Cybercrime is the biggest current threat facing businesses, while emerging risks from ESG-reporting fraud and platform fraud could impact businesses in the future, said PwC recently.
According to the firm’s survey of 1,296 business leaders from across 53 countries, cybercrime, customer fraud and asset misappropriation were the most common crimes experienced by organisations, regardless of revenue.
The tech, media and telecommunications sector experienced the highest incidence of fraud across all industries, the firm said, adding that external fraudsters are becoming a bigger threat as attacks increase and become more sophisticated.
Survey highlights
Larger companies are at greater risk for fraud
- While just under half of organisations (46%) reported experiencing fraud or economic crime within the last 24 months, the impact of these crimes have been more substantial.
- Among companies with global annual revenues over US$10 billion, 52% experienced fraud during the past 24 months. Within that group, nearly one in five reported that their most disruptive incident had a financial impact of more than $50 million.
- The share of smaller companies (those with less than $100 million in revenues) affected was lower; 38% experienced fraud, of which one in four faced a total impact of more than $1 million.
- The growing maturity of the technology, media and telecommunications sector helped it identify a significant increase in fraud activity since 2020 with nearly two-thirds of companies experiencing some form of fraud, the highest incidence of all industries.
Cybercrime poses the biggest threat to all sizes of businesses over the past two years
- The rise of digital platforms opens the door to myriad financial crime risks while 40% of those encountering fraud experienced some form of platform fraud.
- In this year’s survey results, cybercrime came in ahead of customer fraud, the most common crime in 2020, by a substantial margin.
- 42% of large businesses reported experiencing cybercrime in the period, while only 34% experienced customer fraud.
Emerging risks
- 40% of organisations encountering fraud experienced digital platform fraud. The rise of digital platforms, such as social media, services (rideshare, lodging) and e-commerce, opens the door to fraud and economic crime risks.
- Emerging risks, including ESG reporting fraud (the act of altering ESG disclosures so that they do not truly reflect the activities or progress of an organisation) and supply chain fraud, have the potential to cause greater disruption in the next few years.
- For example, just 6% of organisations said they experienced anti-embargo fraud (participation in unsanctioned foreign boycotts) in the last 24 months.
- But that may change in the next 24 months as global sanctions rise to the highest levels in recent history.
- Similarly, just 8% of those organisations encountering fraud in the last 24 months experienced environmental, societal and governance (ESG) reporting fraud.
- Yet, as ESG continues to increase in importance to stakeholders, the incentive to commit fraud in this area may grow.
- Similarly, one in eight organisations experienced new incidents of supply chain fraud as a result of the disruption caused by COVID-19, and one in five sees supply chain fraud as an area of increased risk as a result of the pandemic.
Defence against external threats requires new thinking
Threats from external entities are increasing, with perpetrators quickly growing in strength and effectiveness, PwC pointed out.
Nearly 70% of organisations experiencing fraud reported that the most disruptive incident came via an external attack or collusion between external and internal sources, the firm said.
Respondents indicated they are strengthening internal controls, technical capabilities, and reporting to prevent and detect fraud, the firm noted.
“With external fraud growing, companies must think more creatively to help shore up their perimeters,” Kristin Rivera, PwC Global Forensics Leader and Partner at PwC US advised. “Understanding the end-to-end lifecycle of customer-facing products, striking the proper balance between user experience and fraud controls, and having a holistic view of data will help arm businesses in the never-ending fight against fraud.”
