• Save

Loading…

Flash Player 9 (or above) is needed to view presentations.
We have detected that you do not have it on your computer. To install it, go here.

Like this document? Why not share!

Pwc 2007gecs

on

  • 920 views

 

Statistics

Views

Total Views
920
Views on SlideShare
918
Embed Views
2

Actions

Likes
0
Downloads
0
Comments
0

1 Embed 2

http://www.antifraud.com.ua 2

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Pwc 2007gecs Pwc 2007gecs Document Transcript

    • Investigations and Forensic Services Economic crime: people, culture and controls The 4th biennial Global Economic Crime Survey
    • Introduction We are pleased to present responsible for investment decisions in in controls, the actual level of economic PricewaterhouseCoopers’ 2007 Global the so-called emerging seven countries crime and the associated financial and Economic Crime Survey, the largest study (E7). This survey also contains detailed non-financial damages have not decreased of its kind now available worldwide. Based experience reports from over 500 – one out of every two companies fell victim on months of interviews conducted with companies on doing business in China. to economic crime in the last two years. over 5,400 companies in 40 countries, our While companies continue to develop 4. Eight-year trends. The 2007 Survey survey offers an in-depth look at the root systems and controls both to detect and to is the fourth multinational survey causes of economic crime and the ways in deter economic crime, fraud controls alone conducted by PwC on the topic of which it affects businesses worldwide. are not enough. An ethical corporate culture economic crime. Our data now plays an equally important role in deterring stretches over an eight-year period. The study applies a combination of the fraud. These findings are presented in the Despite the introduction of a number following four research strategies: context of both developed and emerging of new topics, the survey remains markets – where opportunities for growth 1. Company survey. This survey delivers based on a relatively unchanged core present some of the greatest challenges findings in which executives from group of set questions. This enables in detecting and deterring fraud. thousands of companies around the us to plot long-term developments world report their experiences in their and experiences in the fight against As our survey clearly shows, it is simply own fight against economic crime. economic crime and to discern impossible to get rid of economic crime – In this sense, it is currently the largest key trends. the crime of fraud remains intractable international company survey of because of the many kinds of fraud and economic crime worldwide. We have divided our survey into three the correspondingly broad range of sections. The first section (‘The statistics’) 2. Case study. Unlike other surveys, it fraudsters who commit them. There will focuses on statistical trends and findings includes case studies in which victimised never be a simple solution, but we can related to types of fraud, fraud’s victims, companies provide detailed information endeavour to develop our understanding perceptions, perpetrators and costs. on real-life crime incidents. With this and share our knowledge of ‘what works The second section (‘The issues’) provides approach, we can deliver more precise and what doesn’t’ in combatting fraud. insights into the complex interrelationship offender profiles, analyses of collateral In continuing this process, we appreciate between internal controls and corporate damage and information on the concrete the ongoing cooperation of the global culture. The survey’s third section (‘The causes of crime as well as the range of business community, which – as in the emerging markets’) focuses on the sources, company remedial actions and criminal case of this report – was willing to talk perceptions and experience of experts who prosecutions. about this sensitive topic. For that, we are confronting the risk of fraud in some of are sincerely grateful. 3. Emerging market focus. Our survey the fastest growing economies in the world. gives in-depth insights into the problems facing companies that do business in Our survey reveals that fraud remains one emerging markets. We gathered valuable of the most problematic issues for information from more than 1,200 business worldwide. Despite the attention interviews with company managers of regulators and companies’ investment
    • PricewaterhouseCoopers 1 Contents Section 1: The statistics 3 Section 2: The issues 17 Section 3: The emerging markets 27 Methodologies and acknowledgements 39
    • Section 1: The statistics Statistical trends and findings on types of fraud, victims, perceptions, perpetrators and costs
    • 4 The 4th biennial global economic crime survey Section 1: The statistics Fraud – a most problematic a greater likelihood of detection and that We are, of course, conscious that in those in breach of a company’s ethical, collecting this information we are reliant business risk regulatory and legal guidelines will be upon our respondents’ opinions and consistently subject to sanctions that fit willingness to disclose information. Our 2007 survey reveals that fraud remains the offence.4 As a result, these figures must stand as one of the most problematic issues for a minimum percentage of companies businesses worldwide, with no abatement There may be other explanations for that have suffered significant fraud in no matter what a company’s country of these consistently high figures. Certainly, the previous two years: the actual figure operation, industry sector or size. Of the over recent years there has been an may be much higher. 5,428 companies in 40 countries that took increase in corporate transparency and part in our research project1, over 43% a greater willingness by companies to reported suffering one or more significant 2 admit that frauds have been uncovered, The changing awareness economic crimes during the previous two but we also experience a feeling among years – an essentially static level compared some executives that the ‘self-report of fraud with 2005 and an increase of six percentage and remediate’ programme encouraged points over 20033 (see figure 1.1). In each of our surveys, we have offered a by many regulators may subject them comparison of the views held by executives to a high and unfair cost burden relative Considering the significant investment regarding which types of fraud they think to companies that take an alternative many companies have made in fraud are prevalent and those which they have approach to dealing with fraud. controls over the previous two years, why actually suffered. With four surveys of data is it that levels of economic crime seem now in hand, we are able to compare how And the threat remains problematic, no only to have stabilised in that time rather opinions have changed over the last eight matter the size of the company. While larger than shown a dramatic decrease? years (see figure 1.3). firms will inevitably suffer a greater number of frauds, the proportional difference may This may, in part, be due to a ‘fraud Our respondents perceive that of all the be due to a number of factors, including controls paradox’: the notion that fraud risks we assessed, asset greater levels of anonymity and devolved when controls are implemented in an misappropriation is the only one to have responsibilities among staff, as well as organisation, the number of frauds become consistently less of a threat, while more complex and interconnecting detected increases almost immediately. the threat from accounting fraud, money processes and systems leaving potential However, their deterrent effect takes laundering, intellectual property (‘IP’) ‘control gaps’ for fraudsters to exploit time to become visible. Potential infringement and corruption and bribery (at (see figure 1.2). fraudsters need to see that there is least since the last survey) has increased. 1.1 Companies reporting fraud (2003-2007) 1.2 Companies reporting fraud, according to their number of employees 43 More than 5000 employees 62 Global 45 62 37 38 1001-5000 employees 52 W. Europe 42 54 34 43 50 201-1000 employees 45 CE. Europe 47 37 Fewer than 200 employees 32 52 36 N. America 52 41 0 20 40 60 80 100 39 % companies SC. America 41 38 2007 39 2005 Asia & Pacific 39 39 52 Africa 77 51 0 20 40 60 80 100 % companies 2007 2005 2003 1 The 2007 Crime Survey is the fourth multinational survey conducted by PricewaterhouseCoopers and our data stretches over eight years. 2 The term ‘significant’ was left to the discretion of the individual respondent with the proviso that it should relate to economic crimes that had a definite impact on the business, whether direct tangible damage or collateral and psychological damage. 3 Copies of our previous global economic crime surveys can be found at www.pwc.com/crimesurvey 4 For further details, see Section 2, page 22.
    • PricewaterhouseCoopers 5 The ebbs and flows of this ‘perception causes to brand, share price and business index’ are often driven by many factors, Corruption – perceptions truer relations, not to mention the costs involved from an increase in global business activity than reality? in appropriate regulatory investigations and to an increase in the awareness of fraud in In the case of corruption and bribery, remediation. general and of certain frauds specifically. further analysis reveals that respondents’ And, of course, there is the noise created perceptions of the risks of this particular In addition, the volume of business by media interest in a particular crime economic crime in their home countries transacted in the emerging markets along (especially when a company has fallen were very similar to the worldwide with an acute awareness of the lack of IP foul of it), or by regulatory or legislative findings reported in Transparency protection may be a reason for the doubling guidelines promulgated by national International’s Corruption Perception of the perception of IP infringement as a governments or trans-national bodies Index of 2006 (CPI). This may be fraud risk, since there are now many well- like the Organisation for Economic because many managers, while being documented cases of companies finding Cooperation and Development (‘OECD’). reluctant to report on corruption in their counterfeits of their own goods, and With both governments and trans-national own company, are quite able to provide significant examples of grey market trading. organisations focused on combatting a realistic estimate of their national risks. Furthermore, their opinions of corruption corruption and money laundering over So how do our respondents’ perceptions are influenced by definitions that employ the past few years – as well as there being compare with the actual incidents of fraud neutral terms and many still regard this some high profile newspaper coverage that companies have experienced over the particular economic crime as one that of infractions by multinational companies – last two years (see figure 1.5)? is peculiar to public sector organisations it is not surprising that the awareness of and government. It is possible – even these types of fraud has grown.5 probable – that companies’ perceptions Since the deployment of many controls that generally appear to be more valid than were reported in our 2003 study, actual But why do accounting fraud and corruption the low actual incidence rates for incidents of asset misappropriation and and bribery have such consistently and corruption and bribery reported.6 accounting fraud have remained broadly comparatively high perceived threat levels? static between 2005 and 2007. There has In our opinion, the perception levels are been marginal growth in the number of greater than the actual levels of fraud when listed companies the impact of the theft of cases of corruption and bribery being the potential impact of the risk is known to 100 crates of inventory is considerably less reported although, significantly, there has be large. And the inverse is true when the than the impact from deliberately misstated been an increase in the number of money potential impact is small. For example, for financial accounts and the damage this laundering and IP infringement cases. 1.3 Respondents’ perceptions of the prevalence of fraud 1.4 Companies reporting suffering actual incidents of fraud in their industry, in their country (2003-2007) (2003-2007) 21 30 Asset misappropriation 22 Asset misappropriation 29 26 26 21 12 Accounting fraud 19 Accounting fraud 11 19 4 22 13 Corruption & bribery 19 Corruption & bribery 11 29 6 12 4 Money laundering 7 Money laundering 3 6 1 16 15 IP infringement 9 IP infringement 12 8 11 0 10 20 30 40 50 0 10 20 30 40 50 % companies % companies 2007 2007 2005 2005 2003 2003 5 For overview, see, Johann Graf v. Lambsdorff, The Institutional Economics of Corruption and Reform, 2007. 6 According to the CPI, for instance many Asian countries reveal even higher rates than are shown by our results. Kai D. Bussmann, Markus Werle, ‘Addressing Crime in Companies’, British Journal of Criminology, October 2006, p.1128ff.
