{{item.videoDuration}}
{{item.title}}
{{item.text}}
{{item.videoDuration}}
{{item.title}}
{{item.text}}
For more than 20 years, PwC’s Global Economic Crime and Fraud Survey has investigated trends around the world. This year’s survey enquired about organisations’ attitudes towards economic crime in the current environment. It drew responses from 2,319 executives across 53 countries and regions, including New Zealand.
We have pulled the results into five separate summaries covering the key takeaways from the latest data. Part One: Economic crime is increasing, but are you surprised? provides a summary of the main survey results and shares the top level insights. Part Two: Fraud in a Pandemic: What do the numbers tell us and should we be concerned? examines the effect of COVID-19 on fraud and the changes organisations experienced as a result of the pandemic. Part Three: Fraud is out there, but who is behind it? focuses on the types of perpetrators that are the most disruptive for businesses and the potential financial impact of this disruption. Part Four: ESG Fraud: are you ready to meet the challenge? delves into the emerging threat of ESG fraud, focusing on what ESG fraud is, how it manifests and what you can do to stay ahead of it. In this final edition, we look into the increased risk of platform and supply chain fraud to New Zealand businesses, and how to limit your organisation’s exposure to these risks.
2:10
Philip Riley - GECS Part 5 v2
Part Five: Platform and supply chain fraud - what do we need to know?
What is platform fraud?
What type of platforms do organisations find most impacted?
What should organisations do about platform fraud?
Supply chain fraud
Case Study: Supply chain fraud
What is platform fraud?
Platform fraud is the risk that an organisation fails to prevent internal or external parties from engaging in financial crime or other abuse of the organisation's digital platform/s
The digital platforms regularly exposed to platform fraud include systems and services used by organisations to operate their business and serve their customers, such as financial, knowledge, media sharing, and enterprise platforms. These enterprise platforms extend to include services platforms for flight, accommodation, or ride sharing services, as well as the platforms through which you might sell or purchase goods and services, and otherwise interact with customers and stakeholders.
The most common type of platform fraud are fraudulent transfers to or from a platform. Platform fraud tactics range from basic unauthorised digital purchases such as theft of credit card details used to purchase goods and services, to more complicated methodologies like identity theft. Known scams involve creating fake buyers and customers, using stolen identities, and drop-shipping scams in which fraudulently purchased items are on-sold to legitimate customers.
Other examples of platform fraud include:
Unauthorised access to an organisation’s enterprise knowledge and document platform to steal or distribute confidential or sensitive commercial information
An employee abusing access rights to their organisation’s financial system to make or authorise payments to their own bank account, and
Compromise of an airline's loyalty platform to steal customer data, such as credit card details and airpoints
What type of platforms do organisations find most impacted?
Almost 50% of respondents reported that their organisations have experienced fraud or financial crime on their financial platforms.
Financial platforms are any online services which allow users to manage financial transactions such as banking, payroll and invoicing. As financial platforms are central to any organisation’s operations, it is not surprising that this is an area that is commonly targeted by fraudsters and it is understandable that almost half of all global respondents reported experiencing this type of fraud in the last 24 months.
The outcomes of the frauds occurring on financial platforms are often lucrative and come at a large cost to the organisations victimised. A further 38% of respondents reported that they had experienced fraud and financial crime across their enterprise platforms, including customer relationship management systems, email and human resource systems. Of those respondents who reported experiencing fraud on their enterprise platforms, this is most commonly being carried out by fraudulent attacks on the platform such as malware, phishing attacks or ransomware.
Digital platforms support a significant exchange of value in a multitude of forms, so the rise of these platforms continues to expose organisations to fraud and corruption risk.
What should organisations do about platform fraud?
40% of respondents reported that identity theft or account takeover has been the primary method of platform fraud in the last 24 months. This is closely followed by unauthorised card or digital fraudulent transactions, which 37% of respondents reported as a method of platform fraud. The methods of how platform frauds are carried out is extensive and includes a myriad of methods such as victim initiated fraudulent transactions (scams), phishing or spoofing attacks, malware, unauthorised transfer or removal of data, and device theft or cloning.
Just as platforms are enterprise-wide, so is the impact. A defining characteristic of platform fraud is how the impact spreads beyond each single event to infiltrate across the organisation. The sophistication and diversity of fraud methodologies means it is increasingly important for organisations to implement robust risk management and critically assess the nature of the platform fraud threats they face. Comprehensive risk management includes policies and procedures, and fraud prevention strategies and frameworks.
