Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

10/16/2012
03:54 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Significant Spike In Internal Fraud Over Past Year, Kroll Global Fraud Report Reveals

Information theft is widespread; U.S., Indonesia, and Russia report highest levels worldwide

NEW YORK, Oct. 16, 2012 – Internal fraud increased significantly, according to the 2012/2013 Kroll Advisory Solutions' Global Fraud Report released today. This year's study shows that over two-thirds of corporate frauds are committed by insiders, up for the second year in a row from 60% last year and 55% in 2010. Fraud continues to hit many global companies with more than six in 10 companies reporting they were affected by fraud last year. The findings are contained in a study commissioned by Kroll Advisory Solutions with the Economist Intelligence Unit of more than 800 senior executives worldwide.

Information theft remains one of the most widespread frauds facing companies. Its slight decline --21 percent of companies are affected this year compared with 23% in the last survey--shows that it is more resilient than some other frauds, which saw much greater declines. Moreover, it remains the fraud to which respondents feel most vulnerable. Thirty percent say they are moderately or highly so and cite IT complexity as the leading cause of increased exposure to fraud risk. Surprisingly, it is employees, rather than hackers, who are more to blame for the loss of information. Where there has been a loss, 35% of the time the issue is employee malfeasance, more than twice the rate at which external hackers are to blame (17 percent).

This year's study sheds new light on how fraudsters interact when perpetrating frauds. Despite a decline in the overall prevalence of fraud from 75% to 61% globally, there is a continued rise in insider fraud; a key finding is that fraudsters tend either to act alone or cooperate with peers rather than with members of outside groups such as vendors or suppliers. Those acting alone tended to be insiders – junior employees, senior managers, or agents of the company. The study also found that when a fraud involves more than one type of perpetrator, external parties are more often involved. More than four in ten companies (43 percent) affected by multi-perpetrator fraud reported that suppliers were involved, while 37% of the same group reported that vendors participated.

"The fact that overall fraud is down globally reflects the focus and consideration that major corporations are paying to the issue," said Robert Brenner, Senior Managing Director and Practice Leader Americas, Kroll Advisory Solutions Investigations & Disputes Group. "However, most of those efforts have been directed at external threats. The results this year demonstrate that companies must turn their attention inward. In particular, firms need to make protection of confidential information and electronic data a top priority."

The study shows that the Foreign Corrupt Practices Act (FCPA) and the UK Bribery Act are having an impact on reducing corruption. More than half (52 percent) of companies said they conducted a thorough assessment of risks to their organization, up from 26% last year, and more (55 percent) also trained senior managers appropriately and integrated corruption issues into their due diligence activities (50 percent). The marked rise in compliance activity has coincided with a fall in the prevalence of corruption from 19% to 11% during the past year. Such compliance regimes may also be opening up investment opportunities for companies. Of the companies that took all of the above steps, 20% were dissuaded by fraud from investing abroad, while the figure was 31% for those companies who have not taken those steps.

Other key findings include:

· Concern about fraud is dropping faster than fraud itself. Consistently and across all industries and geographies, fraud concerns have abated. In particular, the number of respondents saying that they were moderately or highly vulnerable to information theft has fallen from 50% to 30%, even though only two percent fewer companies reported being hit by this fraud. These findings suggest many companies have become overconfident about their vulnerability to fraud, which likely increases their risks. Companies that lose the most to fraud are those that are less likely to have fraud controls in place.

· Emerging markets continue to report high levels of fraud: Africa retains its position as the region with the largest fraud problem. Despite some improvement in the fraud environment, the decline in overall fraud prevalence, from 85% to 77%, was less marked than in other regions. Outside of Africa, India has the highest number of companies affected by fraud of any region or country (68 percent), followed by Indonesia (65 percent). Eight of the 10 frauds covered in the survey were more widespread in India than they were globally. Indonesia experienced the highest rate of information theft (35 percent) among countries surveyed.

· Developed markets also report significant levels of fraud. Following Indonesia, the U.S. and Russia tied at 26% for the highest rates of information theft compared with the global average of 21%. Even though the overall prevalence of fraud has decreased in Europe, the percentage of companies affected by at least one fraud, 63%, is slightly higher than the global average. And while the number of businesses in the United States hit by at least one fraud was down (to 60% from 65% last year), the decline was significantly less than the global average.