    • 6 The 4th biennial global economic crime survey Section 1: The statistics While money laundering is largely restricted updated controls often do not explore other to the financial markets, the high number of areas of potential fraud risk, such as asset Assessing your perceptions of fraud cases has particularly affected organisations misappropriation or corruption and bribery, with the threats you face in North America (8% of companies). for which specific fraud risk management Deceit is the hallmark of economic crime – This may not be surprising because of its controls and activities are needed. Even it remains hidden within the practices and importance in the world capital markets. for organisations that have established processes of a business. So it is natural Cases of IP infringement have been controls in these areas, one must consider to decide upon and invest in controls to prominent in Central and Eastern Europe the inherent delayed deterrent effect of deal with the fraud risks that you perceive (20% of companies). This increase in such controls. Both the previously to be a threat to your business. But the reporting may in part be due to membership mentioned ‘fraud controls paradox’ and, question remains whether that investment of the European Union and its influence most importantly, the fact that fraudsters is properly focused in order to render it on corporate transparency. However, in will always try to find ways to circumvent effective? After all, as you can see in North America (19%), this may be due to even the most rigorous of controls impact figure 1.5, perceptions of risk can differ from the actual levels of threat. companies’ IP being stolen by fraudsters the perceived current effectiveness of overseas. Reports of corruption are more controls. Hence it is our proposition that Before establishing further controls, seek widespread in Central and Eastern Europe the value of controls lies in ensuring that: professional advice to confirm whether (18%), South and Central America (11%), your perceived threats weigh-up against 1. Controls are continually upgraded and the actual risks you face and use that Africa (28%) and Asia and Pacific (14%). adapted to thwart the fraudster; information to make decisions on the The continued high level of reported frauds 2. Controls reflect the culture of the firm controls that you need and the costs of and the continuing high perception levels of and its ethical guidelines (which implementing them. the risks might lead to the conclusion that incorporate the explicit norms of But remember, while controls and the controls designed to detect and prevent criminal law); and, procedures can help limit or prevent losses fraud have not proven to be uniformly from asset misappropriation or other 3. Any cases of fraud that are detected effective. However, to date, many of the economic crimes, it is the implementation trigger an immediate, appropriate controls that companies have implemented of an effective culture of compliance within and consistent punitive response, are focused on procedures to deliver your organisation that will help prevent a no matter what the position of the accurate financial reporting. The new and catastrophic monetary loss or a business perpetrator inside or outside the firm. failure from economic crime. 1.5 Perceived prevalence vs companies reporting actual incidents of fraud controls designed to Asset misappropriation 21 30 detect and prevent fraud Accounting fraud 12 21 have not proven to be Corruption & bribery 13 22 uniformly effective Money laundering 12 4 IP infringement 16 15 0 10 20 30 40 50 % companies Perceived prevalence Actual incidents
    • PricewaterhouseCoopers 7 Fraud’s impact on industry However, while 24% of retail and The insurance sector also reported the consumer companies believed that asset greatest direct losses from fraud: on Yet again, our research shows that no misappropriation was most prevalent in average, it reported a loss over two years industry is immune from the threat posed their sector, it was in fact the insurance of US$ 4,476,717, and spent, again on by economic crime. Indeed, for three sector where the most companies reported average, an additional US$ 1,018,114 sectors, more than half the participating suffering this fraud (46% of companies). And on managing the issues resulting from it. companies reported suffering fraud during while 25% of engineering and construction In fact, seven sectors reported higher than the previous two years. The idiosyncrasies companies perceived corruption and bribery average losses over the course of two of each of these sectors will be explored to be most prevalent in their sector, it was years, some of them considerably higher. in more detail in our industry-specific again the insurance sector that reported the The impact of these costs will be explored supplements. However, it is of value to most companies falling victim to it (19% of in the next section. draw attention to some of the highlighted companies) (see figure 1.7). statistics here, particularly in relation to sectors’ perceptions as to the prevalence Average direct loss Average Total average cost of fraud (see figure 1.7). (US$) management cost to business (US$) (US$) For many, it may be no surprise that Global 2,420,700 550,356 2,971,056 the financial services have not only the highest perception of the prevalence of Insurance 4,476,717 1,018,114 5,494,831 money laundering in their sector (16% Industrial of companies) but that they also suffered Manufacturing 4,337,975 758,851 5,096,826 the most from it, with 17% of companies Technology 3,462,819 554,895 4,017,714 reporting this particular economic crime. Similarly, the technology sector indicated Entertainment & the highest perceived prevalence of IP Media 3,118,516 300,862 3,419,378 infringement (20% of companies), and Engineering & 19% of the technology companies also Construction 2,919,975 360,313 3,280,288 reported being victims from it. Retail & Consumer 2,605,749 481,224 3,086,973 Pharmaceuticals 2,479,047 357,251 2,836,298 1.6 Companies reporting fraud by industry sector 1.7 Sectors that perceive frauds as most prevalent compared with those with the most companies reporting it Insurance 57 Asset misappropriation Insurance 46 Retail & Consumer 24 Retail & Consumer 57 Accounting fraud Public Sector 18 Government & Public Sector 54 Transportation & Logistics 24 Financial Services 46 Corruption & bribery Insurance 19 Engineering & Construction 25 Automotive 44 Money laundering Financial Services 17 Industrial Manufacturing 42 Financial Services 16 Entertainment & Media 42 IP infringement Technology 19 Technology 20 Communication 40 0 10 20 30 40 50 Engineering & Construction 40 % companies Transportation & Logistics 37 Companies reporting fraud Energy, Utilities & Mining 35 Preceived prevalence Technology 35 Chemicals 35 Healthcare 33 Aerospace & Defence 33 Pharmaceuticals 27 Other Industries 47 0 20 40 60 80 100 % companies
    • 8 The 4th biennial global economic crime survey Section 1: The statistics The cost of fraud Total loss reported by respondents dealing with renewed regulatory oversight and demands, which our respondents who over two years: The immediate response of most executives have suffered frauds have estimated at an in excess of US$ 4.2 billion to an instance of fraud is, ‘How much has this average of US $550,356 over the course cost us?’ Typically, this concern is directed Estimated total losses including the of two years (see figure 1.9). towards the actual monies stolen, and our undetected losses of companies with a weaker control environment: If the loss of nearly US$ 3.2 million still study shows that these are substantial. US$ 5.7 billion seems insignificant, consider the collateral damage from fraud, for it is here that one Average loss from It is also worth recalling that for certain sees the potentially crippling impact of fraud over two years per crimes, for example in cases of money economic crime. company in 2007: US$ 2,420,700 laundering, there is no immediate financial Average loss from cost to the firm since it was merely a channel These are the costs that derive from fraud over two years per for attempts to legitimise the proceeds of ‘collateral damage’ to the company’s brand company in 2005: US$ 1,732,253 crime. Similarly, accounting fraud may see and customer trust; to the share price the manipulation of company figures to and shareholder trust; to the company’s In some cases, this is an estimated disguise underperformance, but in itself may relationships with its suppliers; and to staff cost and, in our experience, most likely not involve any direct losses. Corruption and morale, which can precipitate a loss in an undervaluation. In particular, if one bribery may see the payment of cash or gifts productivity. considers the amount of undetected losses to secure a contract or favour, but these of companies with a weaker control are, in themselves, not often ‘losses’ to The relative importance of fraud’s environment, our study reveals a significant the company. And the consequences of collateral damage can be seen in the fact increase in the average of the total financial IP infringement can only be truly assessed that over 80% of our respondents who losses to US$ 3,242,095 (on average in terms of sales opportunities lost through suffered fraud also stated that this had worldwide per company).7 counterfeit or grey market trading (see caused damage – or significant damage – figure 1.8). to their business (see facing page: ‘What One must also bear in mind that there are fraud costs’). While the immediate loss many cases where the respondents to our Yet, there are also ‘management costs’ from fraud may have been of little direct research were simply unable to put a figure involved in dealing with the fall-out from a consequence, its reputational damage and on their losses except to say ‘they were significant fraud, from the reallocation of its ability to distract management from significant’. management time to the possible costs of ‘business as usual’ were regarded as litigation in retroactive action, and from the critical by our respondents. need to manage a possible PR campaign to 1.8 Victimisation rate combined with average loss 1.9 Fraud’s impact on management time and costs by type of fraud 8 Distracted management time 44 53 Other Asset misappropriation US$ 1,127,200 Dealing with litigation issues 58 31 US$ 1,280,325 26% Managing public/investor relations 68 13 30% Dealing with regulatory requirements 61 23 0 20 40 60 80 100 % companies Some impact Significant impact 15% IP infringement 12% US$ 1,900,993 Accounting fraud 4% US$ 1,477,775 13% Money laundering US$ 253,746 Corruption & bribery US$ 882,303 7 One of the most common questions we hear is, ‘How did you arrive at this figure?’ especially when it seems so hard to put a value on losses from fraud. Our survey explores two types of organisation: those that have up to and including five fraud risk management measures (Group A) and those that have more than five (Group B) and in a later section (see page 19) we compare the two groups’ success at detecting and preventing fraud. In this instance, we used the loss figure provided by Group B companies as a reference group for estimating the undetected financial losses for the Group A companies as Group B’s more advanced detection methods provide a more accurate figure for losses sustained by a company. When we compare these ‘real’ results with the figures estimated by companies, the average company’s loss from fraud over two years increases from US$ 2.4 million to US$ 3.2 million – up from the figure of US$ 1.7 million recorded in 2005. 8 The costs of accounting fraud are so low because none of the respondents reported a case of false financial reporting on a public stock market: these costs relate to other losses from acts of financial misrepresentation. In addition, some companies reported ‘other’ crime types outside the particular frauds we were researching, including cyber crime, fencing or the handling and selling of stolen goods/products, tunnelling or the illegal sale of former state-owned goods, etc.
    • PricewaterhouseCoopers 9 It is also apparent that the level of collateral damage is directly proportional to the Fraud costs: perception versus reality seniority of the perpetrator: the higher the Accounting fraud and corruption and bribery are two types of fraud, which, while being management position, the greater the trust on average financially significant, are even more onerous when prosecuted in certain that is bestowed, and any breach of that jurisdictions such as the United States. As a point of reference, PwC’s 2006 Securities trust can have a dramatic impact, not Litigation Study9 looked at the settlements in cases involving false financial reporting by only on relations with company staff, but registered companies. As shown below, the average settlement cost of US$ 66,400,000 also with clients and other stakeholders. is significantly higher than the average accounting fraud cost of US$ 1,477,775 as Our research showed that there can be reported by participants in this global survey. significant collateral damage when a member of the management team is 2004-2006: accounting cases involved. For example, on 29% of the Year settled 2004 2005 2006 Average Number of settled cases 78 84 77 Total settlement value (excluding What fraud costs Cendant, Enron and Worldcom) US$ 2,682,400 US$ 7,406,100 US$ 5,708,000 Average settlement cost US$ 34,800 US$ 90,300 US$ 74,100 US$ 66,400 Direct losses (on average) US$ 3,242,095 Settlements in thousands + Management costs Similarly, with corruption and bribery, when prosecuted according to the laws of the United (on average) US$ 550,356 States, the fines and penalties can be significantly greater than the average cost reflected in + this study. PwC reviewed FCPA settled cases over a three-year period and found the average Damage to the brand 88% cases settlement cost to be US $13,500,000. Again, this is significantly higher than the average + actual corruption and bribery cost of US$ 882,303 as reported by participants in this survey. Damage to staff morale 88% cases + 2004-2006: FCPA cases Damage to external Year settled 2005 2006 2007 Average business relations 84% cases + Number of settled cases 5 5 5 Total settlement value US$ 37,200 US$ 86,700 US$ 78,100 Costs of dealing with the regulator 84% cases Average settlement cost US$ 7,440 US$ 17,340 US$ 15,620 US$ 13,467 + Settlements in thousands Damage to relations with the regulator 80% cases The dramatically larger and often well-publicised losses in certain jurisdictions most likely + account for the fact that survey respondents perceive these types of economic crimes to Damage to share value 9% cases be more frequent than the actual number of reported incidents. over 80% of our respondents who suffered fraud also stated that this had caused damage – or significant damage – to their business 9 PwC’s 2006 Securities Litigation Study, www.10b5.com
