he number of companies falling victim to fraud has increased in the past year, according to the 2013 Kroll Global Fraud Report. Overall, 70 percent of companies were affected by fraud in the past 12 months, up from 61 percent the previous year, with an increase in every category of fraud covered by the study.
The report reveals that the globalization of business is increasing exposure to fraud, as businesses seek expansion into riskier overseas markets and use greater levels of outsourcing. The sharpest increase was in vendor, supplier or procurement fraud, suffered by one in five businesses (19 percent), up from 12 percent last year. Of those companies that fell victim to fraud in the past 12 months, one third (30 percent) experienced fraud perpetrated by vendors or suppliers while 11 percent suffered at the hands of joint venture partners.
Businesses now face a more diverse range of threats; those affected in the past year on average suffered from 2.3 different kinds of fraud each, up from 1.9 last year. The vast majority of respondents (81 percent) believe that their firm’s exposure to fraud has increased overall in the past 12 months, up from 63 percent in the previous survey.In a year where several companies have been rocked by high-profile corruption scandals, the proportion of companies affected by corruption and bribery increased from 11 percent to 14 percent. Corruption is by far the most important element dissuading companies from doing business in certain markets, such as Africa, Latin America and India. Almost half (46 percent) of companies have refrained from expanding into a foreign market, citing corruption as the main reason. In fact, entry to new, riskier markets has increased the vulnerability of almost one in three companies (30 percent) to fraud.
The report reveals that overall, 72 percent of companies have been hit by fraud led by at least one insider, up from 67 percent last year. Of those victims of fraud, 32 percent had suffered at least one crime where the main perpetrator was in senior or middle management, 42 percent where he or she was a junior employee and 23 percent where an agent or intermediary was the main culprit.
The study also reveals that most fraud is discovered internally. In cases where the fraud was uncovered, over half (52 percent) were discovered by management and an internal audit played a role in 51 percent of cases, compared to just one in 10 incidents (10 percent) where an external audit contributed to its discovery.
Senior employee alertness is key to combating fraud. However, when senior employees are themselves the perpetrators, whistleblowers become a more important way of exposing wrongdoing. A whistleblower was involved in one in three incidents (32 percent) of all cases where fraud was uncovered and in 41 percent of cases that involved senior or middle management. Despite this, just 52 percent of companies reported that they have invested in staff training around fraud and the creation of whistleblower hotlines.
Tom Hartley, CEO of Kroll, commented: “It should come as no surprise to anyone whose job it is to combat fraud that the global incidence of fraud is rising. But the measure of a good company is not whether or not you’ve suffered a fraud, it’s how you prepare for it, how you deal with it and how you move on afterwards. Many of the clients we’ve helped deal with fraud over the last 12 months have, on discovering fraud, resolved the issue and moved forward with a better risk mitigation strategy including vendor screening, whistleblower programs and employee training. Most would say that they are now in a better position because of the fraud and the way they dealt with it. So it’s not just about avoiding fraud, which is almost inevitable, it’s also about how you respond.”
The study reveals that more companies are highly vulnerable to information theft (21 percent) than any other category of fraud and three quarters of businesses (75 percent) are at least moderately vulnerable to it. Information theft remains the second most common type of fraud, affecting more than one in five businesses over the past year (22 percent) and executives say that the complexity of their IT infrastructure is the biggest factor increasing their company’s exposure to fraud (cited by 37 percent of respondents).
This increasing exposure to fraud due to IT complexity is being exploited more by outsiders. As a share of all incidents of information theft, attacks by external hackers have almost doubled from 18 percent to 35 percent, and 17 percent of information theft victims suffered as a result of a hacker attack on a vendor or supplier, up from 5 percent last year.
However, like most frauds, information theft is typically an inside job. Of those who have suffered in the past year where the perpetrator is known, 39 percent say an employee was to blame.
Tom Hartley explained: “Cybercrime is a growing threat for businesses but many businesses are under-prepared for it. A third of them say they don’t currently invest in IT security and while companies that are planning to increase investment are focusing on technology, they are neglecting elements such as staff screening and due diligence on partners, clients and vendors. These processes are key to mitigating the insider threat, which often can’t be detected by anti-fraud technology or physical security.”