ICMF v1.0 — Released
Insider Code
Manipulation
Framework
A structured taxonomy for identifying, classifying, and analyzing code manipulation patterns introduced by insiders with legitimate access to enterprise software.
Framework
Five Manipulation Domains
FIN
5 techniques
Financial Manipulation
Code patterns that alter financial calculation outcomes, redirect financial values, or introduce discrepancies in financial data processing.
5 Critical
AUTH
1 techniques
Authorization Manipulation
Code patterns that bypass, disable, or weaken access controls, role checks, or approval workflows.
1 Critical
AUD
0 techniques
Audit Manipulation
Code patterns that suppress, modify, or bypass audit logging infrastructure.
DATA
0 techniques
Data Manipulation
Code patterns that expose, extract, filter, or skew sensitive financial or personal data.
XSYS
0 techniques
Cross-System Manipulation
Manipulation patterns distributed across multiple files, modules, or commits.
Technique Registry
Critical Risk Techniques
ICMF-FIN-001
Hidden Financial Adjustment
Critical
L3
ICMF-FIN-002
Financial Rounding Manipulation
Critical
L3
ICMF-FIN-003
Discount Threshold Bypass
Critical
L3
ICMF-FIN-004
Ledger Posting Redirection
Critical
L3
ICMF-FIN-005
Payment Release Bypass
Critical
L3
ICMF-AUTH-001
Shadow Mode Backdoor
Critical
L3