In Italy just over one out of five companies has been the victim of economic and financial fraud. In particular, the most widespread crime is embezzlement, which represents around 70% of declared fraud (+5% on 2014), followed immediately by corruption which, however, shows a much higher growth rate: from 13% in 2014 to 23% in 2015. Cybercrime is confirmed in third place, reported in 20% of cases (22% in 2014).
It reveals it PwC in the 2016 Global Economic Crime Survey, the largest survey conducted on the phenomenon of economic-financial fraud. The results were collected through over 6300 interviews in 115 countries, involving 142 Italian companies. 45% of respondents are members of governing bodies, while 30% are heads of a department/business unit. 59% of all respondents are from multinational companies and 37% from publicly traded companies. Respondents come from all sectors including: financial services (24%), consumer goods (14%), technology (7%), industry (35%) and professional services (6%). The survey was conducted between July 2015 and February 2016.
In 2015, 21% of the companies questioned suffered financial fraud in Italy. The good news is the slight reduction of the phenomenon: it was 23% in 2014. And that Italy does better than the world figure where 36% of companies have suffered financial and economic fraud. Even in this case, however, there is a slight decrease: it was 37% in 2014.
FRAUD DAMAGE INCREASING
ENERGY AND UTILITIES THE MOST AFFECTED SECTORS
However, despite the marginal decline in economic crimes overall, the financial cost of each fraud is increasing. In fact, 14% of those interviewed suffered losses of over 1 million dollars in the last two years. Given that it is particularly high in Italy, where 27% of companies declare damages exceeding one million euros. And for 7% of Italian organizations, the losses are between about 5 and 92 million euros (4% in the world figure).
In Italy, among the most affected sectors based on the responses, are: energy, utilities and mining (50%), financial services (35%), manufacturing (17%), professional services (11%). Globally, crime is highest in financial services (48%), state-owned enterprises (44%) and retail (42%). The sector that recorded the largest increase is aerospace and defense, with 9%, followed by transport and logistics (+8%), energy and utilities and mining (+6%).
The study also outlines the new identikit of the fraudster. About half of the most serious crimes were committed by employees of the company involved, both in Italy (43%) and worldwide (46%). Internal fraudsters are typically male college graduates, with three to five years of service, between the ages of 31 and 40, and hold a middle management executive position. Non the 2014 edition of the study, however, it belonged to senior management, more than 10 years with the company, male, aged between 41 and 50 with a secondary school education or university degree.
CYBERCRIME, TRUST IN LAW ENFORCEMENTS
BUT ARE COMPANIES READY?
In Italy, one company out of five (20%) has always been a victim of cybercrime. This offence, in third place in terms of frequency in Italy, is instead in second place in the world data with a rate of 32% (therefore ahead of corruption which stands at 24% worldwide). The phenomenon is growing: in six G20 countries (UK, USA, Italy, France, Canada and Australia) it is feared that within two years the main threat to their companies will be represented by cybercrime.
However, in Italy there is greater trust in the forces of order, engaged in the fight against cybercrime, compared to what emerges globally: almost half of the organizations (46%) believe that the forces of order are adequately equipped of tools to fight against cybercrimes, including hacker attacks and malware, against 23% globally. On the corporate readiness front, only 53% of companies have activated a prevention plan, albeit above the global average of 37%. Only four out of ten companies have fully trained first responders against security-related cybercrimes, while 20% have outsourced the IT Security function.
More generally, with reference to all economic-financial frauds, in Italy one out of four economic-financial crimes was discovered by the police forces. administrative and judicial authorities engaged in the fight against economic and financial crimes – reads the study by pwc – on the other hand, it highlights the fact that organizations are often late in identifying fraud and in dealing with the consequent huge financial and reputational damages”. Overall, a good 36% of frauds were intercepted through methods outside the management's control and influence (law enforcement, by chance, media investigative tools, other, I don't know).
To which is added another 13% of cases in which the fraud was instead intercepted through reports: external tip, internal tip, whistleblowing). “Here – he says pwc – the cases of fraud reported in Italy through whistleblowing are only 3%, probably because at the Italian level the whistleblower still does not feel sufficiently protected. At the moment, reports still take place mainly through traditional channels (eg anonymous letters)".
The remaining 47% instead passes through the internal control system (internal audit, 17%; monitoring of suspicious transactions, 17%; fraud risk management; 10%, company security, 3%). “In general, the survey shows that corporate detection and response plans are not keeping pace with the level and variety of threats they face – concludes Alberto Beretta, Partner Forensic Services at PwC – companies today, with a potential tendency to leave too much to chance when it comes to detecting fraud.” Among the recurring issues respondents cite are data quality, skills, resources, and management commitment, which combined mean many enterprise detection and control programs are failing to adequately protect them.
