View
10
Download
0
Category
Preview:
Citation preview
Ukraine
Global EconomicCrime Survey
Cybercrime in thespotlight
3, 877 respondents fromorganisations in78 countries provide aglobal picture of economiccrime
December 2011
www.pwc.com/ua
Global Economic Crime Survey December 2011
Executive summary 3
Cybercrime in the spotlight 4
Overview of fraud in Ukraine 9
Terminology 15
Contacts 16
Contents
3
Executive summaryEconomic crime does not discriminate. It affects organisations all over the world, and no industry ororganisation is immune. The fallout cannot be measured simply by the direct costs, as economic crime canseriously damage brands or tarnish a reputation, leading organisations to lose market share. As societybecomes less tolerant of unethical behaviour, businesses need to make sure they’re building – and keeping –the public’s trust.
This year’s Economic Crime Survey turns the spotlight on to the growing threat of cybercrime. Today, mostpeople and businesses rely on technology, including the Internet. In doing so, they are opening themselvesup to potential attacks from criminals anywhere in the world. Against the backdrop of data losses and theft,computer viruses and hacking - our survey looks at the significance and impact of this new type of economiccrime and how it affects businesses worldwide.
The survey was designed to seek the respondents’ views on economic crime in general, and to spot long-termtrends and questions specifically related to cybercrime, the threats posed by cybercrime, and howorganisations work to counter any cyber attacks.
This year’s report is divided into two sections:
1. Cybercrime – its impact on organisations, their awareness of the crime, and what they are doing tocombat the risks.
2.Fraud, the fraudster and the defrauded – types of frauds committed, how fraud is detected, who commitsfraud, and the repercussions for those who are caught.
This is the sixth time that the Global Economic Crime Survey has been administered globally and the secondtime in Ukraine.
Almost 4,000 respondents from 78 countries completed it globally. Of the total number of globalrespondents, 53% were directors or senior executives of their respective organisations, 36% representedlisted companies and 38% represented organisations with more than 1,000 employees.
The number of participants from Ukraine increased by 23% in comparison to last survey and included 84Ukrainian senior executives and managers representing 13 industries.
Key findingsCybercrime in Ukraine
Cybercrime has become one of top five economic crimes in Ukraine. Every 3rd respondent (37%) believes that the risk of cybercrime has increased over the past 12 months. More than 25% of organisations do not have adequate cybercrime incident response
mechanisms/policies. 46% of respondents have not received any training related to cyber security during the last 12 months. 58% of respondents in Ukraine report that their organisations do not monitor the use of social media
sites.
Economic crime in Ukraine
36% of organisations had experienced economic crime in the past 12 months Every 3rd organisation does not perform risk assessments. Assets misappropriation (73%), bribery and corruption (60%) remain the most common types of crime in
Ukraine. The number of internal frauds has increased significantly (by 22%) since 2009. The majority of Ukrainian respondents who faced economic crime estimated losses up to $5m. 40% of crimes are committed by senior management Every 5th organisation that has suffered from economic crime has not taken any actions against an
internal perpetrator of fraud.
Global Economic Crime Survey December 2011
Cybercrime in the spotlighton the market, or a patent based
on their research and
development is registered byanother organisation.
Warfare. This can take place
between states, or may involve
states attacking private sector
organisations, especially critical
national infrastructure such as
power, telecoms and financialsystems.
Terrorism. This threat overlaps
with the warfare threat. Attacks
are undertaken by terrorist
groups (possibly state-backed),
again targeting either state or
private assets, and often criticalnational infrastructure.
Activism. This may again
overlap with some other
categories, but the attacks are
undertaken by supporters of an
idealistic cause.
There is no globally acceptedstandard definition ofcybercrime available. Theimplication of not having aclear-cut definition is that iforganisations do not know aboutthe dangers, it’s harder to detectand combat cybercrime –essentially, if the “concept of theenemy” is blurred, any efforts tofight them might prove futile.
Is cybercrime therefore simply ameans by which a criminalcommits an illegal act, or is it aneconomic crime in its own right?
Should organisations takespecific measures over andabove other fraud preventionand detection methods tomanage this risk?