    • 10 The 4th biennial global economic crime survey Section 1: The statistics occasions where senior managers were Means of detecting fraud management team can create within its involved in fraud, the collateral damage to company. We observe, for example, the the brand was very significant, whereas the We compared businesses’ current consistently high response rates from same was true for only 7% of cases with effectiveness in detecting fraud with their companies showing that the initial means middle managers and 5% for other grades collective performance in our previous study. of detection is via a whistle-blowing hotline (see figure 1.10). And the result is continuing evidence of (8% cases) or tip-off (from an internal source the intractability of fraud – and its apparent in 21% cases and an external source in The relative importance of fraud’s collateral immunity to management’s attempts to 14%). It is our view that this results from damage can be seen in the increasing control it: in 2007, 41% of frauds were employees being both encouraged, and number of companies that have reported detected by chance, an increase of seven facilitated, to do the right thing – which is it since 2005: those reporting collateral percentage points in the past two years. a function of culture as opposed to control damage from asset misappropriation have (see figure 1.11). increased by 66%, IP infringement by 26%, There is a variety of possibilities to corruption and bribery by 16% and explain this disappointing reading. It may Effectively implemented whistle-blowing accounting fraud by 9%. be that there has been insufficient time systems – and a corporate culture that for companies to embed updated controls supports them – have had a noticeable Most surprising of all is the collateral into their operations and, as a result, the impact, detecting fraud in 8% of cases, damage that accrues from money controls require yet more time for their almost three times the effect they had in laundering, which our research shows to deterrent effect to penetrate the psyche 2005. Moreover, if a whistle-blowing have more than doubled since 2005. This of the potential fraudster. It may also be, system was rated as ‘effective’ by the may be a little unfair, since the companies however, that companies are investing so company surveyed, it almost doubled that have been used to channel criminal much in controls to guard against financial the rate of detection (to 14%). proceedings are often the victims of fraud, reporting risks and frauds that their eyes not the perpetrators. Yet, with the increased can be taken off other important areas of In certain regions, such as North America, attention on money laundering in the fight fraud risk management and compliance, a whistle-blowing system is now a statutory against organised crime and terrorism, these such as sales practices, which may fall requirement of a listed company and has ‘victims’ are often considered facilitators foul of anti-corruption laws. become a fixture of the company culture. to the fraud since their lack of controls Indeed, our study shows that management, and processes provided the opportunity Our experience from repeated research by propagating the right ethical tone within for the money laundering in the first place. programmes shows that controls alone are its business and trading practices, can not enough to take full advantage of the make a substantial impact on levels of detection mechanisms that a pro-active fraud detection, in some cases reducing 1.10 Companies reporting significant collateral damage 1.11 Detection methods10 associated with perpetrator’s position 29 19 Damage to company brand 7 Internal audit 26 5 Fraud risk mangement 4 10 3 Drop in share price 3 Corporate 2 Suspicious transaction reporting 4 0 controls 33 Decline in working morale 19 Corporate security 4 10 4 25 Rotation of personnel 3 Impaired business relations 8 3 3 8 Whistle-blowing system 3 Corporate 12 Impaired regulator relations 4 culture Tip-off (internal) 21 2 17 0 10 20 30 40 50 Tip-off (external) 14 11 % companies 3 Senior management By law enforcement 0 Middle management Beyond the By accident 6 Other grades 10 influence of management 15 Other 23 0 10 20 30 40 50 % companies 2007 2005 10 New controls which were unreported in previous surveys, such as automated electronic suspicious transaction reporting systems, may account for the drop-off in the number of frauds being detected by internal audit as they are likely to detect an economic crime prior to internal audit’s retrospective review.
    • PricewaterhouseCoopers 11 the chance of the detection of fraud ‘by between a higher number of fraud risk controls not only detected more fraud, accident’ to as low as 20% of cases. management activities and a higher but that they were also able to more chance of detecting fraud, by comparing accurately assess the associated losses. The value of strong fraud risk management two groups: one with up to five fraud risk activities at both the cultural and control management controls (on average three), Our research also revealed that companies level remains unquestionable. Our 2007 the other with more than five controls. in Group B had more frequently taken research once again shows the correlation It is clear to see that those with more professional advice from law enforcement officers, lawyers or forensic accountants, to ensure that their fraud risk management The circle of deceptive security – company performance on fraud prevention and detection tools were not only more effective and Group A Group B efficient, but also closed gaps between Companies with up to and Companies with more than systems. A lack of such advice and of including five controls five controls fraud awareness may lead companies like those in Group A into a cycle of deceptive Percentage of companies security, neither knowing the risks that they taking professional anti-fraud face, nor being aware of their vulnerability advice 12% 49% to new types of fraud. With fewer controls, Percentage of companies they detect fewer instances of fraud and, that reported detecting fraud 38% 47% as a result, have less insight into the Average number of frauds effectiveness of their existing fraud risk detected 6 10 management measures (see figure 1.12). Average loss detected for all frauds per company US$ 901,285 US$ 3,419,151 Average financial costs From fraud detection companies spent on to fraud prevention managing frauds US$ 305,227 US$ 701,832 Insurance taken to cover While carefully implemented and regularly losses and costs from fraud 28% 47% updated controls can themselves be effective in detecting and, over a period of Percentage of companies time, deterring fraudsters, our research also with significant collateral shows that it is the culture of a company – damage and associated one that supports a holistic compliance managing costs 26% 23% programme working in conjunction with a 1.12 Fraud risk management controls implemented by companies in Group A (up to five controls, and on the value of strong fraud risk average three) and Group B (more than five controls) management activities at both the cultural and control External audit 73 96 Internal controls 77 level remains unquestionable 98 Internal audit 61 95 Corporate security 23 77 Vendor monitoring 25 74 Fraud risk management measures 17 73 Information from public sources 23 70 Whistle-blowing system 19 61 Change of personnel or duties 16 57 Electronic suspicious transaction 10 reporting 52 Company’s own fraud risk training 7 48 0 20 40 60 80 100 % companies Group A Group B
    • 12 The 4th biennial global economic crime survey Section 1: The statistics clearly understood, and lived, code of ethics Companies operating in the developed committed by senior management figures, – that is the true foundation for an effective markets that have a high foreign trade whereas more ‘simple’ frauds such as anti-fraud programme (see figure 1.13). turnover, or production and/or supplier asset misappropriation, which are often operations in the emerging markets, Key to this is not only receiving the correct, typically reported a greater number of cases Influencing the behaviour of suppliers professional advice on the right types of involving a foreign party. But, with the through contractual requirements, compliance and detection programmes, increasingly global marketplace, one of the such as: but also ensuring that the company ethics most interesting statistics in our research • the adoption of ethical guidelines and anti- guidelines are workable, liveable and shows that while some businesses may feel fraud conventions from the OECD, the UN incorporate the explicit norms of criminal law the need to act in an inappropriate manner and other trans-national organisations appropriate to the country of operation. In in order to do business and compete our 2005 study, we suggested that, in order successfully, this is not actually the case • access to whistle-blowing hotlines to limit the risk of fraud, good guidelines and that companies which compete while • agreement to share an ethical code of should ‘create a commitment to shared acting within their compliance guidelines conduct values… develop people’s capabilities to actually perform better.12 • asking suppliers to sign statements engage in moral reasoning and… create pledging to adhere to stated guidelines an environment that enables responsible When we asked respondents to comment • agreeing to behavioural codes while on conduct’.11 The data from our 2007 research on one or two specific instances of fraud company premises continues to show that this is the case. that their company had experienced, a slightly different picture of the perpetrator’s • requiring the pre-approval of sub- relation to the business emerged, with contractors or agents Internal or external fraudsters? half of the perpetrators being inside the • using questionnaires to gather information company (50% internal; 50% external). about sub-agents used by suppliers Of the 43% of companies that reported • having a due diligence process for all a significant economic crime, more than When it comes to those perpetrators acquisition and procurement matters three-quarters (76%) reported that a party who are company employees, our 2007 • annual re-certification of staff external to the company played a role in research results reflect our previous capabilities and processes the fraud. And of that 76%, over a third studies, showing a decreasing number of frauds being detected among individuals • internal audit rights (34%) reported that, in at least one of the reported cases, the external party was higher up the corporate ladder. This may • external audit rights located in a foreign country. be because the more complex economic • adoption of anti-money laundering and crimes such as accounting fraud, which relevant compliance guidelines are harder to detect, are more likely to be 1.13 Companies with both ethical guidelines and compliance 1.14 Regions from which foreign perpetrator was operating programmes report suffering fewer economic crimes 36 Canada 3% Africa 10% All frauds 48 USA 8% Other 1% Asset misappropriation 25 35 SC America 4% 11 Other CE Europe 11% Accounting fraud 14 Corruption & bribery 8 15 China 15% Turkey 2% Money laundering 4 6 14 Russia 7% IP infringement 17 India 2% 0 10 20 30 40 50 % companies Companies using both compliance & ethics programmes Other Asia-Pacific 11% Other W Europe 15% Other companies Germany 5% UK 6% 11 Marie McKendall, Beverly DeMarr and Catherine Jones-Rikkers, ‘Ethical compliance programmes and corporate illegality: testing the assumption of the corporate sentencing guidelines’, Journal of Business Ethics, June 2002. 12 More details about this can be found in ‘The emerging markets’ section of this report (see page 32).
    • PricewaterhouseCoopers 13 easier to detect, may be perpetrated in into consideration the importance of a encourage employees to act as its guardian, an unsophisticated manner by staff in company’s culture (and the employee’s safeguarding it against those that would positions across the entire organisation. relation to it). Various other reasons cited steal from it or damage it by their actions. include a low level of commitment to the firm (34%), relative anonymity (17%) The driver for fraud and lack of clarity about the company’s The typical perpetrator ethics (14%). It is generally accepted, by criminologists Our 2007 study reveals that the and fraud investigators that three things When a fraudster has the opportunity to demographics of a typical fraudster must be present for a fraudster to set to operate in an environment such as this, remain unchanged from our previous work: the opportunity to commit fraud, the bolstered by a self-rationalised, financial research in 2005. The perpetrator is male incentive to commit fraud and the fraudster’s incentive (57% of cases), even the best (85% of cases) and between 31-50 years ability to rationalise their own actions. of control systems cannot always prove old (72% of cases). Education levels are effective in detecting and preventing fraud. spread across the spectrum, with half For the purposes of this research, and for being educated up to high-school level clarity in speaking with our respondents, Company culture is therefore vital in (50%) and half having a bachelor’s or we refined these into two areas: establishing an ongoing, effective fraud risk postgraduate degree. Similarly, their management programme. Firstly, a clear position in the affected organisation was a) The perpetrator’s personal reasons understanding of the ethical guidelines by spread across all grades, with 52% of for committing fraud (that is, their all staff, at every grade, is key, including perpetrators falling within middle or senior incentive and ability to rationalise the organisation’s sanctioning process management. Such high education levels their actions to themselves) and its attitude of ‘zero tolerance’ to fraud. and management positions should not be b) The organisational reasons that While many companies may have an surprising as neither limits an individual’s allowed fraud to occur (that is, their ethical guidelines handbook, this does desire to increase their own material gain levels of control and the ethical culture not always mean that its contents are well and in some cases it may help in the within the firm) (see figure 1.15) known or understood by the staff and, circumvention of sophisticated control in our experience, many issues can arise systems. And while many new controls Looking more closely at our respondents’ when companies do not train their staff are able to detect the frauds committed answers, we see that while insufficient in appropriate corporate behaviour. by staff at all grades, in our experience company controls appear to have played they do not of themselves prevent the a significant role in over a third of cases Secondly, a loyalty to the company by committed fraudster; in fact, as revealed (34%) perpetrated, we must also take staff, engendered by its honest, fair earlier, it is the frauds committed by those and transparent actions, can serve to 1.15 Reasons cited by companies to explain why fraud was committed (multiple answer) company culture is vital FinanciaI incentives (greed) 57 in establishing an ongoing, Low temptation threshold Lack of awareness of wrongdoing 44 40 effective fraud risk Expensive lifestyle 36 Individual reasons management programme Denial of financial consequences 26 (incentives and means for rationalisation Career disappointment 12 Potential redundancy 8 Low commitment to brand 34 Insufficient controls 34 Able to use authority 19 to override control Corporate causes (controls and Too great staff anonymity 17 cultural issues) High company targets 13 Corporate ethics unclear 14 0 20 40 60 80 100 % companies
