Companies need to be more willing to spend on IT security in order to prevent cyber-crime as government enforcement ramps up
Awareness and incidence of fraud at US companies have risen over the past two years, according to the results of PwC’s Global Economic Crime Survey released on February 19.
The threats from economic crime continue to evolve, with increases in its occurrence being driven chiefly by greater dependence on technology and technology-enabled processes in all aspects of business, as well as companies’ growing interest in investing in opportunities in emerging markets, where corruption risk is much more prevalent.
In the latest survey, 67 percent of US respondents said their companies currently have or plan to have operations in high-risk markets, compared with 58 percent globally. Fifty-seven percent of US respondents said their companies had pursued opportunities in markets with elevated corruption risk in the past 24 months, relative to 38 percent of global respondents. In addition, perception of the risks of cyber crime climbed to 71 percent of US respondents from 61 percent 24 months ago.
The latest results show an increase in accounting fraud among US companies to 23 percent from 16 percent in 2011, and a rise in bribery and corruption to 13 percent from 7.0 percent two years ago. The prevalence of cyber crime climbed to 44 percent from 40 percent in 2011. Asked about procurement fraud for the first time, 27 percent of respondents said they had experienced it. Asset misappropriation, while still the most common type of fraud that US firms experience, dropped to 69 percent of respondents from 93 percent in 2011.
PwC hosted two panel discussions around issues raised in the survey on February 19 at its offices in New York. During the first, which focused on macroeconomic and global trends in economic crime, Pamela Passman, president and CEO of the Center for Responsible Enterprise and Trade and former deputy general counsel for global corporate and regulatory affairs for Microsoft, said the way that companies engage with their suppliers and distributors affects how effective they are in protecting their intellectual property assets. Companies need to extend their internal security practices concerning intellectual property to their suppliers and distributors instead of slicing and dicing them unnaturally.
Tom Ridge, president and CEO of Ridge Global and former Secretary of the Department of Homeland Security, cited a need for increased collaboration among companies in the same industries to identify and come up with solutions for combating economic crime. This could be facilitated by carving out safe harbor exceptions in regulations like antitrust statutes that stand in the way of such collaboration.
Prevention is the only logical solution in view of exorbitant fines that government agencies are levying against companies such as JP Morgan for economic crimes, Rob Kuzhami, a partner at Kirkland & Ellis and the SEC’s former director of enforcement, said during the second panel, on corporate responses to economic crime.
‘It’s going to get worse because the government is seeking greater tools and penalty authority,’ including requiring admissions of guilt as part of settlements and citing failure to supervise to hold senior executives accountable for misconduct among employees, Kuzhami said.
Companies shouldn’t wait for regulatory standards that will give them an idea of how much money they should spend on cyber-security, said Charles Beard, a principal at PwC.
‘There’s no single litmus test about what’s reasonable,’ he said. ‘It depends on the kind of business you’re in, the vertical markets you operate in, and where you operate.’ It’s likely that litmus the tests for spending on cyber-security will de facto be determined by the specific industry, with baseline regulatory standards being set by interviewing a company’s competitors, he added.
Compliance discussions among corporate boards too often are internally focused and not directed outward to how employees in remote locations deal with corruption risk in their day-to-day work, said Sandee Parrado, a partner at PwC. For example, facilitation payments that harbor masters require in order to unload imports in many ports amount to a ‘systematized racket’ and no company is willing to be first to refuse to do business in certain markets where such payments can’t be avoided, she said. That’s the kind of tough business strategy decision that boards need to be more willing to tackle, she added.