Our 2011 survey takes a closerlook at these issues.
In PwC’s view, there are fivemain types of cyber attacks, eachwith its own distinct – thoughsometimes overlapping –methods and objectives. Theyare:
Financial crime and fraud. This
involves criminals – often highly
organised and well-funded –
using technology as a tool to
steal money and other assets.
Espionage. Today, an
organisation’s valuable
intellectual property includes
corporate electronic
communications and files as
well as traditional intellectual
property such as research and
development outputs. Theft of
intellectual property is a
persistent threat, and the
victims may not even know it
has happened – until knock-offproducts suddenly appear
Due to the ambiguitysurrounding thedefinition of cybercrimeand what it constitutes,organisations may not befully aware of the risksassociated with fraud,and find it difficult todetect and combat
1 As defined in the Global Economic Crime Survey 2011 by PwC in conjunction with our survey academic partner, Professor Peter
Sommer.
For the purposes of our survey questionnaire, Cybercrime was formally defined as follows:
“Cybercrime, also known as computer crime, is an economic offence committed using the
computer and Internet. Typical instances of cybercrime are the distribution of viruses, illegal
downloads of media, phishing, pharming and theft of personal information such as bank account
details. This excludes routine fraud whereby a computer has been used as a by product in order to
create the fraud, and only includes such economic crimes where a computer, the Internet or the use
of electronic media and devices is the main element and not an incidental one”1.
5
Cybercrime ranked as one ofthe top 5 frauds in Ukraine
In previous editions of theGlobal Economic Crime Survey,we asked respondents abouttheir experiences involvingcybercrime. Since the reportedcybercrime levels werestatistically insignificant, theresults were not presentedseparately in our 2009 survey.
Given the increasing concernsaround cybercrime, we focusedon this fraud activity in 2011 andreintroduced it in questionsregarding the different types offraud, asking the respondentswhether they had experiencedcybercrime in the past 12months.
More than one third (37%) ofUkrainian respondents said theyperceive the risk of cybercrimeto be on the rise, while only 4%indicated a decrease. Theremainder (59%) believe that thesituation has not changed.
The increasing risk ofcybercrime can be explained inthe following ways:
Increased media attentionaround recent cybercrimecases, leading to a heightenedawareness of this type offraud. Organisations may haveput extra controls in place todetect and report sucheconomic crimes;
Due to the ambiguity aroundthe definition of cybercrimeand what it constitutes, therespondents may have re-classified some of the moretraditional types of economiccrimes as cybercrime becausethese were committed throughthe use of a computer,electronic device or theInternet;
Increased focus fromregulators;
Advancements in technologymay have made it easier tocommit cybercrimes.
Cybercrime is ranked as one ofthe top five types of economiccrime in Ukraine (see Figure 1).The other four are: assetmisappropriation, bribery andcorruption, anti-competitivebehaviour and accounting fraud.
This year’s survey shows thatcybercrime represents 23% offrauds reported globally, and17% in Ukraine. Currentinformation security trendsindicate that cybercrime attacksare becoming moresophisticated and harder todetect and prevent, resulting inmuch greater damage.
Emerging risk or existingand growing fraud?
Not all of the five main types ofcyber attack that werepreviously defined are commonin Ukraine, however it is clearthat the threat of cybercrime hasbecome a real issue that mayimpact Ukrainian organisations.
23%
7%
24%
24%
72%
17%
23%
30%
60%
73%
% 10% 20% 30% 40% 50% 60% 70% 80%
Cybercrime
Anti-competitive behaviour
Accounting fraud
Bribery and corruption
Asset misappropriation
Ukraine Globally
Figure 1: Top five types of economic crime reported in Ukraine and globally in 2011
Respondents who experienced economic crime in the last 12 months
Global Economic Crime Survey December 2011
More than half (53%) ofrespondents in Ukrainementioned that externalcybercrime threats come fromwithin the country. Customersand vendors were commonlyreported as key externalperpetrators. Still, over 40% ofsurvey participants believe thatthreats come from both insideand outside the country of theiroperations.
The top three countries reportedin Ukraine as the likely home ofcybercrime threats are HongKong (and China), Russia andthe USA. However, a significantnumber of Ukrainianorganisations considercybercrime threat comes fromUkraine as well as from othercountries.
