Cybercrime tops the list of current threats facing businesses, while emerging risks from ESG-reporting fraud and platform fraud could impact businesses in the future.
The tech, media and telecommunications sector experienced the highest incidence of fraud across all industries according to PwC’s Global Economic Crime and Fraud Survey 2022 which shows organisations’ perimeters are vulnerable and external fraudsters are becoming a bigger threat as attacks increase and become more sophisticated.
The survey of 1,296 business leaders from across 53 countries found that cybercrime, customer fraud and asset misappropriation were the most common crimes experienced by organisations, regardless of revenue.
Cybercrime tops the list of threats
Cybercrime poses the biggest threat to small, medium, and large businesses, after the impact of hackers rose substantially over the last two years. The rise of digital platforms opens the door to myriad financial crime risks, and 40% of those encountering fraud experienced some form of platform fraud. In this year’s survey results, cybercrime came in ahead of customer fraud, the most common crime in 2020, by a
substantial margin. 42% of large businesses reported experiencing cybercrime in the period, while only 34% experienced customer fraud.
Bruce Scott, cyber leader for PwC in the Caribbean, said, “Businesses are seeing an increase in threats from outside the organisation with perpetrators quickly growing in strength and effectiveness. Defence against these external threats requires new thinking. Organisations need to be more agile than ever to respond to these converging threats, and adopt new approaches and technologies to predict and prevent fraud.”
Nestle Maullon, senior manager, cyber, PwC Bahamas said, “Entities having a basic understanding of what cybercrime is and the reasonable controls they should implement, could safeguard from cyber threats.”
“In our PwC in the Caribbean’s Corporate Governance Survey, which was launched last month, 56% of Bahamian board members acknowledged that cyber/digital/technology needs more attention at the Board level. But the survey also revealed that 69% of them only somewhat understood the cybersecurity vulnerabilities their organisations were facing.
Hence, organisations must invest in cybersecurity awareness training from top to bottom. This sets the tone that proper planning assessments are essential to identifying the gaps, implementing the necessary solutions to close the gaps, monitoring and assessing the effectiveness of the implemented controls, and addressing areas for improvements. Management of cybersecurity is a process which never ends because cybercrime perpetrators are always motivated to find new victims.