PwC survey says cybercrime is biggest threat to business
Cybercrime tops the list of current threats facing businesses, while emerging risks from ESG-reporting fraud and platform fraud could impact businesses in the future.
That’s according to PwC’s Global Economic Crime and Fraud Survey 2022, which shows organisations’ perimeters are vulnerable, and external fraudsters are becoming a bigger threat as attacks increase and become more sophisticated.
The survey of 1,296 business leaders from across 53 countries found that cybercrime, customer fraud and asset misappropriation were the most common crimes experienced by organisations, regardless of revenue.
From cybercrime topping the list of threats to the rise of external threat fraudsters and emerging risks of supply chain and ESG reporting fraud, we highlight 8 key takeaways from the report that businesses should know about in 2022.
1. Larger companies at greater risk for fraud
While just under half of organisations (46%) reported experiencing fraud or economic crime within the last 24 months, the impact of these crimes has been more substantial. Among companies with global annual revenues over US$10bn, 52% experienced fraud during the past 24 months, and nearly one in five of these reported that their most disruptive incident had a financial impact of more than US$50m. The share of smaller companies (those with less than US$100m in revenues) affected was lower; 38% experienced fraud, of which one in four faced a total impact of more than US$1m.
2. Cybercrime tops list of threats
Cybercrime poses the biggest threat to small, medium, and large businesses, after the impact of hackers rose substantially over the last two years. In this year’s survey results, cybercrime came in ahead of customer fraud, the most common crime in 2020, by a substantial margin. Some 42% of large businesses reported experiencing cybercrime in the period, while only 34% experienced customer fraud.
3. Procurement fraud biggest risk for energy and utilities sector
The outlier to the dominance of cybercrime is the energy, utilities and resources (EU&R) sector, where procurement fraud is the biggest threat. Of the 31% of EU&R companies experiencing crimes, nearly half reported procurement fraud. With a smaller digital footprint and fewer customer interactions than many sectors, it makes sense that this industry’s fraud profile would be different than that of other sectors.
4. TMT sector received highest incidence of fraud
The growing maturity of the technology, media and telecommunications sector helped it identify a significant increase in fraud activity since 2020 with nearly two-thirds of companies experiencing some form of fraud, the highest incidence of all industries.
5. External threats on the rise
Nearly 70% of organisations experiencing fraud reported that the most disruptive incident came via an external or collusion between external and internal sources. The impact of hackers and organised crime rings, which are among the most common external perpetrators, rose substantially in the last two years. Several factors are converging to drive a rise in external fraud. The increased frequency of data breaches in recent years will undoubtedly continue, raising the bar considerably for companies obligated to protect the private, personally identifiable information of their customers. The breaches will also challenge the knowledge-based authentication strategies that organisations have put in place to protect fraudster.
6. Digital platforms are the new fraud frontier
With the rise of digital platforms, these have become an increasing point of entry for many external fraudsters, with 40% of those encountering fraud experiencing some form of platform fraud. The rise of digital platforms, such as social media, ecommerce or services (rideshare, lodging) and ecommerce opens the door to many fraud and other economic crime risks that most firms are just beginning to appreciate. Platform risks can create a ripple effect, with the impact of fraud penetrating multiple organisational silos. Because platform fraud is an enterprise-wide problem, combating it requires an organisation-wide cross-functional effort with a diverse community of solvers.
7. ESG reporting fraud is on the rise
While just 8% of those organisations encountering fraud in the last 24 months experienced ESG reporting fraud – the act of altering ESG disclosures so that they do not truly reflect the activities or progress of an organisation – PwC predicts ESG reporting fraud to be an emerging risk of great concern. As ESG continues to increase in importance to stakeholders, the incentive to commit fraud in this area is likely to grow, the consultancy warns.
8. Supply chain fraud an emerging risk
Similarly, supply chain fraud also has the potential to cause greater disruption in the next few years. One in eight organisations experienced new incidents of supply chain fraud as a result of the disruption caused by the COVID-19 pandemic, and one in five sees supply chain fraud as an area of increased risk as a result of the pandemic.