· Fraud varies across industries: Companies in the manufacturing sector saw a substantial increase in the incidence of fraud, with 87% affected. Moreover, eight of the 10 frauds tracked for this survey became more common this year among manufacturers. Manufacturing also experienced the highest levels of theft of physical assets (50 percent), corruption and bribery (29 percent), management conflict of interest (27 percent), vendor or procurement fraud (23 percent) and IP theft (13 percent). The financial services sector had the highest level of internal financial fraud (25 percent) and regulatory or compliance breach (16 percent) of any industry, and the second largest rate of IP theft (10 percent). Of all the companies surveyed, those in the consumer goods sector recorded the second lowest overall number of companies affected by fraud (51 percent) and the lowest average losses (0.4 percent of revenue).

The sixth Kroll Annual Global Fraud Report includes a full detailed industry analysis across a range of fraud categories and regions. To obtain a copy please visit www.kroll.com/fraud

Notes to editors

Please click 2012/2013 Kroll Global Fraud Report fact sheetfor key findings and graphics, including a detailed look at the industries, regions and types of fraud covered in the report.

Methodology

Kroll commissioned The Economist Intelligence Unit to conduct a worldwide survey on fraud and its effect on business during 2012. A total of 839 senior executives took part in this survey. Over one quarter of the respondents were based in North America (26 percent) and Europe (28 percent), 24% from the Asia-Pacific region, 13% from Latin America, and 10% from the Middle East & Africa.

Ten industries were covered, with no fewer than 50 respondents drawn from each industry. The highest number of respondents came from the financial services industry (17 percent). One half of the companies polled had global annual revenues in excess of $500 million.

Contacts

Europe North America

Meredith Foster Mary McCeney

Kroll MSL Group

T: + 44 (0)20 7029 5168 T: + 1 646 500 7738

E: [email protected] E: [email protected]

Latin America Asia

Amy Malsin Vanessa Frida

Kroll Kroll

T: + 1 212 833 3363 T: + 65 6645 4947

E: [email protected] E: [email protected]

About Kroll Advisory Solutions

Kroll Advisory Solutions, a global leader in risk mitigation and response, delivers a wide range of solutions that span investigations, due diligence, compliance, cyber security and physical security. Clients partner with Kroll Advisory Solutions for intelligence and insight to drive confident decisions about protecting companies, assets and people.

Kroll Advisory Solutions has 40 years of experience meeting the demands of businesses around the world. Headquartered in New York with offices in 29 cities across 17 countries, Kroll Advisory Solutions has a multidisciplinary team of 700 employees. Kroll Advisory Solutions is an Altegrity company. Learn more at www.krolladvisory.com.

About The Economist Intelligence Unit

The Economist Intelligence Unit (EIU) is the world's leading resource for economic and business research, forecasting and analysis. It has provided accurate and impartial intelligence for companies, government agencies, financial institutions and academic organizations around the globe, inspiring business leaders to act with confidence since 1946. The EIU is headquartered in London, UK, with offices in more than 40 cities and a network of some 650 country experts and analysts worldwide. It operates independently as the business-to-business arm of The Economist Group, the leading source of analysis on international business and world affairs. More information is available at www.eiu.comor follow us on twitter.com/theeiu

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26077
PUBLISHED: 2021-05-10
Broken Authentication in Atlassian Connect Spring Boot (ACSB) in version 1.1.0 before 2.1.3 and from version 2.1.4 before 2.1.5: Atlassian Connect Spring Boot is a Java Spring Boot package for building Atlassian Connect apps. Authentication between Atlassian products and the Atlassian Connect Spring...
CVE-2021-31755
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setmac allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31756
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /gofrom/setwanType allows attackers to execute arbitrary code on the system via a crafted post request. This occurs when input vector controlled by malicious attack get copie...
CVE-2021-31757
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setVLAN allows attackers to execute arbitrary code on the system via a crafted post request.
CVE-2021-31758
PUBLISHED: 2021-05-07
An issue was discovered on Tenda AC11 devices with firmware through 02.03.01.104_CN. A stack buffer overflow vulnerability in /goform/setportList allows attackers to execute arbitrary code on the system via a crafted post request.