The Threat Within: Insider Fraud on the Rise
November 23, 2015
75% of companies experienced a fraud incident in the past year, according to Kroll Global Fraud Report. 81% of companies affected by fraud reported insider perpetrators. Whistleblowers responsible for exposing 41% of fraud incidents.
Three quarters of companies (75%) have fallen victim to a fraud incident in the past year, a rise of 14 percentage points in just three years, according to the Kroll Global Fraud Report 2015-20161.
The findings reveal the biggest fraud threat to companies comes from within. Of those companies where fraud occurred and the perpetrator was identified, four in five (81%) suffered at the hands of at least one insider, up from 72% in the previous survey.
More than one in three victims (36%) experienced fraud at the hands of a member of their own senior or middle management, 45% at the hands of a junior employee, and for 23%, the fraud resulted from the conduct of an agent or intermediary.
Similarly, among companies that experienced information/data loss, theft or attack over the past 12 months, the most common cause was employee malfeasance, involved in 45% of incidents; with vendor/supplier malfeasance involved in 29% of incidents. By comparison, only a small minority involved an attack by an external hacker on the company itself (2%) or on a vendor / supplier (7%).
One in three (33%) executives responding to the survey cite high staff turnover as the main driver of increased exposure to fraud. This is more than twice as many who named the next highest driver of vulnerability to fraud, greater outsourcing (16%).
Tommy Helsby, Chairman, Kroll, commented: “Much media attention is focused on external threats to companies, highlighted by high profile cyber attacks, but the evidence revealed in our report and our day to day experience tells a different story. The respondents in this survey indicate the greatest single cause of fraud in their companies is their own employees. It is not enough for companies to protect themselves from outside threats – both external and internal vulnerabilities need to be addressed.”
Overall, 69% of businesses suffered a financial loss as a result of fraud, up from 64% in the previous survey. Theft of physical assets was the most common fraud experienced (22%), followed by vendor, supplier or procurement fraud (17%) and information theft (15%).
Percentage of Companies Affected by Different Types of Fraud
|Type of Fraud
||% of companies affected by this in the past 12 months
||% of companies describing themselves as highly or moderately vulnerable to this
|Theft of physical assets
|Vendor, supplier or procurement fraud
|Management conflict of interest
|Regulatory or compliance breach
|Corruption and bribery
|Internal financial fraud
|Misappropriation of company funds
Increase in Vulnerability to Fraud
Four in five respondents (80%) believe their organisations have become more vulnerable to fraud in the past year. Executives expressed particular concern around areas such as cyber risks, with more than half of respondents (51%) believing they are highly or moderately vulnerable to information theft. This increased awareness level has led to growth in the number of companies proactively looking after their information security requirements, with two-thirds (67%) reporting that they regularly conduct data and IT infrastructure assessments. A majority of respondents report they have an up-to-date information security incident response plan (60%) and have tested it in the past six months (59%).
The Globalisation of Businesses Increases Fraud Risk
In a global marketplace where many international businesses have thousands of companies in their supply chain, risks become more difficult to identify and keep under control. Executives say their companies are particularly at risk of threats such as vendor, supplier or procurement fraud, with half of respondents (49%) feeling highly or moderately vulnerable to this type of incident.
Some 40% of respondents felt highly or moderately vulnerable to corruption and bribery, another type of fraud that has the propensity to increase as companies expand geographically into new territories.
Indeed, in the past year, 72% of companies were dissuaded from operating in a particular country or region because of the heightened exposure it would bring to fraud. Latin America (cited by 27% of all respondents) was the region which saw most businesses turn away, but the other perennial region of concern, Africa, was not far behind (22%).
Whistleblowers: Key Defence Against Insider Fraud
In the past year, a whistleblower was at least partially responsible for exposing 41% of cases of fraud that were uncovered. This is well ahead of the next two most frequent sources of discovery, external audits (31%) or internal audits (25%).
The findings show that anti-fraud efforts can have an impact on the threat from within. Of those firms hit by fraud where the perpetrator was known, only 20% of those with management controls in place suffered at the hands of a senior or middle manager, compared to 31% of firms without such controls.
In an environment where insiders are the source of the problem, other employees who observe or become aware of what fraudsters are doing are the company’s strongest defence.
Tommy Helsby observed: “What our report and our day-to-day experience tell us is that despite companies making greater and more sophisticated efforts to combat fraud, it remains a serious business threat that cannot be completely eliminated. Furthermore, the adverse impacts of such incidents cannot be underestimated. Fraud is not going away and continues to be on the rise, but the well prepared business can do much to stay one step ahead and be positioned to eliminate or mitigate it.”
The Kroll Global Fraud Report 2015-2016 includes a full detailed industry analysis across a range of fraud categories and regions. To obtain a copy please click here.
Industry Report Cards
Regional Report Cards
Regional Press Releases
For further information please contact:
Ian Morris | +44 (0)161 932 1618 | [email protected]
Judith Massey, Citigate Dewe Rogerson | +44 (0)20 7282 2987 | [email protected]
Notes to editors:
Kroll commissioned the Economist Intelligence Unit to conduct a worldwide survey on fraud and its effects on business. Survey results were gathered between January and March 2015. A total of 768 senior executives took part in the survey from a wide range of industries, including Financial Services; Professional Services; Retail and Wholesale; Technology, Media and Telecommunications; Healthcare and Pharmaceuticals; Travel, Leisure and Transportation; Consumer Goods; Construction, Engineering and Infrastructure; Natural Resources; and Manufacturing.
Respondents were senior, with 50% at the C-suite level. Over half (51%) of participants represent companies with annual revenues of over $500 million.
Respondents this year included 29% from Europe, 25% from North America, 24% from the Asia-Pacific region, 10% from Latin America and 12% from the Middle East/Africa.
Please see below for key findings and graphics, including a detailed look at the industries, regions and types of fraud covered in the report.
Kroll is the leading global provider of risk solutions. For more than 40 years, Kroll has helped clients make confident risk management decisions about people, assets, operations, and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services. Headquartered in New York with more than 50 offices across nearly 30 countries, Kroll has a multidisciplinary team of over 2,000 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies, and individuals.