background Layer 1
International community of IT Leaders: Best IT Practices & Professional Growth Together
Sign in Join Us

AI-Driven Access Automation for a Mining Major: Proactive Fraud Prevention

Customer
Saudi Mining Company (Ma'aden)
Project manager on the customer side
Ramesh Murugesan
Head of IT Governance & Advisory
IT Provider
Technology Risk Limited
Year of project completion
2024
Project timeline
August, 2024 - December, 2024
Project scope
2560 man-hours
Goals
The IT Security & Governance Team of a Mining major with over 10 USD billion revenue has launched an AI and automation-driven initiative to bolster the security of Oracle Fusion Cloud, providing a seamless, secure, and efficient experience for application users. This driven security project for the Mining major leverages AI and automation best practices to:

AI-Driven Access Management: Leverage AI to automate joiner, mover, and leaver (JML) processes, dynamically adapting access to prevent internal fraud and reduce reliance on reactive security measures.

  1. Automated Fraud Detection with Cost Optimization: Implement predictive AI models i for proactive fraud prevention at a lower TCO, enabling cost-efficient, continuous protection.

  2. Enhanced Accountability with Intelligent Monitoring: Use AI and automation to track Oracle Fusion user actions and behaviors, making security a shared responsibility across IT and business teams.

  3. Real-Time Risk Detection and Security Awareness: Shift to an AI-powered, real-time risk detection model that fosters a proactive security culture and anticipates threats before they escalate.

  4. Streamlined Compliance and Operational Efficiency in Mining: Use automation to boost efficiency, ensure compliance, and enhance user confidence by proactively addressing risks and upholding security standards.

By embedding AI and automation, the Mining major's IT not only elevates security but also delivers significant business value, fostering a resilient and secure technology environment

Project Results

Project Results:

  • Significant Cost Savings: An estimated $7 million USD in annual savings by reducing manual efforts in user access reviews and minimizing fraud risks.
  • Enhanced Efficiency: Freed up 22,000 man-hours per month, allowing teams to focus on higher-value tasks rather than time-consuming access evaluations.
  • Reduced Risk Exposure: Lowered the risk of reputation damage and internal fraud, which can often account for up to 2% of revenue, by implementing proactive access management and fraud prevention controls.

The uniqueness of the project

The the Mining Major's Project is uniquely positioned by harnessing AI and automation to redefine risk management and access security within Cloud ERP, with distinctive features such as:

  • Proactive Fraud Prevention through AI and Automation: Unlike traditional detective approaches, this project employs AI-driven models to proactively prevent internal fraud by continuously assessing and mitigating risks before they manifest.
  • Revolutionary Oracle Fusion Role Design Optimization: The project addresses gaps in existing role structures for active users, creating a refined role design that aligns precisely with business needs, enhancing both security and operational efficiency.
  • Advanced Use of Oracle Fusion Cloud GRC AI Models: Leveraging deep learning within Oracle Fusion’s Governance, Risk, and Compliance (GRC) module, this project anticipates potential risks and raises alerts as part of the joiner-mover-leaver (JML) cycle, setting a new standard in preemptive access management.
  • High-Level Assurance for Business Leaders: This initiative provides CXOs and senior stakeholders with unprecedented visibility and confidence in secure, fraud-resistant processes across procurement, finance, and HCM, elevating governance standards.
  • Automated Regulatory Compliance: Incorporating regulatory compliance automation, this project ensures seamless adherence to legal requirements, particularly local and global data privacy regulations, enhancing both compliance and efficiency.
  • By shifting from a reactive to a proactive security model, the Mining Major's project uniquely integrates AI and automation to deliver an unmatched combination of security, efficiency, and business value across all levels of the organization

By embedding AI and automation, the Mining Major's IT not only elevates security but also delivers significant business value, fostering a resilient and secure technology environment

Used software

  • Oracle Fusion Cloud Governance Risk and Compliance - Advanced Access Control (SoD) Module: Integrates AI algorithms to proactively detect and prevent internal fraud by preventive simulation of segregation-of-duties violation

  • Oracle OCI Cloud APEX Application: Adds flexibility by enabling business workflows to automate user access requests.