Globally the statistics are similarto the Ukrainian results, as thefollowing six countries areperceived to be the likely homeof cybercrime: Hong Kong (andChina), India, Nigeria, Russia,Ukraine and the USA1.
Where does the internalrisk reside?
In Ukraine, the InformationTechnology (“IT”) department ofan organization is considered tobe the most risky in terms of theinternal cybercrime threat –according to 67% ofrespondents. This is notsurprising, as they expect that ITpersonnel have the necessaryskills and access to commit thesecrimes (e.g. extra administrativerights to access systems and theability to delete audit trails,making it harder to detect theirwrongdoing, etc.).
However, it is interesting thatrespondents also perceive otherdepartments (Finance – 47%,Marketing and Sales – 37%,Legal – 27%, Operations – 22%)as potential sources ofcybercrime threats, as well asrepresentatives of the seniorexecutive level (29%). Similarresults are observed globally.
Respondents believe that therisk of cybercrime is least likelyto come from the Informationand Physical Security (16%) andHuman Resources (10%)departments – howeverorganisations should not ignorethese departments, ascybercrime can happenanywhere.
Is cybercrime an externalthreat?
36% of respondents in Ukrainefeel that cybercrime is anexternal threat, another 34%would treat it as both an internaland external threat, and the 24%state that it is internal.
Such results differ from thosereported globally, where 46% ofrespondents recognise the riskof cybercrime coming mainlyfrom external fraudsters,whereas crimes committed frominside the organisation accountfor 13% and 29% believe thefraud comes from bothinternally and externally.
Where does it come from?
We asked organisations if theythought the risk of externalcybercrime mainly came frominside their own country or fromother nations.
Perceive the risk of cybercrime as an external threat
Perceive the risk of cybercrime is an internal threat
1 Countries are listed in alphabetical order
24%
36%
The reality is that cybercrime is a realglobal threat that can come fromanywhere in the world, and it is notrestricted by jurisdictional boundarieslike many other conventional crimes
7
How to reduce the risk?
Given that people think thatcybercrime is on the rise, it isworrying to learn that 46% ofrespondents in Ukraine and 42%globally have not performed anycyber security training for theiremployees in the past 12 months– which would suggest that theyare potentially unaware of therisks that cybercrime presents totheir organisation.
How efficient are trainings toprevent cybercrime?
We asked people what training, ifany, they have had. Only one insix respondents who have hadtrainings – received them face-to-face. 62% received other kinds oftrainings such as e-learnings,email announcements, etc.
It is not surprising that there is solittle face-to-face training, as it isgenerally time consuming andmore costly. However 56% of
While social media sites may not be the real source of cyber economic
crime, they can be used to socially engineer cyber economic crime to
be more effective.
This media can make phishing attacks more effective. For example,
social media sites can be used to collect information about a targeted
individual (also known as spear fishing), to research certain staff
members, or to install malware onto the user’s computer, making the
cybercrime more effective.
Is there any danger in socialmedia sites?
58% of respondents in Ukraineand 60% globally stated theirorganisation does not monitor theuse of social media sites, or thatthey are not aware of suchmonitoring. This is startlingbecause these sites can present bigsecurity risks if employees abusethem.
The younger generation typicallyuses social media extensively, andthere is considerable peer andsocial pressure to shareinformation with others –therefore, not monitoring thesesites may create potential issuesfor organisations from acybercrime perspective.
However, one needs to add thatthis generation grew up withsocial media sites, and sharingpersonal information has becomethe norm for the wholegeneration.
Organisations need to be awarethat the younger generation mighthave a very differentunderstanding of the risks suchsites pose, and hence need to beeducated accordingly.
respondents said that face-to-facetrainings are the most effectiveform when it comes to cybercrimeawareness.
What if a crime occurs?
The top three reactions ofUkrainian organisations inresponse to a potential cybercrimewould be: Consult internally with
experienced staff to resolve thematter;
Consult with experts who areexternal to the firm; and
Inform law enforcement.
