Global Economic Crime Survey 2016: US Results
Adjusting the lens on economic crime
Your time is now: How will you prepare and bring your opportunity back into focus?
Crime continues to forge new paths into business. Regulatory compliance adds stress and burden to responsible organizations. The increasingly complicated landscape challenges the balance between resources and growth.
In our US version of the 2016 Global Economic Crime Survey, we dive into the experiences and insights of 328 organizations; points of view from C-Suite leaders (26%), Senior executives and VPs (37%), publicly-traded companies (66% of our respondents); and companies of all sizes and across all industries.
Our survey results look into the strategically critical areas of cybercrime, ethics & compliance and anti-money laundering programs — and challenges you to adjust your lens on economic crime.
Our study found that 1 in 10 economic crimes are discovered by accident. How many crimes are not discovered at all?
Economic crime outpaces company preparedness
- More than one in three US organizations experienced economic crime in the last 24 months. New types of economic crimes — and means to commit them – have complicated the threat landscape over the past several years, contributing to an upturn in economic crime experiences. A watchful eye on certain trends is needed.
- 57% report external actors as main perpetrator, surpassing internal fraudsters (29%) — this correlates with both the decrease in asset misappropriation (from 69% in 2014 to 55% in 2016) and the rise of cybercrime (44% in 2014; 54% this year).
- Do you have an adequate picture of your organizational risks? 1 in 10 of our US respondents have never carried out a fraud risk assessment; 1 in 5 have done so only once in the past two years. However, properly scaled fraud risk assessments are a baseline expectation of an effective compliance program for all companies, regardless of size.
- 52% don’t believe local and federal agencies have the skills or resources to investigate and prosecute economic crime, leaving the responsibility to organizations. Today’s more diversified and sophisticated crimes are requiring specialized expertise.
Cyber threats climb
- Cybercrime was added as a type of economic crime in our 2011 survey, but it is already on the verge of surpassing the “age-old” asset misappropriation as the leading economic crime perpetrated against companies. Of organizations reporting economic crime, 54% said they’d been hit by cybercrime in the past two years, very close to reaching the level of asset misappropriation (55%).
- Engagement of leadership is critical, but only 40% of boards request cyber readiness information more than once a year. This need not be a fear-based activity. Open and enhanced communication, training and exercises on common cyber threats can help build and strengthen company clarity and preparedness.
- Just over half of US companies have an active cyber incident response plan — but for those that do, first-responder teams are often not composed with the strategic players and oversight that they should be.
“Our experience has taught us that if your organization hasn’t created and thoroughly tested, repeatedly, a cyber incident response plan across all business areas and personnel, as well as performed simulations of cyberattacks, you won’t do a good job of responding when it occurs for real. We see over and over that it is very difficult to make good decisions when you’re responding to a real attack in the heat of the moment.”
Tone at the top and menace in the middle
- Survey results point to a perception gap between what CEOs and boards believe and communicate is happening — and what’s actually taking place day-to-day in the business. Compounding this, turmoil is coming both from the middle and the top. Of internal crimes, 53% are committed by middle management; 18% by senior management (up from 4%).
- One in five state that ‘pressure to perform’ is contributing most to internal crime. Top teams focus on understanding what really drives behavior — and then set about to build a positive culture that incentivizes the behavior they want.
- In the next two years companies expect to be hit by all types of crime: Cybercrime (49%); asset misappropriation (36%); IP infringement (25%); bribery and corruption (14%), among others. Weaving in values and ethics has never been more important.
Anti-money laundering continues to confound
- Heightened regulatory standards are driving increased enforcement: 1 in 4 banks have experienced enforcement actions by a regulator: And it’s not just financial services institutions. As industries converge, any company that facilitates financial transactions is coming within the scope of AML standards.
- 12% of financial services firms have not conducted AML/CFT risk assessments across their global footprint. Regular risk assessments are vital to identify and address the money laundering and terrorist financing risks you face — wherever and with whomever you do business
- Top systems challenges include complexity of upgrading systems (28%) and data quality (26%). Many are still hampered by legacy monitoring systems that are proving to be burdensome and expensive to tune and maintain.
- Failure to curb illicit business practices may lead to personal accountability. With the globalization of AML/CFT standards, it’s important to remember that you may be judged against, and held to, the highest international compliance standards.