In addition to specific activities to manage fraud risks on your digital platforms, there are key enterprise actions organisations can take to enhance their resilience:
A comprehensive process for onboarding new employees is essential, including conducting employee due diligence and monitoring, on a risk basis, and providing training to increase awareness of fraud methodologies and keep staff safe.
Third parties can play critical roles in the development, delivery, operation and maintenance of digital platforms, and can represent vulnerabilities in managing platform fraud risk. Organisations should ensure they have an effective programme and framework to manage third party risks.
Personal financial gain is one of the most common motives behind perpetrated frauds (59% of respondents), and can occur regardless of the tier level or role of the individual. Comprehensive compliance training and appropriately targeted internal review procedures are some of the ways organisations can prevent fraud from occurring within the business.
Almost 50% of global respondents reported that platform frauds are committed by external perpetrators, an increase from 41% from the 2020 GECS results. Of the reported external actors, hackers are identified as responsible for nearly half of the reported platform frauds. This is closely followed by customers at 24% and vendors at 19%. This is indicative of the growth in online platforms as a response to the COVID-19 pandemic, and the increased opportunities for malfeasance.
Detection and prevention of external fraud may be more challenging for organisations, however, the use and implementation of technology, software, and checks and balances may provide a level of protection from certain frauds such as hacking and phishing.
59% of global respondents stated that financial gain was the main motive behind the platform fraud that their organisation had experienced.
Supply chain fraud
Almost 45% of global respondents identified misconduct within its supply chain over the last 24 months
Of the 44% of respondents who had identified misconduct within their organisation's supply chain, 89% of organisations reported that there were remedial implications and actions required as a result of the misconduct, including penalties, employment terminations and enhanced monitoring. Supply chain issues are not just internal - over 80% of respondents reported that third party supply chains presented misconduct and fraud issues requiring remedial activities. Examples of these activities include third party audits and monitoring, enhanced supplier training and awareness, contract re-negotiation or supplier termination. Over 55% of respondents reported that they have either already fully or partially implemented third party monitoring within their organisation.
Over 80% of global respondents have already fully implemented a company-wide risk assessment and identified an individual responsible for managing supply chain risk within their organisation. Both are crucial steps to limit and reduce exposure to supply chain fraud.
80% of global respondents reported they have fully or partially implemented both a company-wide risk assessment and identified leaders responsible for managing supply chain risk. The novel challenges across supply chains require a comprehensive risk assessment to assist with identifying new threats and to take action to protect your people, resources, reputation, and reduce the likelihood of fines and or other regulatory action resulting from non-compliance with local laws and regulations.
Case Study: Supply chain fraud
A NZ business which provides critical services in the supply chain for a diversified multi-national received allegations of conflicts of interest, customer overcharging and misappropriation of materials, along with other employee misconduct and safety breaches. PwC was engaged to perform an independent investigation to understand the facts of the allegations, and quantify the workforce, financial and operational impact on the supply chain of their global partner so that our client could effectively resolve the issue.
We used forensic tools to review electronic data of relevant individuals, including mobile and laptop devices, and identified communications regarding unauthorised access to facilities, deceitful misuse of materials, along with evidence of other employee misconduct. Additionally, through forensic accounting analysis of transactions, payments and supporting documentation, we quantified misrepresentation of services performed and potential overcharging. Our report of factual findings was instrumental in identifying areas to enhance the resilience of key components of the supply chain.
The matter highlighted the interdependency of the global supply chain, with multiple parties playing different, and yet critical roles, to ensure ongoing and effective operation. It is clear that the misrepresentation also intertwined with individuals looking for gaps in processes and records, at any point in the chain. It also showcases that collaboration between employees and/or suppliers to commit economic crime is also a common factor in corruption, and especially in relation to supply chain.
How we can help
We protect your business value and reputation, and closely manage the risks associated with fraud, financial crimes, regulatory challenges and other unplanned events through our industry experience and forensic technology. Our Forensics Services team can provide the following services:
Forensics Investigations
Digital Forensics & Incident Response (DFIR)
Anti-Money Laundering, Countering Financing of Terrorism, and Sanctions compliance
Forensic Accounting
Fraud Prevention, including maturity and risk assessments
Protected Disclosure and Whistleblower Services
{{filterContent.facetedTitle}}
{{contentList.loadingText}}
{{contentList.loadingText}}
Contact us
Follow us
