Insider jobs and technology enabled fraud are the two alarming trends in Australian fraud, as reported by KPMG in their six-monthly fraud barometer.
According to the Fraud Barometer recently released by KPMG, between April to September 2016, 143 frauds occurred in Australia, amounting to a total of AU$442 million. That is an average value of more than AU$3 million per fraud. It is also an astounding increase of 71 percent compared to 12 months earlier when the total amount was just over $128 million.
The rise in fraud could be partly attributed to two factors – increased collusion and frauds committed over a longer period of time. The proportion of frauds perpetrated in groups has doubled, which makes detection more difficult. Also, 40 percent of frauds in Australia took place over a 5-year period before being discovered, implying that even when fraud is detected, it is taking too long and significant damage has already been done.
A prominent observation for this period was the rise in fraud using technology. 22 percent of frauds were facilitated through the use of technology and digital means. It was noted that the most common perpetrators are business insiders, comprising of employees and management, who accounted for over half of all reported frauds.
Financial institutions (which experienced an eightfold increase in frauds), along with Government agencies and investors, were amongst the most susceptible sectors and almost 55 percent of frauds occurred in a single Australian state – Queensland.
Gary Gill, Head of Forensic at KPMG Australia, said “Our UK colleagues have just issued their own fraud barometer, which showed that fraud there had risen by 55 percent with a large rise in cyber-crime – so it is an international problem. Businesses in Australia and overseas need to guard themselves against the perennial threat of the ‘inside job’ and the rapidly increasing danger of cyber-attack from outside and within.”
A Rising Tide
According to the Australian Bureau of Statistics “rapid expansion and availability of internet technology and the increase in electronic storage, transmission and sharing of information has increased our vulnerability to electronic fraud, particularly in recent years. Although the use of stolen, fabricated or manipulated identities to commit or enable crime is not a new phenomenon, it has been enhanced by this expansion of new technologies and our change in online behaviour”.
However organisations continue to under-estimate the threat of a malicious or unwitting insider. As a result they are not paying sufficient attention to the basics. Identity and access control is often weak, and organisations frequently don’t have a full grasp of where their critical IP assets are located and who in the organisation has access to them. Financial market diversification, greater levels of economic activity and technological developments have created more and more opportunities for fraud. With organised crime stepping up their cyber fraud activities and threats like ransomware becoming more and more accessible and lucrative, it is now a question of when, not if, your organisation will be affected.
Giving the pace of technology and business changes, individuals and institutions need to keep abreast of the changing, more technological vehicles, being used for frauds and cybercrimes. It is important to have a holistic cyber security solution that encompasses both physical and digital security. The role of end user education cannot be overstated in this context. The most advanced technological defences can amount to nothing when faced with an unsuspecting employee who clicks on a single malicious link that can result in serious financial and reputational consequences for your organisation.
To learn more about KPMG and their fraud barometer, visit http://www.kpmg.com/.
For strategic insights on how to leverage technology to guard against the rapidly increasing danger of a cyber-attack, from within or outside your organisation, contact the blueAPACHE team.