Australian organisations are experiencing a significantly higher rate of economic crime than the rest of the globe according to a PwC survey which finds 52 percent experienced economic crime in the last 24 months compared to the global average of 36 percent.
According to the Australian edition of PwC’s 2016 Global Economic Crime Survey, Australian organisations are also dealing with more individual incidents of economic crime with 30 percent experiencing more than 100 incidents compared to only 9 percent of global respondents experiencing the same volume.
Cybercrime is now the number one economic crime in Australia followed by asset misappropriation and then procurement fraud.
PwC Partner and Forensic Services Leader, Malcolm Shackell, said: “The types of economic crime most commonly experienced remains consistent with previous years, but we are dealing with an increasingly complex economic crime environment driven by cyber threats.
“I think it’s fair to say we’re a legitimate economic crime hotspot – it’s not a good picture. The high rate of economic crime exposed in part reflects our serious approach to reporting but given we are lagging on early detection mechanisms, it reflects our reliance on doing what we have always done.
“To buck this trend we need to embed resilience. This means moving away from reliance on reactive detection methods to more sophisticated and proactive preventative and detective tools and techniques, like we are seeing globally.”
Australia a target for cybercrime
Cybercrime has moved from being statistically insignificant over the last six years of the survey to being the number one economic crime in Australia.
Australian organisations experienced cybercrime at double the global rate, with 65 percent experiencing cybercrime in the last 24 months compared to the global average of 32 percent. Of Australian respondents:
- more than one in ten reported financial losses of over AUD$1 million;
- 80 per cent identified an increase in their perception of the risks of cybercrime; and
- almost six in ten expected to experience cybercrime in the next 2 years.
Despite this, only 42 percent of Australian organisations have a fully operational incident response plan and only 40 percent described their first responders as fully trained.
PwC cyber partner, Richard Bergman, said: “It’s particularly concerning that only half of the organisations surveyed identified the Board as being proactive regarding their organisation’s state of readiness for cyber incidents, and only one fifth of first responder teams include digital forensic investigators.
“As a result, cybercrimes may be going undetected and when they are being picked up, response teams may be overlooking evidence and therefore limiting their organisation’s ability to prosecute.”
Money laundering on the rise
Australian organisations also experienced more incidents of money laundering than their global peers over the last 24 months – 26 percent, compared to 11 percent globally and 9 percent for the rest of the Asia Pacific region.
Despite a significant increase in money laundering reporting, Australian organisations have underinvested in anti-money laundering and counter terrorism financing technology when compared to their global peers and lag behind on real-time monitoring of information relating to third party providers. They also face two main challenges: securing funding and finding the right staff.
In order to reduce the risk of money laundering, organisations should regularly assess the nature of the risk and controls in place to deter money laundering. Particular scrutiny should be placed on relationships with third party providers.
“Risk assessments should be conducted periodically and closely attuned to changed circumstances such as the operating environment, current global standards and practices and regulation in countries of operation. They should also include profiling of your business partners into different money laundering and terrorist financing risk categories,” he said.
Lagging on early detection mechanisms
Data quality, skills, resources, and board level engagement were amongst the recurring issues cited in the survey, which combined, are leaving many organisation’s detection and control programs unable to adequately protect the organisation.
Australian organisations are relying on being told about a suspected crime through internal tip-offs and whistleblower disclosures more than their global peers.
Only 7 per cent of Australian organisations say they are using sophisticated internal monitoring approaches – such as data or predictive analytics – which are more difficult to circumvent.
“Too few companies are adapting their risk assessments and control frameworks fast enough, and we’re now seeing a trend in fraud detection of too much being left to chance. Understanding what data you have, how it flows and how it changes, can be a critical first step,” Mr Shackell said.
Focus needed on bribery and corruption
Australia continues to slide down Transparency International’s Corruption Perception Index, now ranking outside the top ten, and there is a growing disquiet concerning Australia’s infrastructure for combating bribery and corruption at a national level. At the same time, 31 percent of Australian organisations expect to experience bribery and corruption in the next two years.
“Last year the Senate referred an inquiry into foreign bribery to the Senate Economics References Committee which is due to publish a report by 1 July 2016. This report is expected to address the effectiveness of existing Commonwealth legislation. Potential improvements may focus on alignment with global legislation, the United Kingdom Bribery Act in particular, which will place more onus on businesses to set in place preventative measures and tighten up procedures,” Mr Shackell said.