London and New York, 29 Nov 2011 — More than a third of businesses and other organisations around the world were victims of economic crime in the last 12 months, according to respondents to PwC’s 2011 Global Economic Crime Survey released today. And nearly a quarter of victims said they were subject to cybercrime — the use of technology as the main element in the economic crime.
Overall, 34 percent of respondents said their organisations were victims of economic crime, a 13 percent increase since 2009. Theft or asset misappropriation (cited by 72 percent) was the most common type of economic crime reported, followed by accounting fraud and bribery and corruption (24 percent each) and cybercrime (23 percent). Overall, 11 percent of respondents, nearly half of them C-suite executives, said they did not know if their organisation had suffered a fraud.
Though the direct cost of economic crime to an organisation can be difficult to gauge, nearly 10 percent of victims reported losses of more than US$5 million. Among those who were victims of bribery and corruption, 20 percent said that they lost more than US$5 million on average. Victims of economic crime also reported significant collateral damage due to fraud. This includes damage to employee morale, cited by 28 percent, as well as to brand and reputation, and to business relationships, both 19 percent. Suspicious transaction monitoring has emerged as the most effective fraud detection method, noted by 15 percent of respondents, up from 5 percent in 2009.
The survey of 3,877 respondents from 78 countries is the most comprehensive study of its kind. It found that economic crime remains pervasive among organisations of all sizes, in all countries and all industries. The communications and insurance sectors reported the highest incidence of fraud. Fraud against governments or state owned enterprises rose by 24 percent since 2009, moving it ahead of the hospitality and leisure and financial services sectors as a target for crime.
“Economic crime continues to be pervasive, affecting both large and small organisations worldwide without discrimination. No industry or company in any country is immune from the impact of fraud,” said Tony Parton, partner in PwC’s forensics practice in London.
“In a world where most enterprises rely on technology, they increasingly open themselves to the risk of criminal activity from virtually anywhere on the planet where there is a computer, a smart phone or any other device able to access the Internet,” Mr. Parton said “Rising incidents of data loss and theft, computer viruses and hacking and other forms of electronic crime demonstrate the need for a more cyber-savvy approach to fraud prevention.”
Cybercrime now ranks as one of the top four economic crimes. The perception of cybercrime as a predominantly external threat is changing, and organisations are now recognising the risk of cybercrime coming from inside as well. Respondents said the Information Technology Department was the most likely source of cybercrime internally. IT was cited by 53 percent of respondents, followed by Operations, 39 percent, Sales and Marketing, 34 percent, and Finance, 33 percent.
While half of all respondents noted an increased awareness to the threat of cybercrime, the majority of respondents said they do not have a cybercrime crisis response plan in place, or are not aware of having one. And 60 percent said their organization doesn’t monitor social media sites.
The survey found that the typical profile of an internal cybercrime fraudster was a junior employee or middle manager (cited by 85 percent), under the age of 40 (65 percent), and employed by the organisation for less than five years (50 percent).
Those who said cybercrime was more likely to originate from sources outside their home country listed Hong Kong and China, India, Nigeria, Russia and the U.S. as the countries perceived as the top cybercrime threats.
Other Survey Findings
- Economic crime is most prevalent at large organisations. Fifty-four percent of respondents from organisations with more than 1,000 employees reported incidents in the last 12 months, compared with 29 percent among those with less than 1,000, and 17 percent among those with less than 200.
- Fraud strikes all types of organisations. Forty-five percent of victims were government or state owned, 40 percent were listed on a stock exchange, and 12 percent were in the private sector.
- Accounting fraud has declined steeply since 2009. The percentage of respondents reporting this type of fraud declined by 37 percent from 2009 and returned to 2005 levels.
- Most economic crime of all types — 56 percent — is committed by internal fraudsters. 40 percent of respondents reported fraud by an outsider.
- The effectiveness of economic crime detection has been declining since 2007. Internal audit, risk management systems, and whistle-blowing systems all declined as means of discovering fraud. The only detection method to show increased effectiveness was suspicious transaction monitoring.
- Those that seek out economic crime find it. Organisations that have performed fraud risk assessments have detected and reported more frauds.
Methodology: The sixth Global Economic Crime Survey was carried out between June 2011 and November 2011. The survey questionnaire had three sections: a section with general profile questions; a section with comparative questions looking at what economic crime organisations had experienced; and a section on this year’s special topic, cybercrime. 3,877 people from 78 countries filled in the online survey. Participants were asked to answer the questions with respect to their organisation and the country in which they are mainly based.
About the PwC network
PwC firms help organisations and individuals create the value they’re looking for. We’re a network of firms in 158 countries with close to 169,000 people who are committed to delivering quality in assurance, tax and advisory services. Tell us what matters to you and find out more by visiting us at www.pwc.com.
“PwC” is the brand under which member firms of PricewaterhouseCoopers International Limited (PwCIL) operate and provide services. Together, these firms form the PwC network. Each firm in the network is a separate legal entity and does not act as agent of PwCIL or any other member firm. PwCIL does not provide any services to clients. PwCIL is not responsible or liable for the acts or omissions of any of its member firms nor can it control the exercise of their professional judgment or bind them in any way.