More than half of U.S. organizations that experienced fraud in the last two years reported an increase in the number of occurrences, according to the Global Economic Crime Survey 2014 by PricewaterhouseCoopers, representing a continuing upward trend in the occurrence and detection of economic crime.
Forty-five percent of organizations in the United States suffered from some type of fraud in the past two years, more than the global average of 37%.
U.S. companies are growing their international operations, and the expanding role of the internet and mobile technology in business can bring risk from beyond their geographic footprint. The survey revealed that 54% of U.S. respondents reported their companies experienced fraud in excess of $100,000, with 8% percent reporting fraud in excess of $5 million.
"Economic crime has become a truly borderless threat," says Steven Skalak, partner in PwC's Forensic Services practice and lead editor of the global survey. "The reality of fraud is that it can impact a company's revenues as directly as other business and market forces. The risk of bribery and corruption grows as U.S. organizations increasingly operate in and pursue opportunities in high-risk markets."
Companies are beginning to change how they think about cybersecurity—viewing it as a business issue, not just an IT issue. Forty-four percent of U.S. organizations that experienced fraud in the past 24 months suffered from cybercrime; and 44% of all U.S. respondents indicated they thought it was likely their organization would suffer from cybercrime within the next 24 months.
Seventy-one percent of U.S. respondents indicated their perception of the risks of cybercrime increased over the past 24 months, rising 10% from 2011. U.S. respondents' perception of the risks of cybercrime exceeded the global average by 23%. Despite having more to lose, U.S. respondents were generally less aware of the cost of cybercrime: 42% of U.S. respondents were unaware of cybercrime's cost to their organizations, compared to 33% of global respondents.
Didier Lavion, PwC principal and lead author of the U.S. report, says, "U.S. corporations need to better leverage and implement the computational and analytical power of cybersecurity technologies to help combat the increasing global presence of cybercrime."
As organizations rely more on technology, they increasingly do business in a "borderless economy" where they are more susceptible to threats from all sides. The results are clear—while companies certainly should not lose sight of the internal perpetrator of fraud, they need to remain wary of the external perpetrator.
The external perpetrator of fraud is closing the gap on the internal perpetrator of fraud, with U.S. organizations reporting that economic crime is committed by external actors (44% of the time) almost as often as it's committed by internal actors (50% of the time).
According to PwC, most internal frauds are now perpetrated by middle management: 54% of internal frauds were committed by middle management, compared to 45% in 2011.
Both U.S. and global respondents most frequently identified internal fraudsters as male (77% U.S., 77% global), 31 to 40 years old (39% U.S., 40% global), employed between three and five years (27% U.S., 29% global) and college graduates (35% U.S., 35% global).
Fraud at U.S. organizations initially detected by external measures or by accident in 2014 more than doubled from 2011 levels: 32% in 2014 compared to 15% in 2011, and was initially detected through external tip-offs more often than any other method. Fraud initially detected by suspicious transaction reporting plummeted by 19%, at 11% in 2014 vs. 30% in 2011. Eighty-six percent of U.S. organizations have a whistleblower mechanism, according to the report, compared to only 62% of global organizations.
Other notable findings include:
Two types of fraud—accounting fraud, and bribery and corruption—increased in 2014. Accounting fraud increased to 23% in 2014, as compared to 16% in 2011. Bribery and corruption, at 14% in 2014, doubled from 2011 levels (7%).
For the first time, PwC specifically asked respondents about procurement fraud. The results were stark—more than one fourth of U.S. respondents reported suffering from procurement fraud (27%), thus immediately placing it as the third most frequent type of fraud experienced by U.S. organizations. According to the report, this reflects the increasing interconnectedness of companies and ongoing trend toward outsourcing more aspects of their businesses.
"With more opportunities come more risks; no longer can organizations focus their fraud prevention and detection strategies on only a few types of fraud, a certain profile of fraudster, or certain perceived threats. They must be prepared to cast a wider net, for the threats associated with fraud are growing," says Lavion.