The most common actions takenagainst external perpetrators offraud were informing lawenforcement and notifying therelevant regulatory authorities aswell as proceeding with civilactions, including recoveries andcessation of the businessrelationship.
Identified internal perpetrators offraud were fired in the most cases(73%).
58% of respondents statedthat their organisation doesnot monitor the use of socialmedia sites, or they are notaware of it
Global Economic Crime Survey December 2011
Cybercrime is more thanjust an IT issue
Traditionally, cyber security hasbeen perceived as an IT issue,creating a communication gapbetween business managers andsecurity professionals.
PwC’s Global State ofInformation Security Survey2011 confirms that cybersecurity is not only a technicalissue, but a core businessimperative.
We asked organisations whoshould ultimately be responsiblefor dealing with cybercrimethreats. More than half of therespondents (67%) pointed tothe Chief Information Officer(CIO) or Technology Director;
How to defend?
1. Get the CEO involved – the CEO and the Board need to be aware ofthe cyber threats. Top management needs to understand the risks ofthe cyber world.
2. Reassess the security function – unlike traditional ‘economiccrimes’, cybercrime is fast paced with new risks constantly emerging,which means an organisation need to continually adapt itsprocedures.
3. Awareness – organisations need to have a clear awareness of itscurrent and emerging cyber environment. If this is in place, well-informed and prioritised decisions and actions can be taken
4.Create a cyber incident response team – which needs to act withspeed and agility. A well functioning cyber response team means anincident that is spotted anywhere in the business will be tracked, therisk assessed, and the threat negated.
5.Educating all employees – organisations need to embed a ‘cyberawareness’ culture, through recruiting those with the relevant skills sothat this knowledge can be shared with all employees, creating a cyberaware organisation which is better able to protect itself.
6. Take a more active and transparent stance towards cybercrime –respond by pursuing cybercrime perpetrators through legal means,and communicate more publicly regarding the actions thatorganisation is taking regarding the threats, incidents and responses.
What are the responses fromorganisations?
As we saw earlier, nearly half ofrespondents who had experiencedeconomic crime in the past 12months said they perceive the riskof cybercrime to be growing.
Based on reported frauds,cybercrime ranks in the top fivetypes of fraud. A large number ofUkrainian organisations (50%) areaddressing fraud risks byintroducing in-house capabilitiesto prevent, detect and investigatecybercrime.
Also, organisations based inUkraine tend to engage with anexternal consultant once anincident has occurred (57%),compared to only 21% oforganisations that prefer topreventatively engage externalconsultants.
Table 1: Cybercrime incidentresponse mechanisms used byorganisations in Ukraine in 2011
In-house capabilities toprevent and detectcybercrime
51%
In-house capabilities toinvestigate cybercrime
50%
Involvement of Forensictechnology investigators
45%
Media & PRmanagement plan
38%
% of all respondents
Executive recognition of the strategic value ofsecurity is now more closely aligned withbusiness than with IT
only 13% suggested the ChiefExecutive Officer (CEO) or theBoard. This suggests that,whether or not the CIO sits onthe Board, they do not shareultimate responsibility with theCEO or the board as a whole.
Only 20% of respondents saidthat the CEO and the Boardreview these risks at least once ayear, and more than quarter(32%) said that they only reviewthem on an ad hoc basiscompared to 25%, who do notperform assessments at all.
We would expect the CEO andthe Board to understand andinvestigate cybercrime riskrelated matters on a regularbasis.
9
Overview of fraud in UkraineAs a result, the organisationsperforming regular riskassessments report more fraudwith a higher frequency of itsoccurrence.
However, we expect executivesto know about these crimes.Happily, in 2011 executives arebetter informed about fraudinstances in their organisationsthan in 2009: only 10% ofrespondents who did not know iftheir organisations faced fraudrisks were senior executives,compared to 55% in 2009.
In order to ensure that abusiness operates efficiently,organisations need to pay moreattention to anti-fraud and riskmanagement procedures.
36% of respondents in Ukrainereport that they haveexperienced at least one instanceof economic crime in the past 12months. This is higher thanfigures reported globally (34%),but lower than indicatorsreported in 2009 (45%).
We may assume that the resultsof the 2009 survey were affectedby the economic recession,which was followed by increasedinstances of fraudulent activity.
