The findings are contained in the biennial PwC Global Economic Crime Survey 2016, which polled more than 6,000 participants in 115 countries, including the United Kingdom.
PwC’s Global Economic Crime Survey reveals that 60% of economic crime in the UK was committed by external perpetrators, up from 56% in 2014. While there was a decline in the number of organisations reporting economic crime perpetrated by employees 31%, there was a sharp increase in frauds committed by senior management which more than doubled from 7% to 18%.
According to Andrew Gordon, PwC’s Global & U.K Forensics leader, “While the prevalence of traditional fraud, such as asset misappropriation, has fallen since 2014, there has been a massive rise in organisations reporting cyber crime. Technology is driving almost every other area of economic crime as well.
“Business needs to minimise the opportunities for economic crime through rigorous fraud risk assessment, supported by a culture based on shared corporate values and robust policies and compliance programmes.”
PwC’s researchers find in the latest Global economic crime survey that Cybercrime incidents increase 20 percent since 2014. Globally the economic crime rate has remained largely static at 36%. Cybercrime attacks against UK businesses have grown so rapidly in recent years, in the terms of reported incidents, now Britain leads many of the world’s leading nations. 44% of British businesses that had suffered economic crime over the last two years were affected by cyber incidents, with 55% of corporates and organisations significantly outstripping the level in countries such as the US (38%) and China (28%).
The UK far above of the global response of 32 percent, as businesses, migrate to cloud-based storage and increasingly adopt connected ‘Internet of Things’ devices in the workplace, significance, that the number of devices connected to the office network or leaving anything to the office, are now at risk from vulnerable to hackers.
Overall, 51 % of UK organisations said that they expected to fall victim of cybercrime in the next two years, suggesting it will become the UK’s largest economic crime.
In the accordance of Mark Anderson, Global corporate intelligence leader at PwC, “Hackers are now more ambitious than ever, their aim goes beyond targeting financial information to include a company’s ‘crown jewels’ customer data and intellectual property information, the loss of which, can bring down an entire business.
“The threat of cybercrime is now a board-level risk issue, but not enough UK companies treat it that way.”
PwC finds almost a third of UK businesses have no cyber response plan in place. This latter point was backed up by the finding that almost half of enterprises said that cyber crime would have no impact on their reputation, and nearly 60 percent are not concerned about the potential for theft of intellectual property.
In fact, UK respondents said that the greatest concern about a cyber-attack is the potential disruption to services, as nearly a third 31% believed such an attack would have a medium-to-high impact on their business.
According to Rob Lay, customer solutions architect in UK & Ireland at Fujitsu, “It’s clear that businesses are still struggling to deal with the volume and type of threats they face.”
“Companies should focus some effort on ensuring that they have suitable response processes in place, along with better visibility of what is going on in their environments.”
“With the effective lack of any perimeter due to mobility, cloud and other developments such as IoT, understanding what is happening, being able to interpret that in the context of the business and then being able to take appropriate action based on informed business decisions means that companies will be much better equipped to respond to these attacks as and when they happen.”
20% of UK organisation say they have never performed a fraud risk assessment while 44% do so annually.
5% of respondents claim to have been asked to pay a bribe in the past 24 months while 7% feel they lost a business opportunity to a competitor who was willing to pay it.
22% of frauds were detected through suspicious transaction monitoring, 14% fraud risk management, 8% data analytics, 8% internal audit and 8% accidental discovery.