Beruflich Dokumente
Kultur Dokumente
<adWVa;gVjYGZedgi
:Xdcdb^hi>ciZaa^\ZcXZJc^iHjgkZnGZhjaih
I]Z[id[^c[dgbVi^dcVcYZaZXigdc^XYViVhjgeVhh^c\Vaadi]Zg[gVjYh
;ZVgd[[gVjYY^hhjVY^c\XdbeVc^Zh[gdb\d^c\\adWVa
AVX`d[egZeVgVi^dc[dg\gZViZggZ\jaVidgnZc[dgXZbZci
;gVjY^hegZYdb^cVcianVc^ch^YZ_dW
An Altegrity Company
About the research
This report brings together these survey results with the experience
and expertise of Kroll and a selection of its affiliates. It includes
content written by the Economist Intelligence Unit and other third
parties. Kroll would like to thank the Economist Intelligence Unit,
Dr. Paul Kielstra and all the authors for their contributions in
producing this report.
<adWVa;gVjYGZedgi
>CIGD9J8I>DC G:<>DC6A6C6ANH>H/6H>6"E68>;>8
I^bL]^eeaZ!EgZh^YZci!@gdaa8dchjai^c\ ....................................................... ) 6h^V"EVX^[^XdkZgk^Zl ................................................................................................ '-
;gVjY^c>cY^VÉhbVcj[VXijg^c\VcYZc\^cZZg^c\hZXidg ....................... '.
:8DCDB>HI>CI:AA><:C8:JC>IDK:GK>:L
8]^cVdkZgk^Zl............................................................................................................. (&
HjgkZngZhjaih .............................................................................................................. *
=VcY"^c"]VcY/8dggjei^dcVcYeg^kViZ"hZXidg[gVjY^c8]^cV............. ('
;G6J96I6<A6C8: EgZkZci^c\i]Zadhhd[igVYZhZXgZih^c8]^cV ............................................. ()
6\Zd\gVe]^XVahcVeh]di ............................................................................................- Hdji]ZVhi6h^VdkZgk^Zl ........................................................................................ (+
I]ZgZ\jaVidgnX]VaaZc\Zhd[Xgdhh^c\cZl[gdci^Zgh ............................. &% >cYdcZh^VÉhYVg`Zgh^YZ ............................................................................................ (,
B6G@:I:CIGN G:<>DC6A6C6ANH>H/:B:6
;VX^c\i]Z[gVjYX]VaaZc\Zhd[ZbZg\^c\bVg`ZiZcign....................... &' :jgdeZdkZgk^Zl.......................................................................................................... (-
EgZkZci^c\[gVjY^ccZlVXfj^h^i^dch.............................................................. &) >ckZhi^\Vi^dchVcYi]ZjhZd[iZX]cdad\n .................................................... (.
;gVjY^ci]Z<ja[/;dgWZiiZgdg[dgldghZ4................................................... )%
G:<>DC6A6C6ANH>H/6B:G>86H B^YYaZ:VhidkZgk^Zl ............................................................................................... )&
Cdgi]6bZg^XVdkZgk^Zl ........................................................................................ &+ 6[g^XVdkZgk^Zl ............................................................................................................ )'
9ViV7gZVX]BVcV\ZbZci/L]ViZkZgnXdbeVcnh]djaY`cdl..... &, G^h`VcYgZlVgY/;gVjYVcYi]Z6[g^XVciZaZXdbh^cYjhign................ )'
I]ZH:8XgVX`hYdlc]VgYZgdceVnideaVn................................................ &. AdlZggViZhd[[gVjY`ZZehZXidgdcigVX` ................................................... ))
AVi^c6bZg^XVdkZgk^Zl .......................................................................................... '%
IgVchedgiVi^dc^c[gVhigjXijgZ[gVjY^c7gVo^a/ H:8IDGHJBB6GN
HiZZg^c\XaZVgd[i]Zedi]daZh ............................................................................. '& HjbbVgnd[hZXidg[gVjYegd[^aZh ...................................................................... )*
7gVo^adkZgk^Zl............................................................................................................. '(
8DCI68IH
7Viia^c\Xdggjei^dcVcY[gVjY^c8dadbW^V ................................................... ')
@ZngZ\^dcVaXdciVXihVi@gdaa .............................................................................. ),
8dadbW^VdkZgk^Zl .................................................................................................... '*
G^h`\dkZgcVcXZ[dgb^cZh^cZbZg\^c\bVg`Zih/
I]ZedlZgWdiiaZcZX` .............................................................................................. '+
:8DCDB>HI>CI:AA><:C8:JC>I>C9JHIGN6C6ANH>H
G:I6>A!L=DA:H6A:9>HIG>7JI>DC .......................................... &*
=:6AI=86G:!E=6GB68:JI>86AH .................................................... &-
7>DI:8=CDAD<N
;>C6C8>6AH:GK>8:H ....................................................................................... &.
8DCHIGJ8I>DC!:C<>C::G>C< ............................................................ ''
>C;G6HIGJ8IJG:
C6IJG6AG:HDJG8:H .................................................................................... ',
B6CJ;68IJG>C<............................................................................................... (%
8DCHJB:G<DD9H ........................................................................................... ((
EGD;:HH>DC6AH:GK>8:H............................................................................ (.
I:8=CDAD<N!B:9>6I:A:8DBH ................................................... )(
IG6K:A!A:>HJG:IG6CHEDGI6I>DC ........................................ ))
6ccjVa:Y^i^dc'%&%$&& q (
>cigdYjXi^dc
>cigdYjXi^dc
In this edition, we take a closer look at the From an industry perspective, we see
issues that Kroll is most frequently asked encouraging declines in fraud prevalence in
to investigate, and the variations in the three sectors: Construction, Retail and Travel.
nature of the threat across different regions. The other seven sectors show an increase,
Four important themes emerge: with considerable jumps in Consumer Goods
Theft of information and electronic data and Technology, Media and Telecoms.
overtakes physical theft for the first time You’ll notice that our report looks different
as the most frequently reported fraud. this year, reflecting our transition to the
Fear of fraud is dissuading 48% of Altegrity family of businesses. Altegrity is
companies from operating in other a portfolio company of Providence Equity
countries. China and Africa are the Partners, one of the world’s premiere private
geographies most affected, with equity firms, with over $22 billion of equity
corruption identified as the greatest capital under management. Our acquisition
concern. by Altegrity reflects a strong belief in
Companies appear unprepared for Kroll’s proven performance and growth
heightened Foreign Corrupt Practices Act potential in the rapidly growing global
(FCPA) enforcement and the impact of the market for investigative, compliance and
UK Bribery Act. For example, only one- risk management services.
third of respondents with a presence in I hope that you find our report enlightening,
LZaXdbZid@gdaaÉh[djgi]VccjVa the United States or United Kingdom felt and that it helps you to identify emerging
<adWVa;gVjYGZedgi#Djg the laws applied to them. threats and opportunities for your own
Fraud is largely an inside job across all business.
dW_ZXi^kZgZbV^chi]ZhVbZ/id
geographies and industries. Some 44% of
Best regards,
gV^hZVlVgZcZhhd[ZbZg\^c\ respondents attributed fraud to employees
igZcYh!^cdgYZgid]Zaendj\gdl and a further 11% identified agents or
intermediaries as the key perpetrators.
ndjgWjh^cZhhhZXjgZanl]^aZ
This year we analyze for the first time fraud
b^c^b^o^c\Wdi]i]Za^`Za^]ddY losses as a percentage of income. There is
d[[gVjYVcYhXVaZd[^ih^beVXi# cause for concern: fraudsters’ take from
business increased 20% in the last 12
months. Almost 90% of respondents report
being victims of fraud - similar to last year’s I^bL]^eeaZ
survey results. EgZh^YZci!@gdaa8dchjai^c\
) q @gdaa<adWVa;gVjYGZedgi
:Xdcdb^hi>ciZaa^\ZcXZJc^iDkZgk^Zl
:Xdcdb^hi>ciZaa^\ZcXZJc^i
DkZgk^Zl
Such growth is never uniform across the
economy. As Chart 2 indicates, information-
rich industries such as Financial Services,
Professional Services, and Technology, Media
and Telecoms itself are the most likely to be
hit. The chart also indicates, however, that
the problem is far from isolated.
6ccjVa:Y^i^dc'%&%$&& q *
:Xdcdb^hi>ciZaa^\ZcXZJc^iDkZgk^Zl
+ q @gdaa<adWVa;gVjYGZedgi
:Xdcdb^hi>ciZaa^\ZcXZJc^iDkZgk^Zl
6ccjVa:Y^i^dc'%&%$&& q ,
;gVjYViV<aVcXZ
Information
theft 19%
LZXdbeVgZYi]ZgZhjaihd[i]Z
Prevalence
<adWVa;gVjYHjgkZnÒcY^c\hl^i] Kroll findings 83%
IgVcheVgZcXn>ciZgcVi^dcVaÉh Information
theft 32%
Vendor/supplier Physical
fraud 14% theft 23%
8dggjei^dcEZgXZei^dch>cYZm8E># EUROPE
I]Z8E>bZVhjgZhi]ZeZgXZ^kZY Prevalence Europe performed relatively well in
the last year with emphasis on
87%
aZkZahd[ejWa^XhZXidgXdggjei^dcVh relative with still more than eight
in 10 companies hit by a fraud.
Management Europe also had a below average
hZZcWnWjh^cZhheZdeaZVcYXdjcign conflict 14% Physical
incidence of every fraud covered in
theft 27%
VcVanhih0gVc\^c\WZilZZc&% NORTH AMERICA the survey, though the number of
North America enjoys low levels of companies seeing an increased
kZgnXaZVcVcY%]^\]anXdggjei# fraud compared to the other fraud exposure is the same as the
regions, ranking below the survey average. There are some signs of
I]ZXdbeVg^hdcXaZVganYZbdchigViZh average in every type of fraud complacency – for example the
except information theft or loss. region is less likely than average to
i]Vi[gVjYVcYXdggjei^dc[gZfjZcian While fraud in this area spiked have adopted most anti-fraud
during the last 12 months, strategies in the survey.
\d]VcY^c]VcY# companies generally believe they
are less vulnerable to fraud than in
previous years. Respondents
reported investment in a broad array
of anti-fraud measures, including
financial and management
controls, IT security, due diligence
and background screening.
I]ZeVcZahdci]ZbVehjbbVg^oZ/
i]ZeZgXZciV\Zd[gZhedcYZciheZggZ\^dc
dgXdjcignhj[[Zg^c\ViaZVhidcZ[gVjY^ci]Z
aVhi&'bdci]h Kroll findings
Information Regulatory /
i]ZVgZVhVcYYg^kZghd[bdhi[gZfjZciadhh theft 21% compliance 15%
Kroll findings
Money
IgVcheVgZcXn>ciZgcVi^dcVa Prevalence Information laundering
94% theft 43% 17%
8dggjei^dcEZgXZei^dch>cYZm'%%.
KZgn8aZVc 9.0 - 10.0 Vendor/supplier Management
Management
fraud 24% conflict of Kroll findings
interest 18% conflict of Prevalence
8.0 - 8.9 COLOMBIA
Information interest 27% 90%
theft 35%
7.0 - 7.9 A startling 94% of Colombian
companies say they have been
defrauded in the past year, a figure Vendor/supplier
6.0 - 6.9 fraud 27%
well above the survey average
5.0 - 5.9 of 88%. The areas of greatest Prevalence
Regulatory /
concern include vendor or 90% compliance 20% 30%
4.0 - 4.9 procurement fraud, information theft Physical theft
or loss, management conflict and Management
3.0 - 3.9 regulatory or compliance fraud. Vendor/supplier conflict of interest
While Colombians have been slow fraud 22% BRAZIL
2.0 -2.9 to adopt fraud prevention measures, Fraud levels in Brazil hit record
Regulatory / levels, surpassing the global
1.0 - 1.9 planned investment over the next compliance 21% 26%
12 months in these strategies is Physical theft average in all 11 categories of fraud
0.0 - 0.9 25 – 40% higher than elsewhere. covered in the survey. Information
LATIN AMERICA
theft and theft of physical assets
Companies in Latin America report
=^\]an8dggjei No data being defrauded at rates second
were the most commonly reported
frauds. Brazilian companies also
only to Asia. The region suffers the
posted above average results for
highest incidence of regulatory fraud
vendor or procurement fraud and
and ranked second in five other
money laundering. Despite these
areas: information theft or loss,
alarming results, investment in
management conflict of interest,
anti-fraud measures is low
vendor or procurement fraud, IP
compared to other countries in all
theft and money laundering.
but two areas: financial controls
Companies in the region are
and physical asset security.
investing heavily in a range of fraud
prevention strategies, including
financial controls, physical asset
and IT security, IP and trademark
monitoring and due diligence.
