Young and tech-savvy managers living beyond their means have become the leading perpetrators of corporate fraud, costing organisations billions in losses.
A study by KPMG, ‘Profile of a Fraudster’, shows that in technology-enabled frauds the culprit tends to be youthful, aged between 26 and 45 years. About 34% of them are executives or non-executive directors, 32% are managers whereas 20% are staff members.
The study shows that men are more likely to defraud their employers compared to their female counterparts. “Seventy-nine per cent of fraudsters are men, (though) the proportion of women has risen to 17% from 13% in 2010,” said KPMG in the study report.
About 42% of female perpetrators are staff members (down from 46% in 2010), 38% are managers (up from 28% in 2010) and 13 per cent are executives. Their male counterparts accounted for only 15% of fraudsters at the staff level and 32% at the managerial level.
Most notorious swindlers have worked for an organisation over six years (38%), hence giving them manoeuver tactics around the firm’s finances. While technological advances may well provide the means for fraudsters to penetrate vulnerabilities, they also provide powerful tools in strengthening companies’ defences against fraud.
However, KPMG’s survey suggests that technology is more frequently used in perpetrating fraud than in detecting it. “As technology becomes more advanced, so too do the schemes to use it maliciously,” says KPMG associate director for forensic services, Mark Bunyi. “While it’s clear that fraudsters are all too comfortable making use of technology to perpetrate a fraud, we are seeing little evidence that companies are doing the same to prevent it.
Threat-monitoring systems and data analytics are must-have for organisations on the lookout for suspicious behaviour. The KPMG study shows that over 65% of fraudsters are employed by the victim organisation while 21% are former employees. Most fraudsters are perceived to be well-respected (38%) while 10% are of low repute — their sense of superiority being stronger than their sense of fear or anger.
KPMG has also uncovered how online black market dealers are recruiting company insiders for trade of crucial cyber routes to enable them to sidestep internal controls and steal.
Apparently, staff provides a backdoor that allows infected machines to establish encrypted connections with command and control servers so that e-mail, corporate documents and other confidential information can be obtained by criminals.
The most-prevalent fraud is misappropriation of assets (47%), which is mainly embezzlement and procurement fraud, followed by fraudulent financial reporting (22%).
Banks are biggest casualties
In Kenya, banks are among the biggest casualties of cybercrime, losing an average Ksh15 million daily in multi-faceted fraud by insiders. Bank employees reportedly swindle banks through Automated Teller Machines (ATMs), suppression of customer deposits, fraudulent conversion of cheques and deceitful transfer and withdrawal of deposits.
Globally, organisations lose an estimated five per cent of their annual revenues to fraud, translating to total loss of $3.5 trillion (Ksh350 trillion) according to Certified Fraud Examiners.