Earlier this month, after a KPMG partner admitted to selling inside information from an auditing client company, I suggested that external auditors are more like bike mechanics than inside traders. As analyses of what occurred and how to prevent it in the future continue to crop up, I stand by my argument. In fact, I want to emphasize those external auditors and public accounting firms (as well as the internal auditors, compliance folks, and finance and accounting professionals who work with them) ought to be as technically savvy as bike mechanics.

This struck me when I watched a Reuters video interview with KPMG International chairman Michael Andrew.

Andrew responds well to some tough questions. When asked (at about the 2-minute mark of the clip) how his firm can prevent this type of behavior from occurring in the future, he quickly identifies “culture.” He also emphasizes that the behavior in question did not align with his firm’s values, and that the issue was quickly addressed as soon as it was identified.

Andrew’s questioner, however, presses him for assurance that this type of behavior would not occur again; Andrew does not offer that assurance. Instead he replies that his firm of 156,000 employees has excellent policies and controls in place – and that it is essentially impossible to prevent aberrant behavior by a single individual.

If culture is not an airtight defense against fraudulent behavior, what is? Perhaps some combination of culture, process and technology.

Brian Fox, founder and chief marketing officer of Capital Confirmation Inc., a company whose offering provides online audit-request confirmations, agrees that no organization “is fully immune from the actions of an individual bad actor.” Fox, a CPA who earlier in his career worked for Ernst & Young and PricewaterhouseCoopers, also emphasizes that the Big 4 firms (as well as the six next largest public accounting firms) have “extremely strong policies and procedures in place to not only govern but also to try to identify any possibility of insider trading or personal dealing.”

That’s also not enough, Fox explains. “If we hope to reduce the occurrence of fraud and things like insider trading, then we have to increase the likelihood of detection,” he continues. “A high risk of detection is the best chance for deterrence, and technology can give us this advantage.”

Fox ought to know; his company’s tools are credited with driving PFGBest Chairman Russell Wasendorf to acknowledge that he had been defrauding his customers for two decades.

“Technology can play a significant role in deterring those who might otherwise choose to behave unethically,” Fox says. “Rules and penalties are needed and policies and procedures should be enforced and documented, but the real deterrent to these rogues actors is the threat of being caught…. Even though there will always be potential bad actors and those looking to take advantage of process weaknesses, we can be certain that as the regulators and auditors increase their adoption of fraud-detection technologies, we will continue to catch more of these illegal activities which, because of the increased likelihood for fraud detection, will ultimately deter more and more of the potential rogue activity.”

The same case for adopting more sophisticated detection technology holds for companies and their internal audit, compliance and corporate finance and accounting functions. This technology can be found in continuous auditing and monitoring applications and other computer-assisted auditing techniques.

Yet, one of the leading barometers of internal audit priorities, Protiviti’s annual Internal Audit Capabilities and Needs Survey Report, indicates that this type of technology may not figure prominently enough on many organizational priority lists: Continuous auditing was the top priority in terms of audit process knowledge in 2011 and 2012, but dropped down to the 18th audit process knowledge priority in the 2013 rankings, according to the report.

Policies, procedures and internal controls are necessary defenses against fraud and theft. The right form of organizational culture also seems to qualify as a crucial deterrent. As the analytics age advances, let’s make sure the application of data analytics to fraud (and bad-behavior) prevention is not overlooked.