Story image

Survey finds China’s a hotspot for all types of fraud: Whistleblowing may be the answer

23 Jan 17

Last year saw a jump in fraud and risk incidents across China, and one third of these were perpetrated in part by senior or middle management, according to a new survey by Kroll.

The new survey, titled the Kroll Annual Global Fraud and Risk Report, surveyed 545 senior executives across a range of industries worldwide.  

It found that 86% of respondents with operations in China experienced a fraud incident last year, a 13% jump since 2015. It is now well above the global average of 82%.

Overall, the global average has also jumped from its 75% rating in 2015, highlighting the growing threat to corporate reputation and regulatory compliance.

What’s more, a further 25% of respondents were reluctant to operate in China because of fraud concerns.

“China is the dominant trading partner of many countries, therefore, it wouldn’t be in the best interest to shy away simply because of concerns over fraud,” says Violet Ho, senior managing director and co-head of Kroll’s Greater China Investigations and Dispute practice.

“Managing fraud risk in China is achievable with a clear and consistent strategy. It is essential to treat the fight against fraud as a long-term game. Getting the most out of the whistle-blowing system, ensuring independence of investigations and building a strong compliance culture with the right tone from the top could be effective approaches to mitigate risks,” Ho continues.

The report also found that 41% of breaches were regulatory or compliance breaches, followed by vendor, supplier or procurement fraud. Both were higher than the global average.  

Other fraud types include theft of physical assets, stock, data and information. The survey also found that corruption, bribery, market collusion and misappropriation of company funds also contributed to ‘above average rates’.

52% of respondents attributed joint venture partners as the key perpetrators of fraud – almost twice the global average.

“Apart from junior employees, fraud in China was often committed by senior or middle management, resulting in potentially more significant losses. It also often involved cross-departmental and multiple-party-collusion, rendering many traditional internal control measures ineffective,” adds Colum Bancroft, managing director and co-head of Kroll’s Greater China Investigations and Dispute practice.

Bancroft says that rapid staff turnover and expansion have contributed to a lack of continuity in fraud detection and governance, while fraudsters are targeting those gaps.

As protection, 90% had invested in partner, client or vendor due diligence, while 86% had invested in physical asset protection.

Cyber incidents also hit 86% of respondents within the past 12 months. 41% were phishing attacks, 39% were viruses or worms and 39% were due to malware issues that caused file deletion or corruption.

Most cyber attacks targeted customer records (82%), as well as trade secrets, intellectual property and R&D. 48% of respondents said their company’s relationship with regulatory authorities was strongly affected by cyber attacks.

To fight back against fraud, 86% had invested in board engagement in cyber policies and procedures.

Whistleblowers and external audits accounted for (55%) of discovered fraud cases.

Cisco expands security capabilities of SD­-WAN portfolio
Until now, SD-­WAN solutions have forced IT to choose between application experience or security.
AlgoSec delivers native security management for Azure Firewall
AlgoSec’s new solution will allow a central management capability for Azure Firewall, Microsoft's new cloud-native firewall-as-a-service.
How to configure your firewall for maximum effectiveness
ManageEngine offers some firewall best practices that can help security admins handle the conundrum of speed vs security.
Exclusive: Why botnets will swarm IoT devices
“What if these nodes were able to make autonomous decisions with minimal supervision, use their collective intelligence to solve problems?”
Why you should leverage a next-gen firewall platform
Through full lifecycle-based threat detection and prevention, organisations are able to manage the entire threat lifecycle without adding additional solutions.
The quid pro quo in the IoT age
Consumer consciousness around data privacy, security and stewardship has increased tenfold in recent years, forcing businesses to make customer privacy a business imperative.
ForeScout acquires OT security company SecurityMatters for US$113mil
Recent cyberattacks, such as WannaCry, NotPetya and Triton, demonstrated how vulnerable OT networks can result in significant business disruption and financial loss.
Exclusive: Fileless malware driving uptake of behavioural analytics
Fileless malware often finds its way into organisations via web browsers (or in combination with other vectors such as infected USB drives).