Internal fraud is becoming harder to spot because it no longer lives in one system.
A suspicious invoice may look normal. A vendor name may look familiar. A contract may appear complete. A payment change may seem routine. But when those details are connected across multiple entities, records, and payment paths, an entirely different picture can emerge.
That is the lesson from a recent DOJ case involving three former senior employees of Telekom Malaysia’s U.S. subsidiary. This month, the DOJ announced charges tied to an alleged scheme that diverted more than $20 million through false statements, forged records, fictitious transactions, corporate impersonation, individual impersonation, and sham entities designed to resemble legitimate companies. The charges are allegations, and the defendants are presumed innocent unless proven guilty.
For fraud, legal, corporate security, and due diligence teams, the case points to a larger shift. Insider fraud is no longer just an accounting-control problem. It is also an entity-resolution and public-records problem.
According to the DOJ, the alleged scheme involved several forms of deception, including two versions of a contract, forged signatures, a fake entity named to resemble the company’s U.S. subsidiary, supplier impersonation, and payments directed to accounts controlled by the defendants. Prosecutors also alleged that a departed employee remained active in company records for years, with salary payments routed to an account controlled by the defendants.
These details matter because many of the warning signs were not isolated financial issues. They involved core questions like:
A review limited to internal systems can miss these questions. Internal records show what the organization has been told. They do not always prove whether an entity, location, or relationship exists as represented.
One of the most notable allegations involved an exit interview. The DOJ said the defendants recruited another person to impersonate a departed employee and, when HR requested a video call, arranged for that person to disguise his appearance using an artificial intelligence program.
That detail should get every investigator’s attention. Visual confirmation, signed paperwork, and familiar names are no longer enough on their own. As deception becomes more convincing, teams need stronger ways to verify those behind high-risk operations or actions.
That does not mean every process needs to slow down. It means certain triggers should prompt a deeper review:
The alleged Telekom Malaysia scheme is a sharp reminder that insider fraud can blend old methods with new deception. Forged records, sham entities, supplier impersonation, and AI-assisted abuse all point to the same reality: organizations need to verify as much or more than they simply approve.
The teams best positioned to respond will be the ones that can centralize entity checks, compare internal claims against public records, and surface inconsistencies earlier.
Fraud prevention now depends on a simple but critical question: who, and what, is really behind the transaction?