We believe that the decreasereported by Ukrainianorganisations for fraud in 2011 isexplained by a low detection raterather than an actual decrease offraud cases.
To determine this, we comparedthe level of reported fraud byorganisations which performregular risk assessments withthose that do not assess fraudrisks regularly.
Organisations performingregular risk assessments,report more fraud and ahigher frequency of itsoccurrence
Fraud by ownership type
The majority of survey participantsin Ukraine represent privateorganisations (69%) and publiclylisted organisations (24%).
Governmental, state-owned andnon-profit organisations, whichrepresent 7% of the surveyparticipants, confirmed that theyeither have not experiencedeconomic crime during past 12months, or are not aware of suchinstances.
However, private organisations arealmost 3 times more likely to faceeconomic crime than publiclylisted organizations. The mostcommon types of fraud withprivate organisations are: Assets misappropriation (31%), Bribery and corruption (29%),
and Accounting fraud (14%).
Publicly listed organisations areprimarily affected by: Assets misappropriation (37%), Bribery and corruption (21%),
and Cybercrime (16%).
36% of organisationsin Ukraine haveexperiencedeconomic crime inthe past 12 months
Global Economic Crime Survey December 2011
3%
3%
7%
13%
17%
23%
30%
60%
73%
10%
7%
14%
14%
7%
28%
59%
59%
% 20% 40% 60% 80%
Money laundering
Insider trading
Tax fraud
IP infringement
Cybercrime
Anti-competitive behaviour
Accounting fraud
Bribery and corruption
Asset misappropriation
2009 2011
Such a significant number ofreported fraud instances mayalso mean that these are notonly the most popular types offraud, but also that this type offraud is easier to detect than theother types.
Instances of “assetsmisappropriation” and “anti-competitive behaviour”increased almost by 15%compared to 2009. Meanwhile,“bribery and corruption” and“accounting fraud” stayed at thesame level.
These changes force those whowish to commit fraud to developnew and more sophisticatedways to commit their crimes andremain undetected. Nowadays,these individuals are wellequipped technically, whileinternal investigators are onlystarting to develop in-housemechanisms for prevention andinvestigation. The economicslowdown makes organisationsreluctant to spend funds on in-house services such as audit orinternal forensics.
What types of fraud areorganisations facing inUkraine?
Economic crimes can take onmany different forms, with somebeing more common and morepersistent than others. In 2011,the most widespread type ofcrime in Ukraine was assetsmisappropriation (73%), followedby bribery and corruption (60%),and accounting fraud (30%).
Survey results indicate thatUkrainian organisations suffermuch more from “bribery andcorruption” and “anti-competitivebehaviour” than other countriesin Central and Eastern Europeand globally (see Table 2).
Table 3: Fraud indicated in2011 by the size oforganisations in Ukraine
Up to 200employees
27%
201 to 1,000employees
30%
1,001 to 5,000employees
23%
More than 5,000employees
20%
% respondents who experienced
economic crime in the last 12 monthsTable 2: Types of fraud in Ukrainewhich significantly differ fromCEE and globally in 2011
Briberyandcorruption
Anti-competitivebehavior
Ukraine 60% 23%
CEE 36% 12%
Globally 24% 7%
% respondents who experienced
economic crime in the last 12 months
Figure 2: Types of fraud incidents in 2009 and 2011
Does the size of theorganisation matter?
This year’s results show that allUkrainian organisations (nomatter their size) suffer equallyfrom economic crimes.
% respondents who experienced economic crime in 2009 and 2011
11
13%
25%
29%
36%
40%
43%
50%
0% 20% 40% 60%
Professional services
Manufacturing
Insurance
Retail and consumer
Communication
Energy, utilities andmining
Financial Services
What industries are the mostaffected?
This year’s survey representsviews of representatives frommore than 13 different industries.Financial services, retail andconsumer, manufacturing andprofessional services representmore half (63%) of all surveyparticipants both in Ukraine andworldwide.
Every 2nd respondent working infinancial services, energy, utilitiesand mining experienced economiccrime during the last 12 months.
