Report: Fraud, risk incidents rise in 2016

Fraud, cyber and security incidents escalated in 2016.



That’s according to the “Kroll Annual Global Fraud and Risk Report,” which surveyed executives worldwide across multiple industries and geographies. The study noted that 82% of the respondents experienced a fraud incident in the past year compared to 75% in 2015.



Meanwhile, 85% of executives reported at least one cyber incident and over two-thirds reported security incidents. The most common perpetrators: current and former employees.



Specifically, six out of ten respondents (60%) who worked for companies that suffered from fraud identified a combination of perpetrators that included current employees, former employees, and third parties. Almost half (49%) said incidents involved all three groups.



Junior staff were cited as key perpetrators in two-fifths (39%) of fraud cases, followed by senior or middle management (30%) and freelance or temporary employees (27%). Former employees were also identified as responsible for 27% of incidents reported.



Every category of fraud experienced a marked increase between 2015 and 2016, but the greatest increases were in the areas of market collusion (15%) and misappropriation of company funds (11%). Theft of physical assets remained the most prevalent kind of fraud suffered in the past year (29%), followed by vendor, supplier, or procurement fraud (26%), the study said.



Theft or loss of intellectual property was the most common type of security incident, cited by 38% of those victimized in the last 12 months.



From a cyber-fraud perspective, the most common type of incident reported was a virus or worm infestation (33%), followed by an email-based phishing attack (26%). Nearly a quarter (23%) of respondents said data breaches resulted in loss of customer or employee data, while 19% reported loss of IP, trade secrets or R&D. More than one in five (22%) suffered data deletion or corruption caused by malware or system issues, and 19% were victims of data deletion by a malicious insider, data revealed.



“Companies’ greater use of technology and their increasing reliance on international supply chains means they are more at risk from fraud than ever before,” Dan Karson, co-chairman, Kroll Investigations & Disputes. “In our experience, this risk can be mitigated against by adopting a conscious and proactive approach.”



While insiders are cited as the main perpetrators of fraud, they are also the most likely to discover it. Almost half (44%) of respondents said that a recent fraud had been discovered through a whistle-blowing program, and 39% said it had been detected through an internal audit. The most commonly reported cyber risk mitigation action was conducting in-house security assessments of data and IT infrastructure, a process implemented by 76% of companies.