Australian businesses say the risk of fraud will increase this year, despite an expected move away from the widespread remote working which left them more open to being a victim, a KPMG Forensic survey has revealed.
The survey of over 70 businesses found a large majority (72 percent) believed their risk of fraud rose last year during the COVID crisis, with almost two-thirds saying the general move to working from home had increased the risk. 62 percent of respondents reported the insider threat was their most significant fraud and corruption challenge, with employees assessed as presenting the biggest danger for organisations.
Dean Mitchell, KPMG Forensic Partner, said: “We were surprised to find that many businesses think the worst may still be to come in terms of fraud, given that widespread remote working may start to ease during 2021. Experience has shown that many internal controls don’t travel well which would explain most finding the risks were higher last year.”
“One explanation may be that traditionally a year or two passes before a fraud is identified – and where there is an internal perpetrator, who knows the company systems and is able to cover their tracks, this period of fraud can extend further. As a result fraud is likely occurring right now but remains undetected. Over 40 percent of respondents said they had been inhibited by the crisis from investigating allegations of fraud and over 30 percent had had to delay antifraud and corruption programs – so their concern about rising fraud levels in 2021 may be understandable.”
More than 65 percent said they were ‘not’, or were only ‘somewhat’, confident that they had identified most of the fraud that occured during the last year. Cyber-risk was the biggest challenge, with an overwhelming 92 percent believing that the danger of cyber-related fraud had increased during the pandemic – nearly a quarter ‘significantly’ so.
Key findings
- 72 percent said the COVID pandemic had increased the risk of fraud
- 92 percent believed the risk of cyber-fraud had increased during the COVID era
- 67 percent were unsure if their business had detected frauds taking place during the crisis
- 65 percent said their own organisation was more vulnerable to fraud than before COVID
- 51 percent said their ability to investigate possible fraud had been compromised
- 65 percent said widespread remote working had increased fraud risk
- 62 percent also said that employees were the biggest single source of risk, ahead of suppliers and contractors.
- 25 percent had been forced to delay anti-fraud programs
Organisations reported increasingly turning to technology to help identify the fraud and corruption that was occurring in the new remote working world. 38 percent stated they were now using artificial intelligence or forensic data analytics to identify fraud in their operations.
Dean Mitchell said: “Fraudsters leave traces when they attack organisations – clues that can be identified. In response, forensic analytics is needed but this is not simply deploying ‘off the shelf’ data tests to terabytes of data. An optimum response involves bringing together former fraud detectives, data scientists and forensic accountants to uncover the warning signs in your financial data.”
Key considerations for organisations using technology to reduce fraud and corruption threats
- Ensure analytics is built on real world fraud not generic testing
- Fraudsters often create quasi-legitimate entities shortly before embarking on their schemes, deploy analytics to identify suppliers who registered their business shortly before delivering their first invoice to you
- Trusts or obscure ownership structures are often used to conceal beneficial ownership from victims, ensure the analytics highlights these vendors
- Fraudsters often leave an unintended digital clue in less scrutinised employee vs vendor matching criteria, dive deeper beyond name and bank account matching
- Changes to addresses and bank accounts are common flags, target emerging schemes including bank account substitution where accounts are switched back to avoid detection
There were some interesting observations from participants in the survey, which gave further insights into the findings:
“A lack of visibility of parts of the supply chain, particularly losing the ability to complete in person audits/inspections has increased the corruption risk in overseas markets. I think the move to people working from home will remain in organisations and I don’t think this risk has been properly understood in the long term. I see this in terms of a general lack of supervision, but also a lack of connection to the business day to day which may influence poor decision-making”.
“Many of the fraud items will not have been uncovered yet because remote work practices mean those who intend to cover their activity still have that scope. Counter-fraud resources have been diverted away from many existing programs, increasing their risks. New programs have been rushed out of the door with limited consideration for fraud, which will increase exposure for organisations. Government programs providing relief has also meant that businesses have been targeted to have their details stolen by criminals seeking to defraud the government.”