- q @gdaa<adWVa;gVjYGZedgi
;gVjYViV<aVcXZ
Kroll findings
Management
conflict of IP theft/
interest 30% counterfeiting
26%
Prevalence
98%
Information
theft 16%
20%
Vendor/supplier fraud
Money laundering
22%
Physical theft
Financial mismanagement
Market collusion
Regulatory / compliance
Kroll findings Internal financial
fraud 21% CHINA
Information Ninety eight percent of respondents
theft 30% in China fell victim to fraud in the last
12 months. The types of fraud are Kroll findings
highly varied, with at least one in Management
Regulatory /
five companies hit by nine of the conflict of
compliance 16%
Prevalence 11 frauds covered in the survey. interest 25%
86% Businesses are doing little to protect Information
themselves: only 54% will invest in theft 22%
staff training and 42% in employee
Financial Physical background checks.
mismanagement 19% theft 30%
Kroll findings
MIDDLE EAST
The Middle East picture is mixed. Physical theft 21% Prevalence
Below average incidences of fraud Information 92%
in seven of the 11 frauds surveyed theft 19%
is positive, including the lowest
Management Vendor/supplier
levels of vendor fraud, IP theft and Kroll findings Physical
conflict of fraud 16%
conflicts of interest. There are interest 26%
theft 28%
concerning trends emerging Prevalence IP theft 16%
however, including higher than 88% Information
average levels of employee theft, theft 25%
ASIA-PACIFIC
the second highest figure for INDIA
Asia-Pacific has the highest number
companies suffering at least some Respondents feel mainly vulnerable of companies being hit by at least one
financial loss and the highest to regulatory or compliance breach fraud in the last year, with the
percentage of respondents that and information theft, loss, or Prevalence majority feeling vulnerable to vendor,
said fraud had grown worse at attack, which is not surprising since 90% supplier or procurement fraud or
their companies in the past year. complexity of IT infrastructure was information theft, loss or attack.
cited as one of the leading factors More worrying is how many
contributing to increased exposure Vendor/supplier companies are looking to cut costs
fraud 17% Physical by weakening controls: 33% of firms
Kroll findings to fraud. For those that experienced theft 32%
Financial fraud, 48% reported that the key reported that this practice had
mismanagement 35% perpetrators had been their IP theft 16% increased fraud exposure, up from
employees. Anonymous email just 19% last year. High staff turnover
SOUTHEAST ASIA
Information theft allegations and collusion within the was another factor.
Physical theft
Respondents from the area
41% Management supply chain were involved in 26% reported one of the highest rates of
conflict of and 19% of frauds experienced. theft of physical assets or stock
interest 39% (32%) and face above average
Regulatory /
levels of management conflict of
compliance interest and vendor fraud. While
20% more firms than average are
making investments in anti-fraud
Prevalence measures, 35% are weakening
87% controls in order to save money –
the highest level for any region.
Vendor/supplier Internal
fraud 26% financial
fraud 30%
AFRICA
Despite a 1% decline in companies
affected by at least one fraud,
Africa paints a generally
worrying picture. The continent
has the highest incidence of fraud
in eight of the 11 categories
reported and came a close
second to Latin America for
regulatory and compliance fraud.
Africa also saw leaps in the
occurrence of fraud through
information theft and conflicts of
interest. While companies in
Africa widely adopt anti-fraud
strategies, they do not appear to
be working particularly well.
6ccjVa:Y^i^dc'%&%$&& q .
;gVjYViV<aVcXZ
I]ZgZ\jaVidgnX]VaaZc\Zhd[
Xgdhh^c\cZl[gdci^Zgh
By Tommy Helsby The new regulatory environment Regulation has caught up with globalization
in other ways as well. Prosecutors and
The bite is as likely to come from regulatory regulators are actively cooperating across
One result from the latest EIU Global Fraud enforcement at home as in the place where
Survey—that the greatest fraud risk to borders as never before. In our work, we may
the offense occurs. Stung by criticism that find the victim of a fraud in one country, the
companies lies with employees and
their laxity contributed to the financial crisis, crime scene in a second, the perpetrator in a
agents—reinforces a truth well-known to
regulators are acting with renewed vigor, third, and the money stashed in a fourth.
practitioners: it’s usually an inside job.
authority, and political backing – and in Putting together effective enforcement across
The prominence of theft of information and
some cases new legal powers. Certain
electronic data in our survey makes the multiple borders used to be a nightmare for
longstanding prosecutorial backwaters have
problem worse: insiders generally have legal authorities. The fight against the funding
bubbled into life. The most obvious is
freer access to the valued information. of international terrorism, however, has
corruption: as the Economist Intelligence
But there is a double risk from employees fostered much better communication between
Unit’s introduction highlights, there have
committing crimes that seek perceived the appropriate institutions in countries,
easy routes to business success, such as been more prosecutions under the United
which has in turn permitted dialogue on
paying bribes, colluding with competitors States Foreign Corrupt Practices Act (FCPA) in
fraud and corruption investigations.
and cutting corners on compliance: the past five years than in the previous 30
not only does the company suffer the and the UK has passed a new Bribery Act. The embracing of technology by business
economic consequences of their behavior Corruption is not the only area of increased has also given investigators some powerful
but it also opens itself to increasingly regulatory activity: last year fines – in one tools. Copies of documents, drafts, comments,
robust treatment from regulators. These case of more than half a billion dollars – and circulation lists often remain forgotten on
risks have been heightened by the current were levied against several major banks for servers; emails may seem to have been killed
economic climate. financial sanctions compliance failures that but their digital ghosts linger on; telephone
might once have been seen as little more records and voice mails are stored longer
Many companies operating in the currently than clerical errors.1 Meanwhile, European than many realize. The ability to reconstruct
flat markets of the developed world are Union competition investigators have an electronic record of a supposed conspiracy
seeking growth elsewhere, sometimes simply conducted dawn raids to gather documents has become all too apparent in many high
to survive. That is likely to require developing
and the resultant suits have led to fines of profile investigations in recent years.
new product lines or entering new
hundreds of millions of euros.
geographical markets – which generally
means operating outside existing comfort Another feature of the new regulatory Addressing the risks
zones. The quick route is to use acquisitions, landscape is the rise of extraterritoriality: the This is how a perfect storm builds.
joint ventures, or distribution agreements application of laws from one country to Companies need to expand beyond where
but, as with all short cuts, these can be risky. actions in another. The FCPA always applied they have experience and effective controls,
Acquisitions or partnerships can infect a to overseas actions, as does the new UK but the best opportunities are often precisely
business if they have questionable business Bribery Act. So, typically, do competition in places where these are most needed.
practices or lax standards. These may even legislation and trade sanction-related laws. Meanwhile, penalties for regulatory failure,
be perceived to be tolerated in the target’s or The exposure is not only to the actions of a and the chances of getting caught, are
partner’s sector or country of operation, but company’s own employees: regulators have growing quickly. It is no surprise that almost
they can leave the unaware open to gotten wise to the practice of “outsourcing”
economic damage and increasingly harsh half of the respondents in the Global Fraud
wrong-doing to a local partner or agent. Survey indicate that they have been
treatment from regulators. The UK Bribery Act makes quite explicit a dissuaded from operating in one or more
This risk is heightened when the move is into corporation’s liability to third party acts that countries because of fraud risk.
an emerging market, where growth rates are benefit the company, but it has been implicit
higher but governance, compliance and in most such national legislation already. If just staying at home is not an option, though,
transparency are often less mature than in The onus is now clearly on the company to you can take useful precautions. First, reassess
developed countries and where regulation is police the actions of affiliates, partners, and the range of your regulatory exposure. This
sporadic and inconsistent, even arbitrary. agents, and to have a clear record of doing involves managerial as much as legal analysis:
Too often, corporate attention focuses on so, in order to protect its own integrity. carefully review all of your business processes
market and credit risk in emerging markets: This applies not just to the prevention of – including in the finance, IT, marketing, and
operational risk is neglected until it turns corruption but to many other aspects of even the legal and compliance departments –
around and bites you. international trade and business regulation. against a list of regulated actions – such as
&% q @gdaa<adWVa;gVjYGZedgi
;gVjYViV<aVcXZ
6ccjVa:Y^i^dc'%&%$&& q &&
BVg`Zi:cign
;VX^c\i]Z[gVjY
X]VaaZc\Zh
d[ZbZg\^c\
bVg`ZiZcign
By Melvin Glapion
I]^hnZVgÉh<adWVa;gVjYHjgkZn[djcYi]Vi[gVjYXdcXZgch]VYY^hhjVYZY)-d[gZhedcYZcih[gdb
deZgVi^c\^cViaZVhidcZgZ\^dcdgXdjcign#I]dhZ\Zd\gVe]^Zhbdhi[gZfjZcianbZci^dcZYlZgZ
8]^cVl]ZgZ&&]VYWZZcejid[[!6[g^XVl^i]&&!VcYAVi^c6bZg^XVl^i]&%#I]ZaZVY^c\
ldggnÄXdggjei^dcÄY^hhjVYZYbdgZi]VcdcZ^ch^mWjh^cZhhZh[gdbdeZgVi^c\ZahZl]ZgZ/
[dgi]dhZl]dhiVnZYVlVn[gdb6[g^XV!^ilVhVXdcXZgcd[+(!VcY[dg8ZcigVa6h^V*.#
It is surprising to Kroll that nearly half of Of course every investment involves some the leading markets of the future. Is there a
firms surveyed think that the best way to level of risk and reward. The perceived levels way to enter these dynamic but challenging
mitigate fraud risks in some key growth of corruption within the BRIC countries, economies yet mitigate the obvious risks?
markets, given the potential opportunities which have drawn much of the world’s FDI in
available and Foreign Direct Investments (FDI) the last ten years, have actually grown Due diligence in challenging markets
forecasts, is to avoid them altogether. Indeed, worse. Moreover, those developing countries
the markets expected to exhibit the highest Those considering the plunge could begin by
in the next tier of interest for investors, such
levels of growth over the next five years are as Angola, Ukraine, and Egypt, have even accepting that conducting due diligence in
those where fraud is causing the most poorer CPI scores. this environment needs to be done differently.
companies to steer clear. Average compound Whether entering a new market through
annual real GDP growth rates in the G7 over This growing risk is compounded by acquisition or joint venture, or contracting
the next five years are expected to be below increased regulatory oversight of activities in with a distributor or supplier, financial and
2%. In comparison, the figure for the BRICs developing and emerging markets. The legal due diligence remains essential but on
(Brazil, Russia, India, China) over the same United States Department of Justice is its own will be insufficient, picking up only
period is predicted to exceed 7%. aggressively enforcing the Foreign Corrupt documented instances of fraud.
Practices Act (FCPA), and the UK’s new
To examine the link between fraud and Bribery Act has extra-territorial reach, strict A more effective approach is to combine
investment in emerging markets further, liability, third party responsibility, and a ban commercial and integrity due diligence
we compared, for a range of countries, the on facilitation payments. A serious concern into a unified whole which also takes
forecast five year growth in stocks of is how few companies seem to realize that account of the difficulties created by several
inward FDI – a measure of total investment in they may come under greater scrutiny or face fundamental differences between emerging
local businesses by foreign investors – with higher penalties. As page 11 highlights, and developed markets:
the Transparency International Corruption the Global Fraud Survey found that only The quality of the secondary
Perception Index (CPI) scores for 2009. 36% of respondents who had operations or information: In emerging countries,
We used the latter rather than Global Fraud a presence in the UK or the US thought that industry reports, brokers’ notes, or
Survey data both because it contains more they could be prosecuted under the FCPA or guidance from chambers of commerce or
detailed country level data and because the Bribery Act. trade associations are often inaccurate
corruption is the leading fraud impeding
The dilemma is difficult: going into many or nonexistent. Assessing the size,
investment. As the figure opposite
emerging markets leads to significant fraud structure, and segmentation of these
demonstrates, across our entire sample, only
risk exposure but staying out means requires a balance of desktop research
the United Arab Emirates combined a greater
growth in FDI than the G7 states with a sacrificing growth prospects that are absent and intelligence gathering in the field.
comparable CPI score to the G7 average. in developed countries. The latter could also The political/regulatory environment:
All other countries with higher than average mean being left behind as competitors seek Commerce and politics are interconnected
FDI growth did significantly worse in the CPI. to establish positions in what will be among and investigating potential conflicts
&' q @gdaa<adWVa;gVjYGZedgi
BVg`Zi:cign
10
Perceived to have Figure 1: CPI vs FDI Note: Kroll analysis based upon
low levels of corruption information as provided by the IMF
and UNCTAD; Kroll compared
9
countries in the EMEA regions with
FDI stock greater than $10 billion to
5
Turkey
4 Italy
Brazil Romania
China
3 Egypt India
Azerbaijan
Nigeria Algeria
2 Ukraine
Russia
1 Angola
Perceived to be 0
highly corrupt 0% 5% 10% 15% 20% 25%
Stock of inward FDI CAGR 2009 to 2014
should be a high priority before investing Involve internal or external counsel in a Kroll was recently approached to review
significant time and resource in a country. review of all key strategic options in order a potential partner for a global energy
Our investigations in emerging markets, to ensure that commercial opportunities company seeking to enter the Chinese
for example, often uncover opaque are assessed against fraud risks; market. The call came one month before
relationships between customers, Safeguard against unforeseen risks. an agreement was to be signed. Through
suppliers, and local officials. Also vital in Companies should seek to include deal painstaking research and discreet human
this sphere is gaining an understanding terms that are even more defensive than source inquiries, Kroll concluded that the
of the robustness of the local government usual when dealing with partners or proposed partner had significant issues with
and regulatory bodies, as well as of what purchases in riskier jurisdictions; respect to its financial, operational, political,
changes might occur after an investment and environmental performance. The energy
Ensure that anti-fraud programs are
takes place. There are several unfortunate company, which had initially expected a
embedded within your organization and
examples of companies investing millions clean bill of health, was in the unwelcome
extend to the company’s intermediaries
of dollars only to have licenses revoked by position – after several months of staff time,
and partners. Significant investment will
a new regime months later. be required in communicating these policies travel expenses, and advisors’ fees – of trying
The need for physical searches and as emerging market countries typically do to find a more suitable partner. An integrated
human intelligence: In many of these not have a culture of “whistleblowing”. due diligence exercise that had begun
countries, certain key information is held earlier would have saved time and money.
