Economic uncertainty and change, with businesses expanding into new global markets, holding and using more data, and new technologies, give rise to increased opportunities and pressure on individuals to commit fraud, according to auditors PwC in their 2018 Global Economic Crime Survey (GECS). Survey respondents’ experiences show a shift towards technology-enabled crime, bribery and procurement fraud, according to the audit firm. This is despite the overall level of UK businesses experiencing fraud falling from 55 per cent in 2016 to 50pc in 2018. The firm points to the need for organisations to take new approaches to tackling fraud.
Cybercrime is the most commonly experienced fraud (overtaking asset theft as the top fraud for the first time), for near half, 49pc of UK victims compared to 31pc globally. While the majority of organisations are using technology to monitor or detect fraud in some way, the overall percentage of frauds detected by technology has decreased since 2016. PwC says that the survey indicates that the UK is lagging behind much of the rest of the world in harnessing software such as analytics to prevent and detect fraud. For the 18-page report in full visit the PwC website.
Fran Marwood, investigations partner, forensic services, PwC UK said in the report: “Experience shows that times of uncertainty often create new openings for fraudsters to exploit gaps or weaknesses in controls, and it’s significant that over a quarter of respondents to our survey felt that the current geopolitical climate would lead to more opportunities for people to commit fraud.”
For UK businesses with operations overseas, accounting fraud or misstatement of results was by far the more common overseas fraud, with 40pc of businesses affected. While some of the losses from fraud can be quantified clearly, others are much harder to understand. For example, on top of the losses sustained as a direct result of a fraud, businesses also face the costs of investigation and remedial activities, as well as potentially significant disruption to wider business activities. Most that suffered a fraud admitted that they felt reputational or staff morale impact.
According to the audit firm, thanks to the incoming EU General Data Protection Regulation (GDPR), cybercrime is high on the agenda for UK boards. One sign is that 82pc of Chief Information Security Officers (“CISOs”) in the UK report directly to the board, compared to some 61pc globally. Over half of the cyber attacks reported in the last year involved phishing, which seems to be more prevalent in the UK than in the rest of the world; though that could also be because the UK is better at spotting phishing attacks.
As for corruption, the survey found nearly a quarter of UK businesses had been asked to pay a bribe in the past two years, either in the UK or in their overseas operations. In 2016, only 5pc reported that they had been so asked. Is bribery suddenly more prevalent? PwC suggests not, pointing instead to the UK’s anti-bribery laws and enforcement (‘massive increases in the sums business spends on ensuring compliance’), making for more awareness and openness about bribery attempts and cases. Three-quarters of the UK survey respondents said their organisation had a formal ethics and compliance programme. Of these, 62pc said that this included specific anti-bribery and corruption policies, well above the global average of 50pc. That said, some one in five, 21pc of UK respondents felt that they had lost an opportunity to a global competitor who they believed had paid a bribe, up from 7pc in 2016.
Comment
Robert Capps, vice president of business development at fraud prevention firm, NuData Security Inc, said: “The magnitude of these losses can’t help but have a dampening effect on the UK economy and on those businesses who are experiencing losses of over £72,000. It’s also bad news for customers, who often bear the brunt of many direct costs (especially in account takeover and identity theft). With 3.2 million fraud incidents last year, fraud is becoming a tempting promise of high reward and low prosecution rates. Emboldened cybercriminals are becoming more technology savvy and are increasingly posing as banks or suppliers and then duping customers into revealing their personal details. These scams have also proved effective in targeting commercial organisations, as senior executives have been tricked into revealing sensitive information which enables access to a company network. The increasing volume of attacks globally has also been attributed to more data available on the black market and more financial institutions and merchants vulnerable to attacks.
“To detect out-of-character and potentially fraudulent transactions before they can create a financial nightmare for consumers – and for companies – we must adopt new authentication methods that hackers can’t deceive. Solutions based on passive biometrics and interactional signals are leading the way to provide more safety for consumers and less fraud in the marketplace. These solutions identify machines from humans, then separate good machines from bad, selects known humans from unknown humans, and finally sorts unknown humans demonstrating low-risk signals from unknown humans demonstrating high-risk signals. This process lets organisations fast-track the known and low-risk users for an optimal experience, saving the friction and traditional authentication methods for the highest risk users. These layers validate the user through information that hackers can’t replicate, securing the good user’s transaction at every step.”
