PwC global economic crime survey

February 2012 News & Events

South African companies have reported a significant increase in tax fraud and market fraud and to a lesser extent, insider trading, according to a new report issued by Professional Services Firm PwC. Louis Strydom, head of PwC’s Forensic Services Practice, says that this increase is also reflected in a shift in the South African perpetrator profile towards senior management.

In 2011, 36% of internal economic crimes were carried out by senior management, compared to only 17% in 2009. “These economic crimes require access to sensitive information and more sophisticated ‘know-how’ which senior management usually possess.

“These crimes have previously not been as prevalent in South Africa and the increase could suggest that organisations need to revisit their fraud risk management frameworks to ensure that they are able to deal with the emerging threats.”

The Global Economic Crime Survey, which is carried out every two years, was conducted among 3877 senior representatives from more than 70 countries. In South Africa, 123 organisations across 19 industries took part in the survey. The study shows that economic crime remains a challenge for business leaders worldwide, particularly in South Africa where 60% indicated that they had experienced some form of economic crime in the 12 months preceding the survey, compared to the global average of 34%. On the positive side, the survey found that this overall prevalence of economic crime in South Africa has decreased from 83% in 2005.

The decrease in the overall incidence of economic crime is as a result of corresponding decreases in the misappropriation of assets, bribery and corruption and financial statement fraud. These three crimes have decreased steadily over the past six years. There can be a number of reasons for this. One of them may be that internal fraud risk management frameworks are making progress in South Africa and are getting better at detecting and preventing economic crime.

Further, given the focus of cybercrime in this year’s survey, some organisations may have classified other economic crimes involving the use of computers and the Internet as cybercrimes instead.

Detection

Strydom says that detection is a key element in managing the risk of economic crime. The survey found that detection methods under management’s control were responsible for 69% of detections in South Africa, compared to 72% globally. This is encouraging as it vindicates the investment in anti-fraud controls. However, 14% of detections occurred by accident which means there is room for improvement locally.

The most effective detection methods were formal risk management procedures (including fraud risk assessments), automated suspicious transaction reporting (both contributed 16% of the detections) and internal audit (11%). The various tip-off methods (internal tip-off, external tip-off and formal whistle-blowing mechanisms), together contributed 20% of detections.

Given the effectiveness of formal fraud risk management structures, it is surprising that 28% of organisations had not performed a fraud risk assessment at all and 14% indicated that they were unsure whether any fraud risk assessment had been performed. The most common reason given by companies for not carrying out a fraud risk assessment was uncertainty about what such a risk assessment involves.

The countries that reported high levels of fraud (40% or more) include Kenya, South Africa, Australia and New Zealand, suggesting that fraud is not only endemic in developing countries. Jurisdictions that reported low levels of fraud (25% or less) include Japan, Indonesia, Italy and Greece. However, these results can be affected or distorted by ineffective fraud detection methods or the reluctance of organisations in those countries to report fraud.

Internal or external

For the first time since PwC carried out the survey, economic crime in South Africa is being committed equally by internal and external perpetrators. Globally, the majority of crimes are still being committed by internal parties.

Overall, South African organisations resorted to criminal and civil action more often than their global counterparts did. However, with regard to the most serious economic crime committed by insiders, South African companies took no action in 6% of cases, opted for employee transfers in 3% or warnings in 14% of cases. Strydom says this is worrying as it suggests that these perpetrators still remain within the organisation and may be able to commit further transgressions. It is important for organisations to demonstrate zero tolerance for economic crime and set the right tone.

Cybercrime has emerged as a significant contributor to economic crime losses in South Africa and is considered the fourth most common economic crime after the misappropriation of assets, bribery and corruption, and financial statement fraud. South African respondents indicated that reputational damage and direct financial loss were their two main concerns with regard to cybercrime.

Increasing cybercrime?

Based on the PwC study, 60% of organisations felt that the risk of cybercrime had increased in the past 12 months, compared to only 39% globally. Strydom noted, “46% of South African respondents see the threat of cybercrime as exclusively external. Cybercrime usually requires access to protected information. Employees, agents, contractors, customers and other individuals that have access to an organisation’s premises and systems are likely to have access to such information.”

It is therefore important that organisations recognise cybercrime as an internal threat as well. Based on the survey’s findings, South African companies and their global counterparts still have some way to go in dealing with cybercrime.

For instance, the findings also show that few organisations have all the elements of an holistic cybercrime prevention and response mechanism in place. Strydom says that one would expect the overall responsibility of addressing the risk of cybercrime, to lie with senior management. However, the survey shows that in 10% of South African organisations the respondents were unsure who should be tasked with this responsibility. A further 37% thought the chief information officer should be responsible.

