57% of South African firms believe they’ll experience cybercrime in the next 2 years – PwC report


South African organisations reported a considerably higher frequency in the incidence of economic crime in comparison to their African and global peers, with more than two in three organisations (69 per cent) indicating that they had been victim to economic crime in the last 24 months, according to PwC’s biennial Global Economic Crime Survey issued today.

Louis Strydom, Forensic Services Leader for PwC Africa, says: “Economic crime remains a serious challenge to business leaders, government officials and private individuals in South Africa. In this survey, we have found that the trend has remained unchanged from 2014, with 69 per cent of South African respondents reporting that they had experienced economic crime in the last two years.

“When compared to the global statistic of 36 per cent, we are faced with the stark reality that economic crime is at a pandemic level in South Africa. No sector or region is immune from economic crime.”

Sixty-eight percent of French and 55 per cent of UK respondents also reported high increases in the rate of economic crime in the past 24 months, both up 25 per cent when compared to 2014. Sixty-one percent of Zambian respondents reported economic crime, up 31 per cent over 2014. “The fact that developed countries are included in the list of the top ten countries reporting the highest rates of economic crime brings home a clear message – economic crime is a global issue and one that affects developed markets as much as it does emerging ones,” adds Strydom.

According to the survey findings, South Africans also exhibited significantly low levels of confidence in local law enforcement agencies, with 70 per cent of organisations believing agencies are inadequately resourced and trained to investigate and fight economic crime. This is almost twice the global rate of 44 per cent.

The 2016 Global Economic Crime Survey interviewed 6,337 participants in 115 countries. In South Africa, 232 organisations from a broad spectrum of industries took part in the survey. The main aim of the survey is to inform South African business leaders about developments in the continuously changing landscape of economic crime in the country and to encourage debate around strategic and emerging issues in this sphere.

The survey found that asset misappropriation remains the most prevalent form of economic crime reported by 68 per cent of respondents. It is followed by procurement fraud (41 per cent), and bribery and corruption (37 per cent). Cybercrime has risen to the fourth most reported type of economic crime in South Africa (up two places from 2014), with 32 per cent of organisations affected, on par with the global average.

Overall rates for economic crime: Globally, the overall rate of economic crime reported has fallen for the first year since the financial crisis, but only marginally – to 36 per cent from 37 per cent in 2014. Regionally, lower levels of economic crime are reported in North America (37 per cent vs 41 per cent), Eastern Europe (33 per cent vs 39 per cent), Asia Pacific (30 per cent vs 32 per cent)) and Latin America (28 per cent vs 35 per cent). The rate of economic crime rose in Africa (57 per cent vs 50 per cent), Western Europe (40 per cent vs 35 per cent) and the Middle East (25 per cent vs 21 per cent).

Cost of economic crime: Economic crime is costing businesses billions of dollars. While more than half of the global organisations surveyed reported having lost less than US $100, 000 to economic crime over the last 24 months, only 43 per cent of South African organisations could make that claim. Almost a fifth of local respondents experienced losses of between US $100,000 and US $1 million, and one in four respondents indicated having suffered losses of more than US $1 million.

The fraudster profile: For the first time since 2009, external actors exceeded internal actors as the dominant profile of fraudsters acting against an organisation (46 per cent external versus 45 per cent internal). South African organisations were reported to be more than twice as likely to be defrauded by vendors compared to the rest of the world. Reports of senior management perpetrating economic crimes against the organisations they work for more than halved from the previous survey (from 41 per cent to 15 per cent), while middle management appear to have taken centre stage, with 39 per cent of fraud being perpetrated by internal actors emerging from this band.

Cybercrime: Incidents reported were up 23 per cent when compared to the previous survey conducted in 2014. More than half of organisations (57 per cent) believe it is likely that their organisations will experience cybercrime in the next 24 months. Most companies are still not adequately prepared for, or even understand the risks faced, with only 35 per cent of organisations reporting they have a fully operational cyber incident response plan in place. It is concerning to note that should a cyber crisis arise, only 34 per cent of organisations have personnel that are ‘fully trained’ to act as first responders, and 20 per cent of companies indicated that they will make use of outsourced personnel.

Bribery and corruption: Over half (56 per cent) of South African respondents say that top management would rather allow a business transaction to fail than have to use bribery. Fifteen percent of respondents that hailed from mainly the private sector organisations had been asked to pay a bribe in the past two years, and another 12 per cent believe they lost an opportunity to a competitor that may have paid a bribe. More than half of South African respondents believe it is ‘likely’ that they will experience bribery and corruption in the next two years.

Anti-money laundering: Poor data quality and skills shortages are undermining the efficacy of AML systems. Only 50 per cent of money laundering and terrorist-financing incidents in financial services organisations were detected by system alerts. One in three South African organisations experienced difficulty in sourcing personnel with skills in the areas of anti-money laundering/combating the financing of terrorism. More than a third of financial services respondents that have undergone inspections by regulators had to address major findings.

Overall, the report finds that business detection and response plans are not keeping pace with the level and range of threats now facing organisations, with a potential trend of too much being left to chance.

Trevor White, partner, Forensic Services and Global Survey Leader, PwC says: “While it is a positive sign that there has been increased detection by means of whistle-blowing hotlines, far too much, is being left to chance by organisations – economic crimes discovered by accident more than doubled  from 6 per cent in 2014 to 14 per cent in 2016. Another eight percent of survey respondents could not even tell us how serious economic crimes against their organisations were detected.”

“With a greater focus in recent years on the responsibility of management and boards insofar as good corporate governance practices are concerned, ignorance of matters affecting your company, and in particular a passive approach to detecting and preventing economic crime – is an open invitation for disaster, not only from a corporate perspective but on a personal level as well.”