Although this advice applies to all types of
locally and in physical form. Moreover,
fraud, companies should, given the particular Due diligence, however, should never end
members of the business and financial
risks at present, pay special attention to with the acquisition. In the following
communities are more likely to express
implementing them with respect to anti- article Glen Harloff and John Price discuss
true opinions or give advice only in
bribery and anti-corruption efforts. options when the acquisition raises concern
person and to someone they know.
Perhaps the most difficult advice for post-competition.
Once companies appreciate the challenges
companies to adopt, given the speed at
of doing due diligence in these markets,
which transactions now take place, is to
what specific steps should they take before Melvin Glapion leads Kroll’s business
allow enough time for this commercial and intelligence practice in London. He has
market entry? Despite the inevitable limits
integrity due diligence. Early planning can over 16 years of experience of M&A,
on what can be done pre-deal or pre- avoid the significant costs on potential corporate strategy and financial
partnership, some sensible steps include: analysis experience, leading multi-
transactions that, in the end, prove
disciplinary and multi-jurisdictional
Ensure that your board shows commitment inappropriate. Initial due diligence work teams in conducting cross-border
and leadership in order both to drive should: analyze the size of the opportunity; market entry, due diligence and competitive intelligence
home the importance of anti-fraud identify the touch-points for potential fraud; engagements. Previously he advised on corporate
strategy initiatives at KPMG, and has held several other
programs and to avoid potential liability and, what is often forgotten, be broad enough strategy roles within the private sector.
for negligently failing to prevent fraud; to consider alternative options.
6ccjVa:Y^i^dc'%&%$&& q &(
BVg`Zi:cign
I]^hnZVgÉh<adWVa;gVjY
HjgkZngZkZVahi]Vi[gVjY
]VhY^hhjVYZY)-d[
gZhedcYZcih[gdbZciZg^c\
cZlbVg`Zih#I]Zg^h`d[
jcXdkZg^c\fjZhi^dcVWaZ
WZ]Vk^dgedhi"VXfj^h^i^dc
^hVa^`ZanYg^kZgd[i]^h
Ò\jgZ#L]ViVgZndjg
dei^dchl]ZcVc
VXfj^h^i^dc^cjc[Vb^a^Vg
iZgg^idgngV^hZhhjhe^X^dch4
^ccZlVXfj^h^i^dch
inappropriately capitalized. Two years later,
an anonymous e-mail resulted in an
investigation which uncovered the fraud, but
by then the damage was done – and the
bonuses distributed.
&) q @gdaa<adWVa;gVjYGZedgi
BVg`Zi:cign
identifying fraud and understanding how Investment Focus: Percentage of firms investing in prevention of this type of fraud;
your systems were defeated is essential, /ÊÃiVÕÀÌÞÊx¯®ÊUÊ>V>ÊVÌÀÃÊx{¯®ÊUÊ*
ÞÃV>Ê>ÃÃiÌÊÃiVÕÀÌÞÊxÓ¯®ÊUÊ>>}iiÌÊVÌÀÃÊx䯮Ê
a forensic investigator is often best placed *Ê>`ÊÌÀ>`i>ÀÊÌÀ}Ê«À}À>Ê{n¯®ÊUÊÕiÊ`}iViÊ{ȯ®ÊUÊ,ÃÊ>>}iiÌÊÃÞÃÌiÃÊ{ί®
Reputation monitoring (43%)
to advise you on next steps.
Increase in Exposure: Companies where exposure to fraud has increased 80%
Biggest Drivers of Increased Exposure: Most widespread factor leading to greater fraud exposure and
Glen Harloff (CGA CFI) is a managing
percentage of firms affected; High staff turnover (37%)
director based in Kroll’s Miami office.
He is an expert in financial investigations 0 % 10 20 30 40 50 60 70 80 90 100
and has extensive experience in the
Corruption and bribery
prevention, detection and investigation
of fraud for clients throughout the Theft of physical assets or stock
Caribbean and Latin America. Money laundering
Financial mismanagement
Regulatory or compliance breach
John Price is a managing director Internal financial fraud or theft
based in Kroll’s Miami office. He Information theft, loss or attack
specializes in business intelligence
Vendor, supplier or procurement fraud
in Latin America and serves as a
strategic advisor to clients on IP theft, piracy or counterfeiting
competitive positioning, market entry, Management conflict of interest
transactional due diligence, competitive
Moderately or Highly vulnerable Slightly vulnerable
intelligence and business risk analysis.
6ccjVa:Y^i^dc'%&%$&& q &*
GZ\^dcVa6cVanh^h/6bZg^XVh
CDGI=6B:G>86
DK:GK>:L
Fraud levels remain low in North America
compared to other regions in all areas
except one: information theft or attack.
According to this year’s results, fraud in this
area rose to 32% from a more modest 19%
last year. The significantly high levels of
information theft reported exceed the
survey average of 27%. Notably, North
American respondents cited phishing (26%)
and the increased use of technology (19%)
as the primary tactics used in this type of
fraud. When probed further, 26% of those
surveyed cited the complexity of IT
infrastructure as the leading cause of
increased fraud exposure.
2010 2009
The growing threat to information security,
however, may not be getting the attention Prevalence:
87% 78%
Companies affected by fraud
that it deserves. Only 34% of respondents
considered themselves moderately to highly
Information theft, Theft of physical assets
vulnerable to information theft. Moreover, loss or attack (32%) or stock (22%)
investment in IT security measures declined Areas of Frequent Loss:
Theft of physical assets Information theft,
Percentage of firms reporting loss to this
this year versus last. or stock (27%) loss or attack (19%)
type of fraud
Management conflict Management conflict
Overall, companies in the region believe they of interest (14%) of interest (17%)
are less vulnerable to fraud. They also report
low exposure in areas such as corruption (7%) Financial controls (45%)
and market collusion (4%). In spite of this, the Management controls (44%)
Investment Focus: IT security (44%)
challenge still remains for businesses to Percentage of firms investing in IT security (42%)
recognize the potential risks of violating the prevention of this type of fraud Financial controls (40%)
Due diligence (41%)
US Foreign Corrupt Practices Act (FCPA).
Staff screening (40%)
Only 42% of respondents were certain that
the FCPA applied to them while 44% were Increase in Exposure:
unsure and 14% believed it does not. Companies where exposure to fraud has 66% 84%
increased
North American companies currently enjoy
a relatively benign fraud environment. Biggest Drivers of Increased Exposure:
They will need to address growing risks, Most widespread factor leading to IT complexity IT complexity
greater fraud exposure and percentage (26%) (32%)
especially in information security, to keep
of firms affected
things that way.
&+ q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6bZg^XVh
96I67G:68=B6C6<:B:CI/
L]ViZkZgnXdbeVcn
h]djaY`cdl
>cVigjZh^\cd[i]Zi^bZh!XdbeVc^ZheVgi^X^eVi^c\^ci]^hnZVgÉh<adWVa
;gVjYHjgkZngZedgiZYi]Vi^c[dgbVi^dci]Z[i^hcdli]ZbdhiXdbbdc
[dgbd[[gVjY#L^i]',d[XdbeVc^ZhgZedgi^c\^cX^YZcihl^i]^ci]ZeVhi
nZVg!i]Zi]Z[id[^c[dgbVi^dchjgeVhhZYi]Zi]Z[id[e]nh^XVaegdeZgin[dg
i]ZÒghii^bZ^ci]Z[djg"nZVg]^hidgnd[i]ZHjgkZn#HdbZ^cYjhignhZXidgh
lZgZeVgi^XjaVgan]VgY]^i![dgZbdhiVbdc\i]ZbÒcVcX^VahZgk^XZh)'!
je[gdb'(i]ZegZk^djhnZVg!egd[Zhh^dcVahZgk^XZh)%!je[gdb'(!
VcYIZX]cdad\n!BZY^VVcYIZaZXdbh(,!je[gdb&*#6cYl]^aZ
XdbeVc^ZhXaZVgangZXd\c^oZi]Z^cXgZVh^c\hZkZg^ind[i]ZegdWaZb!id
hdbZZmiZcii]Zn[ZZajcegZeVgZYidYZVal^i]^i/,,d[gZhedcYZcih
WZa^ZkZi]Vii]Z^gXdbeVc^ZhVgZkjacZgVWaZid^c[dgbVi^dci]Z[i#
prevention systems, log analysis, anomaly that sensitive information is no longer being
By Alan Brill, Brian Lapidus and Richard Plansky
analysis) with a robust training regime to compromised, it is impossible to mount an
ensure that key personnel understand what effective response.
Given the financial, legal, and reputational
to look for and what to do when they suspect
risks that go hand-in-hand with a data 3. Determine the scope
that something is wrong.
breach, failing to prepare for one is to court of the breach
disaster. When an incident occurs, there is no
2. Determine if the breach In the event of a breach, the extent to which
time to learn on the fly, so having a response
event is still happening and data has been compromised is not always
plan already in place is critical. While there
then “stop the bleeding” readily apparent. In some instances, the
is no such thing as a one-size-fits-all
situation is far less serious than suspected.
response plan, the best plans tend to share Too many companies concentrate
For example, reverse engineering of malicious
common elements. In particular, they are immediately on the process of notifying
software can sometimes reveal that the
designed to accomplish five key goals: victims before they know all the facts.
malware did not actually work – i.e., an
A good response plan should include a
intrusion without the data loss. In other
1. Provide the proper resources clear process for determining – with
cases, analysis of the criteria by which a
for early detection forensic accuracy – what did and did not
malicious software program selects records
happen and whether any of it is still to target can show that, since fewer records
Too often, the first indication that an incident occurring. Many malicious software attacks meet those criteria, the loss was much
has occurred is a call from a victim have, as part of their structure, elements smaller than originally feared. On the other
complaining that an account has been looted designed to keep the malware in place long hand, sometimes the loss is more extensive
or, worse yet, a reporter writing a story on a after the initial intrusion. This can lead than initial appearances might suggest.
breach. A solid plan should contain a strategy to automated re-infections weeks or even Either way, it is vital for companies to discern
for detecting potential problems at the months after a system is thought to be the universe of compromised information
earliest possible stage by integrating cleansed and the subsequent compromise with enough accuracy – and evidence –
technology (e.g. intrusion detection and of additional data. Absent the certainty to justify their subsequent course of action.
6ccjVa:Y^i^dc'%&%$&& q &,
GZ\^dcVa6cVanh^h/6bZg^XVh
4. Determine who is responsible Vulnerability Testing – Regular testing Given the current trends, there is every
for the breach and attempt to to identify vulnerabilities that a hacker reason to expect next year’s survey to show
recover lost data or dishonest insider might exploit are also an even higher prevalence of information
vital. There are excellent tools to do this, theft. With some smart advance planning,
The loss of information sometimes stems from
although many organizations elect to there is every hope that companies will be
the loss or theft of a physical object – e.g.,
engage specialists who have a depth of better prepared.
a laptop computer, USB drive, or disc – often
experience in responding to incidents and
due to the carelessness or misconduct of an
extensive knowledge of the latest threats. Alan Brill is a senior managing director at Kroll Ontrack,
employee. In circumstances like this, a good
where he founded the computer forensics practice. With
response plan will provide a process and the Use Encryption – Many of the statutes more than 33 years of consulting experience, his work has
resources to conduct a solid fact-finding relating to data breach provide for ranged from large-scale reviews of information security
investigation into the circumstances of the exceptions when the data in question was and cyber incidents for multi-billion dollar corporations to
loss. A prompt and robust investigation can criminal investigations of computer intrusions. His work
encrypted. Because of this, the use of
also focuses on prevention and investigation of data breaches
often lead to the identification of the person encryption, particularly for data in a form involving sensitive personal, health and corporate information.
or persons responsible for the loss, which frequently associated with data loss
can, in turn, result in a more detailed incidents – e.g., data stored on portable Brian Lapidus is Chief Operating Officer, Kroll Fraud
understanding of the extent to which the Solutions has unique frontline experience helping a wide
devices and back-up or archival data stored variety of corporations and organizations safeguard
data has been disseminated. In some on tapes – should be considered a best against and respond to data breaches. He oversees a
instances, the lost information can even practice. Many application programs also highly skilled team that includes veteran licensed
be recovered, reducing or eliminating the permit data to be encrypted while residing investigators who specialize in supporting breach victims
need for notification. and restoring individuals’ identities to pre-theft status. He
in a database, another practice that also works with consumer organizations to help ensure
provides protection with little added risk. responsible practices among businesses that provide
5. Determine and comply identity theft-related services.
with legal obligations Policy Review – In a world of rapidly
evolving threats, changing legal Richard Plansky is a managing director and head of
In the United States, the regulatory regime requirements, and new outsourcing Kroll’s New York office. With 18 years of investigative and
for data breach is extremely confusing, with law enforcement experience, Richard manages a wide
technologies like cloud computing, variety of complex assignments with a special emphasis
different requirements for different industries
it is imperative to review policies at on corporate investigations.
