The world is changing, but is fraud too? A five-part series

Part Two: Fraud in a Pandemic: What do the numbers tell us and should we be concerned?

For more than 20 years, PwC’s Global Economic Crime and Fraud Survey has investigated trends around the world. This year’s survey enquired about organisations’ attitudes towards economic crime in the current environment. It drew responses from 2,319 executives across 53 countries and regions, including New Zealand. 

We have pulled the results into five separate summaries covering the key takeaways from the latest data. Part One: Economic crime is increasing, but are you surprised? provides a summary of the main survey results and shares the top level insights. In this second summary, we look at the effect of COVID-19 on fraud and the changes organisations experienced as a result of the pandemic.

Part Two: Fraud in a Pandemic

What do the numbers tell us and should we be concerned?


The effect of COVID-19 on fraud
Increased security risks from remote working
Health organisations face increased fraud risk
Disinformation/misinformation is an emerging type of fraud
The rise of a ‘cyber pandemic’

The effect of COVID-19 on fraud

As a result of the disruption caused by the pandemic, organisations experienced an increased risk in relation to cybercrime, customer fraud and procurement fraud.

Disruptive events can alter the risks organisations face, exposing new vulnerabilities and shifting priorities. Our New Zealand respondents reported that as a result of the disruption caused by the pandemic, organisations experienced an increased risk in relation to cybercrime, customer fraud and procurement fraud. Although these are common fraud risks for organisations, it’s interesting to note that organisations are still seeing an increased risk in these areas, where there are already developed controls in place.

71% of global respondents experienced an increased risk of fraud, corruption, or other financial crime as a result of the disruption caused by the COVID-19 pandemic.

In light of the headline above, 51% of those global respondents cited an increase specifically in conduct fraud, particularly customer, supply chain, procurement, and human resources fraud. COVID-19 forced businesses to change and adapt standard operating procedures, including accommodating staff working from home, which led to an increased exposure to fraud risk. As the world emerges from the restrictions of COVID-19, organisations should consider the lessons learned during the pandemic, whether today’s processes and controls remain fit for purpose, and how they will ensure a secure operating environment moving forward.

Increased security risks from remote working

COVID-19 and the significant and sudden increase in remote working changed formal controls for many organisations. This resulted in various control changes including the reduction of immediate, informal, and in-person supervision of staff. Remote working meant that there were less opportunities for managers and supervisors to provide ‘in-the-moment’ feedback or supervision of work. Also, remote working reduced engagement and reduced the sense of belonging. The combination of all these critical factors increased the overall likelihood and opportunity for fraud to occur.

Health organisations face increased fraud risk

54% of health organisations reported experiencing economic crime over the last 24 months (8% above the average).

The pandemic has shaken up our work environment in more ways than one. 54% of health industry organisations reported experiencing economic crime over the last 24 months - 8% over the global average. Health organisations remain at the forefront of the pandemic response and unique to their operations some critical functions remain in person while others such as administrative or corporate activities can be performed remotely. This hybrid in person and remote working model, combined with the stress not only on staff, but also on how daily operations have had to continuously change and reflect their environment, has increased  the risk of fraud. 

Additionally, the rotation of staff into roles that may be outside their normal areas of responsibility, the impact on the medical supply chain and reliance on complex third party relationships are contributing factors driving higher fraud risk. For health industries in particular, there has been a significant increase in workload, naturally resulting in a higher pressure and more stressful environment for employees. This has led to employees feeling less engaged with their roles and organisations, and has resulted in more frequent opportunities for fraud to occur.

Disinformation/misinformation is an emerging type of fraud

Disinformation/misinformation fraud was a new type of fraud encountered by nearly 10% of global organisations due to the pandemic.

Disinformation or misinformation fraud, the deliberate spreading of false information for personal gain, emerged for organisations due to the disruption caused by the pandemic. In the age of social media, large groups of people can be more easily targeted and purposefully fed misinformation. Misinformation and disinformation take various forms such as:

  • chain messages

  • “deepfakes” where videos or photos of a person’s face or body has been digitally altered so that they appear to be someone else, typically used maliciously or to spread false information

  • phishing via voice, text and email. 

