DUBAI--(BUSINESS WIRE)--Fraud, cyber, and security incidents are now the “new normal” for Gulf companies, according to the executives surveyed for the 2016/17 Kroll Annual Global Fraud and Risk Report1. The proportion of executives that reported their companies fell victim to fraud in the past year rose significantly to 88%, from 62% in 2015, highlighting the escalating threat to corporate reputation and regulatory compliance. The Gulf region saw the highest rise in fraud incidents of any region across the world.
Cyber incidents were even more commonplace with 90% of executives surveyed saying their company has suffered a cyber incident over the past 12 months. Over eight in 10 (82%) reported the occurrence of at least one security incident over the course of the year.
The threat from within
Despite widespread concerns about external attacks, the findings reveal that the most common perpetrators of fraud, cyber, and security incidents over the past 12 months were current and former employees.
Senior or middle management were cited as key perpetrators in two-fifths (36%) of fraud cases, followed by junior staff (34%). Third party entities were also considered to have significant roles in most fraud incidents, with joint venture partners, vendors, suppliers and agents names by around a quarter of respondents. Former employees were also identified as responsible for 20% of incidents reported.
Over half of respondents (56%) said insiders were the key perpetrators of security incidents, with permanent employees the most common of these (24%).
Tom Everett-Heath, Regional Managing Director, commented: “This year’s Kroll Global Fraud and Risk Report has the highest proportion of companies reporting fraud and rising levels of cyber and security breaches. The impact of such incidents is significant, with punitive effects on company revenues, business continuity, corporate reputation, customer relations, and employee morale, as well as the risk of regulatory intervention.
“With fraud, cyber, and security incidents becoming the new normal for companies all over the world, it’s clear that organizations need to have systemic processes in place to prevent, detect, and respond to these risks if they are to avoid reputational and financial damage. As important is the need for effective, thorough and timely responses when incidents are detected.”
Increasingly complex threats
The incidence of fraud in the GCC was 6% above the global average of 82%. The vast array of perpetrators and ever-evolving nature of incidents also reflect an increasingly complex risk management environment across the region.
A broad range of cyber incidents were reported. The single most common types of incident reported was a virus or worm infestation, reported by almost one-third of all companies (30%) and data deletion or loss due to system issues (30%).
In the age of big data, a fifth (20%) of respondents said data breaches resulted in loss of customer or employee data, while 16% reported loss of IP, trade secrets, or R&D. More than one in four (26%) suffered data deletion or corruption caused by malware or system issues, and 10% were victims of data deletion by a malicious insider.
The road to resilience
While insiders are cited as the main perpetrators of fraud, they are also the most likely to discover it. Half (50%) of respondents in the GCC said that a recent fraud had been discovered through a whistleblowing program, and 30% said it had been detected through an internal audit.
Indeed, a majority of respondents indicated that their companies have adopted employee-focused anti-fraud measures such as staff training or whistleblowing hotlines. Almost three-quarters of respondents have adopted anti-fraud measures focusing on information such as IT security or technical countermeasures, and 68% have implemented physical security measures.
Daniel Turner, an Associate Managing Director in Kroll’s Dubai office, commented: “The incidence of fraud, cyber and security incidents in the region continues to climb markedly. Companies are increasingly operating in a global business environment fraught with high and mounting risks and repercussions. These risks can be mitigated through the adoption of a conscious and proactive approach and through the implementation of employee and partner education programs and a tighter set of policies that help remove avoidable errors and poor business practices.”
1 The Kroll Annual Global Fraud and Risk Report 2016/17 includes a full detailed industry analysis across a range of fraud categories and regions. To obtain a copy please visit http://www.kroll.com/global-fraud-report
Notes to editors
For the 2016/17 Global Fraud & Risk Report, Kroll commissioned Forrester Consulting to conduct an online survey and 10 interviews with 545 senior executives worldwide across multiple industries and geographies. The survey was fielded through July and August 2016.
In addition to building on prior studies’ coverage of fraud, this year the study was expanded to cover perceptions of and experiences with cyber and physical security risk. As with prior studies, respondents represented a variety of industries, including Technology and Telecoms, Professional Services, Manufacturing, Natural Resources, Construction Engineering and Infrastructure, Consumer Goods, Financial Services, Retail Wholesale and Distribution, Transportation Leisure and Tourism, and Healthcare Pharmaceuticals and Biotechnology.
Respondents held senior positions within their companies, with 70% of respondents representing the C-suite. Sixty-one percent of companies had annual revenues of $500 million or more.
Respondents represented all major global geographies, including 25% from Europe, 20% from Asia-Pacific, 20% from North America, 19% from Africa / The Middle East, and 16% from Latin America.
Kroll is the leading global provider of risk solutions. For more than 40 years, Kroll has helped clients make confident risk management decisions about people, assets, operations and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security and data and information management services. Headquartered in New York with more than 35 offices in 20 countries, Kroll has a multidisciplinary team of nearly 1,000 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies and individuals.