and different states. With the exception of
least annually.
the Health Information Technology for
Economic and Clinical Health Act (HITECH), :8DCDB>HI>CI:AA><:C8:JC>IG:EDGI86G9 =:6AI=86G:!E=6GB68:JI>86AH7>DI:8=CDAD<N
which contains breach notification mandates
for entities covered under the Health The healthcare, pharmaceuticals, and biotechnology sector is finding that a shift in business models can change
fraud patterns. Partnerships and joint ventures are becoming increasingly common throughout the sector, from
Insurance Portability and Accountability Act
early R&D to commercialization. This shows up in the fraud data: information theft and IP theft (both 19%) are
(HIPAA), there is no overarching federal law
now the third and fourth most common frauds, having risen from 10% and 7% respectively last year. Greater
governing breach notification. Instead, there collaboration has increased fraud exposure for a quarter of companies, the second-highest figure for any of the
is a patchwork of laws from 46 states and sectors in the survey. Moreover, although frauds are still as likely to be inside jobs as in other industries, in 6% of
two territories. These laws present varying cases the main perpetrator was a partner – the highest rate for any industry. Fortunately, health executives are
and sometimes contradictory requirements realizing that they need to pick their friends carefully. The number of those expecting to invest in due diligence in
regarding the entities to be notified and the the next 12 months is 45%, up from 29% in last year’s survey.
information that can and cannot be included
Prevalence: Companies affected by fraud 88%
in the notification letters. A good plan will
Areas of Frequent Loss: Percentage of firms reporting loss to this type of fraud: Theft of physical assets or stock (34%)
provide the professional resources necessary
>>}iiÌÊVyVÌÊvÊÌiÀiÃÌÊÓ£¯®ÊUÊvÀ>ÌÊÌ
ivÌ]ÊÃÃÊÀÊ>ÌÌ>VÊ£¯®ÊUÊ*ÊÌ
ivÌ]Ê«À>VÞÊÀÊVÕÌiÀviÌ}Ê£¯®
to clearly determine the nature and extent of
the company’s legal obligations and develop Investment Focus: *iÀViÌ>}iÊvÊwÀÃÊÛiÃÌ}ÊÊ«ÀiÛiÌÊvÊÌ
ÃÊÌÞ«iÊvÊvÀ>Õ`\Ê/ÊÃiVÕÀÌÞÊxί®ÊUÊ-Ì>vvÊ
ÌÀ>}Êx£¯®ÊUÊ>>}iiÌÊVÌÀÃÊ{ǯ®ÊUÊÕiÊ`}iViÊ{x¯®ÊUÊ-Ì>vvÊÃVÀii}Ê{x¯®ÊUÊ>V>ÊVÌÀÃÊ{x¯®Ê
a viable strategy for complying with them.
Increase in Exposure: Companies where exposure to fraud has increased 75%
Without question, a well-crafted response Biggest Drivers of Increased Exposure: Most widespread factor leading to greater fraud exposure and
plan can go a long way toward mitigating percentage of firms affected; Increased collaboration with other firms (25%)
the damage that flows from a data breach.
0 % 10 20 30 40 50 60 70 80 90 100
Better yet is to take proactive steps to prevent
Corruption and bribery
incidents from occurring in the first place.
Theft of physical assets or stock
Some recommended steps are described below:
Money laundering
Data Mapping – It is critical for Financial mismanagement
companies to understand where and in Regulatory or compliance breach
what form their sensitive data is stored. Internal financial fraud or theft
An awareness of where that data resides Information theft, loss or attack
and how it is transferred both internally Vendor, supplier or procurement fraud
and externally can serve as the IP theft, piracy or counterfeiting
foundation for sound policies and Management conflict of interest
procedures to mitigate significantly the Moderately or Highly vulnerable Slightly vulnerable
risk of breach.
&- q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6bZg^XVh
6ccjVa:Y^i^dc'%&%$&& q &.
GZ\^dcVa6cVanh^h/6bZg^XVh
A6I>C6B:G>86DK:GK>:L
2010 2009
Prevalence:
90% 83%
Companies affected by fraud
Information theft,
loss or attack (35%)
Management conflict
Regulatory or
of interest (27%)
compliance fraud (28%)
Areas of Frequent Loss:
Theft of physical assets or stock
Percentage of firms reporting loss to Management conflict
(26%)
this type of fraud of interest (23%)
Vendor, supplier
Internal financial fraud or theft (18%)
or procurement fraud (22%)
Another serious concern for Latin America is
Regulatory or
compliance fraud (21%) that far more companies report an increase in
their exposure to fraud than in other regions.
Financial controls (67%) A full 85% of Latin American companies
Physical asset security (57%) believe they have become more vulnerable
compared with 75% of companies in Asia
IT security (56%)
or the global average of just 73%. In fact,
Staff training (55%) more companies in Latin America, 34%, cite
IP and trademark monitoring program high staff turnover as a contributor to fraud.
Investment Focus: IT security (52%)
Percentage of firms investing in (53%) The region also reports the second highest
prevention of this type of fraud Financial controls (45%) increase in exposure to fraud, after Africa at
Staff screening (51%)
18%, resulting from increased collaboration
Management controls (50%)
between firms. It trails Asia with 16% of
Risk management systems (47%) respondents citing more aggressive regulatory
Reputation monitoring (47%) enforcement in helping to uncover fraud.
Due diligence (46%)
On the positive side, the percentage of
Increase in Exposure: companies planning to invest in every one of
Companies where exposure to fraud 85% 72% the anti-fraud measures covered in the survey
has increased is also above average and in three cases –
staff training (55%), IP monitoring (53%), and
Biggest Drivers of Increased Exposure:
Most widespread factor leading to High staff turnover (34%) due diligence (46%) – the highest of any
IT complexity (37%)
greater fraud exposure and percentage IT complexity (33%) region. Let’s hope Latin America begins to
of firms affected
address the problem.
'% q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6bZg^XVh
[gVjY^c7gVo^a/
$1.1 billion on upgrades to Rio de Janeiro’s
suburban railway, $1.5 billion on projects to
expand and connect pre-existing Bus Rapid
HI::G>C<8A:6G
Transit systems, and $1.2 billion for metro
line extensions. In addition, $80 million is
earmarked for airport upgrades to renew and
D;I=:EDI=DA:H
add terminals and runways and to expand
parking facilities in order to accommodate
25 million passengers annually by 2014.
6ccjVa:Y^i^dc'%&%$&& q '&
GZ\^dcVa6cVanh^h/6bZg^XVh
for allegedly rigging online auctions and have previously been involved in fraudulent and policies clearly communicated and
forming a cartel that served to exclude potential projects or have otherwise been the subject enforced through appropriate training and
competitors from the market. Of the 305 of a fraud investigation. periodic monitoring of the work underway.
companies authorized to participate in bids, Additionally audits of, for example, purchase
only 16 actually registered. The fraud, Competitive market intelligence is an additional
orders, invoices and payroll information will
estimated to have reached more than $286 weapon in the investor’s arsenal. Fundamental
provide information that can raise red flags.
million, was one of the largest of its kind in questions to consider in this analysis include:
recent Brazilian history. Are competitors able to sell their services and Brazil’s need for transportation infrastructure
products at abnormally low prices? If yes, is is great, and the government’s commitment
The ways in which fraud in the industry has there a legitimate reason or is the real to investment and to the industry is clear.
been perpetrated are seemingly endless: Those wishing to take advantage of this
explanation that fraudulent methods are being
overbilling, overpayments, use of ghost tremendous opportunity, however, need to put
employed, such as the use of substandard or
employees, use of materials of inferior
counterfeit materials and products? Is there a in place protection against high levels of fraud.
quality, attesting to work that has not
cartel or similar organization in place that is
actually been completed, forewarnings about
upcoming audits, altering or concealing preventing other companies from entering
the market in general or a particular bidding Vander Giordano is a managing director
documents. Given the widespread presence based in Kroll’s São Paulo office and
of fraud, the risks inherent in participating in process? Is it possible other relationships specializes in business development for
infrastructure projects can outweigh the exist between competitors that would Latin America. He is a member of the
benefits. In most cases, these projects involve constitute unfair competition? Brazilian and International Bar
Associations. Vander has extensive
government officials or entities in some experience working with companies in
Safeguards against possible fraud and
capacity. Consequently, if your company has the energy, retail, banking and airline industries.
exposure to corruption during the project’s
any significant link to the United States or
execution are equally important. It is essential
United Kingdom, the far-reaching provisions
that corporate executives be aware of local
of the Foreign Corrupt Practices Act (FCPA) or
and international laws, regulations, and Allie Nichols is a compliance associate based in Kroll’s
UK Bribery Act could lead to crippling costs, New York office. She is an attorney with business
including penalties, disgorgement of profits, industry standards, particularly when doing
experience in Brazil and has published several articles in
and mandatory monitoring. Moreover, business in new jurisdictions. These must leading Brazilian publications.
Brazilian authorities can separately impose therefore be researched and resultant actions
their own hefty fines and initiate criminal
and civil litigation. Finally, conviction for
:8DCDB>HI>CI:AA><:C8:JC>IG:EDGI86G9 8DCHIGJ8I>DC!:C<>C::G>C<>C;G6HIGJ8IJG:
fraud, or even investigation, can result in
reputational damage which, while difficult to The prolonged financial troubles of the construction sector, at least in developed markets, seem to have had a
quantify, will certainly leave a long-lasting persisting moderating effect on fraud levels. Overall, the total number of companies hit by fraud dropped to 84%,
scar on any company or individual involved. and those that lost physical assets declined to 26%. On the other hand, management conflict of interest grew
more common (28%) – the largest figure for any of the sectors surveyed. In fact, the overall picture is one of stasis.
The construction sector now has the biggest problem with corruption (18%) compared with other sectors.
Be prepared On the positive side, construction companies are not waiting for an upturn to combat fraud. The survey shows
For companies seeking to exploit upcoming them as the most likely to plan investment in six of the 10 fraud strategies covered, and the second most likely for
investment opportunities there are several the other four.
ways to build up a layer of protection against
Prevalence: Companies affected by fraud 84%
fraud. The first step is to evaluate the
Areas of Frequent Loss: Percentage of firms reporting loss to this type of fraud
transparency and fairness of the bidding
>>}iiÌÊVyVÌÊvÊÌiÀiÃÌÊÓn¯®ÊUÊ/
ivÌÊvÊ«
ÞÃV>Ê>ÃÃiÌÃÊÀÊÃÌVÊÓȯ®Ê
process carefully. Some of the key questions
vÀ>ÌÊÌ
ivÌ]ÊÃÃÊÀÊ>ÌÌ>VÊÓ£¯®ÊUÊ
ÀÀÕ«ÌÊ>`ÊLÀLiÀÞÊ£n¯®ÊUÊ6i`À]ÊÃÕ««iÀÊÀÊ«ÀVÕÀiiÌÊvÀ>Õ`ʣȯ®
that should be asked include: Have the details
Investment Focus: Percentage of firms investing in prevention of this type of fraud;
of the process been clearly communicated?
-Ì>vvÊÃVÀii}ÊÈx¯®ÊUÊ>V>ÊVÌÀÃÊÈx¯®ÊUÊ-Ì>vvÊÌÀ>}ÊÈ£¯®ÊUÊ/ÊÃiVÕÀÌÞÊÈ䯮
Is an independent committee or person
>>}iiÌÊVÌÀÃÊxȯ®UÊ*
ÞÃV>Ê>ÃÃiÌÊÃiVÕÀÌÞÊxȯ®ÊUÊ,i«ÕÌ>ÌÊÌÀ}Êx{¯®ÊUÊÕiÊ`}iViÊxί®Ê
presiding over the process? What criteria *Ê>`ÊÌÀ>`i>ÀÊÌÀ}Ê«À}À>Êxί®ÊUÊ,ÃÊ>>}iiÌÊÃÞÃÌiÃÊx£¯®
will be used to qualify or disqualify bidders?
Increase in Exposure: Companies where exposure to fraud has increased 79%
Are these criteria fair or tailored to disqualify
Biggest Drivers of Increased Exposure: Most widespread factor leading to greater fraud exposure and percentage
all but a select few companies? Are they
of firms affected; High staff turnover (35%)
reasonably related to the necessities of the
present project? What factors will be 0 % 10 20 30 40 50 60 70 80 90 100
considered in selecting the winner? All of Corruption and bribery
these questions should be answered to the Theft of physical assets or stock
company’s satisfaction before it submits a bid. Money laundering
Financial mismanagement
The second step for a business is to conduct
Regulatory or compliance breach
background checks on its own employees
Internal financial fraud or theft
and on those companies which it will
Information theft, loss or attack
engage. This is especially important when
Vendor, supplier or procurement fraud
subcontracting local workers and businesses.