    • 14 The 4th biennial global economic crime survey Section 1: The statistics in the senior and middle management that Why do companies not report more internal The importance of consistency cause the greatest financial and collateral incidents? Despite increased levels of damage to a business (see figure 1.16). corporate transparency, this corporate Consistency in fraud risk management response may reflect the view that keeping efforts is vital to achieving a positive the details of a fraud within the firm will impact. Our research shows that the Dealing with fraudsters help prevent collateral damage to the actions brought against management are company’s reputation, and limit the amount usually less severe than those brought An important step in creating a corporate of management time and money being against other grades (see figure 1.17). culture that does not tolerate fraud is redirected to deal with the issue, with consistency of action when economic crime stakeholders, regulators and with other In our view once an incidence of criminal is detected. When staff understand the parties. However, when the perpetrator wrongdoing has become known it is vitally probable personal and legal consequences is outside the company and the news has important to signal to the staff that all of their potential foray into fraud, and that a greater chance of becoming public, perpetrators are treated the same way, detection is likely due to the sophisticated companies are more prepared to pursue regardless of their position within the and effective nature of the risk management the case with law enforcement agencies company. There will nearly always be a systems, this serves to deter many would- and regulators, in order to show good certain level of negative impact on staff be criminals. corporate governance and to reclaim as morale, but it is in just these cases that the much of the loss as possible. company must show that actions against It is interesting to note that when a fraud perpetrators from the senior management was perpetrated by someone outside the Yet despite the fears of negative publicity are the same as those brought against other company, it was reported to a regulator from involving law enforcement, the grades within the business, and that there in 38% of cases, and to law enforcement companies that did refer fraudsters for is not ‘one rule for them and another for us’. officers in 64% of cases, whereas when prosecution, whether internal or external, perpetrated by an employee, the incident suffered no significant collateral damage Our research shows that in the cases where was reported to regulators in only 24% and indeed, in many cases, saw a fraud was committed by a senior manager, if of cases, and to law enforcement officers decrease in the collateral damage to their referred for criminal prosecution, the chance in only 55%. public relations, their business relations of that fraud having a significant negative and their own working morale. Indeed, impact on staff morale dropped from 20% Our research also shows that, around the stakeholders and staff respond positively to 10%. Similarly, if the senior manager is world, the majority of significant frauds when they see a consistency of honest sentenced, there is a significant impact on were immediately reported to senior and fair action brought against those that staff morale in only 7% of cases, but if the management within the company (81%), have contravened the company’s ethical same perpetrator is seen to ‘get away with it’, although this is now, of course, a regulatory guidelines (and brought their livelihood the negative impact trebles to 21%. Finally, requirement for many listed companies. into disrepute). the degree of sentence handed to fraudsters 1.16 Profiling the fraudster despite fears of negative Male 85 Gender publicity, the companies that did refer fraudsters for Female 15 Over 50 7 prosecution suffered no 41 to 50 28 Age 31 to 40 44 significant collateral damage Up to 30 21 Postgraduate 12 1st degree graduate 38 Education Up to high school 50 Senior management 26 Middle management 26 Position Other employees 48 Up to 2 years 30 3-5 years 27 Time with the company 6-10 years 22 More than 10 years 21 Up to 2 years 40 3-5 years 29 In the same position/role 6-10 years 21 More than 10 years 10 0 20 40 60 80 100 % reported frauds
    • PricewaterhouseCoopers 15 from senior management is also a motivator, of the right culture of deterrence if the will not be sufficient to mitigate the risk of for when they are imprisoned or receive assets are to be reclaimed from the economic crime on their own. Instead, our a heavy fine for their misdemeanour, the perpetrator through civil actions. hopes rest in organisations establishing a number of companies reporting a significant culture that supports those controls with clear decline in staff morale drops by half. Many companies choose to employ fidelity and ethical guidelines, engendering a loyalty However, in cases where senior management (or other types) of insurance against fraud. to the organisation’s brand, and showing has been handed a suspended sentence Because of the recent public and business that every perpetrator, no matter what their or put on probation, there is no change interest in fraud and the crippling damage position and function within the company, in the levels of negative impact on staff that it can be seen to cause to a company, will be subject to equivalent sanctions. morale, implying again that management premiums have grown. However, our seems to be ‘getting away with it’. research shows that insurance can have a This is particularly true for those organisations positive impact, as those companies that seeking to make dynamic expansions claimed on it following a fraud were 33% into the emerging markets to take Recovery of lost assets more likely to recover more than 60% of their advantage of preferential production costs lost assets than those without insurance. and developing consumer societies. In many Over the years of measuring the recovery of these markets, corporate governance of lost assets, there has been little change, systems may not be as encompassing and except a marginal increase in the numbers Fraud in the future exacting as in the developed markets and of companies recovering anything at all. companies need to be aware of the risks Fraud remains an intractable problem. that they face in the light of their regulatory There are many reasons for this relative Levels have not dropped significantly over requirements ‘back home’. failure to recover lost assets. Companies the course of this decade and companies are reluctant to embark on long recovery continue to be confident – as they have The fight against fraud is a constant processes with uncertainty of success, with every study that we have conducted struggle. Our biennial study continues to especially where assets have been moved – that their controls will limit their exposure show that in order to assess and manage across borders. to fraud in the future. However, 11% of the risk, a constant re-evaluation of all fraud companies consider it more likely that they risk management activities and the culture However, there may be good reasons to will be victims of fraud over the next two that supports them in every market of pursue the assets regardless – firstly years, which is three percentage points operation is vital to maintain a clear, because it is not always possible to form higher than the respondents believed in competitive advantage and the confidence a realistic view of the chances of recovery our 2005 research. of all stakeholders. As with all crimes and until the process gets under way, and unwanted business risks, consistent and secondly because a policy of always The results of this research have shown that effective prevention is better than after- attempting recovery helps in the creation the controls that have been implemented the-fact reactions. 1.17 Companies bringing actions against internal fraudsters the results of this research Warning/reprimand 40 44 have shown that the controls Intra-company transfer 12 14 34 that have been implemented Dismissal 6 73 83 will not be sufficient to mitigate the risk of economic 87 32 Criminal charges 45 crime on their own 54 33 Civil action 27 29 8 Did nothing 6 4 0 20 40 60 80 100 % reported frauds Senior management Middle management Other grades
    • Section 2: The issues Insights on the complex interrelationship between internal controls and corporate culture
    • 18 The 4th biennial global economic crime survey Section 2: The issues Fraud’s facilitators – individual An analysis of the survey’s overall figures degree, while 12% usually hold a indicates that holistic and regularly postgraduate degree, or higher. propensities and corporate updated control programmes help limit culture opportunities for fraud. But it does not Criminological research indicates that most stop there. Controls combined with the fraudsters tend to be risk-takers, decisive, Our survey results point to one company’s ethical culture together play extroverted, career- or success-oriented incontrovertible fact: the crime of fraud equally important roles in deterrence. individuals.1 Paradoxically, it is precisely remains intractable because of the many these traits that are also highly prized in kinds of fraud and the correspondingly management recruitment. Today’s manager broad range of fraudsters who commit needs to possess a high degree of creativity them. Fraud is also difficult to detect and Who are the fraudsters? and flexibility, qualities which can be stop because it contains a fundamental successfully employed both appropriately The survey shows that while fraud is element of deceit. and inappropriately. committed by people at every level – and in practically every department – Our research shows that in order for a ‘figureheads’ within a business are Individual propensities fraud to occur, two preconditions must responsible for 25% of all reported frauds be present: and have been with the company for If we look at the preceding conditions – 1. Perpetrators have deep-seated, personal an average of seven-and-a-half years. personal reasons and corporate reasons for engaging in criminal acts; Generally speaking, 85% of fraudsters are opportunities – our survey reveals a number they must have an incentive to commit male, 44% are between the ages of 31 of interesting results about individual fraud and be able to rationalise the and 40, 50% have a school degree or less, motivations and self-rationalisations behind fraud to themselves. and 38% possess at least a bachelor’s fraud (see box below). 2. A company that is more likely to be victimised by fraud not only lacks sufficient controls to detect fraudulent Individual motivations: Self-rationalisations: activity but also lacks ethics, values, • financial incentives/greed (57%) • fraudsters’ low temptation threshold (44%) programmes and systems that discourage fraud, i.e., a well-developed • maintaining a lifestyle unsupported by • apparent lack of awareness regarding culture, including systems that their salary (36%) the nature of their wrongdoing (40%) encourage and protect employees who • career disappointments (12%) • denial of the financial consequences of expose fraud. fraudulent act (26%) • prospect of being laid off or made redundant (8%) most fraudsters tend to be risk-takers, or else very decisive, extroverted career- or success- oriented individuals… traits that are also highly prized in management recruitment 1 For overviews Neal Shover, Andy Hochstetler, Choosing White-Collar Crime, 2006; David R. Simon, Frank E. Hagan, White-Collar Deviance, 1999; David O. Friedrichs, Trusted Criminals, 2nd. ed. 2004; Alan Doig, Fraud, 2006, p. 80ff.
