This paper examines how organisations are responding to the threat of identity fraud and the challenges that they face in doing so. Quantitative data were collected from 29 Australian organisations. The majority of organisations sampled emphasised the 'anticipation' of identity fraud and, in particular, activities performed in relation to prevention, deterrence and detection. Furthermore, organisations with more sophisticated preventative controls reported lower losses. Counter-intuitively on first glance, organisations with higher detection capabilities reported higher losses (other things being equal). The contributions of this paper are two-fold. Firstly, a framework is presented that both operationalises the identity fraud construct and facilitates the measurement and understanding of organisational responses in terms of a 'value-chain' of activities. Secondly, exploratory evidence is presented on how organisations are responding to identity fraud and the efficacy of these responses.
Publisher version archived with the permission of the publisher Macquarie Graduate School of Management, Macquarie University, NSW, Australia. This archived copy is available for individual, non-commercial use. Permission to use this version for other uses must be obtained from the publisher.