IP theft, piracy or counterfeiting
A thorough background check can provide
clearer details of their qualifications and prior Management conflict of interest
experience, how they are perceived by their Moderately or Highly vulnerable Slightly vulnerable
'' q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6bZg^XVh
7G6O>ADK:GK>:L
6ccjVa:Y^i^dc'%&%$&& q '(
GZ\^dcVa6cVanh^h/6bZg^XVh
') q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6bZg^XVh
and ordinary citizens – can begin to position Investment Focus: Financial controls (73%)
Percentage of firms investing in
itself as an example to the rest of Latin prevention of this type of fraud IT security (73%)
America by proving that a country can grow Management controls (73%)
and generate new opportunities by
Staff screening (73%)
confronting corruption head on.
Physical asset security (70%)
Due diligence (70%)
Andrés Otero is a managing director and head of Kroll’s
Miami office. He is an expert in a variety of investigative Increase in Exposure:
and intelligence areas, including fraud and anti-corruption Companies where exposure to fraud 88%
services, dispute advisory and conflict resolution. has increased
6ccjVa:Y^i^dc'%&%$&& q '*
GZ\^dcVa6cVanh^h/6bZg^XVh
G^h`\dkZgcVcXZ[dgb^cZh
^cZbZg\^c\bVg`Zih/
I=:EDL:G7DIIA:C:8@
By David A. Robillard ;dgXZcijg^Zh!b^c^c\XdbeVc^Zh]VkZadd`ZY[dgdgZ
i]gdj\]djii]ZldgaY#DkZgi]ZeVhiYZXVYZ!8]^cZhZ
YZbVcY[dgcVijgVagZhdjgXZhVcYVc^cXgZVh^c\
deZccZhhid[dgZ^\c^ckZhibZcii]gdj\]dji6[g^XV!
6h^V!VcYAVi^c6bZg^XV]Vh^cXgZVhZYi]Z^ciZgZhi
d[i]^hhZXidg^cZbZg\^c\bVg`Zih#
As a result, demand for skilled management The central problem with such situations is
has grown steadily for both in-country and that they create an “obligation to trust” key
head office positions. Many companies, local executives. Oversight is weakened as
however, struggle to find internationally companies are unable to contradict a local
experienced personnel to fill key positions, manager on issues of fact or to present
meaning that often senior managers do not alternative interpretations. These managers
understand the local culture or even the in effect obtain a monopoly on information,
language. This can lead to overdependence which they can use to create a power
on local managers, which greatly increases bottleneck leaving them in almost complete
the risk of fraud. control of the local operation.
'+ q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6bZg^XVh
These managers may even stoke up The natural resources sector has seen a shift in the types of fraud it faced. Theft of assets (28%), corruption
nationalistic fervor against foreign (13%), and internal financial fraud all saw declines, while information theft (22%) rose and financial
corporate owners. mismanagement (17%) as well as regulatory breaches (13%) both nearly doubled. The major issue looking
ahead, however, is increased exposure: 80% of natural resources companies report that their exposure to fraud
Such managers also resist providing has increased, the second-highest figure in the sectors surveyed. Moreover, they are the most likely to face
timely and accurate information from greater risk arising from increased collaboration (30%) and the second most likely for entry into new markets
local operations and restrict access of (27%). Greater investment in due diligence would be a natural response, but this is not the case in practice.
head office corporate officers to local Only 30% of sector companies plan to spend in this way in the next 12 months, compared to 41%, on average,
community and government leaders across the other sectors surveyed.
as well as to key suppliers.
Prevalence: Companies affected by fraud 91%
The rotation of administrative staff tends
Areas of Frequent Loss: Percentage of firms reporting loss to this type of fraud
to be frequent since those exploiting
/
ivÌÊvÊ«
ÞÃV>Ê>ÃÃiÌÃÊÀÊÃÌVÊÓn¯®ÊUÊ>>}iiÌÊVyVÌÊvÊÌiÀiÃÌÊÓǯ®ÊUÊvÀ>ÌÊÌ
ivÌ]ÊÃÃÊÀÊ
power bottlenecks do not tolerate dissent.
>ÌÌ>VÊÓÓ¯®ÊUÊ6i`À]ÊÃÕ««iÀÊÀÊ«ÀVÕÀiiÌÊvÀ>Õ`ÊÓ䯮ÊUÊ>V>ÊÃ>>}iiÌʣǯ®
Circumstances for staff departures tend
Investment Focus: Percentage of firms investing in prevention of this type of fraud;
to be unusual.
>V>ÊVÌÀÃÊ{n¯®ÊUÊ*
ÞÃV>Ê>ÃÃiÌÊÃiVÕÀÌÞÊ{ί®ÊUÊ-Ì>vvÊÌÀ>}Ê{䯮
Another red flag is atypical contract terms for Increase in Exposure: Companies where exposure to fraud has increased 80%
employees and suppliers. Unusual contractual
Biggest Drivers of Increased Exposure: Most widespread factor leading to greater fraud exposure and
penalties to the company and prices out of percentage of firms affected; Increased collaboration with other firms (30%)
sync with the market are particular favorites.
0 % 10 20 30 40 50 60 70 80 90 100
1 Global Anti-Corruption Efforts: The Role of Non- Corruption and bribery
Governmental Organizations”. Programme on Global Theft of physical assets or stock
Issues & Civil Society, Centre for Applied Studies in
International Negotiations, 2007 Money laundering
Financial mismanagement
Regulatory or compliance breach
David A. Robillard is a managing Internal financial fraud or theft
director based in Kroll´s Mexico City Information theft, loss or attack
office. For more than 15 years, he has
Vendor, supplier or procurement fraud
advised boards of directors and senior
managers on matters of business IP theft, piracy or counterfeiting
partnering, corporate investigations and Management conflict of interest
competitive risks in a range of industries,
Moderately or Highly vulnerable Slightly vulnerable
including mining, infrastructure and manufacturing.
6ccjVa:Y^i^dc'%&%$&& q ',
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
6H>6"E68>;>8DK:GK>:L
IT security (43%)
Asia-Pacific’s poor fraud record is causing
a correspondingly large concern among Management controls (42%) IT security (59%)
executives. The proportion of companies that Investment Focus: Risk management systems (42%) Financial controls (52%)
see themselves as vulnerable to every fraud Percentage of firms investing in
prevention of this type of fraud Reputation monitoring (41%) Physical asset security (46%)
in the survey, as well as those planning to
invest in each anti-fraud strategy covered Financial controls (41%) Management controls (42%)
is never far from the global average. Staff screening (40%)
More worrying is how many companies
Due diligence (40%)
are looking to cut costs by weakening
controls: 33% of firms reported that this Increase in Exposure:
practice had increased fraud exposure, up Companies where exposure to fraud has 75% 79%
increased
from just 19% last year. Add to this the
continuing problems that Asia-Pacific Biggest Drivers of Increased Exposure:
companies have with high staff turnover, Most widespread factor leading to
High staff turnover (34%) IT complexity (35%)
greater fraud exposure and percentage
and there is no reason to expect a rapid of firms affected
change in the region’s fraud numbers.
'- q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
6ccjVa:Y^i^dc'%&%$&& q '.
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
who may be old friends or family relations in a positions in order to operate in their own to this crime could cost your company and its
small and isolated community, almost always interests. However, it is unfortunately not reputation considerable damage.
relies on intelligence because finding a paper uncommon for the management of an entire
trail will in most cases be impossible. facility to be implicated in wrongdoing. Richard Dailly is a managing director
and head of Kroll’s operations in India.
The questionable quality and trustworthiness Forewarned is forearmed: senior management He has over 20 years of experience in
at the head office must know how facilities global risk for the British government
of management running facilities can also and Kroll. Richard has a deep
heighten fraud risks. Often, a manager in are run and ensure that sufficient checks and
understanding of investigative and
such a plant has a technical background. He balances are in place and that systems are intelligence gathering techniques, and
fully accountable. With governments around assessment and analysis, in support of corporate
can solve problems at low cost, hire the most investigations, political risk, litigation support, and multi-
the world stepping up efforts to fight
technologically sound research and jurisdictional cases.
corruption, not to know, or to turn a blind eye
development specialists, and suggest and
implement unique engineering solutions.
Despite these virtues, our experience tells us Steps that Kroll has recently advised clients to take to minimize risk include:
that such a pragmatist is also more likely to Do not leave facilities under the control of existing
Ensure that the corporate structure mandates
find solutions to problems which, while not accountability. Create structures which ensure that management without reviewing internal controls
malicious, may not be appropriate in the eyes power does not lie with one individual answerable or introducing additional safeguards.
of regulators. While it might be quicker, and to nobody. Always question unusually large payments to
part of the business culture, to pay local Ensure that the culture is one of zero-tolerance agents, or a high number of payments to one
to fraud and corruption. Training is essential at all particular agent.
officials for a license to operate or to get
levels. Ensure that the training is pitched correctly: Always question a third party’s ongoing requests
distribution trucks across state borders, it
junior employees need to understand and support for cash payments – harder to establish a paper
does violate various local and international good practice as much as senior management. trail – or payment via offshore accounts.
anti-bribery laws. What constitutes a A culture of transparency will deter fraud and Always question the unnecessary use of third
facilitation payment can vary depending on corruption. Consider practices such as an “open- parties. Making payments to, or negotiating a
the context, but unlike the US Foreign door” policy. contract through, multiple intermediaries is a
Corruption Practices Act, which exempts Invest in a robust whistleblower system to help cause for concern.
‘facilitating payments’ (defined as small bring these issues to the attention of management in Conduct thorough due diligence on agents and
a timely and accurate manner. intermediaries prior to engaging them.
amounts paid to governmental officials for
the purpose of expediting fulfillment of a
routine, non-discretionary duty), Indian law
:8DCDB>HI>CI:AA><:C8:JC>IG:EDGI86G9 B6CJ;68IJG>C<
specifically forbids them.
The manufacturing sector presents a mixed fraud picture. On the positive side, the incidence of the majority
Last but not least, because much of India’s of frauds covered in the survey declined, and the industry reported the lowest rates of information theft (13%),
heavy engineering growth is being driven management conflict of interest (13%), and collusion (2%), when compared with other sectors. However, figures
by the race to improve local infrastructure, for specific regions – India or China, for example – may well paint a different picture.
possible exposure to fraud exists when Manufacturers face a growing vendor fraud problem (23%) – the second most widespread in the sectors
surveyed. The incidence of IP theft also rose, to 11% from 7%. This is an above-average level and manufacturing
engaging with officials who might be involved
companies are tied with healthcare ones as the most vulnerable to this crime (34% rank themselves as at
in projects of national importance. The use of least moderately vulnerable). Things could deteriorate, at least relative to other sectors. Despite the growing
agents and intermediaries in India is common challenges, planned spending on IP protection and due diligence is less widespread than average.
when dealing with government entities and
Prevalence: Companies affected by fraud 89%
often a conduit for a bribe. The potential sums
Areas of Frequent Loss: Percentage of firms reporting loss to this type of fraud
involved in large infrastructure projects are /
ivÌÊvÊ«
ÞÃV>Ê>ÃÃiÌÃÊÀÊÃÌVÊÓx¯®ÊUÊ6i`À]ÊÃÕ««iÀÊÀÊ«ÀVÕÀiiÌÊvÀ>Õ`ÊÓί®
huge. There is a real possibility of either Investment Focus: Percentage of firms investing in prevention of this type of fraud
knowingly or unknowingly wandering into /ÊÃiVÕÀÌÞÊ{ί®ÊUÊ>V>ÊVÌÀÃÊ{£¯®
an inappropriate transaction which, in a major Increase in Exposure: Companies where exposure to fraud has increased 68%
infrastructure project, might have Biggest Drivers of Increased Exposure: Most widespread factor leading to greater fraud exposure and
ramifications for years. percentage of firms affected IT complexity (30%)
unique and difficult fraud challenges in India. Theft of physical assets or stock
Money laundering
Kroll’s experience is that the three major
Financial mismanagement
problems highlighted – isolation, poor
Regulatory or compliance breach
management, and a propensity for
Internal financial fraud or theft
involvement in government contracts – often
Information theft, loss or attack
go hand in hand. It should be added that we Vendor, supplier or procurement fraud
have seen vastly different attitudes toward IP theft, piracy or counterfeiting
these issues. Operating on the ground, it is Management conflict of interest
often obvious that management has to root Moderately or Highly vulnerable Slightly vulnerable
out those who have taken advantage of their
(% q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
Regulatory or compliance fraud (22%) Vendor, supplier or number planning to invest further in these (52%)
procurement fraud (23%) is still above the survey average, it is down from
Areas of Frequent Loss: Financial mismanagement (22%)
Percentage of firms reporting loss to Information theft, loss or attack (23%) a year ago (73%). On the other hand, the number
Market collusion (22%)
this type of fraud Management conflict of interest (19%) of those intending to put money into staff training
Corruption and bribery (20%)
IP theft, piracy, or counterfeiting (19%) (54%) and background checks (42%) has risen
Vendor, supplier or noticeably (from 35% and 31% respectively).
procurement fraud (20%) Regulatory or compliance fraud (19%)
This makes sense given that, according to
Money laundering (20%) Corruption and bribery (15%)
Chinese respondents, the key perpetrator of
Information theft, loss or attack (16%)
fraud is an employee 42% of the time.