    • PricewaterhouseCoopers 19 Systems of procedures and controls The role of controls when we compared companies that do not necessarily counteract these put more than five controls in place motivations or self-rationalisations. Our survey results, combined with our (i.e., Group B), their control networks However, well designed internal control experience, provide further insight into were more effective in detecting fraud. systems supported by strong culture the role of controls in detecting and can work together to better mitigate the preventing fraud. In contrast, companies in Group A (which risks of individuals who may be motivated had instituted an average of three modes to inappropriately apply their talents. of control) appear less aware of their It is culture, in combination with The impact of fraud controls vulnerability and consequently are not procedure, which is effective against learning from whatever instances of individual propensities toward fraud. Controls are an important element of the economic crime it has been their equation. The table below2 shows that misfortune to endure. Because such companies have weaker control systems The vicious circle of deceptive security – company performance on fraud prevention in place, they predictably detect fewer and detection cases of economic crime. Group A Group B In areas of common risks, such as asset Companies with up to Companies with more than misappropriation, our experience tells five controls five controls us that inattention and lack of discipline Percentage of companies can be symptomatic of a cultural taking professional anti-fraud ambivalence towards correct behaviour advice 12% 49% that leads to an environment in which Percentage of companies more devastating economic crimes – that reported detecting fraud 38% 47% corrupt acts, participation in cartels, financial statement fraud – can occur. Average number of frauds In effect, this is an indication of inadequate detected 6 10 culture – and culture is the very thing which Average loss detected for provides the best protection against a all frauds per company US$ 901,285 US$ 3,419,151 catastrophic economic crime event. Average financial costs companies spent on managing frauds US$ 305,227 US$ 701,832 Insurance taken to cover losses and costs from fraud 28% 47% Percentage of companies with significant collateral damage and associated managing costs 26% 23% 2 More information about this can be found in Section 1 (see page 11).
    • 20 The 4th biennial global economic crime survey Section 2: The issues The Fraud Control Paradox everyone knowing and understanding it. potential wrongdoers will find ways to The gap between the number of detected circumvent it. When fraudsters and other At first glance, it would seem reasonable and undetected cases closes because wrongdoers know what to avoid, they that stronger controls would lead to an employees have a greater awareness are empowered to devise new and novel immediate drop in impropriety – but this of the controls in place, and potential ways to pursue their criminal ends. is not necessarily true in the short run. perpetrators are more alert to the risk It appears that what holds true in a larger of detection. Controls are therefore most It is for this reason that whatever controls criminological context applies equally well effective when everybody knows about and detection systems or programmes a to companies seeking to detect fraud – them and, when a case of wrongdoing company puts in place must be constantly the greater the sensitivity of a company is discovered, the individual involved is monitored and updated if they are to towards economic crime, the more they dealt with in a manner appropriate to be effective. seem to occur. In other words, if you the offence, regardless of their position do not look, you do not see; conversely, in the organisation.3 Key elements of effective controls once you know what to look for and go looking for it, you are more likely to find it. Nevertheless, while a company’s control Implementing effective control systems system will eventually lessen the gap requires a comprehensive understanding of Over time, the effectiveness of a between detected and undetected crime, the sources of fraud risk within the context company’s control system depends on unless it continues to evolve, eventually of a company’s domestic and global operations. Given that business growth and The circle of deceptive security – company performance on fraud prevention and detection development is ever-changing, companies are challenged with regularly evaluating Maximum their operations, structure and systems to risk of keep pace with change. While change and economic Undetected offences crime a willingness to take certain types of risk can lead to great opportunities, the same can increase a company’s vulnerability to Detected offences Residual risk of economic crime. To mitigate against this economic crime negative side of change, companies should regularly assess their vulnerability, evaluate their controls, and adopt programmes, systems and policies that meet their specific circumstances. An example of some key elements of effective controls Increase in intensity of control against corruption and bribery is provided in the box which follows. if you do not look, you do not see; conversely, once you know what to look for and go looking for it, you are more likely to find it 3 Kai D. Bussmann, The Control Paradox and Impact of Business Ethics, in: Crossing the Borders (ed. Kai Bussmann), Monatsschrift fuer Kriminologie und Strafrechtsreform, special issue 2/3, 2007, 260ff.
    • PricewaterhouseCoopers 21 The impact of ethical guidelines and Key elements of effective anti-bribery compliance programmes compliance programmes 1. Create a control environment with the right structure and tone: – CEO communication on the importance of compliance, and ‘zero tolerance’ for illegal Our survey results clearly show that acts and misconduct; companies’ that make use of effective – Establish a high-quality, compliance organisation that is well-staffed with clear ethical guidelines and compliance processes and support systems; programmes are much less vulnerable to – Embed compliance into human resources processes including training, hiring, economic crime. As the chart below shows, performance, promotion, ethics and compliance, and disciplinary actions. companies with these programmes are less 2. Focus on the most important compliance risks: likely to be victimised. The impact of such – Conduct risk assessments to identify high-risk areas including countries and/or programmes on a company’s vulnerability business units, transactions, contracts and third party relationships; to crime is significant, whether it is asset – Adapt processes based upon the nature and source of the risk. misappropriation, accounting fraud, corruption or money laundering (see 3. Design compliance control activities to minimise risk of non-compliance: figure 2.1). – Establish control procedures for high bribery risk areas; – Adopt protocols for investigating allegations of misconduct, illegal acts and non-compliance; Breeding grounds for discontent – Develop independently tested monitoring programmes. 4. Establish processes and systems supporting compliance: Clearly, the development and deployment – Ensure effective report on status, effectiveness and trends to key corporate governing of internal controls and risk management bodies (i.e., Compliance Committee, Board of Management, Audit Committee and systems is vital if the risk of fraud is to be Supervisory Board) reduced, but they can only go so far. There – Embed compliance into the IT systems. are many forces, both good and bad, at work in the formation and ongoing ‘life’ of a company’s culture; but there are some quite specific, easily-identifiable factors The role of corporate culture they interact with each other and with that erode the positive influence of culture stakeholders outside the organisation’.4 and create the kind of environment that What is ‘corporate culture’? For Charles contributes to wrongdoing. Hill and Gareth Jones it is ‘the specific This section of the survey will examine some collection of values and norms that are of the critical components that make up a shared by people and groups in an company’s culture and their respective roles in organisation and that control the way preventing (or discouraging) corporate crime. companies that make use 2.1 Companies with both ethical guidelines and compliance programmes report suffering fewer economic crimes of ethical guidelines and All frauds 36 48 compliance programmes Asset misappropriation 25 35 are much less vulnerable Accounting fraud 11 14 to economic crime Corruption & bribery 4 8 15 Money laundering 6 IP infringement 14 17 0 10 20 30 40 50 % companies Companies using both compliance and ethics programmes Other companies 4 Charles W. L. Hill and Gareth R. Jones, (2001) Strategic Management 5th Edn, Houghton Mifflin, MeansBusiness, Inc.
    • 22 The 4th biennial global economic crime survey Section 2: The issues One factor in the creation of disaffection which ‘anything goes’, ‘who cares’, ‘and mailroom personnel – should be aware amongst employees is the pressure to who is going to catch me anyway’, let alone of how their company’s code of conduct perform or produce and our survey showed ‘call the authorities’ attitudes prevail. works: what it allows, and what it does not. that this was an incentive in 13% of cases, increasing to 22% in the case of senior management’s involvement. Obviously, high Setting the tone at the top Senior management accountability productivity and exemplary performance are The role of upper management in While some companies refer fraudsters always desirable, but when management creating and transmitting both an ethical from within senior management for criminal expectations are unrealistic it is easy for code of conduct and responsible prosecution, many do not. employees to justify an ‘anything goes’ behaviour are crucial. As Sam Di Piazza, approach to achieve company goals. PricewaterhouseCoopers’ CEO, pointed Our survey finds that there is a significant out, ‘People in an organisation pick up difference in the way companies deal What can be particularly damaging are quickly on how the CEO and other senior with senior managers involved in fraud situations where employees are unsure executives deal with individuals and and the way in which they approach other about what to do when they become situations that may not conform to the employees. We find, for example, that suspicious about the conduct of fellow ethical code. The board also has criminal charges are brought against employees or are themselves confronted something at stake: it is the responsibility senior management less frequently when with ethical dilemmas. If a company does of the total leadership, including the compared with employees lower down not provide clearly-defined channels of board, to infuse an organisational culture the corporate ladder. More telling, communication for its employees it may of ethics, and this challenge includes perhaps, is the finding that, compared run the risk of sending the wrong message: communicating effectively.’ Our study with the numbers in our 2005 survey, that management does not want to hear supports this: in 30% of cases involving companies are now limiting their response about problems and/or ethical employees a member of senior management, there to warnings or reprimands when the may either be ignored or find themselves was significant damage to ongoing staff offenders come from senior management. the victims of management retaliation. morale in the company.6 Yet when senior management is not Any one of these factors may be enough to A company’s code of ethics should be punished appropriately – and some may engender the kind of resentful, ‘get-even’ clearly articulated and conveyed to each even say gravely – the impact on staff mentality that seizes many fraudsters; but, and every employee. Everyone, regardless morale can be significant. As discussed taken together they represent a distillation of their rank or position – from the CEO in Section 1, in cases where fraud was of negative forces that makes for a and the Board of Directors down to the committed by a senior manager, if referred positively toxic corporate culture – one in obviously high productivity and exemplary performance are always desirable, but when management expectations are unrealistic it is easy for employees to justify an ‘anything goes’ approach to achieve company goals 6 More information about this can be found in Section 1, page 10.