Comparing incidents of crime byindustries, we note an increase infraud in the retail and consumerindustry by 6%, and 5% in thefinancial services in 2011.
Table 4: Types of fraudUkrainian organisationsanticipate will occur in thefuture
Bribery and corruption 42%
IP infringement 36%
Assets misappropriation 35%
Accounting fraud 25%
Cybercrime 25%
Anti-competitive behavior 24%
Money laundering 17%
Tax fraud 14%
Insider trading 12%
Espionage 10%
% all respondents
Future expectations
Despite a decrease of 9% in thelevels of bribery and corruptionreported, more than 40% ofUkrainian respondents areexpecting its occurrence withinthe next 12 months. Two otherleading types of fraud areexpected to be IntellectualProperty infringement (36%) andassets misappropriation (35%).
Organisations globally expect anincrease in assetmisappropriation (34%),cybercrime (26%) and briberyand corruption (23%).
Figure 3: Fraud reported by industry segment in Ukraine in 2011
More than 40% ofrespondents inUkraine expectincidents ofbribery andcorruption withinthe next year
% respondents from particular industry who experienced fraud in the last 12 months
Global Economic Crime Survey December 2011
The average perpetrator ofinternal fraud in Ukraine ismale, degree universitygraduate, 31-50 years old, whohas been employed with theorganisation for a period of 3 to10 years.
Both in Ukraine and globally,the main perpetrator of externalfraud is a customer (43% forUkraine and 35% globally).Other external fraudstersinclude agents andintermediaries (14%) andvendors (14%).
One of the key fraud preventiontechniques is to know who youare doing business with. Thus,know your customer, vendor,and agent due diligences arebecoming more recognised as acritical element of any riskreduction program.
Portrait of a Fraudster
This year, organisations equallysuffer from both internal andexternal fraudsters, though since2009, the number of seriouseconomic crimes committed byinternal offenders increased by22%.
A very typicalperpetrator of fraudworldwide is the so-called ‘white-collarcriminal’.
A white-collar criminalis a 30+ years old maleindividual, with apostgraduate education,having goodpsychological healthand a stable familysituation.
The majority of internal fraudstersin Ukraine are representatives ofsenior (40%) and middlemanagement (40%). To compare,60% of internal crimes globallyare performed by middlemanagement and junior staff.
Table 5: Perpetrators of fraud
2011 2009
Internal fraudsters 56% 28%
External fraudsters 40% 72%
Don’t know 3% 0%
% respondents who experienced
economic crime
14%
40%
18%
88%
42%
40%
41%
13%
42%
20%
39%
0% 20% 40% 60% 80% 100%
Ukraine (2009)
Globally (2009)
Ukraine (2011)
Globally (2011)
Senior management Middle management Junior staff members
Figure 4: Main perpetrators of internal fraud in Ukraine and globally
40% of crimes inUkraine are committedby senior management
Respondents who experienced economic crime in 2009 and 2011
13
Cost of collateral damage
The financial losses are just oneaspect of the damage thatorganisations face fromfraudulent activities, and mightbe far from the most important.The collateral damage suffered,and its impact on thereputation/brand, share price,employee morale, businessrelations, and relations can be asignificant cost to any business.
Of those who had experiencedeconomic crime as a result offraud this year, 23% reporteddamage to employee morale,17% noticed damage to theorganisation’s brand, 13% torelations with regulators andanother 13% to businessrelations.
Even though these figures areconsistent with similar resultsreported by organisationsglobally, collateral damage issignificantly lower in 2011compared to 2009, whenemployee morale damage
6%
7%
38%
48%
3%
10%
47%
40%
% 10% 20% 30% 40% 50% 60%
Don't know
5 million to 100 million US dollars
100,001 to 5 million US dollars
Less than 100,000 US dollars
Ukraine Globally
How much does fraud costorganisations?
The majority of those respondentswho said they had experiencedeconomic crime in the last 12months reported losses up to$5m. The top three mostexpensive types of fraud were alsothe most common types,including assetsmisappropriation, bribery andcorruption and accounting fraud.Comparing 2011 with 2009, thereis a noticeable increase in boththe frequency and cost of thesetypes of fraud.
