The study highlights the rising problem of theft of information or assets, reported by 27.3 percent of companies over the past 12 months, up from 18 percent in 2009. Information-based industries reported the highest incidence of theft of information and electronic data. These include financial services (42 percent in 2010 versus 24 percent in 2009), professional services (40 percent in 2010 versus 27 percent in 2009) and technology, media and telecoms (37 percent in 2010 versus 29 percent in 2009).
Fraud is usually an ‘inside job.’ For those companies who have been affected by fraud over the past year, junior employees and senior management were the most likely perpetrators. The proportion of fraud carried out by these employees ranged from up to 60 percent in North America, Europe and Asia-Pacific to 71 percent in the Middle East and Africa. The number dropped to 42 percent in Latin America where customers are the primary fraudsters.
“What we have been noticing in the Middle East recently, and it’s very much a factor of the economic downturn, is that companies and individuals no longer have that free flow of money that was available before and as a result of that, they are counting their pennies much more so,” said Stephen Millington, associate managing director of financial investigations at the regional Kroll office. “I’m not sure one would say that fraud has increased recently or that simply that they notice it more and they are more willing in this region now to take action. Whilst previously many companies and individuals have wanted to quietly resolve issues such as bad management or an individual stealing from the company, they are much more willing now to take more public action.”
The Global Fraud Survey found that 40 percent of Middle Eastern respondents said that fraud had grown worse at their companies in the last year — the highest figure for any region. Kroll’s experience suggests that the speed of economic growth during the boom, particularly from 2005 through 2008, and the concomitant stretching of oversight, compliance and the capacity to manage counterparty risk, led to increased levels of fraud. Only recently, however, has evidence of these crimes begun to emerge in the public domain.
Millington advised that corporate IT systems are analyzed in every one of Kroll’s investigations — not only to determine which assets have been stolen, but also to see what information is available to investigators. Unfortunately Kroll’s analyses too often highlight the poor policies in the region or the lack of policies in the region, relating to the use of information technology and secure data retention.
“We did a big case in the Gulf recently where fraudsters stole from the company their invoice format — the headers of their internal documentation — to allow them to make fake ones and enable them to remove $75 million from the company,” said Benedict Hamilton, associate managing director, Kroll. He remarked that inadequate IT policies in regards to corporate data and access to systems can open the door to fraud. Such issues include the removal of computers from corporate sites, access to USB ports, poor security on network peripherals such as printers and even the ways in which mobile phones are used.
“As people’s mobile handsets get more and more sophisticated and are able to hold more and more data and people do more and more work on them, the possibilities of large amounts of data being taken out are easier,” Hamilton commented. “It has become that if you are committing fraud or you are agitating against the company, there’s a need to use digital material to commit these types of wrong doing. This means that interrogating electronic data is integral to every single investigation we do. The only question from our point of view is how wide we look.”
Investigations into suspected incidents of fraud in the Middle East are increasing so rapidly that Kroll has flown out more staff to the Middle East to support the regional team. While fraud can never be excused, in truth, too many companies in the region have been slow to face the new reality of the global business environment. This includes the rise of organized criminal groups attacking companies in the Middle East.
“I’m often amazed at how careless companies are with their electronic intellectual property,” Hamilton said. “We looked at a hedge fund in the Gulf not too long ago that had absolutely no controls on people removing its electronic trading system. Luckily, they weren’t clever enough in the way they removed it not to be caught. There is a fair amount of carelessness, but also the Middle East is particularly reliant on electronic communication. There are only so many precautions that can be taken and even in the best run companies there are always opportunities for fraud and theft.”
What’s important is for companies to take sensible measures — meaning to make the hurdles higher for those with malicious intent. When fraud does take place and companies do choose to bring in Kroll to investigate, the benefits can be substantial.
“In a case just concluding in Bahrain that we worked on, there was a major investigation into fraud in a smelting company,” Hamilton said. “Our recovery is somewhere around the $75 million dollar mark based on fees of between one and a half to two million dollars. That in itself is an incentive for companies to take action.”