    • PricewaterhouseCoopers 23 for criminal prosecution, the chance of that fraud having a significant negative Whistle-blowing programmes: best practice tips impact on staff morale dropped from 20% • Safeguard employees who report misconduct against any form of retaliation to 10%. The perception that management (i.e., threats, harassment and demotion). Allow for anonymous reporting. ‘gets off lightly’ fuels employee discontent • Make certain employees can report incidents outside their chain of command – avoiding and erodes corporate culture. their supervisor, department head, division leader – by using a helpline, e-mail or mail box. • Maintain confidentiality to the fullest extent possible. • Ensure that any hotline or helpline is both a toll-free call and includes as many language The impact of whistle-blowing translations as appropriate to a company with global operations. systems • Establish working relationships and protocols with various departments within the organisation prior to issues surfacing. For example, Human Resources or Benefits to As the chart below shows, in virtually address personnel issues and Security or Risk Management for more serious issues every region of the world whistle-blowing such as suspected fraud. is playing a role in uncovering the activities • Include controls for targeting certain situations that may require immediate steps to of wrongdoers. More and more companies prevent further risk or damage. are now promoting whistle-blowing • Provide clear governance expectations about how matters will be reported to the policies as an integral part of their risk ultimate governing authority, presumably the Board of Directors, or sub-committee. management programmes (see figure 2.2). • Formalise processes for recording and tracking reported issues and incidents. • Communicate information about the reporting and investigation process, how it We believe whistle-blowing systems that operates, what kinds of issues have arisen and how they were dealt with. are both well designed and properly • Establish communication channels not only for reporting misconduct, but also for asking implemented can play a decisive role questions and receiving guidance. • Track trends that may appear in one business or across businesses or at specific levels in uncovering criminal activity. This is within the organisation. reflected in our respondents’ very positive • Assign appropriate people with both the requisite authority and experience to perform views on their own whistle-blowing the investigation. system’s effectiveness. When this detection • Establish a company code of conduct that requires all leadership, senior management tool is correctly implemented, it has the and employees to fully cooperate in any investigation into allegations of misconduct. strong potential of effectively uncovering • Establish and consistently enforce a disciplinary policy. A programme that doesn’t abide more fraud – increasingly replacing the by its own rules, from the top down, will never work effectively. chance element of anonymous tip-offs that, • Train and periodically update all company employees about the whistle-blowing in our study, were responsible for detecting programme, disciplinary policy and the company code of conduct. fraud in 34% of reported cases. 2.2 Companies that report operating a whistle-blowing system and the percentage of those companies that in virtually every region of consider it to be effective the world, whistle-blowing is Global 32 42 81 playing a role in uncovering the activities of wrongdoers W. Europe 78 CE. Europe 34 79 N. America 77 86 SC. America 46 81 Asia & Pacific 55 84 Africa 38 74 0 20 40 60 80 100 % companies Whistle-blowing system present Whistle-blowing system effective
    • 24 The 4th biennial global economic crime survey Section 2: The issues There is no substitute for the perceptiveness those companies that did call in the Conclusion and acuity of the individual when it comes to authorities suffered less reputation and discerning those patterns of odd behaviour, quantifiable damage. The apparent past One clear fact is apparent when we look at unlikely coincidences and atypical work perception of the danger of ‘collateral the results of our 2007 survey: corporate methods that often signal the presence of damage’ or fallout is fading. culture is a vital element in whatever fraud economic crime. We must add, however, risk management programmes a company that it is important for companies to promote Apart from the negative effects of litigation adapts. Keeping this in mind, we recommend whistle-blowing procedures as a pro-active issues, many companies report that that companies consider the following means of protecting the brand (and thus when they have pressed criminal charges points as they move forward in developing the company as a whole), and not as a way against fraudsters they have not only fraud control programmes and strategies: for employees to settle old scores or turn in suffered less public relations damage and colleagues or managers. less impairment to their outside business • Replace one-off risk mitigation relations, but employee morale could programmes (i.e., one-off review of actually have been improved. agent relationships) with comprehensive Reporting fraud to the authorities compliance programmes that are fully These developments may be due, in part, to integrated into all components of Our research reveals that reporting an business operations. the recent focus on corporate governance, offence to the prosecuting or regulatory and the requirement for companies to • Pro-actively monitor vulnerabilities to authorities had fewer negative effects than show regulators and stakeholders that, in fraud. It is not so much a question of once anticipated. While many companies such matters, they are ethical, responsible always expecting the worst, but being in the past clearly chose not to involve law corporate officers who put a premium prepared for the unexpected; and, enforcement agencies once a fraud had on honesty. should it occur, being ready with an been uncovered, our research reveals that effective fraud response plan. the best-laid plans and procedures are unworkable if they are not championed by management and watched closely by every employee in the company – without exception
    • PricewaterhouseCoopers 25 • Developing a strong ethical culture deter fraudsters – and those who merely that is clearly evident to all employees. contemplate the crime. Risk exists. Each organisation must This can be accomplished through define which risks must be mitigated or • A comprehensive understanding of fraud taken to protect the business without setting the right ‘tone at the top’, risks sources and controls provides a sacrificing reward – an explicit risk encouraging company loyalty, providing foundation for making informed decisions appetite. Fraud is just one of many risks processes whereby employees can about how and where the other risks – an organisation must consider as part report concerns (i.e., whistle-blowing the right risks for building business – of this risk appetite. But, as the GECS systems), and by clearly showing that can be taken. suggests, fraud prevention is not merely the penalties fraudsters incur – no matter what their position in the a question of the right control functions company hierarchy – are serious. but rather part of the holistic approach to risk – controls, culture, ethics and • Be sensitive to the issues that individual performance. If an organisation’s risk employees might be faced with, such as appetite is clearly articulated in the the wrongdoing of a colleague. strategy, driven into the culture from the • It is impossible to eradicate economic top down and consistently applied to crime; like the Hydra of myth, cutting off decision-making, risk-taking can drive one head merely allows another to grow. performance, yield value and properly This does not mean, however, that address threats such as fraud. prevention is impossible and should therefore be abandoned. On the contrary, companies large and small should take all the precautionary steps they can to risk exists – each organisation must define which risks must be mitigated or taken to protect the business without sacrificing reward
    • Section 3: The emerging markets The perceptions and experience of experts who are confronting the risk of fraud in some of the fastest growing economies in the world
    • 28 The 4th biennial global economic crime survey Section 3: The emerging markets We are often asked about economic crime particularly vulnerable to fraud. Our Our research reveals that companies in risks in the developing markets and in research reveals that companies that which parent and subsidiaries employed particular in those countries that offer the experienced changes in structure, which different accounting systems were more most outstanding opportunities, i.e., Brazil, are typical during periods of overseas susceptible to fraud (61% of cases) than China, India, Indonesia, Mexico, Russia and expansion, were more susceptible to those operating a unilateral system (52% Turkey (a group which PwC terms the ‘E7’, fraud than those that operated in a stable of cases). This is not surprising, for while or ‘Emerging Seven’).1 Here we combine environment (see figure 3.1). a quality accounting system can act as a the experiences of more than 1,500 E7 very effective first line of defence against experts who contributed to our research In all of these cases, there were changes many common fraud schemes, the gaps programme (i.e., senior executives with in operational processes, procedures that often exist between systems certainly responsibility for, and experience of, and systems; personnel changed; roles, increase the opportunities for fraud investing in these markets) with our own positions and responsibilities were to flourish. experiences of helping companies identify reorganised into new configurations; and, and control fraud threats worldwide to of course, there were new and changing Or take the issue of suppliers. Companies offer a unique perspective on this issue. customers and suppliers. In situations moving into an E7 region, or acquiring a where managers and staff lack familiarity local company, must rigorously vet not with systems, roles, customers and only new suppliers, but also existing ones. New ventures – new opportunities suppliers, the kind of irregularities that Conflicts of interest often arise in the E7 for fraud may otherwise have caused a raised countries, where buying or selling from eyebrow in a more familiar or better friends or family to pass economic benefit For many companies, the opportunities established ‘home’ environment may well outside the company is commonly viewed offered by the E7 economies are so great go unnoticed. Worse, the situation may as a basic business practice. It is the way that there is often a need to move quickly present an opportunity for fraudsters to that business is done, and sometimes has to take advantage of the potential cost take active advantage of the company. been for centuries. Plus, it is important to benefits or market opportunities that are remember that a number of the E7 markets available. However, it is during these times For example, take the issue of companies have not been open to free trade for of dynamic change that businesses are operating different accounting systems. very long. 3.1 Companies reporting fraud that have undergone 3.2 Experts’ concerns about fraud issues in the E7 markets significant structural changes Global 53 68 41 62 Brazil 70 89 W. Europe 51 32 35 32 57 CE. Europe 58 66 47 Mexico 66 86 52 N. America 65 48 49 83 43 74 SC. America 39 China 56 92 68 47 53 Asia & Pacific 37 58 71 Africa 73 India 54 90 51 50 55 0 20 40 60 80 100 79 77 % companies Indonesia 65 87 At least three changes 61 68 Up to two changes 85 76 Russia 67 96 45 53 59 71 Turkey 60 80 51 52 0 20 40 60 80 100 % companies Legal environment Levels of corruption Staff integrity Cost of compliance with SEC Staff security Cost of compliance with other regulators 1 PwC’s head of macroeconomics, John Hawksworth, estimates that by 2050 the E7 economies are likely to be 25% larger than the G7’s at market exchange rates, and 75% larger in terms of purchasing power parity. (‘The World in 2050. How big will the major emerging market economies get and how can the OECD compete?’)
    • PricewaterhouseCoopers 29 The perceptions and the realities of The concerns faced by experts investing discovering follow-on actions by authorities fraud in the E7 in E7 markets are borne out by ‘in country’ in other nations with a nexus to the issue. companies’ assessment of the most So with a move into the emerging markets prevalent fraud type. Both groups – the The perceived levels of fraud versus actual likely to expose your organisation to E7 companies surveyed and the experts reported incidents in the E7 countries reflect increased possibilities of economic crime, investing in the E7 countries – perceive a strong consistency with global results – what are the types of fraud that you are corruption to be the most significant except that corruption and bribery and, likely to experience and how does the economic crime threat (see figure 3.3). to a lesser extent, money laundering, is threat differ from the rest of the world? Further, in all E7 countries, the experts perceived to be greater. With regard to consider staff integrity to be the second actual reported incidents of fraud, E7 levels The experts in E7 investment interviewed or third most widely held concern. approximate the global statistics, again for our survey perceive significant risks Examining the actual levels of reported with the exception that corruption and associated with levels of corruption, staff fraud in the E7 countries, we see bribery and asset misappropriation are integrity and legal environment in the consistently high reported incidents of reported more frequently in the E7 than the emerging markets for which they have asset misappropriation – a solid indication rest of the world. It is interesting to note direct responsibility (see figure 3.2). These that concerns about staff integrity by E7 that our own experience and the results types of economic crimes are no different experts are well founded (see figure 3.4). of Transparency International’s 2006 from those that are to be found in the Corruption Perception Index suggest that developed economies. The difference It is interesting to note that regulatory the perception levels provided by our E7 lies in the extent to which – because of compliance of any type is perceived as the experts reflect a level of corruption threat the legal, political, social, economic and lesser risk. However, while this no doubt that is surprisingly consistent. cultural environment in which these reflects the experience of respondents over companies operate – they permeate private the past two years, we anticipate that the While the perceived levels and reported business; and, of course, the effectiveness regulatory activity will increase in many number of incidents are quite similar to the of the internal controls and corporate jurisdictions, putting increased pressure global findings in most areas, this does cultures that these businesses possess on compliance systems in the near future. not fully explain the level of concern to mitigate such risks. Already, companies which settle allegations exhibited by our expert respondents about of economic crime in the United States are the risks in E7 countries. The answer may 3.3 E7 companies’ and China experts’ perceptions of the 3.4 Types of frauds actually reported by E7 companies and types of fraud most prevalent in the E7 markets China experts 20 37 23 9 Brazil 29 Brazil 10 15 0 13 12 15 32 12 4 Mexico 30 Mexico 15 22 1 18 18 17 25 13 8 China 27 China 7 8 4 23 14 18 20 17 11 India 29 India 20 16 1 14 14 16 32 16 15 Indonesia 31 Indonesia 33 16 3 15 18 19 43 17 18 Russia 30 Russia 34 12 5 15 28 20 19 23 8 Turkey 25 Turkey 4 6 14 14 14 0 10 20 30 40 50 0 10 20 30 40 50 % country and China experts % E7 companies and China experts Asset misappropriation Money laundering Asset misappropriation Money laundering Accounting fraud IP infringement Accounting fraud IP infringement Corruption & bribery Corruption & bribery
