70% cos lack effective mechanism to tackle frauds

by CXOtoday News Desk    Dec 04, 2012

fraudEnterprises in India are reeling under rising incidents of frauds, according to an India Fraud Survey Report 2012 released by KPMG, with over 70 percent of companies claiming they had no effective mechanism in place to mitigate risks from futuristic frauds.

The report revealed that cyber crime, intellectual property fraud including counterfeiting and piracy, and identity theft were the top fraud concerns. Frail internal control system and unpreparedness within the management were considered to be the key reasons for most of these frauds.

Highlighting the under-preparedness among companies to tackle futuristic fraud, the survey noted that nearly 78 percent of respondents were unaware of the risks associated with intellectual property infringement, counterfeiting or piracy. In case of cyber crime, while over 80 percent respondents had policies on accessing external websites and social media from their office networks, 40 percent said their companies did not have specific guidelines on the kind of information that could be shared on social media. Around 53 percent of respondents said they had faced identity theft (for e.g. through password sharing, social engineering or malwares) and yet did not have a policy to mitigate these incidences.

“Over the last decade knowledge has emerged as a key organizational asset. It is only natural that fraudsters will target these assets, as they are much more valuable to companies today,” said Rohit Mahajan, Partner and co-Head, Forensic Services, KPMG in India. He believed futuristic frauds that were identified rely on technology and allow fraudsters to work in groups to leverage their full might. Irrespective of size, sector and operations, every company was vulnerable.

Mahajan believes that technology is changing the fraud landscape and challenging the boundaries of fraud risk management. By misusing technology even relatively simple frauds like those in procurement, can become sophisticated and difficult to detect. The frameworks that were sufficient to mitigate simple frauds are no longer effective against these sophisticated frauds“, he said.

The study observed a high reliance on internal mechanisms such as general process controls and compliance frameworks to detect and prevent futuristic frauds. While whistleblower hotlines were identified as an efficient method to uncover fraud or misconduct within organizations, only 50 percent of respondents said they had established such a hotline in their organization. Further, only half of the respondents said they had implemented process specific controls, employee and third party due diligence, whistleblower hotline, and a framework to monitor compliance with the code of ethics.

“A one-size-fits-all framework cannot help mitigate emerging fraud risks. This is because each risk manifests itself uniquely. Companies need to be aware of the various possible modus operandi, perpetrators and gaps in internal controls. Only then can they develop an effective risk mitigation framework,” said Mahajan. He cited comprehensive information security measures, protection of personal information, physical security measures, and robust access protocols, along with periodic reviews as some measures that could be adopted to tackle futuristic frauds holistically.

Financial services, IT and entertainment were identified as sectors most prone to frauds, owing to their high dependence on technology as well as large amount of confidential and transactional data stored in electronic form.