The incidence of economic crime in Ireland has increased significantly and so too has the cost
In line with the global trend, half (49%) of Irish firms have suffered economic crime and fraud in the last two years, up from a third (34%) in 2016 and 26% in 2010. Cybercrime (61%) leads economic crime experienced in Ireland, and has overtaken asset misappropriation (29%) for the first time. Consumer fraud (42%) and business misconduct (16%) also feature prominently.
While two-thirds (66%) of survey participants reported the cost of the most disruptive crime to be less than €810,000, we see a growing trend of larger losses represented in the survey with over one in ten (11%) suffering significant frauds in excess of €4m, up from just 3% in 2016. It is also worrying that almost a fifth (18%) of participants revealed that they either did not know the overall cost or that it was immeasurable.
Clean-up costs in Ireland substantially more than global companies
The clean-up costs of economic crime are also substantial. For example, seven out of ten (69%) participants confirmed that they had spent the same or more on the subsequent investigations as the actual crime itself – and was substantially more than the global experience (46%). Interestingly, the survey also suggests that few Irish businesses fully appreciate the impact of fraud on employee morale, business relations and their reputation/brand while global companies are much more aware of the potential collateral damage.
Pat Moran, PwC Ireland Cyber Leader, said: “Actual crime could well be higher than reported crime which makes the findings from this survey even more concerning. What the survey is clearly showing us is that there is a better understanding of what fraud is through risk assessments and where it is taking place through cyber security programs.
“However, despite the progress in understanding and reporting, the fact that just over half (51%) say they have not, or don’t know if they have experienced fraud in the past two years, suggests blind spots still exist in many organisations.”
Incidence of cybercrime in Ireland is double that globally and is expected to rise
The survey reveals that the incidence of cybercrime in Ireland has increased substantially - 61% reported having suffered cybercrime over the last two years compared to 44% in 2016 – and is double global levels (31%). A similar proportion (61%) also expect even more cybercrime in the future, up from 36% in 2014.
Phishing was the most prominent (66%) technique for targeted cyber attacks, followed by malware (56%); surprisingly this was substantially less for global companies (33% and 36% respectively).
Irish companies doing more than global counterparts to find fraud, but still more to do
According to the survey, half (51%) of Irish participants had increased the level of spending on efforts to combat fraud in the last two years (Global: 42%). This trend looks like continuing with 59% planning to step-up these efforts in the next two years (Global: 44%).
Six out of ten (60%) performed fraud risk assessments in the last two years (Global: 54%). It is disappointing, at the same time, that four out of ten (40%) Irish companies have not yet undertaken any fraud risk assessments.
Irish companies are also doing more than global counterparts to prevent and detect cybercrime. For example, three-quarters (75%) had a fully operational cybersecurity program (75%) in place to deal with cyber risks (Global: 59%) while 73% had performed a cyber attack vulnerability assessment in the last two years (Global: 46%).
Pat Moran commented: “As the value of transactions over the internet increases exponentially year-on-year, fraudsters are turning to new ways of re-directing funds and are successfully achieving their goals. The funds allocated to crime detection and prevention are increasing, with Irish companies investing more than global companies, and that has a multiplier effect in terms of understanding and detecting fraud. With the rise in reported frauds, this may suggest that Irish companies have been rewarded for their efforts to uncover crime. But fraud levels are still rising. Put simply, the impact of fraud is no longer an acceptable cost of business.”
Few using data analytics and AI to help combat fraud
The survey reveals that there are significant opportunities in Ireland to further leverage certain emerging technologies to help combat fraud and economic crime. Just one in ten (11%) said that they used technology to detect fraud compared to a quarter (23%) of global companies. Just 15% had used data analytics and only 6% had used Artificial Intelligence in the last two years to help combat fraud which also lagged global companies.
Pat Moran continued: “There is a real opportunity to make the business case for robust new investments in fraud prevention and detection through the use of emerging technologies. Leading global companies are leveraging innovative and cloud-based techniques to identify suspicious patterns and pre-empt economic crime and fraud.”
“Fraudsters are becoming more strategic in their goals and more sophisticated in their methods. It’s a big business in its own right. It is an enterprise that is tech-enabled, innovative, opportunistic and pervasive – like the biggest competitor you did not know you had.”
Nearly half (47%) of Irish respondents said that changes in the geopolitical landscape will increase the opportunities for fraud in the next two years (Global: 26%).
With the public’s tolerance for corporate and personal misbehavior declining, in addition to beefing up their internal corporate controls, almost a quarter (22%) of Irish respondents reported detecting fraud via tip-offs.
Pat Moran concluded: “We are seeing more and more organisations now recognising that fraud is simply too costly to ignore. Fraud is the product of a complex mix of conditions, only some of which can be tackled by corporate controls and machines.
“Organisations should also ensure that they have the right culture, including setting the tone from the top with a spirit of open accountability, where people in the organisation understand what is acceptable behaviour. While corporate controls and technology have a strong role to play in monitoring and detection, when it comes to blocking that ‘last mile’ to fraud, the returns from people initiatives are likely to far exceed those from investing in another piece of technology.”
About the survey
PwC’s Economic Crime and Fraud Survey, a major global initiative, is conducted every two years having 7,200 participants in 123 countries. In Ireland, 77 organisations participated representing all key sectors and industries.