Well this is just great: a new report finds that fraud is rising across Corporate America, as cyber thieves and scam artists try to take advantage of the confusion spawned by companies responding to the Covid-19 crisis.
The report, published by the Association of Certified Fraud Examiners on Tuesday, surveyed more than 1,800 anti-fraud professionals in late April and early May — that is, well into the Covid-19 crisis that began in early March. Some of the big findings…
- 68 percent said they had already seen an increase in fraud activity at their organizations since Covid-19 began;
- 93 percent expect fraud to increase over the next 12 months, and 51 percent expect a significant increase;
- Cyberfraud (defined as business email exploits, malware, and ransomware) is leading the way, with 81 percent of respondents already seeing an increase in those specific threats in the last three months.
Vendor scams, identity theft, insurance fraud, embezzlement; the ACFE asked about 10 different types of fraud, and respondents said they had already seen increases in every single one. See Figure 1, below.
The good news, if we can call it such, is that half of respondents also say their anti-fraud budgets will increase in the coming year, and another 43 percent said their budgets will hold steady. Only a handful of organizations are making the short-sighted decision to cut anti-fraud budgets in these scammy times.
Also interesting is that only 28 percent of respondents expect to increase anti-fraud staffing — so those budget increases presumably are going more toward technology investment, training, or perhaps even compensation increases. (Hey, one can dream.)
The Other Covid-19 Challenge
ACFE also polled the audience about how difficult it is to investigate and prevent fraudulent behavior these days, and that’s not looking good either. Solid majorities said preventing, detecting, and investigating fraud have all become harder since corornavirus first struck.
Why, you ask? See Figure 2, below. It lists the various obstacles ACFE respondents cited. By my count, at least the first eight challenges all spring from changes businesses have made to their operations thanks to Covid-19.
First, this poses a lot of new challenges for internal audit when it performs a fraud risk assessment. Not only are the risks rising, but your internal control regime may be weakening.
Second, your own ability to assess and mitigate fraud risk will be weaker too, because standard audit and mitigation techniques are just as thwarted by Covid-19 as everything else. We alluded to this issue in a post earlier this week about Sarbanes-Oxley compliance, and it’s just as true here.
If you want to take a deeper dive into these details, for the last two months I’ve been running a podcast sponsored by Navex Global, Coping Through Covid, exploring compliance issues arising from the crisis. We have a few episodes worth your time:
- One talking about how to conduct internal investigations remotely;
- Another about shifting fraud risks and how to anticipate them;
- A third about risk assessments and consequent changes to corporate policy.