Skip to content

Digital Forensics

Addressing Challenges to Investigating Financial Crimes

August 10, 2023

The value of data to the modern corporation can hardly be underestimated. Organisations today amass more data, from more sources, than ever before. They collect data from every business transaction with their customers. They create data throughout the course of business operations, for everything from budgeting and work planning to research and development and internal communications. This wealth of information keeps the organization moving forward and allows them to deliver highly targeted products and services to customers at just the right time.

But all this data comes with costs as well. Data produces risks. The increasingly complex regulatory landscape imposes restrictions (and financial penalties for failure to comply) on how data can be collected, processed, and used. In addition to regulators, external bad actors deploy malware, spyware, ransomware, and other hacking methodologies to steal intellectual property, financial information, and commit cybercrimes. Examples about, but in Germany, the Wirecard Scandal, in which corrupt business practices and fraudulent reporting bankrupted the financial services provider, culminated in revelations that almost €2 billion had gone “missing,” resulting in the organisation’s decision to file for bankruptcy in 2020.

There are a number of challenges modern organizations face in their efforts to prevent financial crimes (and other cybercrimes and cybersecurity threats, as well). These challenges include:

  • Expansion of data sources: Organizations today have more data sources than ever before. Individual users may have data stored on physical devices, virtual devices, and in cloud sources—and IT or other departments may not have visibility into all of them.
  • Transformations in information architecture: Between the rise of remote work arrangements and the prevalence of workers using personal devices, such as smartphones, for work, organisations now have much more permeable networks than in times past.
  • Risks associated with personal data: Consumer data held in these locations creates risk, as their financial data can be stolen or used in a fraud and other criminal activity downstream from the initial cyber-incident.

These threats aren’t just theoretical; they are pressing concerns for executive leadership at organisations across Germany, Europe, and the world at large. In fact, to better understand the challenges facing corporate IT departments today, Exterro surveyed C-level executives across a broad range of corporations through IDG Enterprise in 2022. The results reveal that organizations are looking for solutions that address day-to-day investigation needs, centered around ensuring compliance, ensuring data security and responding to incidents.

Challenges Affecting Organizations’ Investigative Capabilities

  • 57% are concerned over the costs and time spent on investigations
  • 51% struggle with investigations into disparate or siloed data sources
  • 47% lack integrated solutions that work across all types of devices and data sources

Technology Needs

  • 52% want technology that helps keep information systems, applications, devices in compliance with variety of business regulations
  • 52% want technology that helps keep customer, financial, IP data safe from breach
  • 43% want technology that shortens the time for response to cybersecurity events

Source: 2022 Exterro/IDG survey of C-level executives

Defining Requirements for Effective Investigations

Given these challenges, how can organizations choose the right technology to investigate suspected financial wrongdoing effectively? There are several technical requirements that any solution must offer.

Deep Integrations

Digital forensic software must be capable of being integrated with the technologies deployed across the organization. Thomas Vieth, International Technical Engineer at Exterro, explains, “In light of organisations’ expanding technology infrastructure, investigation teams need to be able to integrate with literally every single item within your infrastructure, whether this be Windows machines, Linux machines, point of sales machines, Mac devices, mobile phones, cloud data repositories—and also security information and event management (SIEM) software to identify possible incidents and investigate them as quickly as possible.”

Remote Capable

Vieth cites the cultural changes in organisations as a major factor, too. He says, “Corporations are growing larger and larger. Everything is moving to the cloud. Everyone is moving to work from home environments—and these challenges are only increasing. There's not going to be a situation in the next five to 10 years where this problem's going to get easier to solve. Internet of things devices will become more available, and work from home will become more prevalent for every company.” If there’s an intrusion on a network, or some unexpected indicators of what might be a financial crime, investigators need to be able to act immediately to understand and remediate it.


Successfully preventing, investigating, and minimizing the impacts of financial crime (and other cyber-incidents) requires broad collaboration across the organisation. Vieth continues, “Human resources, IT, investigation teams, and legal departments are all going to be involved in the practice to prevent financial crime in the future. Every single department in this has a valuable role to play.” While forensic investigators need the technical tools to do their jobs, it’s likely that non-technical experts from other departments—perhaps even in other locations—will need to be involved in reviewing and interpreting evidence.

Single-platform Solution

Given the wide variety of data sources the typical investigation has, as well as the fact that many investigations will demand require non-digital forensic reviewers to lend their expertise, it’s imperative to have a single technology platform to review all case data. HR professionals, finance professionals, and legal team members may all need to participate in review—but they don’t have the time to learn multiple technologies to do so. They need a single, easy-to-use and easy-to-learn review platform capable of ingesting data from a variety of sources. Vieth says, “Teams need a solution that every department can use at the same time. It requires role-based access, so team members only see the material that’s appropriate for their role, alongside visualization tools that make the data easy to interpret. But at the same time, it needs to offer the level of depth and the secure chain of custody a forensic investigator would expect.”

To learn more about the specifics of investigating financial crimes in Germany, download our new whitepaper, 
Minimising the Likelihood and Impact of Financial Crime.

Sign Up for Alerts

Get notified when new content for specific topics is available.

Sign Up