased, and weak technology controls were seen as a major threat. Point of sale or handheld devices had increased, said 35 per cent of airlines, and 22 per cent had seen an increase of attempts to breach IT security and internet firewalls.
The speed of online transactions was flagged as a factor in fraud because internal checks could not be applied in time. Over half the respondents – 52 per cent – said that they had no system at all to detect and track fraudulent attempts to buy tickets. Indeed, 65 per cent outsourced their fraud management to third parties. The analyst organisation advised that airlines check their business requirements and align them with the risks; perform a cost and benefit analysis to balance how much investment would be needed to present a $1 million fraud loss; implement smart working processes, controls and performance metrics.
Data management was seen as crucial, and business intelligence could monitor and track fraud. A risk-based approach, said Deloitte, would enable companies to prioritise actions and become cost-effective. This reporting should be in-depth in order to get timely and accurate information to inform the correct decisions.
“Airlines need to manage their data in the most effective way, so they can see where the major risks are and take action accordingly,” read the report.
The weak economy had led to a reduction in staff but this needs to be balanced against the potential losses, from fraud, in finances and reputation, advised Deloitte.
Analytical and operational staff need to work together to manage threats and identify new ones, but all employees needed a basic understanding of issues. There should be in-depth training for specialists and recognition of their work is essential.
The survey, released this month, was based on responses collated in 2009.