Cybercrime now poses a greater threat to global businesses than customer fraud, a PricewaterhouseCoopers (PwC) survey has revealed, with hacking incidents rising in line with the digital economy’s accelerated growth due to COVID-19.
The accounting firm, unveiling its Global Economic Crime and Fraud Survey 2022, said 46 percent of global companies reported experiencing fraud or financial crime over the past 24 months. Some 70 percent of those that encountered these threats experienced new types of fraud as a result of COVID-19 disruptions.
PwC added in a statement that environmental, social and governance (ESG) reporting fraud, and platform fraud, could impact businesses in the future. The technology, media and telecommunications sector experienced the highest incidence of fraud across all industries, exposing how vulnerable companies’ defences are, and that external fraudsters are becoming a greater threat as attacks increase and become more sophisticated.
The survey, based on responses from 1,296 business leaders across 53 countries, found that cybercrime, customer fraud and asset misappropriation were the most common crimes experienced by companies. PwC said cybercrime poses the biggest threat to small, medium-sized and large businesses after the impact of hackers rose substantially during the past two years.
The growth, and increasing use, of digital platforms opens the door to numerous financial crime risks. PwC said 40 percent of those encountering fraud experienced some form of platform fraud. Cybercrime came in ahead of customer fraud, the most common crime in 2020, by a substantial margin with 42 percent of large businesses experiencing such attacks since the COVID pandemic began while only 34 percent experienced customer fraud.
Bruce Scott, cyber leader for PwC in the Caribbean, said: “Businesses are seeing an increase in threats from outside the organisation with perpetrators quickly growing in strength and effectiveness. Defence against these external threats requires new thinking. Organisations need to be more agile than ever to respond to these converging threats, and adopt new approaches and technologies to predict and prevent fraud.”
Nestle Maullon, PwC Bahamas’ senior manager for cyber, said: “Entities having a basic understanding of what cybercrime is, and the reasonable controls they should implement, could safeguard from cyber threats. In our PwC in the Caribbean’s corporate governance survey, which was launched last month, 56 percent of Bahamian board members acknowledged that cyber/digital/technology needs more attention at the Board level.
“But the survey also revealed that 69 percent of them only somewhat understood the cybersecurity vulnerabilities their organisations were facing. Hence, organisations must invest in cybersecurity awareness training from top to bottom. This sets the tone that proper planning assessments are essential to identifying the gaps, implementing the necessary solutions to close the gaps, monitoring and assessing the effectiveness of the implemented controls, and addressing areas for improvements. Management of cybersecurity is a process which never ends because cybercrime perpetrators are always motivated to find new victims.”
While just under half of PwC survey respondents (46 percent) reported experiencing fraud or economic crime within the last 24 months, the impact has been more substantial. Among companies with global annual revenues over $10bn, 52 percent experienced fraud during the past 24 months.
Within that group, nearly one in five reported that their most disruptive incident had a financial impact of more than $50m. The share of smaller companies (those with less than $100m in revenues) affected was lower. Some 38 percent experienced fraud, of which one in four faced a total impact of more than $1m.
The growing maturity of the technology, media and telecommunications sector helped it identify a significant increase in fraud activity since 2020, with nearly two-thirds of companies experiencing some form of fraud - the highest rate of all industries.
Emerging risks, including ESG reporting fraud (the act of altering ESG disclosures so that they do not truly reflect the activities or progress of a company) and supply chain fraud have the potential to cause greater disruption in the next few years.
PwC said just 8 percent of organisations encountering fraud in the last 24 months experienced environmental, societal and governance (ESG) reporting fraud. Yet, as ESG continues to increase in importance to stakeholders, the incentive to commit fraud in this area may grow.
Similarly, one in eight companies experienced new incidents of supply chain fraud as a result of the disruption caused by COVID-19, and one in five saw this as an area of increased risk as a result of the pandemic.