Cases of fraud committed by
employees are usually more
expensive for organisations than
frauds committed by external
parties i.e. customers, vendors or
agents.
The cost of crime increases withthe fraudsters’ age. For example,the more expensive crimes(between $5m and $100m) werecommitted by individuals olderthan 50 years old.
accounted for 34%, damage torelations with a regulator for34%, 28% for damaged businessrelations, and 14% for damage toa brand.
Figure 5: Financial losses from economic crimes in Ukraine and globally in 2011
Table 6: Comparison of collateraldamage in Ukraine in 2009 and2011
2011 2009
Relations withregulators
13% 34%
Employee morale 23% 34%
Business relations 13% 28%
Reputation/brand 17% 14%
Share price 7% 1%
% respondents who experienced
economic crime
The low indicators of collateraldamage in 2011 are surprising.Fraud is become to be viewed asan inherent feature of doingbusiness in Ukraine, which leadsorganisations down a worryingpath where the organisationsthemselves provide a rational forpotential fraudsters, andtherefore increase theprobability of fraud.
The majority of Ukrainian respondentsthat experienced an economic crime in thelast 12 months estimated losses up to $5m
% respondents who experienced economic crime in the last 12 months
Global Economic Crime Survey December 2011
What actions are taken byorganisations against thefraudsters?
73% of perpetrators of internalfraud were dismissal and facedcivil actions, including recoveries.Notably, organisations have takenno action in 20% of incidents. In2009, this figure was only 3%, sothe increase represents a worryingstatistic.
In some organisations there seemsto be complacency or a wish to dealwith fraud in a low-key way. Wequestion this approach. Is it rightto keep the fraudster in theorganisation and to run the riskthat they might do it again? Wethink organisations should show‘zero tolerance’ towards fraud, andto set the right tone by dealing withthe fraudster officially, and byinvolving outside authorities.
How do organisationsdetect fraud?
Fraud detection refers to allmethods employed byorganisations to find out if aneconomic crime has beencommitted. In 2011, Ukrainianrespondents indicate that thefollowing methods are the mosteffective for revealing fraud.
In Ukraine the majority ofcrimes are detected with thehelp of Corporate Security. Only6% of frauds are identified byInternal Audit. The globalresults show a completelyopposite situation.
It is also worth mentioning that27% of respondents were notaware of the way fraud wasinitially detected, compared to10% globally. This means thatorganisations in other countriesmaintain a higher level ofawareness about anti-fraudprograms.
More than half of surveyparticipants (54%) do not use awhistle-blowing system.However, 82% of those whoemployed such a systemconsider it to be effective.
The following actions have beentaken by Ukrainian organisationsagainst external fraudsters:
• Informing law inforcement(71%);
• Civil actions, includingrecoveries (64%);
• Cessation of the businessrelationship (57%); and
• Notification of the relevantregulatory authorities (43%).
These figures coincide with theglobal statistics, as well as withthe results of the 2009 survey.
It is worrying that 43% said theirorganisation still has a businessrelationship with a fraudster–perhaps highlighting somefundamental concerns regardingthe culture of the organisation.
One out of every fiveinternal fraudstersdid not face anypunishment
27%
17% 17%
10%
7% 7%
3% 3%
9%10%
6%
11%
18%
10%
2%
14%
8%
21%
%
5%
10%
15%
20%
25%
30%
Don't know Corporate security(incl. IT and
physical security)
Tip of f(internal) Suspicioustransactionreporting
Fraud riskmanagement
By lawenforcement
Internal audit By accident Other
Ukraine Globally
Figure 6: Fraud detection methods used in Ukraine and globally in 2011
% respondents who experienced economic crime in the last 12 months
15
Terminology
Cybercrime incident response
mechanism
This would typically include in-house
technical capabilities to prevent, detect
and investigate cybercrime, access to
forensic technology investigators, media
and PR management plan, controlled
emergency network shut down procedures,
etc.
Economic crime or fraud
The intentional use of deceit to deprive
another of money, property or a legal right.
Espionage
Espionage is the act or practice of spying
or of using spies to obtain secret
information or using technology to act on
your behalf as a spy.
