corporate risk
RISK: A third of Canadian companies are economic crime victims: PwC | Canadian Insurance

RISK: A third of Canadian companies are economic crime victims: PwC

Half of internal fraudsters come from middle and senior management

More than a third of Canadian businesses were victims of economic crime in the past two years, PwC’s Global Economic Crime Survey 2016 found.

Asset misappropriation is the most common type of fraud they faced (62 percent), followed by cybercrime (28 percent), procurement fraud (21 percent) and HR fraud (13 percent). Insider trading ( four percent) was the least common crime.

Read: The new grey area of liability coverage

Nearly half the respondents lost less than $100,000 U.S., while 41 percent lost between $100,000 and $5,000,0000. A further nine percent couldn’t determine how much they lost, which “could suggest a breakdown at some point in these organizations’ control frameworks,” the report says.

“Defensive measures should be part of any organization’s strategy and culture, not just the responsibility of one person or team,” Lori-Ann Beausoleil, PwC Canada’s national leader of forensic services, says. “Despite many organizations implementing policies, procedures and controls, the increasingly complicated threat landscape challenges how businesses are balancing growth, risk management and resources.”

And that’s compounded by the fact that 26 percent of surveyed organizations haven’t performed a fraud assessment in the last two years.

Read: New Brunswick professor working to determine hackers’ digital profiles

External fraudster are hard to pin down, with 29 percent of respondents saying they were attacked by neither employee, customer, vendor agent.

The typical internal fraudster, PwC found, is a university- or college-educated 31–40-year-old male who has been with the organization for three to five years. Half come from middle or senior management, and 32 percent are junior staffers.

“This may indicate a potential weakness in internal controls,” the report says, “which may incorrectly serve as check-box exercises rather than effective processes 35 percent embedded into an organization’s culture.”