This is an interesting observation, as the King 3 Report on Corporate Governance, recommends that the board deal with IT, which includes IT security.

Substantial losses

A significant percentage (59%) of organisations stated that they monitored their employees’ use of social networking sites. “Online access is not as cheap and readily available as in developed countries and this may lead to a higher percentage of South African employees accessing their employer’s Internet for personal use than their global counterparts,” says Strydom. While social media sites such as Facebook, Twitter or LinkedIn may not be a direct source of cybercrime, social media sites can be used to collect information about a targeted individual, to research certain staff members or to install malware onto the user’s computer, making the cybercrime more effective.

47% of South African respondents stated that their losses for the 12 months before the survey amounted to more than US$ 100 000, with 11% reporting that their losses ranged between US$ 5 million and US$ 100 million. “Organisations also noted collateral damage such as impact on reputation/brand, share price, employee morale, business relations, loss of market share, and relations with regulators,” Strydom says.

Despite the declining overall prevalence of economic crime in South Africa, the risk remains pervasive and South African organisations will need to remain vigilant, especially in these depressed economic conditions. Advances in technology are fast-paced, as are fraudsters. Those organisations ready to understand and embrace the risks and opportunities of the cyber world, will be the ones to gain competitive advantage in today’s technology driven environment. Establishing the right ‘tone at the top’ is key in the fight against economic crime.

For more information on the Global Economic Crime Survey, please visit: www.pwc.co.za/crimesurvey





Share this article:
Share via emailShare via LinkedInPrint this page



Further reading:

IZI Group acquires G4S Cash Solutions South Africa
News & Events
IZI Africa, a sister company within the IZI Group, has acquired G4S Cash Solutions (SA) following the receipt of all necessary regulatory approvals. This transaction marks a significant consolidation in the South African cash handling industry.

Read more...
Secutel maintains ISO certifications
News & Events Fire & Safety
Secutel Technologies has successfully recertified all four of its ISO standards, a reflection of its continued commitment to excellence, client trust, and operational integrity.

Read more...
SABRIC appoints Andre Wentzel as interim CEO
News & Events Financial (Industry) Associations
The South African Banking Risk Information Centre (SABRIC) has announced the appointment of Andre Wentzel as interim chief executive officer, effective immediately.

Read more...
Choicejacking bypasses smartphone charging security
News & Events Information Security
Choicejacking is a new cyberthreat that bypasses smartphone charging security defences to confirm, without the victim’s input or consent, that the victim wishes to connect in data-transfer mode.

Read more...
Paxton cuts emissions by over a third
Paxton News & Events
Paxton has announced a significant reduction in its carbon footprint, cutting emissions by 961 tonnes of CO2e in its 2023 second reporting year.

Read more...
Most wanted malware
News & Events Information Security
Check Point Software Technologies unveiled its Global Threat Index for June 2025, highlighting a surge in new and evolving threats. Eight African countries are among the most targeted as malware leaders AsyncRAT and FakeUpdates expand.

Read more...
Securex gears up for Cape Town
News & Events
Four industry expos debut in Cape Town from 21–23 October, providing access to Africa’s tech hub and a rapidly expanding local market, through a platform covering security, OSH, facilities management, and fire safety solutions in one venue.

Read more...
Firexpo 2025 ignites interest in fire safety
Fire & Safety News & Events
Firexpo 2025 showcased fire detection, suppression, and safety tech, drawing professionals eager to explore innovations, gain insights, and connect with suppliers.

Read more...
SMARTpod talks to Sophos and Phishield
SMART Security Solutions Technews Publishing Sophos Videos Information Security News & Events
SMARTpod recently spoke with Pieter Nel, Sales Director for SADC at Sophos, and Sarel Lamprecht, MD at Phishield, about ransomware and their new cyber insurance partnership.

Read more...
Cybersecurity and insurance partnership for sub-Saharan Africa
Sophos News & Events Information Security Security Services & Risk Management
Sophos and Phishield Announce first-of-its-kind cybersecurity and insurance partnership for sub-Saharan Africa. The SMARTpod podcast, discussing the deal and the state of ransomware in South Africa and globally, is now also available.

Read more...










While every effort has been made to ensure the accuracy of the information contained herein, the publisher and its agents cannot be held responsible for any errors contained, or any loss incurred as a result. Articles published do not necessarily reflect the views of the publishers. The editor reserves the right to alter or cut copy. Articles submitted are deemed to have been cleared for publication. Advertisements and company contact details are published as provided by the advertiser. Technews Publishing (Pty) Ltd cannot be held responsible for the accuracy or veracity of supplied material.




© Technews Publishing (Pty) Ltd. | All Rights Reserved.