More than half of U.S. organizations that experienced fraud in the past two years reported an increase in the number of occurrences, according to a new survey by PricewaterhouseCoopers that also found a rise in accounting fraud, bribery and corruption, with cybercrime moving to the forefront of U.S. companies’ concerns.
PwC US found a continuing upward trend in the occurrence and detection of economic crime, according to the Global Economic Crime Survey 2014 that the firm released Wednesday. Forty-five percent of organizations in the U.S. reported that they suffered from some type of fraud in the past two years, more than the global average of 37 percent.
Two types of fraud—accounting fraud, and bribery and corruption—increased in 2014.
Accounting fraud at U.S. businesses essentially rebounded to 2009 levels (23 percent in 2014 vs. 24 percent in 2009), after experiencing a drop to 16 percent in 2011. Similarly, bribery and corruption at 14 percent doubled from 2011 levels (7 percent) after dropping by more than a half since 2009 (16 percent).
The increase in accounting fraud and bribery and corruption may be attributable in part to more companies implementing or enhancing internal controls, more robust compliance programs and increased risk assessments, thus leading to more frauds being detected, the report noted.
U.S. companies are growing their international operations, and the expanding role of the internet and mobile technology in business can bring risk from beyond their geographic footprint. The survey revealed that 54 percent of U.S. respondents reported their companies experienced fraud in excess of $100,000 with eight percent reporting fraud in excess of $5 million.
“Economic crime has become a truly borderless threat,” said Steven Skalak, a partner in PwC's Forensic Services practice and lead editor of the global survey. “The reality of fraud is that it can impact a company’s revenues as directly as other business and market forces. The risk of bribery and corruption grows as U.S. organizations increasingly operate in and pursue opportunities in high-risk markets.”
Companies are beginning to change how they think about cybersecurity, viewing it as a business issue, not just an IT issue.
Forty-four percent of U.S. organizations that experienced fraud in the past 24 months reported that they had been hit by cybercrime, according to the survey, while 44 percent of all U.S. respondents indicated they thought it was likely that their organization would suffer from cybercrime within the next 24 months.
Seventy-one percent of U.S. respondents to the survey indicated their perception of the risks of cybercrime increased over the past 24 months, rising 10 percent from 2011. U.S. respondents’ perception of the risks of cybercrime exceeded the global average by 23 percent. Despite having more to lose, U.S. respondents were generally less aware of the cost of cybercrime: 42 percent of U.S. respondents were unaware of cybercrime’s cost to their organizations, compared to 33 percent of global respondents.
“U.S. corporations need to better leverage and implement the computational and analytical power of cybersecurity technologies to help combat the increasing global presence of cybercrime,” said PwC principal Didier Lavion, lead author of the U.S. report.
PwC noted that as organizations rely more on technology, they increasingly do business in a “borderless economy” where they are more susceptible to threats from all sides. Not only do they need to watch out for internal perpetrators of fraud, but they need to remain wary of the external perpetrator.
The external perpetrator of fraud is closing the gap on the internal perpetrator of fraud, with U.S. organizations reporting that economic crime is committed by external actors (44 percent of the time) almost as often as it’s committed by internal actors (50 percent of the time).
According to PwC, most internal frauds are now perpetrated by middle management, with 54 percent of internal frauds committed by middle management, compared to 45 percent in 2011.
Both U.S. and global respondents most frequently identified internal fraudsters as male (77 percent U.S., 77 percent global), 31 to 40 years old (39 percent U.S., 40 percent global), employed between three and five years (27 percent U.S., 29 percent global) and college graduates (35 percent U.S., 35 percent global).
Fraud at U.S. organizations initially detected by external measures or by accident in 2014 more than doubled from 2011 levels: 32 percent in 2014 compared to 15 percent in 2011, and was initially detected through external tip-offs more often than any other method.
Fraud initially detected by suspicious transaction reporting plummeted by 19 percent, at 11 percent in 2014 vs. 30 percent in 2011. Eighty-six percent of U.S. organizations said they have a whistleblower mechanism, according to the report, compared to only 62 percent of global organizations.
More than one-quarter of U.S. respondents reported suffering from procurement fraud (27 percent), thus placing it as the third most frequent type of fraud experienced by U.S. organizations after accounting fraud and bribery and corruption. According to the report, this reflects the increasing interconnectedness of companies and ongoing trend toward outsourcing more aspects of their businesses.
As in 2011, no U.S. survey respondents reported suffering from tax fraud or espionage in the survey period and reports of illegal insider trading fell from 1 percent. Yet PwC warned that companies should remain vigilant as such crimes can be potentially devastating should they strike.
“With more opportunities come more risks; no longer can organizations focus their fraud prevention and detection strategies on only a few types of fraud, a certain profile of fraudster, or certain perceived threats,” said Lavin. “They must be prepared to cast a wider net, for the threats associated with fraud are growing.”
For a complete copy of the survey 2014, visit www.pwc.com/us/crimesurvey.