All of these can cause financial and reputational damage to the organisations affected. Individuals who fall victim to misinformation and scamming campaigns are at risk of potentially significant financial loss. Disinformation can lead to breakdowns in public trust in public and private organisations, with serious flow-on effects for social cohesion.

The rise of a ‘cyber pandemic’

21% of global respondents experienced cybercrime as a new type of fraud as a result of the disruption caused by COVID-19.

Unsurprisingly, many organisations experienced cybercrime for the first time as a result of COVID-19. As organisations responded to the global pandemic by shifting working environments and enabling work from home policies, the rate of cybercrime increased resulting in a ‘cyber pandemic’. In response to the immediate shift to working from home, organisations faced difficulties in maintaining the same level of security and control outside of their usual office locations. The change in operating environments and the lack of usual security and control protocols, resulted in increased exposure to cyber threats. In addition to the change in working environments, cyber criminals took advantage of the global shift of focus to the health crisis, resulting in lowered cyber defences and more opportunities to target. Our statistics show that this was the single most common new type of fraud that organisations encountered due to the pandemic. 

So far, the data does not show an increase in economic crime in most areas over this pandemic. However, it is important to remember that history shows that economic crime trends will not emerge immediately, and sometimes are only clear in hindsight. Organisations should remain vigilant to the threat of fraud, even if it doesn’t immediately appear that the COVID-19 pandemic particularly impacted their operations and/or customers.

The key takeaways

Disruptive events can alter the risks organisations face, opening you to new vulnerabilities and shifting your priorities. As we navigate the impacts of the global pandemic, it’s critical to reexamine your risks and your work environment. Ask yourself:

What has the potential to knock you off your strategy?

 

Do you have a fraud and corruption risk assessment? If so, is it up to date and/or what has changed since you completed it?

With more employees working remotely, what controls are in place to prevent Intellectual Property (IP) theft by employees?

If electronic signatures are now used more regularly, are they really still appropriate and if so, what controls are in place to ensure these are only used when authorised and is a register kept of their use?

What learnings can you take from operating in a global pandemic and apply to short and longer-term risk possibilities? 

Are you able to trust that your employees are working from a suitable home environment where they are enabled to safeguard sensitive client or organisational information?

Does your organisation have the right skills and capabilities to address your risks, including designing and testing new controls? This is particularly important for businesses recently exposed by the pandemic or other major events or fraud incidents. 

Does your organisation have processes and procedures in place to respond to a major cyber security or fraud event? What risk response strategies do you have in place to respond quickly and effectively to these types of incidents? 

Are you able to trust that your employees are working productively and efficiently while working remotely? How are you ensuring that your organisation is not becoming a victim to theft of time and productivity in remote working arrangements? 

How we can help

PwC’s Forensic Services team uses global methodology to help clients to build trust and closely manage the risks associated with business fraud, financial crimes and other irregularities. Our Forensics Services team provide the following services:

  • Forensics Investigations

  • Digital Forensics & Incident Response (DFIR)

  • Anti-Money Laundering, Countering Financing of Terrorism, and Sanctions compliance

  • Forensic Accounting

  • Fraud Prevention, including maturity and risk assessments

  • Protected Disclosure and Whistleblower Services

Our community of solvers come from a wide variety of backgrounds, such as law enforcement, accounting and IT – both in New Zealand and overseas. Skills developed from these diverse backgrounds have been integrated to produce methodologies that focus on the particular needs of the client.

This approach includes the use of experienced investigators, forensic accountants, computer forensic specialists and background researchers, and with representation in over 140 countries, we can call upon our global PwC community of solvers. That means we benefit from lessons learnt worldwide and are able to apply tried-and-tested global methodologies and practices here in New Zealand. We are globally organised, yet locally based.

Contact us

Stephen Drain

Stephen Drain

Partner, PwC New Zealand

Tel: +64 21 196 2500

Philip Riley

Philip Riley

Director, PwC New Zealand

Tel: +64 22 366 3314

Follow us