The current context
Wider fraud risks are being exacerbated by the pandemic
In considering today’s global issues PwC’s ADAPT framework highlights Disruption as the pervasive nature of technology and its impact on individuals, society and the climate. The pandemic has accelerated this digital transformation to facilitate mass remote working, e-commerce and online communication.
This has created opportunities for fraudsters, quick to take advantage of the proliferation of such technology and new working practices into their scams and fraud schemes. Online methods such as phishing and smishing (text messages) have proliferated and the fraudsters have kept pace with the pandemic topics of the day be they PPE, government support schemes or vaccines.
Company directors recognise the necessity to invest in cyber security, in our latest CEO survey 91% of UK CEOs are concerned about cyber security vulnerabilities. From a counter fraud perspective this will serve to counter the threat caused by the methods such as the exponential increase in ransomware attacks.
Wider fraud threats, however, less measurable than ransomware attacks, are similarly enabled by digitisation and exacerbated by the pandemic. Consider defrauding government support schemes, the manipulation of external payments, internal threats or accounting misstatements. Combatting their increase requires a broader response and it is in this wider context that it is surprising to note, according to our 2020 Global Fraud and Economic Crime Survey, barely half of organisations are dedicating resources to fraud risk assessment, governance, and third party management. Fraud risk management is not always getting the attention it deserves.
BEIS recommendations on corporate governance
In contrast, enhancing effective fraud risk management is a core principle of the recent recommendations from the Department of Business, Energy and Industrial Strategy (BEIS) for corporate governance and audit reform in the UK, in response to the CMA, Brydon and Kingman reports. The proposed recommendations, which are subject to a consultation period that ends on 8 July 2021, include:
- A requirement for 'directors of Public Interest Entities to report on the steps they have taken to prevent and detect material fraud'.
- All directors of PIEs to be held accountable for their reporting responsibilities and subject to increased regulatory scrutiny and enforcement powers.
- Expansion of the definition of PIE to cover large AIM and large private companies.
These recommendations, among others, will increase the emphasis on director responsibility to ensure that appropriate and effective procedures are in place to manage the risks of fraud.
In responding to the breadth of fraud threats companies now face and the BEIS recommendations we can expect, in the future, directors may face more stringent penalties, and possibly regulatory action, if they fail to take adequate steps to prevent fraud in their organisation.
Fighting fraud pays
Organisations are vulnerable to many types of fraud, from within and outside the business. The financial and reputational impact can be severe – our Global Fraud and Economic Survey reported that $42bn of losses due to fraud had been reported between 2018 and 2020.
The best defence to this growing threat is strong and proactive risk management.
Our survey found that companies with a dedicated fraud programme spend up to 42% less on fraud response and 17% less on remediation than their peers. There is a direct correlation between investment in fraud prevention upfront, and reduced cost when a fraud strikes.
PwC’s Fraud Risk Management framework is designed to help you assess and strengthen your organisation’s risk management programme and fraud defences.
The PwC Fraud Risk Management framework
Based on the COSO principles, which are designed to help organisations understand the key elements needed for an effective control environment, our fraud risk management framework helps our clients improve the processes and controls they have in place to prevent and detect fraud.
The framework has five components:
< Back
< Back
[+] Read More
How we can help
The impact of the pandemic has led to our clients reviewing their fraud risk maturity in light of new threats and also with the understanding that robust fraud management will save revenue leakage. Here are the eight areas where we have been the most engaged?
- Fraud risk management: Maturity assessment & implementation
- Governance & fraud risk policies review
- Intelligence-led risk analysis
- Fraud risk assessment
- Digital fraud detection
- Digital fraud detection: Custom build solutions
- Investigation & remediation: Maturity review
- Fraud risk management: Training & workshops
Fraud risk management: Maturity assessment & implementation
In order to manage your organisation’s exposure to fraud risk, you need to understand your current state of defences and where you ideally need to be. We can give you clarity on the current maturity of your fraud risk management programme, benchmarked against a standardised framework, and help you prepare a detailed roadmap for improvements.
Governance & fraud risk policies review
We can help you review your fraud risk governance policies and processes, including an assessment of the roles and responsibilities around fraud risk, a review of information flows, reporting lines and the ‘tone at the top’, and identify any gaps that need addressing.
Intelligence-led risk analysis
Quality information, particularly data that could trigger changes to your risk profile, is the foundation of fraud risk management. PwC’s Corporate Intelligence team can help limit your exposure to potential fraud and protect your business integrity and reputation. We offer enhanced due diligence of high risk business partners, profiling of suspected fraudsters, asset tracing, and continuous monitoring of electronic data relating to individuals and companies using our RADAR early warning technology.
Fraud risk assessment
We can support you and provide market insight as you update your fraud risk assessment, as well as ensuring that any fraud controls and detection processes are fit for purpose and reduce key fraud risks to acceptable levels.
Digital fraud detection
Digital solutions are increasingly important in the monitoring of large datasets to identify transactions which may indicate fraud. Our AI-powered tools include Procurement Protect, which identifies signs of fraud, error and non-compliance in procurement data, and Anomaly Detection, which aids the identification of evidence of fraud in large data sets.
Digital fraud detection: Custom build solutions
Off-the-shelf digital fraud detection solutions may not address every risk you face. If you need to address a specific risk or set of circumstances, we can work with you to build, test and implement a customised solution tailored to your exact requirements.
Investigation & remediation: Maturity review
We can support a review of your organisation's Investigation function, including assessing the processes used to collect, preserve and store data, the quality of reporting, and stakeholder management. We will identify any improvements that could be gained through technology or process alterations, and create a roadmap to reflect your organisation’s budget and resources.
Fraud risk management: Training & workshops
We can provide training for your staff on a range of topics, including recent trends in fraud risk, and crisis events. Our Investigate training platform provides an interactive, engaging experience for users as they learn and test their skills.
To find out more about how PwC can help you support your existing fraud risk management activities download our Fraud risk management playbook or get in contact with a member of our team.
Our key capabilities
Related content
Contact us
Follow us