IT security (56%) How effective these efforts will be, given the
Staff training (54%) scale of the problem, is unclear. The number of
Financial controls (52%) Financial controls (73%) companies that have partner, client, and vendor
Investment Focus: IT security (54%) due diligence in place is well below the survey
Management controls (44%)
Percentage of firms investing in
prevention of this type of fraud Physical asset security (42%) Management controls (46%) average (38% to 50%) as is the number
Physical asset security (42%) intending to invest in this area in the coming year
IP and trademark monitoring program
(42%) (32% to 41%), even though for 40% of frauds
Staff screening (42%) the main perpetrators in the last year were
suppliers or vendors, and an additional 4% were
Increase in Exposure:
customers. Worse still, 34% of respondents
Companies where exposure to fraud 72% 85%
has increased said that they had weakened their internal
controls in the past 12 months, probably due to
Biggest Drivers of Increased Exposure:
Most widespread factor leading to High staff turnover (34%) cost cutting. Given the fraud environment in
IT complexity (42%)
greater fraud exposure and percentage Weaker internal controls (34%) China, many companies are going to have to do
of firms affected
far more to protect themselves.
6ccjVa:Y^i^dc'%&%$&& q (&
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
=VcY"^c"]VcY/ By Violet Ho
eg^kViZ"hZXidg
on collusion, secrecy, and greed, corruption is
a manifestation of fraud with the distinction
that the people committing it occupy a
public position – such as a civil servant or
(' q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
would turn a blind eye to the false invoices There are steps companies can take to mitigate Bribery Act. It is incredibly important in China,
that the company submitted to under-declare potential problems. When doing business in a jurisdiction with so much government
the value of the goods imported, and thus China, look carefully at any potential local involvement, to be able to demonstrate that
avoid import duties. The company was partner’s track record on compliance and you have taken all reasonable steps to know
subjected to hefty fines and its business ethical conduct; when hiring a local manager, that your employees are not bribing officials.
license was nearly revoked. Kroll’s do not assume that strong local expertise
subsequent investigation revealed that the negates the need for thorough due diligence. Finally, if things do go wrong, get to the bottom
senior executive was also controlling a It is no secret that the Chinese government of it by engaging professional help. Acknowledge
number of local distributors behind-the- plays a major role in all areas of business in the problem openly. Learn from your mistakes.
scenes and was selling smuggled goods China, and maintaining a good relationship And make sure it does not happen again.
through the company’s distribution network, with relevant government authorities is critical
As governments worldwide crack down harder
leaving the client exposed to serious legal to the success of any enterprise. It is important
on corruption – China itself is contemplating new
and financial damage. to establish independently whether or not the
legislation – the need for companies to put,
local partner has the government relationships
It can be difficult to investigate fraud if only and keep, their houses in order will only grow.
that he or she claims and whether this
one or two people are involved but, like the
relationship is an institutional alliance based
case above, a single perpetrator will not be
on operational strength and contributions to Violet Ho is a managing director and
able to get very far without including others.
the local economy or, more dubiously, a head of Kroll’s operations in China.
Lone fraudsters will be motivated, often Violet has managed a wide range of risk
relationship based on personal “blessings” consulting projects in Greater China
simply by greed, to recruit like-minded
from select individual benefactors. ranging from fraud prevention to
people in order to increase their potential
investigations of white-collar crime and
financial reward and, as more people get In addition to the dual concerns of financial distribution scams. She also manages
involved, the scheme becomes more loss and violating Chinese laws, you may have investigative due diligence inquiries and assignments on
vulnerable to discovery. Often in China, the business controls, intellectual property protection,
exposure to extraterritorial regulation such as employee risks, corporate security and crisis management.
whistle is blown by one of the accomplices the US Foreign Corrupt Practice Act and the UK
who is no longer happy with the financial
reward that he or she is receiving.
:8DCDB>HI>CI:AA><:C8:JC>IG:EDGI86G9 8DCHJB:G<DD9H
Watching for certain warning signs can help
The consumer goods sector showed in the last 12 months that information theft and attack are not the only
detect this kind of situation or prevent it fraud issues. Although 25% of industry firms suffered from that crime – up from just 15% the year before – the
from happening. High staff turnover, proportion affected was still below the survey average (27%). Moreover, the sector had the lowest proportion
especially among senior managers, should of companies (18%) which blamed IT complexity for increasing their exposure to fraud – one of the few sectors
be a red flag. As corporate memory is lost, where this decreased. The far bigger issue for consumer goods companies is that they have the most widespread
it becomes easier for corrupt staff to trick fraud problem in the survey overall – 98% of firms were hit in some way. They were also the most affected by
theft (43%) and financial mismanagement (21%) – the latter more than double last year’s figure of 9%. Consumer
new hires into accepting a fraudulent status
goods companies also see themselves as more vulnerable than those in most other industries to corruption (45%
quo. An arrangement which makes highly or moderately vulnerable), theft (47%), and vendor or procurement fraud (36%).
corruption easier can be explained away as
“the way things are done.” Prevalence: Companies affected by fraud 98%
Areas of Frequent Loss: Percentage of firms reporting loss to this type of fraud
For foreign companies, a language and /
ivÌÊvÊ«
ÞÃV>Ê>ÃÃiÌÃÊÀÊÃÌVÊ{ί®ÊUÊvÀ>ÌÊÌ
ivÌ]ÊÃÃÊÀÊ>ÌÌ>VÊÓx¯®ÊUÊ>V>ÊÃ>>}iiÌÊÓ£¯®
culture gap between senior management >>}iiÌÊVyVÌÊvÊÌiÀiÃÌÊÓ£¯®ÊUÊ6i`À]ÊÃÕ««iÀÊÀÊ«ÀVÕÀiiÌÊvÀ>Õ`Ê£n¯®Ê
at home and local management in China Internal financial fraud or theft (18%)
can also be dangerous. So too can allowing Investment Focus: Percentage of firms investing in prevention of this type of fraud
a local CEO to become the single *
ÞÃV>Ê>ÃÃiÌÊÃiVÕÀÌÞÊÈ{¯®ÊUÊ/ÊÃiVÕÀÌÞÊx¯®ÊUÊ>>}iiÌÊVÌÀÃÊxx¯®ÊUÊ-Ì>vvÊÃVÀii}Êxx¯®Ê
,i«ÕÌ>ÌÊÌÀ}Êxx¯®ÊUÊ>V>ÊVÌÀÃÊx{¯®ÊUÊÕiÊ`}iViÊx{¯®Ê
communication channel with headquarters.
*Ê>`ÊÌÀ>`i>ÀÊÌÀ}Ê«À}À>Ê{n¯®ÊUÊ-Ì>vvÊÌÀ>}Ê{x¯®ÊUÊ,ÃÊ>>}iiÌÊÃÞÃÌiÃÊ{x¯®
In China, senior hires commonly bring
Increase in Exposure: Companies where exposure to fraud has increased 61%
along a team from their former companies;
this can result in cliques being formed that Biggest Drivers of Increased Exposure: Most widespread factor leading to greater fraud exposure and
percentage of firms affected; High staff turnover (30%)
tie employee loyalty to the boss rather than
the company. 0 % 10 20 30 40 50 60 70 80 90 100
Corruption and bribery
is how it should be. Risk can and should be Moderately or Highly vulnerable Slightly vulnerable
6ccjVa:Y^i^dc'%&%$&& q ((
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
EgZkZci^c\i]Z
AViZdcV;g^YVnV[iZgcddc!i]Z
8]^cV8:Dd[V\adWVaheZX^Vain
X]Zb^XVaegdYjXihXdbeVcn
adhhd[igVYZ
gZXZ^kZhVbZbd[gdb^ih=ZVY
d[DeZgVi^dchhVn^c\i]ViV`Zn
Zc\^cZZg]VhiZcYZgZY]^h
gZh^\cVi^dc#I]^hZbeadnZZ]VY
hZXgZih^c8]^cV WZZcgZhedch^WaZ[dgdkZghZZ^c\
egdYjXi^dcd[i]ZXdbeVcnÉh
hddcidWZaVjcX]ZY!]^\]"ZcY
By Tadashi Kageyama
egdYjXii]Vi^hXdch^YZgZYXZcigVa
id[jijgZ\gdli]#=Z^haZVk^c\!
]ZhVnh!idgZijgcid]^h]dbZ
idlc^cdgYZgidhjeedgi]^h
hbVaa![Vb^an"gjcWjh^cZhh#
>ib^\]ihdjcYhigV^\]i[dglVgY!
Wji^i^h[Vg[gdb^i#
() q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
Within a month, more than twenty local staff the healthcare, pharmaceutical, and security, and communication security. Of
members left. On one day alone, employees biotechnology sector. course, these categories not only overlap, but
from research and development (R&D), they are also constantly evolving. An
Although, as in the above example, IP loss is
procurement, production, quality control, and effective solution must, therefore, encompass
often at the hands of employees, they are far
finance tendered their resignations. Senior them all. Based on our experience around the
from the only culprits. External parties may
management in China and at headquarters world, the so-called “divide and conquer”
try to obtain information through hostile
started to worry. approach to IP protection – trying to address,
means such as hacking into computer
say, computer security without integration
The company in this real case called in Kroll. networks or breaking into company premises.
with areas such as human resource or
We gathered intelligence from sources in They might also be more devious, by setting
physical security – simply does not work.
the company’s supply chain and forensically up a fictitious company to impersonate a
Add to this the unique challenges relating to
examined computers used by the former potential big buyer and by producing false
chemical and biotechnology R&D and
employees. After weeks of investigating, it information, only to lure victims into
production facilities, as well as understanding
became clear that these individuals had left revealing valuable proprietary information.
the laws and regulations of each country
in order to follow the chief engineer, who had In one such case, we found that a competitor
where IP is to be stored or sent, and the
actually moved to a local competitor. was bribing our client’s employees and
extent of the task starts to becomes clear.
Furthermore, the investigation uncovered vendors to act as informants.
evidence that some employees had stolen The best place to begin is a risk assessment,
We have also seen cases where a client’s
proprietary information including, but by no in order to look for any risk factors which can
customer passed on proprietary information
means limited to, designs, layout of the be quickly and cost-effectively mitigated
to competitors. In fact, on one occasion,
production facility, vendor lists, marketing – useful easy wins – and any issues that
although anonymous whistleblower letters
plans, employee contact information, may require longer term solutions. Typically,
accused two senior employees of stealing the
management reports, and financial such an assessment starts with a thorough
IP of their former employer (Company X) and
information – what the client would rightly review of the current operational and
using it to design and launch new products,
technology environments along with the
consider its trade secrets. Soon after the our investigation uncovered that one of
current state of IP protection. It is also
investigation, the local management team Company X’s key customers in fact passed on
important not to assume that policy is the
heard rumors that the competitor which had this information to the accused employees
same as reality. Identifying – through
hired its old staff members would soon and demanded that they make products at a
document analysis, interviews, sample
launch a high-end product very similar to the lower cost.
analysis, or covert and unscheduled visits –
one the departed engineer had overseen.
Given the many possible ways that trade areas where plans and policies are not
Incidents like this occur frequently in secrets can be compromised, it is critical to actually being followed is essential. In a
emerging markets. Companies fail to secure take a holistic perspective toward all threats, recent case, company policy required highly
trade secrets, making it all too easy for both internal and external, and to tailor secure and centrally managed wireless data
wrongdoers to steal and replicate key security and controls accordingly. networks. Our on-site testing found, however,
products in a matter of weeks. In this case, that completely unsecured wireless networks
The first step for companies protecting were in use, were undocumented, and were
the company lost out on market share and
themselves in China, though, is to placing IP at serious risk.
potential revenue costing millions of dollars
understand what constitutes their own IP.
in forecast revenue. The results of the
Although multinationals in Asia implement Completely eliminating competitors from
investigation were an eye opener for the trying to compromise trade secrets is not a
policies, procedures, contracts, and
client, and Kroll was further retained to realistic goal. Neither is trying to prevent an
agreements to mitigate the loss of patents,
conduct an audit of the client’s entire local employee from moving to a competitor or
designs, copyrights, and trademarks, they
operations, from physical and technology setting up a competing business. Companies
often neglect to put in place integrated
security to operational and human resources can, however, do more to mitigate the risk of
solutions to protect their trade secrets. The
security. We helped the client identify and World Intellectual Property Organization loss or theft by re-evaluating and
resolve potential risks in order to avoid such (WIPO) defines trade secrets as “any understanding what IP they have that goes
a situation from reoccurring in the future. confidential business information which beyond patents and trademarks, and how
Intellectual property (IP) and information theft provides an enterprise a competitive edge”. these trade secrets are created, controlled,
are particularly common in the healthcare, Such IP, also called “know-how”, can be and destroyed. Conducting an audit of
pharmaceutical, and biotechnology sector difficult to control since it is usually business operations and facilities is another
in China. Local and international companies intangible and ingrained in people’s minds. useful step in identifying vulnerabilities and
are shifting their operations in the country Making matters worse is that non-compete fraud entry points. Ultimately, though,
and non-solicitation agreements signed integrated security arrangements need to
from low-end to high quality product
between companies and their employees treat trade secrets as the important pieces of
manufacturing as well as from pure
production to R&D facilities. This has driven – common tools to protect trade secrets – IP that they are.
growth in the chemical industry in China are difficult to enforce in Asia. Therefore,
as well to annual levels of some 30%. implementing robust controls and a response
Tadashi Kageyama is a senior
plan is extremely important to limit any
As healthcare and chemical companies fight managing director specializing in
potential damage. business intelligence, investigations,
for market share and revenue, they
and risk consulting services for
sometimes resort to unethical means. Achieving a commercially reasonable level of corporate clients and government
According to this year’s Global Fraud Survey, security, though, is no easy task. The most agencies. Prior to joining Kroll, he
IP theft is the second most common fraud effective solution will include physical was a global purchasing agent for
in China, and is tied with information theft, security, information and computer security, Mitsubishi Heavy Industries Ltd and worked as a staff
writer for Nihon Keizai Shinbun (Nikkei).
loss, or attack as the most widespread in operational security, human resource
6ccjVa:Y^i^dc'%&%$&& q (*
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
HDJI=:6HI6H>6DK:GK>:L
Management controls (53%) Companies in the region are also more active
than most on anti-fraud measures. Every
Due diligence (53%)
strategy examined in the survey is more widely
Reputation monitoring (52%) deployed than average except for financial
Staff training (49%) controls (68%) and IT security measures (64%)
Investment Focus:
where the difference from the global figure is
Percentage of firms investing in Risk management systems (48%)
prevention of this type of fraud just 1% in each case. Forty seven percent of
IT security (47%) companies currently invest in IP protection
Staff screening (47%) compared to the survey average of 38%. Forty
Financial controls (46%)
six percent of companies in Southeast Asia plan
to invest further in IP protection in the next
IP and trademark monitoring program (46%)
12 months – the survey average is just 37%.
