Double-digit rise in crime against UK corporates as cyber becomes fastest-growing form of economic infraction

The UK has seen a double-digit rise in economic crime against corporates in the last two years, with 55% of organisations affected. This represents an increase of 11 percentage points since 2014, significantly outstripping the level in countries such as the US (38%) and China (28%). Globally, the economic crime rate has remained largely static at 36%.

The findings are contained in the biennial PwC Global Economic Crime Survey 2016which posed questions to more than 6,000 participants in 115 countries (among them the UK).

PwC’s latest Global Economic Crime Survey reveals that 60% of economic crime in the UK was committed by external perpetrators (up from 56% in 2014). While the number of organisations reporting economic crime carried out by employees (31%) declined, there was a large increase in frauds found to be committed by senior management (which more than doubled from 7% to 18%).

Andrew Gordon, PwC’s global and UK forensics leader, commented: “While the prevalence of traditional types of fraud, such as asset misappropriation, has fallen since 2014, there has been a huge rise in organisations reporting instances of cyber crime. Technology is driving almost every other area of economic crime as well. Businesses need to minimise the opportunities for economic crime through rigorous fraud risk assessment procedures, supported by a culture based on shared corporate values and robust policies and compliance programmes.”

Cyber incidents on the rise

Cyber crime has experienced the fastest growth of all forms of economic crime. Some 44% of UK organisations that had experienced economic crime in the last 24 months were affected by cyber incidents. That signals a jump of 20 percentage points from 2014, and is substantially higher than the global response of 32%.

The rise of cyber crime is in stark contrast with some of the traditional forms of economic crime – including bribery, asset misappropriation and procurement fraud – which have all declined.

Just over half (51%) of UK organisations say they expect to be the victim of cyber crime in the next two years, suggesting this will become the UK’s largest economic crime. However, only 12% of respondents believe that law enforcement authorities harbour the necessary skills and resources to investigate such criminality.

Worryingly, almost a third of UK entities have no cyber response plan in place.

The fast take-up of cloud-based storage and the growing prevalence of the Internet of Things are some of the reasons underpinning this year’s steep increases in cyber crime across the UK, leaving anything connected to the office network now potentially vulnerable to hackers.

Mark Anderson, global corporate intelligence leader at PwC, explained to Risk UK: “Hackers are now more ambitious than ever. Their aim goes beyond targeting financial information to include a company’s ‘crown jewels’ – customer data and intellectual property information – the loss of which can bring down an entire business. The threat of cyber crime is now a Board-level risk issue, but it must be said that not enough UK companies are apparently treating it that way.”

UK respondents suggest the greatest concern about a cyber attack is the potential disruption to services – 31% say it would have a medium-to-high impact. Surprisingly, almost half state that cyber crime would have no impact on their reputation, while almost 60% are not concerned about the potential for intellectual property theft.

Rise of the ‘Silver Fraudster’

This year’s survey also heralds the rise of the so-called ‘Silver Fraudster’ in the UK, with a strong shift towards more senior and experienced employees carrying out acts of corporate fraud.

Senior management fraud is often more difficult to detect and prevent, and usually has a much greater impact on an organisation. Therefore, this change represents a particular concern for UK entities.

While those in the middle management strata remained the most responsible candidates for perpetrating acts of economic crime (36%), half the instances of such crime committed by staff involved employees over the age of 40, while the number carried out by workers over the age of 50 tripled from 6% to reach 18%.

The PwC Global Economic Crime Survey finds that 45% of internal fraudsters had worked for more than five years within the organisation they defrauded, and that 21% had more than a decade of service. In contrast, the number of junior staff carrying out economic crime has fallen since 2014 (from 45% to 28%).

Compliance and culture

While the majority (86%) of UK organisations have formal business ethics and compliance programmes in place, far fewer (63%) back up these rules with regular training and communication. Moreover, acts of frauds that staff typically commit – such as accounting and HR fraud – have risen in number during the last couple of years.

Financial services companies are set to be the biggest spenders on compliance in the UK during the next couple of years, while compliance budgets for other industries are under pressure as they face increasing demands to do more with less.

Tracey Groves, head of ethics and compliance at PwC’s UK forensics practice, commented: “Economic crime is a question of culture, not just compliance. Even the best of compliance programmes will fail if a company’s culture accepts wrongdoing as a norm. While it’s encouraging to note that so many UK organisations understand the value of having a Code of Conduct in place, it’s crucial to back that up through regular training and engagement with employees. Unfortunately, our survey shows this just isn’t happening enough.”

In other survey findings:

*20% of UK organisations say they have never performed a fraud risk assessment, while 44% do so on an annual basis

*5% of respondents state that they’ve been asked to pay a bribe in the past 24 months, while 7% feel they’ve lost a business opportunity to a competitor who was willing to do so

*22% of frauds were detected through suspicious transaction monitoring and 14% via fraud risk management. 8% of frauds were uncovered by way of data analytics, with the same percentage results being unearthed for internal audit and accidental discovery

Copies of the new PwC survey are available at: www.pwc.co.uk/gecs

About the Author
Brian Sims BA (Hons) Hon FSyI, Editor, Risk UK (Pro-Activ Publications) Beginning his career in professional journalism at The Builder Group in March 1992, Brian was appointed Editor of Security Management Today in November 2000 having spent eight years in engineering journalism across two titles: Building Services Journal and Light & Lighting. In 2005, Brian received the BSIA Chairman’s Award for Promoting The Security Industry and, a year later, the Skills for Security Special Award for an Outstanding Contribution to the Security Business Sector. In 2008, Brian was The Security Institute’s nomination for the Association of Security Consultants’ highly prestigious Imbert Prize and, in 2013, was a nominated finalist for the Institute's George van Schalkwyk Award. An Honorary Fellow of The Security Institute, Brian serves as a Judge for the BSIA’s Security Personnel of the Year Awards and the Securitas Good Customer Award. Between 2008 and 2014, Brian pioneered the use of digital media across the security sector, including webinars and Audio Shows. Brian’s actively involved in 50-plus security groups on LinkedIn and hosts the popular Risk UK Twitter site. Brian is a frequent speaker on the conference circuit. He has organised and chaired conference programmes for both IFSEC International and ASIS International and has been published in the national media. Brian was appointed Editor of Risk UK at Pro-Activ Publications in July 2014 and as Editor of The Paper (Pro-Activ Publications' dedicated business newspaper for security professionals) in September 2015. Brian was appointed Editor of Risk Xtra at Pro-Activ Publications in May 2018.

Related Posts