    • 30 The 4th biennial global economic crime survey Section 3: The emerging markets lie in the financial losses reported by our Average loss (US$) All respondents2 E7 respondents (including China) experts – which tell a different and more worrying story. The total losses reported Asset misappropriation 859,646 2,915,419 by the companies that took part in our Accounting fraud 954,798 3,406,917 survey amounted to more than US$ 4.2 Corruption and bribery 297,071 1,977,762 billion over the course of the previous two years. Over 45% of that figure was Money laundering 230,544 374,326 lost by companies operating in the E7. IP infringement 1,766,215 2,180,180 Total losses reported by all respondent Indeed the average losses for each type An illusion of safety? companies: US$ 4.2 billion of crime also make sobering reading. Yet despite this considerable threat to Total losses reported But, of course, the drain on a company’s the financial and operational security of by E7 companies: US$ 1.9 billion finances does not just rest with the losses. business, almost half (45%) of our experts One must also consider the potential did not factor economic crime as a risk In the first section of this report we also collateral damage to staff morale, supplier criterion for assessment prior to their explored our respondent companies’ average relations and the brand, as well as the investing in E7 countries. Why? Perhaps losses from fraud, and this amounted to financial and time cost of managing the fall- because many of those companies regard US$ 2,420,700. In comparison, the average out from such matters. Again, in the E7, these fraud as such an endemic problem in losses reported by companies operating in costs have been shown to be one-and-a- these markets that it is regarded as just the E7 amounted to more than double this. half times those in the rest of the world.3 one of the ‘obstacles’ that has to be overcome in order to do business. Plus, Average losses Average cost of managing from a risk vs return point of view many over two years reported frauds over two years by companies seem to take the position that by all respondent all respondent companies: US$ 550,356 the damage is more than off-set by the companies: US$ 2,420,700 investment opportunities being offered. Average cost of managing Average losses over frauds over two years by On the other hand, it is encouraging to two years reported by all E7 companies: US$ 825,982 see that, for 55% of respondents, fraud E7 companies: US$ 5,053,286 some companies from the developed economies have found to their consternation that trying to impose Western controls simply does not work 2 Global total average loss excluding E7. 3 The issues of financial losses and collateral damage are dealt with on page 9 of this study.
    • PricewaterhouseCoopers 31 is regarded as an important consideration Practices Act (‘FCPA’) or similar This ‘one-size-fits-all’ mentality is mostly in the investment risk review process. legislation. Consider seeking advice found in those companies that think that from a local, professional forensic they can sort out all the problems once For example, staff security was rated of consultant who can inform you of the they ‘hit the ground’ in the E7 market. paramount importance in both Russia realities of the situation. (67%) and Brazil (70%). An apparent lack 2. Prepare fraud risk management of faith in an independent and legal Corruption – a genuine threat? programmes that specifically address environment also provides concerns for those fraud issues in particular, rather those investing in China (83%) and ‘Honesty stands at the gate and knocks,’ than expecting your own country’s Russia (85%), which may, to some extent, said the 16th-century English author tried and tested models to be effective be shaded by preconceived Western Barnabe Rich ‘and bribery enters in.’ in every constituency and every notions regarding the effectiveness and Certainly, the E7 experts who took part in eventuality. independence of institutions (see figure 3.2). our survey perceive corruption and bribery 3. Conduct rigorous due diligence on any to be the most prevalent economic crime acquisitions, or prior to any partnerships threat in the emerging markets, but is this Be prepared or joint ventures. The cost of doing this just a spectre, an illusion that business in advance is a great saving on the costs in certain countries can only be done Yet, as the saying goes, there is no smoke of withdrawing once the programme when money (or its equivalent) changes without fire, and this is never more relevant has been established for some time. hands, or is bribery really the unavoidable than when reviewing the risks that staff or a business may face when entering a new 4. Be prepared for the actions you need cost of doing business in many parts of market. So for businesses looking to invest to take should a business partner, an the developing world? Outside Western in the emerging markets, we recommend acquisition, a joint venture partner or Europe and North America, 20% to 30% the following: a member be shown to be behaving of respondents reported encountering inappropriately. circumstances where they were asked to 1. Be sure that you understand the pay a bribe (see figure 3.5). In comparison, particular fraud risks that you will face 21% to 54% of companies from the Finally, recognise that some companies in your chosen market, particularly if E7 countries reported encountering from the developed economies have found you are a listed company and subject circumstances where they were asked to their consternation that trying to impose to regulations like the Foreign Corrupt to pay a bribe. Western controls simply does not work. 3.5 Percentage of companies asked to pay a bribe Global 18 W. Europe 9 CE. Europe 30 N. America 3 SC. America 26 Asia & Pacific 20 Africa 29 China (Experts) 21 Russia 48 Indonesia 54 Brazil 48 E7 countries India 38 Turkey 28 Mexico 28 0 20 40 60 80 100 % companies
    • 32 The 4th biennial global economic crime survey Section 3: The emerging markets Further, across the E7 markets, over one to competitive norms. It appears to indicate the marketplace (and therefore worth third of companies (34%) believed that they situations in which business relationships the risk, from the point of view of had found themselves in a position where will likely not be established on the basis those bribing), or may simply have they had lost a business opportunity to a of product or service quality and price, misinterpreted unfamiliar cultural norms competitor which they think may have paid but instead on corrupt criteria. The inverse and projected an ambiguous or ill-defined a bribe, compared with a global average of finding – that companies not asked to ethical appearance. 24%. This is significantly higher than the pay bribes lose fewer opportunities to a developed markets of North America (6% competitor – confirms this finding. Thus, Yet, if companies feel that they have of companies) and Western Europe (14%) it appears that in the E7 context, finding lost out by not acting corruptly (as figure which have well-established anti-corruption that one’s company is being asked to make 3.6 shows), should they consider turning conventions that are supported by a culture bribe-like payments is significant evidence a blind eye to instances of corruption in that rejects corruption (see figure 3.6). that the business may well be let on a order to secure contracts? non-competitive basis and an unsuccessful Our findings reveal further interesting outcome is likely (see figure 3.7). The answer is simply, no. And for four results: if we compare the number of good reasons: companies in the E7 which felt that they In certain instances, the percentage of were asked to pay a bribe at least once companies not being asked to pay a bribe Firstly, for companies listed in the developed (over a two-year period) with those that may be a result of something as simple markets, the threat of regulatory action and had no such requests, the differences as the fact that a company has a good the subsequent costs of remediation and are clearly significant. Companies that reputation, i.e., its standing as an ethical any sanctions can be crippling. For example, are asked to pay a bribe are likely and honestly-run concern meant that it the US Foreign Corrupt Practices Act, which (45% Brazil/47% Mexico) to very likely was never asked to pay a bribe and requires domestic and foreign companies (70% Russia/ 71% China) to lose the therefore suffered little in the way of lost listed in the US to accurately record their opportunity. This suggests that a request opportunities. By the same token, the transactions, imposes harsh penalties on to pay a bribe is a significant indicator of companies which felt they were asked to companies that contravene its statutes. It is a market that is not operating according pay may not have been as well known in therefore vital for companies to create and 3.6 Companies that lost an opportunity to a competitor 3.7 Companies asked to pay a bribe that lost an who may have paid a bribe opportunity to a competitor Global 24 66 Global 14 W. Europe 14 56 W. Europe 10 CE. Europe 45 CE. Europe 82 N. America 6 28 N. America 17 SC. America 29 6 Asia & Pacific 20 SC. America 52 20 Africa 31 62 Asia & Pacific 9 China (Experts) 22 Africa 60 Russia 51 19 China (Experts) 71 Indonesia 39 8 Russia 70 Brazil 35 31 E7 countries India 34 Indonesia 58 18 Turkey 31 45 E7 countries Brazil 23 Mexico 28 India 66 14 0 20 40 60 80 100 63 Turkey % companies 18 47 Mexico 21 0 20 40 60 80 100 % companies Companies asked to pay a bribe and lost opportunity Companies never asked to pay a bribe and lost opportunity
    • PricewaterhouseCoopers 33 deploy effective anti-corruption measures Thirdly, our research reveals that effective All of which goes to show that compliance in order to reassure the SEC (or other and well-implemented anti-corruption will not kill your business. On the contrary: regulators) that they are doing all in their programmes are very efficient at cutting far from limiting the resourcefulness of power to conform to the requirements, and corruption levels and deterring fraudsters. employees, these compliance programmes spirit, of the laws (even if they should fall For example, the companies in the E7 encourage them to become more foul of corruption). which had implemented effective anti- competitive and resourceful by focusing corruption controls in conjunction with on the benefits of the service, product or Secondly, the ethical standing and good strong, clearly understood ethical contract on offer. character of an organisation can actually guidelines said they suffered up to 50% be part of a defence strategy (or protective fewer incidents of corruption than other mechanism) that can effectively shield a companies (see figure 3.8). China – the dragon spreads company against the offers of corrupt outsiders. Once again, this underlines the Fourthly, and uniquely, our research its wings importance of a company possessing a shows that incorporating an anti- China has been of particular interest to visible and unassailable culture of honesty corruption programme into your business our clients in recent years. We decided and fair dealing. But that ‘ethical culture’ activities does not have a detrimental therefore to conduct in-depth interviews must, somehow, extend to and embrace a effect on business development activities. with senior executives who had first-hand company’s local workforce too. Regardless Indeed, far from losing opportunities by experience of fraud issues in China and of how ingrained or ‘normal’ the practice of not paying a bribe, our research shows we sought their opinions and knowledge bribery may be in a particular culture, it is that only 18% of the companies which in order to compile this section. Our important that the indigenous talent is had implemented anti-corruption interviews cover more than 500 global shown how truly destructive the practice programmes and ethical guidelines lost companies familiar with operating in China. really is – to the company in which they opportunities they had pitched, compared work, to their community, and even to the with 25% of the companies which had Before we examine the different risks that economic well-being of their country and implemented none. need to be addressed when doing business the generations that will come after them. 3.8 Companies with anti-corruption programmes suffering corruption incorporating an anti- Global 9 13 corruption programme W. Europe 6 7 into your business activities CE. Europe 8 18 does not have a detrimental N. America 7 10 13 effect on business development activities SC. America 13 Asia & Pacific 11 16 Africa 13 24 0 10 20 30 40 50 % companies Anti-corruption programme No anti-corruption programme