  • Proprietary AI Enablers and Proactive Security: Combines the SI's AI tools with Oracle Cloud Platform’s advanced security and compliance features for enhanced protection

  • Deep Learning driven Transaction outliers across procurement, financials and Human Capital-payroll modules


Difficulty of implementation

Project Challenges:

  • Cross-Departmental Consensus: Achieving alignment across departments was challenging, as digital transformation and IT access security projects required unified agreement on roles and responsibilities, often with conflicting priorities.

  • Intensive ERP Role Testing: Rigorous ERP role testing was necessary to ensure secure access without disrupting daily operations—similar to "fixing the engine of a car on a highway," where any misstep could affect ongoing processes.

  • AI Result Interpretation for Business Users: Translating the complex results of AI-based access risk simulations into simple, actionable insights for business users proved challenging, requiring additional efforts in communication and training.

  • Change Management Resistance: Implementing new AI-driven processes and access controls faced resistance, as departments needed to adapt to automated systems that significantly altered traditional workflows.


Project Description
In the ever-evolving landscape of mining, a Mining Major has long recognized the importance of secure, efficient operations. As the company expanded its digital capabilities, it adopted Oracle Fusion applications across Financials, Human Resources, and Supply Chain, with the aim of improving processes and enhancing security. However, to address the unique challenges in risk management, internal fraud prevention, and access control that come with operating in the mining industry, the Mining Major knew it needed a more proactive approach—one that integrated advanced AI and automation.

Laying the Foundation with Oracle Risk Management Cloud
The Mining Major's journey began by integrating Oracle Risk Management Cloud (RMC) into its Oracle Fusion applications. RMC modules like Advanced Access Controls (AAC) and Advanced Financial Controls (AFC) allowed the company to identify and prevent internal fraud by continuously monitoring user behavior. However, the Mining Major understood that reactive fraud detection alone wouldn’t be enough to safeguard its complex operations. In an industry where sensitive financial data, safety protocols, and critical resources are at stake, a proactive approach to risk management became essential.

Through AI-driven algorithms, the Mining Major's Oracle Fusion system could now detect potential fraud risks before they materialized. These algorithms continuously monitor role assignments and user behavior, allowing the system to raise alerts at the first signs of suspicious activity. By embedding AI into the heart of its risk management strategy, the Mining Major was not only protecting its assets but also building a culture of trust and security that would strengthen its relationships with stakeholders and customers alike.

Optimizing Role Efficiency with Automation
While fraud prevention was a critical focus, the Mining Major also saw the need to streamline access management across the organization. The company aimed to improve role efficiency by implementing the Principle of Least Privilege (PoLP), ensuring that each employee had only the access necessary to perform their job functions. By optimizing role design, the Mining Major minimized the risk of unauthorized access and improved operational efficiency.

Using AI and automation, the Mining Major analyzed existing role structures to eliminate redundancies and improve alignment with specific job functions. This process was particularly beneficial for managing roles in an industry like mining, where access to sensitive systems and data needs to be tightly controlled. As a result, the Mining Major was able to maintain a more secure and efficient workforce while reducing potential risks associated with excessive or misaligned access.

Project geography
Saudi, UAE, India
Additional presentations:
Global-CIO-AI-Driven Access Automation for a Mining Major Proactive Fraud Prevention.pdf
News

International PLUS-Forum Retail Central Asia – tomorrow!

November 19

Data centers create thousands of jobs for Malaysia but raise concerns over power and water shortages

November 14

Rosatom held a quantum “Lesson of Figures” in Uzbekistan

November 12

Vietnam plans to migrate all networks to IPv6 by 2030

November 07

Cybersecurity of the financial sector of Kazakhstan. Today and tomorrow

November 01
Events

Online Panel Discussion "IT Talent in MENA: Challenges and Solutions"

December 03
ZOOM

Key Trends in Digital Transformation 2024

December 11
ZOOM
We use cookies for analytical purposes and to deliver you the best experience with our website. Continuing to the site, you agree to the Cookie Policy.