Download the report
According to PwC’s latest Global Economic Crime and Fraud Survey, cybercrime stands out among 19 categories of economic crime as the most widespread — and most disruptive — event experienced over the past two years, in the US and around the world. In the US, about 22% of respondents have experienced cybercrime for the first time in the past 24 months, as a result of disruption from the pandemic and responses to it, including rapid shifts to all things digital.
It’s not news that cyber attacks have risen and spread over the past two years. What’s not often reported is businesses’ experience with cybercrime compared to other types of economic crime. The Global Economic Crime and Fraud Survey 2022 provides valuable context and a broader lens. Is your company allocating resources properly to fight the most important fraud risks to your business? Can your company reap efficiencies from improvements that address classes of crime that tend to go together?
Cybercrime is perpetrated for direct financial gain: ransom money for restoring stolen data and systems, intellectual property theft and proceeds from sales of data in the dark web. And then there’s cyber-enabled economic crime: the kind that starts as a cyber attack and then morphs into vendor fraud, customer fraud or money laundering, as the fraudster wends its way through systems, devices and user identities to reach its final prize.
Arrayed against businesses is a growing economy of commercial cybercrime providers. Fraudsters need only buy from these providers to equip themselves with offensive security solutions. The established cybercrime providers operate globally and can provide tools such as phishing-as-a-service, ransomware-as-a-service or access-as-a-service.
Cybercrime, if not stopped, is an enabler of many other forms of economic crime. The clear implication? Your organization needs to build a panoramic view of risk management that integrates cyber, financial controls and other controls to protect itself.
Companies need to find new ways to bring together disjointed departments and identify risk scenarios across various functions. Cyber threats and fraud are often handled by separate departments that don’t work together or communicate about risk and cyber criminals know it. So do their customers.
Organizations need to adopt a unified approach that successfully fuses cyber, financial and non-financial controls — and they need to facilitate open communication so they have a clear understanding of how these controls will impact each other. Taking this panoramic view, organizations might find that they need to refresh their fraud management program framework to organize teams differently, align roles and develop better playbooks and technology strategies. Only then will an organization be able to leverage all the opportunities to detect, monitor and stop fraud.
Every company is pursuing digitization and digital transformations to varying degrees. Companies can transform confidently by updating their controls playbook and improving overall fraud risk management. The payoffs can be measurable, both for the organization and its stakeholders.
Growth-minded fraud risk management accomplishes several goals, from minimizing losses and business disruption to improving compliance efficiency and enabling business growth.