Information theft still a serious threat to global business

Fraud remains predominantly an inside job, according to the Kroll Annual Global Fraud Report. The study shows that 60 percent of frauds are committed by insiders, up from 55 percent last year. Overall, fraud concerns among executives around the globe rose approximately 15 percent led by information theft and corruption and bribery.

Half of all companies surveyed (50 percent) said they are moderately to highly vulnerable to information theft, up sharply from 38 percent in 2010. Moreover, IT complexity is the leading cause of increasing fraud exposure, cited by 36 percent of respondents compared with 28 percent last year.

Information-based industries continue to report the highest incidence of theft of information and electronic data. These include financial services (29 percent), technology, media and telecoms (29 percent), healthcare, pharmaceuticals and biotechnology (26 percent) and professional services (23 percent).

Despite heightened levels of concern, the overall prevalence of fraud decreased this year to 75 percent from 88 percent last year. Roughly one in four companies were hit by physical theft of cash, assets and inventory or information theft, both down from record highs in 2010.

In contrast, management conflict of interest (21 percent), vendor, supplier or procurement fraud (20 percent) and internal financial fraud (19 percent) all saw notable increases. The incidence of corruption and bribery nearly doubled over the past year from 10 to 19 percent.

For the second straight year, fear of fraud is dissuading nearly half of companies surveyed from becoming more global. Forty six percent of respondents indicated that fraud had dissuaded them from pursuing business opportunities in at least one foreign country. Corruption and bribery are the leading factors in that decision, cited by 62 percent. The biggest impact has been on emerging economies, with fraud deterring 15 percent of businesses from operating in Africa, 10 percent in China and 9 percent in India.

Companies, however, seem unprepared to deal effectively with corruption. According to the survey, only 27 percent of respondents said they are well-prepared to comply with regulations, such as the Foreign Corrupt Practices Act and UK Bribery Act.

The complete report is available here (registration required).
Of those companies that are subject to one of these two laws, less than half, 43 percent, have trained senior management, agents, vendors and foreign employees to be compliant with one of these laws, and just 39 percent have assessed the risks arising from them. Furthermore, only 37 percent of companies surveyed believe that their due diligence provides a sufficient understanding of a potential partner’s or investment target’s compliance with these acts.

Other key findings include:

The economic cost of fraud: How expensive is fraud to companies? This year’s survey found that on average fraud cost companies 2.1 percent of earnings in the past 12 months, which is equivalent to a week of revenues over the course of a year. Eighteen percent lost more than 4 percent of revenues to fraud in the year, while 53 companies, or one quarter of that group, lost more than 10 percent of revenues to fraud.

Combatting information theft poses new challenges for industries: One of the major challenges faced by companies defending against information theft is the variety of data being sought by fraudsters. While proprietary data is the most common target, customer and employee data are also targets for theft. The data category sought the most by fraudsters varies by industry, depending on the value of the data a company is likely to have. For technology, media and telecoms companies, the most common target category is proprietary data (cited by 36 percent of respondents), while for financial services companies it is customer information (29 percent).

Fraud largely remains an inside job: Last year’s survey found that among companies impacted by fraud, junior employees and senior management were the most likely perpetrators at 22 percent each. This year, for junior employees that figure climbed to 28 percent and remained about the same for senior management (21 percent). A further 11 percent was committed by an intermediary or agent for the company, meaning that this year, 60 percent of fraud was committed by someone who worked for the company in some way. However, for the companies that lost the most revenue from fraud, senior executives are more likely to be the perpetrators (29 percent) with junior employees involved in only 8 percent of the cases.