Traditionally a year or two passes before a fraud is identified.
Australian businesses believe the risk of fraud will increase this year, despite an expected move away from the widespread remote working which left them more open to being a victim, a KPMG Forensic survey has revealed.
KPMG’s survey of local businesses showed they believed their risk of fraud rose last year during the COVID crisis, with almost two-thirds saying the general move to working from home had increased the risk. 62 percent of respondents reported the insider threat was their most significant fraud and corruption challenge, with employees assessed as presenting the biggest danger for organisations.
Dean Mitchell forensic partner at KPMG said it was “surprised to find that many businesses” think the worst may still be to come in terms of fraud, given that widespread remote working may start to ease during 2021.
“Experience has shown that many internal controls don’t travel well which would explain most finding the risks were higher last year,” he said. “One explanation may be that traditionally a year or two passes before a fraud is identified – and where there is an internal perpetrator, who knows the company systems and is able to cover their tracks, this period of fraud can extend further.”
As a result, fraud is likely occurring right now but remains undetected, noted Mitchell.
“Over 40 percent of respondents said they had been inhibited by the crisis from investigating allegations of fraud and over 30 percent had had to delay antifraud and corruption programs – so their concern about rising fraud levels in 2021 may be understandable,” he said.
About 65 percent of the businesses surveyed said they were ‘not’, or were only ‘somewhat’, confident that they had identified most of the fraud that occured during the last year.
Cyber-risk was the biggest challenge, with an overwhelming 92 percent believing that the danger of cyber-related fraud had increased during the pandemic – nearly a quarter ‘significantly’ so.
Key findings:
- 72 percent said the COVID pandemic had increased the risk of fraud
- 92 percent believed the risk of cyber-fraud had increased during the COVID era
- 67 percent were unsure if their business had detected frauds taking place during the crisis
- 65 percent said their own organisation was more vulnerable to fraud than before COVID
- 51 percent said their ability to investigate possible fraud had been compromised
- 65 percent said widespread remote working had increased fraud risk
- 62 percent also said that employees were the biggest single source of risk, ahead of suppliers and contractors.
- 25 percent had been forced to delay anti-fraud programs
Organisations reported increasingly turning to technology to help identify the fraud and corruption that was occurring in the new remote working world. 38 percent stated they were now using artificial intelligence or forensic data analytics to identify fraud in their operations.
Dean Mitchell said: “Fraudsters leave traces when they attack organisations – clues that can be identified. In response, forensic analytics is needed but this is not simply deploying ‘off the shelf’ data tests to terabytes of data. An optimum response involves bringing together former fraud detectives, data scientists and forensic accountants to uncover the warning signs in your financial data.”
Key considerations for organisations using technology to reduce fraud and corruption threats
Ensure analytics is built on real world fraud not generic testing
Fraudsters often create quasi-legitimate entities shortly before embarking on their schemes, deploy analytics to identify suppliers who registered their business shortly before delivering their first invoice to you
Trusts or obscure ownership structures are often used to conceal beneficial ownership from victims, ensure the analytics highlights these vendors
Fraudsters often leave an unintended digital clue in less scrutinised employee vs vendor matching criteria, dive deeper beyond name and bank account matching
Changes to addresses and bank accounts are common flags, target emerging schemes including bank account substitution where accounts are switched back to avoid detection
There were some interesting observations from participants in the survey, which gave further insights into the findings:
- A lack of visibility of parts of the supply chain, particularly losing the ability to complete in person audits/inspections has increased the corruption risk in overseas markets.
- Many of the fraud items will not have been uncovered yet because remote work practices mean those who intend to cover their activity still have that scope.
- Counter-fraud resources have been diverted away from many existing programs, increasing their risks.
- New programs have been rushed out of the door with limited consideration for fraud, which will increase exposure for organisations.
- Government programs providing relief has also meant that businesses have been targeted to have their details stolen by criminals seeking to defraud the government.
Tags: Cyber RiskfraudKPMG