(+ q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/6h^V"EVX^ÒX
YVg`Zgh^YZ
investors. Kroll recently investigated and
uncovered just such a scheme in Indonesia
for a grateful financial investor.
6ccjVa:Y^i^dc'%&%$&& q (,
GZ\^dcVa6cVanh^h/:B:6
:JGDE:DK:GK>:L
Compared to other regions, European companies did
very well over the last year in the fight against fraud.
The continent saw the lowest percentage of
companies hit by at least one fraud (83%), a figure
which was below last year’s as well. Europe also had
a below average incidence of every fraud covered in
the survey, and the lowest of any region for four out of
10 – theft of physical assets (23%), information theft
(19%), regulatory or compliance theft (6%), and money
laundering (4%). Nearly half of European companies
(47%) even reported that they had lost no money to
fraud in the last year.
Responses were broadly consistent across Europe,
though interestingly the UK recorded above average
levels of both internal fraud and fraud committed by
senior management.
(- q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/:B:6
>ckZhi^\Vi^dchVcYi]ZjhZd[iZX]cdad\n
>YZci^ini]Z[iVcY^ciZgcZi[gVjYh]VkZWZZcaZVY^c\^iZbhdci]ZbZY^VXg^bZ technique can sometimes compromise its
V\ZcYVdkZgi]ZeVhi[ZlnZVgh!Wjii]ZjhZd[iZX]cdad\n^c^ckZhi^\Vi^dch integrity and therefore its future use as
evidence in court.
gZbV^ch![dgbdhieZdeaZ!XdcÒcZYidIKeda^XZh]dlh!l]ZgZheZX^Va^hihjhZ
Vl^YZVggVnd[]^\]anhde]^hi^XViZY^chigjbZcih^cXjii^c\ZY\ZaVWdgVidg^Zh Knowing the limitations of your software
idhdakZXdbeaZmXg^bZh#I]^h^hha^\]ianb^haZVY^c\/iZX]cdad\nXVcWZjhZg" or the technique you are using is part of the
expertise required for a successful
[g^ZcYanVcY^hkZgnl^YZanYZeadnZY^cVaaineZhd[^ckZhi^\Vi^dch#
investigation. Experienced investigators need
a range of techniques and technologies in
and searched a lot more simply and efficiently.
By Marianna Vintiadis the digital world but will also understand
A typical use of a web crawler could be in
that the appropriate one can sometimes be
investigations of corrupt tendering. Here too
Litigation support is dominated by legal much information is often put online and made very basic. Moreover, the traditional skills of
technologies. Such advanced electronic tools, publicly available in order to hide a piece of the investigator in structuring an
the development of which is driven mainly key information while technically complying investigation and analyzing data are still
by e-discovery needs and standards in the with formal advertisement requirements. of utmost importance. The tools may have
United States, allow specialists to search for, changed but the investigative art remains
capture and recover relevant data. However, Do the above examples mean we can all be fundamentally the same.
many applications, often freely available on e-detectives? It is not that simple: metadata
the internet or found in software designed for can be manipulated; registrants can be as
office or home use – such as word processing fake as the websites they register; and Marianna Vintiadis is Kroll country
do-it-yourself home indexing and searching manager for Italy and Greece. A trained
packages – can be very useful tools in economist with experience in policy
investigative work as long as their limitations techniques can lead to partial results or to making and analysis, she works on
are properly understood. the production of overwhelming amounts of business intelligence and complex
information that require specialist skills to investigations in these countries. Her
A prime example is the study of metadata – areas of expertise include market entry,
process. Even worse, accessing an electronic
shipping, piercing the corporate veil, and internet investigations.
data stored within files containing information document without using a forensically sound
about the files themselves. A text document,
for example, can have buried in it data about
its author, its original file location and creation :8DCDB>HI>CI:AA><:C8:JC>IG:EDGI86G9 EGD;:HH>DC6AH:GK>8:H
date. A typical area where such metadata can
Overall, the professional services sector is doing well at tackling fraud, compared to other industries , but
prove useful is the investigation of anonymous
this may be leading it to be complacent about its weaknesses. The industry has the lowest percentage of
letters: a few simple steps taken on your home companies affected by fraud in the survey (81%), and also the lowest incidence of theft of physical assets
computer with software you use daily can (18%), vendor or supplier fraud (9%), and internal financial fraud (4%). Success, however, is relative: fraudsters
sometimes reveal the identity of a poisoned pen. took advantage of eight out of every 10 professional services firms in the last year alone. Moreover, the industry
has the second-highest level of information theft (40%), and above-average incidences of corruption (13%) as
Identifying who has registered the domain of well as IP theft (11%). Nevertheless, it will see the least widespread investment in IT security (37% – or fewer
a fraudulent website can also be very useful. than those who experience IT fraud), risk systems (30%), and IP protection (25%).
Web addresses have to be registered and it is
quite easy to identify the registrant’s name Prevalence: Companies affected by fraud: 81%
by performing a simple check over the Areas of Frequent Loss: Percentage of firms reporting loss to this type of fraud: Information theft,
ÃÃÊÀÊ>ÌÌ>VÊ{䯮ÊUÊ/
ivÌÊvÊ«
ÞÃV>Ê>ÃÃiÌÃÊÀÊÃÌVÊ£n¯®ÊUÊ>>}iiÌÊVyVÌÊvÊÌiÀiÃÌʣȯ®
Internet, sometimes with surprising results.
Investment Focus: Percentage of firms investing in prevention of this type of fraud:
It is not unknown for fraudsters to register >>}iiÌÊVÌÀÃÊ{£¯®ÊUÊ,i«ÕÌ>ÌÊÌÀ}Ê{䯮
domains in their own names. Similarly, Increase in Exposure: Companies where exposure to fraud has increased: 70%
information linking a site to the identity Biggest Drivers of Increased Exposure: Most widespread factor leading to greater fraud exposure and
of its owner can be buried in the program «iÀViÌ>}iÊvÊwÀÃÊ>vviVÌi`\Ê/ÊV«iÝÌÞÊÓn¯®ÊUÊ}
ÊÃÌ>vvÊÌÕÀÛiÀÊÓn¯®
instructions of the web page, also known
0 % 10 20 30 40 50 60 70 80 90 100
as its source code. Most browsers allow
Corruption and bribery
users to examine source codes with two
Theft of physical assets or stock
simple mouse clicks.
Money laundering
A slightly more sophisticated approach can Financial mismanagement
be the use of a web crawler, or web spider, to Regulatory or compliance breach
analyze a website. This is a computer program Internal financial fraud or theft
that can index the information and links on Information theft, loss or attack
a particular site. Navigating through an Vendor, supplier or procurement fraud
ill-structured site or one deliberately designed IP theft, piracy or counterfeiting
all the information is crawled and then Moderately or Highly vulnerable Slightly vulnerable
6ccjVa:Y^i^dc'%&%$&& q (.
GZ\^dcVa6cVanh^h/:B:6
;G6J9>C
I=:<JA;/
;dgWZiiZg
dg[dgldghZ4
Underpinning all of this is the reality that been reported and publicly scrutinized, such
By Tom Everett-Heath
the Gulf remains in transition. Prior to the as the Deyaar and Damac scandals in Dubai
global economic crisis, it saw years of double and the Saad-Al-Gosaibi case; many others
The economic turmoil in the Gulf over the
digit economic growth, with domestic private have not.
last two years has made several things
and public sector entities leaving plenty of
clear: the region is now inextricably woven Whether the incidence of fraud is, in absolute
room at the trough for international business.
into the global economic and financial terms, rising in the Gulf, or greater
More recently, famine has followed feast in
systems; despite continued dependence on awareness and intolerance of it have created
some markets: Dubai is an obvious geographic
hydrocarbons, demographic changes have that impression, is open to debate. The Global
example; real estate a sectoral one; and equity
made necessary radical structural adjustment Fraud Survey indicates significant worry
capital markets a structural one. However,
of regional economies, a key part of which about its spread: 40% of Middle Eastern
elsewhere, despite bumps on the road, the
is massive infrastructure investment; the respondents said that fraud had grown
direction of travel remains unaltered.
quality of corporate governance has not worse at their companies in the last year –
grown as rapidly as the regional footprints The liquidity crunch did jolt the region’s the highest figure for any region. Kroll’s
of international corporations or the balance business culture. Several large-scale frauds experience suggests that the speed of
sheets of regional businesses; and the have been exposed involving sovereign economic growth during the boom,
regional response to white-collar crime has wealth funds, government-owned entities, particularly from 2005 through 2008, and
shifted from denial to action. and private sector businesses. Some have the concomitant stretching of oversight,
)% q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/:B:6
6ccjVa:Y^i^dc'%&%$&& q )&
GZ\^dcVa6cVanh^h/:B:6
6;G>86DK:GK>:L G^h`VcY
The proportion of African-based companies
that reported being affected by at least one
fraud (87%) is very slightly lower than the
survey average of 8% – and corruption was
one of the frauds that was slightly less
widespread in this year’s survey compared
gZlVgY/
;gVjYVcY
survey average (88%). That is about the only to the last one.
positive thing that can be said regarding the
fraud picture in Africa. For eight of the Companies in Africa do try to defend
eleven frauds covered in the survey – themselves. Every anti-fraud strategy in the
information theft or attack, theft of physical
assets, management conflict of interest,
financial mismanagement, internal financial
survey is more widely adopted in Africa than
on average except for IP protection, and IP
theft is one of the few areas where the
i]Z6[g^XVc
iZaZXdbh
fraud, vendor or procurement fraud, incidence of fraud on the continent is below
corruption, and market collusion – the average. In fact, five of these strategies are
continent had the highest incidence for any more commonly deployed in Africa than in any
other region, and for three others Africa comes
^cYjhign
region. For regulatory or compliance fraud, it
came a close second (20% to 21% in Latin in second. The problem is, simply, that they
America). Although a number of frauds were do not appear to be working. There is little
slightly less widespread this year than last, reason for hope going forward. The number of
this decline was more than offset by large companies looking to invest further in anti-fraud
increases in others, notably management strategies is in most cases only close to
By Paul Adams
conflict of interest and information theft, average and in some cases significantly below.
where the incidence roughly doubled.
