Fraud is a fact of corporate life. But the threat, and the way companies tackle it, changes over time. Kroll accordingly commissioned its second annual survey from the Economist Intelligence Unit of nearly 900 senior executives worldwide, 46% of whom are C-level executives such as CEOs, CFOs and CIOs, to obtain an accurate impression of the challenge fraud is presenting today. The key findings include:
Fraud, and vulnerability to it, is already widespread and increasing according to a variety of metrics.
- Average Loss: The average company in our survey lost US$8.2 million to fraud over the past three years. This is up 22% from last year’s survey when the figure stood at US$6.7 million. Larger companies – those with annual sales over US$5 billion – lost nearly three times as much as the average, some US$23.3 million. Smaller firms suffered much less in absolute terms. Nevertheless, their loss per company, US$5.5 million, represents a 70% increase from last year’s average.
- Overall Incidence: 85% of companies were affected by at least one fraud in the past three years, up from 80% in our previous survey. For larger companies, the proportion is 90%. There is little room left for this figure to grow.
- Specific Fraud: Only two of the ten categories of fraud tracked in the survey – money laundering and procurement fraud – declined in incidence for surveyed firms between last year’s survey and this one, in each case by just 1%. Much more common were small but noticeable increases. For example, theft of physical assets, the most widespread fraud in both surveys, affected 37% of companies in recent years, up from 34%; information theft went from 22% to 27%; and regulatory and compliance breaches from 19% to 25%.
- Perceived vulnerability: Again, with few exceptions, the number of companies considering themselves at least moderately vulnerable to each category of fraud rose, usually by about 5%. Seven in ten now believe themselves exposed in this way to information loss or attack, and just over one half think the same for regulatory and compliance breaches (54%), management conflict of interest (53%), financial mismanagement (52%), procurement fraud (51%), and physical theft (50%).
Weakening internal controls and high staff turnover both induce much higher levels of fraud than other risks. Other risk factors have less of an impact. Poorer controls and frequent employee changes both significantly increased the frequency with which companies suffered from a range of frauds. Weaker controls – to which one-quarter of companies admitted – had a particularly striking effect, in almost every case increasing the proportion of companies hit by at least one-and-a-half times.
Other factors which raised exposure, including entry into riskier markets, participation in joint ventures, and complex information technology (IT) arrangements, had much smaller overall effects, although these could noticeably increase the likelihood of certain types of fraud. IT infrastructure complexity, for example, correlates with a higher rate of information theft (32%) and intellectual property (IP) theft (21%), as does participation in joint ventures (32% and 24% respectively). Money saved on poor controls and low wages might well be lost to fraud.
Fraud is most prevalent in less developed economies. Overall, the more developed economies – North America and Western Europe in particular – have seen less widespread fraud activity, while the economically less developed ones – notably those in the Middle East and Africa – have experienced much more. In eight out of ten fraud categories, the latter region had the highest or second highest incidence of activity, and in the same number of cases North America had the lowest. The only marked exception was intellectual property theft, in which less developed regions had the least, and North America actually had the most occurrences.