Fraud risk assessment
Fraud risk assessments are used to
ascertain whether an organisation has
undertaken an exercise to specifically
consider:
(i) The fraud risks to which operations
are exposed;
(ii) An assessment of the most
threatening risks (i.e. evaluate risks
for significance and the likelihood of
occurrence);
(iii) Identification and evaluation of the
controls (if any) that are in place to
mitigate the key risks;
(iv) Assessment of the general antifraud
programmes and controls in an
organisation; and
(v) Actions to remedy any gaps in the
controls.
Insider trading
Insider trading refers generally to buying
or selling of a security, in breach of a
fiduciary duty or other
relationship of trust and confidence,
while in possession of material, non
public information about the
security. Insider trading violations
may also include ‘tipping’ such
information, securities trading by the
person ‘tipped’, and securities trading
by those who misappropriate such
information.
Intellectual Property
infringement (including
trademarks, patents,
counterfeit products and
services)
This includes the illegal copying
and/or distribution of fake goods in
breach of patent or copyright, and the
creation of false currency notes and
coins with the intention of passing
them off as genuine.
Money laundering
Actions intended to legitimise the
proceeds of crime by disguising their
true origin.
Senior executive
The senior executive (for example the
CEO, Managing Director or Executive
Director) is the main decision maker
in the organisation.
Sustainability activities
Includes activities such as carbon
credit trading (buying and selling
carbon credits), or engaging in
projects which create carbon
emissions offsets.
Sustainability fraud
Fraud in relation to sustainability
activities (refer to sustainability
activities) such as carbon trading
markets, environmental claims or
statutory declarations.
Due to the diverse descriptions of
individual types of economic crime in
the legal statutes of different
countries, we developed the following
categories for the purpose of this
survey. These descriptions were
defined in the web survey to assist
respondents in completing the survey.
Accounting fraud
Financial statements and/or other
documents are altered or presented in
such a way that they do not reflect the
true value of the financial activities of
the organisation. This can involve
accounting manipulations, fraudulent
borrowings/raising of finance,
fraudulent application for credit and
unauthorised transactions/rogue
trading.
Anti-competitive behaviour
Includes practices that prevent or
reduce competition in a market such
as cartel behaviour involving collusion
with competitors (for example, price
fixing, bid rigging or market sharing)
and abusing a dominant position.
Assets misappropriation
(including
embezzlement/deception by
employees)
The theft of assets (including
monetary assets/cash or supplies and
equipment) by directors, others in
fiduciary positions or an employee for
their own benefit.
Corruption and bribery
(including racketeering and
extortion)
The unlawful use of an official position
to gain an advantage in contravention
of a duty. This can involve the
promise of an economic benefit or
other favour, or the use of
intimidation or blackmail. It can also
refer to the acceptance of such
inducements.
Global Economic Crime Survey December 2011
Contacts
PwC provides industry-focused assurance, tax and advisory services to build public trust and enhance value forour clients and their stakeholders. More than 169,000 people in 158 countries across our network share theirthinking, experience and solutions to develop fresh perspectives and practical advice. You can find out moreinformation by visiting www.pwc.com.
Forensic services
With the largest network of forensic services practices in the world, spanning 63 countries and employing over1,400 advisors, PwC firms can draw on a vast experience of dealing with difficult situations across a broadspectrum of industries in many jurisdictions.
Our fast-growing Forensic services practice in CEE employs over 70 professionals, including accountants,economists and IT professionals.
Our services include:
• Investigations• Fraud risk management• Commercial disputes• International arbitration• Transaction and shareholder disputes & investigations• Forensic technology solutions• Intellectual property services• Licensing management services• Insurance claims services• Anti-money laundering services• Capital project services• U.S. regulatory investigations and securities litigation
Forensic services team
Rafal Krasnodebski
Partner
Advisory services
rafal.krasnodebski@ua.pwc.com
Irina Novikova
Partner
Forensic services in Russia
irina.n.novikova@ru.pwc.com
Gennadiy Chuprykov
Senior Manager
Forensic services leader forUkraine
gennadiy.chuprykov@ua.pwc.com
Victoriya Tsytsak
Manager
Forensic services in Ukraine
victoriya.tsytsak@ua.pwc.com
Recommended