Cyber crime, identity theft and intellectual property fraud have been rated as the major concerns in the just released KPMG India Fraud Survey 2012 by most respondents cutting across all sectors. Compounding the situation, the industry is reluctant to discuss bribery and corruption.
The Partner& co-Head (Forensic Services) of KPMG in India, Rohit Mahajan, has been quoted as saying, “Knowledge has emerged as an important organizational asset over the last decade or so. It’s only natural fraudsters will be looking to target these assets, since they are now much more valuable to companies. Technology is fast changing the fraud landscape, challenging the boundaries of fraud risk management. Even relatively simple frauds like those in procurement, can get sophisticated by misusing technology, making them rather difficult to detect. The frameworks sufficient to mitigate some simple frauds are not any longer effective against such sophisticated frauds.”
This is well evidenced by more than 70 per cent of respondents admitting to have no effective mechanism so as to mitigate risks emerging from futuristic frauds. A ubiquitous framework of one-size-fits-all nature cannot really help tackle new emerging fraud risks because each risk tends to manifest itself quite uniquely. Companies must become aware of the all possible modus operandi and gaps existing in internal controls to ultimately develop a highly effective risk mitigation framework. Which are some of the measures, which could help holistically tackle futuristic frauds?
1. Comprehensive information security measures
2. Protection of personal information
3. Physical security measures
4. Robust access protocols
5. Periodic reviews
However, only just about half of the survey respondents said to have implemented meticulous process specific controls, a framework for monitoring with the Code of Ethics/ Code of Conduct compliance and employee/third party due diligence. Apart from merely challenging business processes so as to unearth lapses and gaps, if any, in existing controls, and creating unequipped teams to uncover on emerging frauds, there was hardly anything worthwhile that Indian companies were possibly doing, the survey reveals.
Highlighting the companies’ under-preparedness to fight futuristic fraud, it noted that almost 78 percent of respondents were not aware of any intellectual property infringement risks, or those attached with counterfeiting and piracy. About 40 percent added that their companies had no specific guidelines for social media interactions though not less than 53 percent of respondents had faced some sort of identity theft (either through password sharing or malwares).