The survey also points to one of the ways in
I]Z<adWVa;gVjYHjgkZngZhjaih
Fraud vulnerability data paints a similar which widespread fraud is frustrating
picture. African respondents are more likely economic investment: it has dissuaded 11% YZe^XiVhiVg`^bV\Zd[i]Zg^h`h
to consider themselves highly vulnerable of companies worldwide from operating in d[[gVjY^c6[g^XV#6YYaZ\^i^bViZ
and moderately vulnerable to every fraud Africa, tying with China for the highest figure
ldgg^ZhVWdjieda^i^XVa^chiVW^a^in
in the survey, often by a very wide margin. in this regard. China, however, can find other
For example, 22% say that they are highly investors easily at the moment. Africa needs VcYi]ZaZ\VaZc[dgXZVW^a^ind[
vulnerable to corruption, compared to a them rather more. XdcigVXihVcYa^XZchZh!VcY^h^i
hjgeg^h^c\i]VibVcnXdbeVc^Zh
2010 2009
VgZgZajXiVciidZciZgi]^h\gdl^c\
Prevalence:
Companies affected by fraud
87% 89% WjiY^[ÒXjaibVg`Zi4NZi
^ckZhibZciYZX^h^dchWVaVcXZ
Information theft,
loss or attack (41%) Theft of physical assets eZgXZ^kZYg^h`VcYgZlVgY/VlZV`
or stock (43%)
Theft of physical assets
Internal financial fraud
gZXdkZgn^cYZkZadeZYZXdcdb^Zh
or stock (41%)
Management conflict
or theft (26%) VcYgVe^YYZkZadebZcid[
of interest (39%) Financial mismanagement (26%)
^cYjhignVcYhZgk^XZh]Vh
Financial mismanagement (35%) Vendor, supplier or
Areas of Frequent Loss:
Percentage of firms reporting loss to Internal financial fraud
procurement fraud (22%) ^cXgZVhZYi]ZajgZd[6[g^XV#
this type of fraud or theft (30%) Corruption and bribery (22%)
One sector that presents particular opportunities
Vendor, supplier or Management conflict
procurement fraud (26%) of interest (20%) is telecommunications, as the rapid uptake
Regulatory or compliance Regulatory or compliance of cell phones and broadband makes the
fraud (20%) fraud (20%) African market one of the world’s fastest
Corruption and bribery (17%) Information theft, growing. The rate of cell phone adoption, for
loss or attack (20%)
Market collusion (15%) example, is twice that of Asia, and in Nigeria
subscriber numbers have soared in the last
IT security (50%) Physical asset security (57%) decade from a few thousand to 75 million
Investment Focus:
Percentage of firms investing in Staff training (44%) IT security (56%) with demand set to grow by 25% per year.
prevention of this type of fraud
Risk management systems (44%) Financial controls (52%)
Factors which portend further growth in the
Increase in Exposure: telecoms sector include:
Companies where exposure to fraud 70% 83%
has increased The laying of sub-sea cables which will
enable a steep rise in internet connections
Biggest Drivers of Increased Exposure:
Most widespread factor leading to and use;
IT complexity (39%) High staff turnover (37%)
greater fraud exposure and percentage
Demand from an emerging middle class
of firms affected
which craves internet access and a smart
phone as status symbols;
)' q @gdaa<adWVa;gVjYGZedgi
GZ\^dcVa6cVanh^h/:B:6
6ccjVa:Y^i^dc'%&%$&& q )(
GZ\^dcVa6cVanh^h/:B:6
AdlZggViZhd[[gVjY
`ZZehZXidgdcigVX`
The travel, leisure, and transportation
:8DCDB>HI>CI:AA><:C8:JC>IG:EDGI86G9 IG6K:A!A:>HJG:IG6CHEDGI6I>DC
sector is usually less affected by fraud than
Prevalence: Companies affected by fraud 85%
most others. This year is no exception –
Areas of Frequent Loss: Percentage of firms reporting loss to this type of fraud
incidence of every fraud but one was /
ivÌÊvÊ«
ÞÃV>Ê>ÃÃiÌÃÊÀÊÃÌVÊÓǯ®ÊUÊ6i`À]ÊÃÕ««iÀÊÀÊ«ÀVÕÀiiÌÊvÀ>Õ`ÊÓǯ®
below or near the overall survey average. vÀ>ÌÊÌ
ivÌ]ÊÃÃÊÀÊ>ÌÌ>VÊ£n¯®ÊUÊ>>}iiÌÊVyVÌÊvÊÌiÀiÃÌÊ£x¯®
Investment Focus: Percentage of firms investing in prevention of this type of fraud; IT security (53%)
Moreover, most frauds saw a decline from >>}iiÌÊVÌÀÃÊxί®ÊUÊ,ÃÊ>>}iiÌÊÃÞÃÌiÃÊxί®ÊUÊ,i«ÕÌ>ÌÊÌÀ}Êx£¯®Ê
last year and the one with the biggest -Ì>vvÊÌÀ>}Êx£¯®ÊUÊ*Ê>`ÊÌÀ>`i>ÀÊÌÀ}Ê«À}À>Ê{¯®ÊUÊ-Ì>vvÊÃVÀii}Ê{ȯ®
>V>ÊVÌÀÃÊ{ȯ®ÊUÊÕiÊ`}iViÊ{ȯ®ÊU*
ÞÃV>Ê>ÃÃiÌÊÃiVÕÀÌÞÊ{䯮
increase – information theft, which rose
Increase in Exposure: Companies where exposure to fraud has increased 58%
from 15% to 18% – was still well below the Biggest Drivers of Increased Exposure: Most widespread factor leading to greater fraud exposure and percentage
survey average (27%). It is unsurprising vÊwÀÃÊ>vviVÌi`ÆÊ}
ÊÃÌ>vvÊÌÕÀÛiÀÊÓ{¯®ÊUÊ/ÊV«iÝÌÞÊÓ{¯®
therefore, that the sector had the smallest
proportion of firms reporting an increase in 0 % 10 20 30 40 50 60 70 80 90 100
Corruption and bribery
exposure (58%).
Theft of physical assets or stock
One big fraud problem troubles this picture, Money laundering
)) q @gdaa<adWVa;gVjYGZedgi
HZXidgHjbbVgn
HjbbVgn
:medhjgZkhgZhedchZ
High
EXPOSURE
Natural Resources
Consumer Goods
Technology, Media and Healthcare, Pharmaceuticals
Telecoms and Biotechnology Retail, Wholesale and
Distribution
Financial Services
[gVjYegdÒaZh
Professional Services
Transportation
Low
RESPONSE
Low Moderate High
TMT companies are encountering large and growing threats from frauds of all types, as the sector faces greater exposure
Technology, Media
High Low to information theft or loss, IP theft, market collusion and money laundering. Surprisingly, investment in fraud prevention
& Telecoms
strategies is low compared to other sectors and is concentrated on IT security.
The exposure to fraud is broad and deep for financial services companies, which experience the greatest vulnerability to
information theft and regulatory breaches. Moreover, the sector faces significant internal threats from theft of physical
Financial Services High Moderate assets, internal financial fraud, management conflict of interest and financial mismanagement. Investment in anti-fraud
measures continues to be robust though narrower than some other sectors and focuses on IT security, risk management
systems and financial controls.
Natural Resources companies face new and significant hazards from industry trends such as increased collaboration with
other firms, regulatory breaches and risks associated with new market entry. At the same time, vulnerabilities in other
Natural Resources High Moderate
areas have decreased: theft of physical assets, corruption and internal financial fraud. Investment in fraud prevention
strategies by companies in this sector is average and focuses on financial controls, physical asset security and staff training.
Healthcare, Pharmaceutical and Biotechnology companies face growing threats from information theft and IP theft as
Healthcare, companies increasingly collaborate with other firms. Traditional areas of concern, including theft of physical assets and
Pharmaceuticals High Moderate management conflict of interest, also continue to pose significant threats to the sector. Companies in this sector invest in a
and Biotechnology wide range of anti-fraud measures - IT security, staff training, management and financial controls, due diligence and
pre-employment screening - but only at average levels.
Consumer Goods companies reported the highest incidence of fraud of the 10 sectors surveyed and suffer from the highest
incidence of physical theft and fraud due to financial mismanagement. The sector also experienced an increase in
Consumer Goods High High information theft, adding a new dimension to its challenges. High staff turnover resulting in fraud is a persistent issue for
the sector and has led to the highest adoption of anti-fraud measures: physical asset security, IT security, management
controls, reputation monitoring, financial controls and due diligence.
Predictably, companies in this sector struggle with high levels of physical theft and face a persistent set of issues around
internal financial fraud and vendor, supplier and procurement fraud. The sector also saw a rise in the incidence of
Retail, Wholesale information loss or theft, which indicates a continued trend towards regarding information as a valuable and vulnerable
High High
and Distribution asset. Companies in the sector reported the greatest increase in overall fraud exposure due to high staff turnover, pay
constraints and weak financial controls. Investment in fraud prevention strategies mirrored these concerns: IT security,
financial controls, physical asset security, IP and trademark monitoring and due diligence.
Manufacturing’s issues are primarily internal and staff-related as companies in this sector suffer most from theft of
physical assets and vendor, supplier or procurement fraud. While the sector is characterized by a lower incidence of fraud
Manufacturing Moderate Low
compared with others, IP theft poses a new and growing concern. Even so, adoption of fraud prevention strategies is low
in relative terms and focuses on IT security and financial controls.
Construction, Engineering and Infrastructure companies suffer from high levels of management conflict of interest and
Construction, corruption issues, despite the moderating effects of the prolonged economic downturn. High staff turnover contributes to
Engineering and Moderate High other fraud exposures, including theft of physical assets, information theft or loss and vendor, supplier or procurement
Infrastructure fraud. To combat these concerns, companies invest heavily in a broad range of fraud countermeasures such as pre-
employment screening, management and financial controls, IT security and due diligence.
Professional Services companies encounter a narrow set of issues, however fraud in the sector is on the increase as
Professional
Low Low companies confronted growing threats from information theft, corruption and IP theft. Despite this, investment in fraud
Services
management strategies is low compared to other sectors, with a focus on management controls and reputation monitoring.
This diverse sector faces fewer issues than most sectors. Areas of vulnerability include theft of physical assets,
Travel, Leisure and information theft and management conflict of interest. However, the most serious hazard - vendor, supplier or procurement
Low Moderate
Transportation fraud - affected the sector more than any other. Fraud prevention strategies center on IT security, management controls,
risk management systems, and IP / trademark protections.
6ccjVa:Y^i^dc'%&%$&& q )*
The information contained herein is based on currently available sources and analysis and should be understood to
be information of a general nature only. The information is not intended to be taken as advice with respect to any
individual situation and cannot be relied upon as such. Statements concerning financial, regulatory or legal matters
should be understood to be general observations based solely on our experience as risk consultants and may not be
relied upon as financial, regulatory or legal advice, which we are not authorized to provide. All such matters should
be reviewed with appropriately qualified advisors in these areas. This document is owned by Kroll and the
Economist Intelligence Unit Ltd, and its contents, or any portion thereof, may not be copied or reproduced in any
form without the permission of Kroll. Clients may distribute for their own internal purposes only. Kroll is a business
unit of the Altegrity family of companies.
)+ q @gdaa<adWVa;gVjYGZedgi
:jgdeZ!B^YYaZ:VhiVcY6[g^XV
8dciVXih
@ZngZ\^dcVaXdciVXihVi@gdaa
Americas Latin America Eurasia Asia
Robert Brenner Andrés Otero Tom Hartley Chris Leahy
New York Miami London Singapore & Hong Kong
1 212 593 1000 1 305 789 7100 44 207 029 5000 852 2884 7728
rbrenner@kroll.com aotero@kroll.com thartley@kroll.com cleahy@kroll.com
Ernesto Carrasco Europe, Middle East Tadashi Kageyama
North America Bogotá & Africa (EMEA) Hong Kong
57 1 317 5737 852 2884 7725
David Holley Tommy Helsby
ecarrasco@kroll.com tkageyama@kroll.com
Boston London
1 617 350 7878 Matías Nahón 44 207 029 5000 David Wildman
dholley@kroll.com Buenos Aires thelsby@kroll.com Hong Kong
54 11 4706 6000 dwildman@kroll.com
Jeff Cramer Richard Abbey
mnahon@kroll.com
Chicago London Violet Ho
1 312 345 2750 Glen Harloff 44 207 029 5000 Beijing & Shanghai
jcramer@kroll.com Grenada rabbey@kroll.com 86 10 5964 7600
1 473 439 799 vho@kroll.com
Jack Weiss Melvin Glapion
gharloff@kroll.com
Los Angeles London Richard Dailly
1 213 443 6090 Sergio Díaz 44 207 029 5313 Mumbai
jweiss@kroll.com Mexico City mglapion@kroll.com 91 22 4244 0500
52 55 5279 7250 rdailly@kroll.com
Bill Nugent Brendan Hawthorne
sdiaz@kroll.com
Philadelphia London Tsuyoki Sato
1 215 568 2440 Vander Giordano 44 207 029 5482 Tokyo
bnugent@kroll.com São Paulo bhawthorne@kroll.com 81 3 3218 4558
55 11 3897 0900 tsato@kroll.com
Betsy Blumenthal Mike Millward
vgiordano@kroll.com
San Francisco London Kroll Ontrack
1 415 743 4800 mmillward@kroll.com Scott Warren
bblument@kroll.com Tokyo
Bechir Mana 81 3 3218 4594
Jim McWeeney Paris swarren@krollontrack.com
Reston 33 1 42 67 81 46
1 703 860 0190 bmana@kroll.com
jmcweeney@kroll.com
Tom Everett-Heath
Lee Spirer Dubai
New York 971 4 4496700
1 212 896 2008 teverettheath@kroll.com
lspirer@kroll.com
Marianna Vintiadis
Dee McCown Milan
Houston 39 02 8699 8088
1 832 631 6086 mvintiadis@kroll.com
dmccown@kroll.com
Alfonso Barandiarán
Kroll Ontrack Madrid
Jason Straight 34 91 310 67 20
New York abarandiaran@kroll.com
1 212 833 3208
jstraight@krollontrack.com Kroll Ontrack
Tim Phillips
Identity Theft London
Brian Lapidus 44 207 549 9600
Nashville tphillips@krollontrack.co.uk
1 615 320 9800
blapidus@kroll.com
6ccjVa:Y^i^dc'%&%$&& q ),
lll#`gdaa#Xdb
© 2010
An Altegrity Company