    • 34 The 4th biennial global economic crime survey Section 3: The emerging markets in China, it is worth noting that the country approximately US$ 2.5 trillion, according operations, the fraud risks related to doing is, indeed, truly vast – it is the third largest to government statistics. business with China become even clearer: country in the world, next to Russia and • Of the 21% of corruption cases that Canada – and despite the odd wobble or With a population of some 1.3 billion people involved a perpetrator located overseas, two has maintained an annual economic – and rapidly developing industries such as 17% of those involved a perpetrator growth rate of around 8-9% per year over iron and steel, coal, textiles and apparel, from China. the last decade. (By way of comparison, petroleum, cement, chemical, toys, food the 2005 annual growth rate in the UK was processing, automobiles, consumer • Of the 41% of IP infringement cases 1.8%, in the US 3.5%, in Belgium 1.5%, electronics and information technology – that involved a perpetrator located in Germany 0.9%, in Italy 0.1%, and in it’s easy to see why China is so attractive to overseas, 44% of those involved a Canada 2.9%.) In fact, China’s economy outside investors and foreign companies. perpetrator from China. is now the world’s fourth largest, and its economic output for 2006 was US$ 2.68 Our survey results clearly show that the trillion. In addition, and true to the two greatest fraud risks to be faced when Managing the risks of doing government’s stated goal of reforming its operating in China are perceived to be business with China business policies, around 65% of China’s corruption and those frauds that fall under GDP in 2006 was generated by the private the category of IP infringement, although There is an evident need to prepare for sector, a fact clearly apparent in a country the former is not greatly different from the the fraud risks associated with doing awash with new construction projects, new perceived threat in the other emerging business with or in China at this time. companies (both foreign and domestic), markets (see figure 3.9). And while it is encouraging that 15% of and new business initiatives. In January those that are doing business there are 2007, Bloomberg reported that the Chinese When we asked our survey respondents considering what control measures to put stock market had hit the US$ 1 trillion whether there had been a foreign in place in comparison to an average of mark for the first time in its history, and perpetrator involved in the crimes they 8% of companies elsewhere in the world, by August 2007 this figure had grown to had experienced in their own country’s only just over a quarter of companies 3.9 Companies’ concerns over fraud risks – comparing China and the developed market regions 65% of China’s GDP in 2006 Asset misappropriation 22 28 was generated by the private 17 25 sector, a fact clearly apparent in a country awash with new Accounting fraud 23 13 12 construction projects, new Corruption & bribery 18 26 10 Money laundering 8 12 19 companies (both foreign and IP infringement 16 23 domestic) and new business 0 10 20 % companies 30 40 50 initiatives N. America W. Europe China
    • PricewaterhouseCoopers 35 (27%) had strengthened their existing to interpret Chinese laws with the same One very important cultural element is controls, and less than a fifth (17%) had degree of precision they would in the ‘face’. Targets or stretch budgets set from put in place any new controls that were EU or US. abroad may be seen locally as a ‘must suited to the specific risks of the region. achieve’, and consequently there may be a However, Beijing is now making great far greater imperative to meet these targets This may be because operations in this efforts to reduce the amount of red tape one way or another. The magnitude of this emerging market are so new, but with businesses have to endure. need to ‘hit the numbers’, and what can perceived levels of corruption higher happen when there is a shortfall, cannot be than the global average, Western-listed overstated. It is an easy step sideways into companies must consider dealing with Cultural issues fraudulent behaviour for managers who feel this issue at the earliest opportunity. that they will rise or fall depending on the In all of our considerations we must take results they produce. into account the importance – and the One of the major problems for foreign effect – of the relationship-based way companies doing business in China is One should also take into consideration of doing business that is common in the the perceived lack of effective legal the fact that financial systems in the E7 Asian, African and Latin American protections, which extend to mergers and countries tend to be far less sophisticated economies. To do business in China, for acquisitions, retaining land-usage rights, (and thus less exacting) than in the example, a company’s representatives and – especially problematic, even now – developed markets. Many companies still must have ‘guanxi’, that is, good, strong, protecting both private property and operate manual entry accounting systems one-to-one personal relationships. With intellectual property. Foreign companies and for foreign invested entities there will the right relationships in place a company have to recognise that one fundamental generally be at least two sets of books – can achieve a high success rate, but difference between doing business in (one for local reporting under PRC GAAP, without those relationships, a company China and, say, the EU or the US, lies in one for the overseas investor under its own may expend a great deal of effort without the legal and regulatory systems. Western- GAAP or IFRS), and for domestic entities achieving success. based investors often find it more difficult the possibility of a third set of records to do business in China, for example, a company’s representatives must have ‘guanxi’, that is, good, strong, one-to- one personal relationships
    • 36 The 4th biennial global economic crime survey Section 3: The emerging markets showing higher profits than reported to the education in order for local management according to the China ‘experts’ surveyed, tax authorities – which, needless to say, and staff to understand how they are their own companies in China lost a total creates the opportunity for ‘error’. expected to operate. of US$ 191,118,688 to fraud over the last Accounting fraud, for instance, is not always two years. On average each company lost regarded as such in China, but as an ‘error’ US$ 1,790,685. (This is a little less than the and is therefore not always reported. At the Computing the losses global average of US$ 2,420,700, but this same time, the language barrier and different may be because Chinese companies do The most pressing problem for many non- GAAP can also make it difficult for non- not always have the kind of controls, Chinese companies is, as we mentioned Chinese-speaking foreign auditors to spot processes and culture in place to be able earlier, IP theft. Companies in the US, the these ‘errors’, or alternatively for local to accurately assess what has been lost.) EU, Japan, Singapore and elsewhere have management to understand the international seen their products – which are supposedly accounting requirements. So, how does the Chinese government protected via trademarks, patents and regard these matters? China’s assistant copyright – illegally copied in China. We must also include, as part of this Minister of Public Security, Zheng According to our survey some 23.5% of discussion, the subject of governance, Shaodong, speaking at a recent foreign companies in China said they had which, in many E7 countries, tends to be symposium said that ‘China has seen been the victims of IP infringement; and relationship-based: i.e., the subordinate an increasing number of cross-border 44% of IP infringement cases (worldwide) does as they are told by their manager economic crimes in recent years, that involved a perpetrator overseas often without question. In these cases, especially in fields such as intellectual involved a perpetrator from China. It has there is little understanding of ‘principles- property infringement and money been said that the global distribution of based governance practice’ and Western laundering.’ pirated products generates as much as companies that have invested or are US$ 500 billion a year, 70% of which intending to invest in these markets may Mr Zheng also said that over the past originates in China, although such figures need to do a lot in the way of training and seven years Chinese law enforcement are obviously speculative. However, 44% of IP infringement cases (worldwide) that involved a perpetrator overseas involved a perpetrator from China
    • PricewaterhouseCoopers 37 agencies had uncovered some 400,000 And the future? for example, serves as a clear warning instances of economic crime and had to fraudsters. It remains to be seen arrested 370,000 suspects, recovering So, what of China’s future in the ongoing how foreign investors who fall foul of approximately 100 billion yuan (US$ 13.2 fight against economic crime? To quote Chinese economic crimes legislation billion) in the process. There is obviously China’s own sixth-century BC philosopher will be treated. a willingness on the part of Beijing to Lao Tzu, ‘Those who have knowledge, don’t admit that a problem exists and that it has predict. Those who predict, don’t have A recent month-long nationwide amnesty, to be tackled. As Minister Zheng pointed knowledge’, which might be taken to mean which resulted in nearly 1,800 Chinese out: ‘Many economic crimes are either not that making predictions about how, and government officials confessing their detected or unable to be investigated, and to what extent, China will successfully deal involvement in hundreds of acts of this represents a threat to social harmony.’ with economic crime in the future is fraught ‘misconduct’, serves to demonstrate the with problems. We should keep in mind the prevalence of economic crime and also China is not alone among developing fact that, in the last 30 or so years, no other that China is keen to root it out. countries in having to contend with such country in the world has expanded its problems. However, its remarkable success presence in the global marketplace to the The message is clear. China stands out as in the last few years has made it possible extent that China has. Even Japan’s rapid a fantastic opportunity for investors, but for economic crime to take root, especially economic growth during the 1960s and as the economy continues to grow, so bribery. In fact, according to China experts 1970s pales by comparison with China’s does the opportunity for fraud. Anti-fraud surveyed, 17% of their companies in China recent advances. measures that work in Western societies suffered from instances of corruption and may not be as effective in China, and the bribery. By way of comparison, 14% of China takes a very severe line on those need to be vigilant cannot be overstated. these companies experienced some form who transgress and who are caught. of asset misappropriation, and only 6% The execution of Zheng Xiaoyu, the of them had uncovered any instances of former Director of State Food and Drug accounting fraud. Administration, for economic crimes, China stands out as a fantastic opportunity for investors, but as the economy continues to grow, so does the opportunity for fraud
    • Methodologies and acknowledgements
    • 40 The 4th biennial global economic crime survey Methodologies and acknowledgements Methodology Western Europe 2550 South & Central America 310 Austria 87 Argentina 76 PwC’s 4th biennial Global Economic Crime Survey was conducted in 40 countries Belgium 75 Brazil 76 between April and July 2007. Over 5,400 Denmark 75 Chile 76 computer-assisted interviews (telephone and Finland 80 Mexico 82 web) were conducted with CEOs, CFOs and other executives who have responsibility for France 150 North America 626 economic crime prevention and detection Germany 1166 Canada 126 within their respective companies. More than Italy 128 USA 500 half of the respondents (55%) are members of the executive board or company Netherlands 150 Asia & Pacific 894 management and/or stated that their main Norway 102 Australia 104 responsibility was in the field of finance. Spain 75 Hong Kong 100 The companies were randomly selected Sweden 76 India 152 and the target number of respondents for Switzerland 84 Indonesia 75 each country was determined according UK 302 Japan 130 to its GDP. Central & Eastern Europe 794 Malaysia 101 Each interviewee was asked to respond to Bulgaria 75 New Zealand 78 the questions with regard to (a) their company and (b) the country in which they are located. Czech Republic 79 Singapore 76 The interviews were undertaken in the native Hungary 77 Thailand 78 language of each country by native speakers, Poland 102 Africa 254 all of whom had been trained in the specific terminology around fraud (see below), as well Romania 77 Egypt 75 as fraud’s various forms and impact. Russia 125 Kenya 76 Serbia 76 South Africa 103 Getting these results ready to present to you has taken more than a year, during which we Slovakia 78 worked to achieve the highest scientific and Turkey 105 Total 5428 analytic standards. Work began with a meticulous selection of questions by the international and interdisciplinary members Function (main responsibility) of China experts (resp. for business) 217 of the project’s Survey Management Board. interviewee in the company (%) China experts (resp. for investment To ensure complete confidentiality of the decisions) 313 CEO or Finance 55 survey respondents, PwC retained the Audit 15 China experts 530 internationally-renowned market and social Legal 12 Brazil 166 research institute, TNS Emnid, to conduct Human 8 one-on-one telephone interviews in 40 Security 7 India 184 countries and 21 languages. This was then Risk 11 Indonesia 152 followed by several weeks of careful data Compliance 11 analysis by the independent Economy & Mexico 153 Other function 27 Crime Research Center at Martin-Luther- Russia 227 University, Halle-Wittenberg. As a result, Turkey 156 all findings have gone through several tests and controls before being released for Total (experts on publication in our survey emerging markets) 1568 The survey also contains a review of the results from 2,026 cases of fraud reported by 1,435 companies. This enabled further, in-depth analysis of its causes and losses, corporate responses and recovery actions and the effectiveness of fraud prevention measures. The survey also contains the opinions of 1568 self-accredited experts on the impact of economic crime in the emerging markets of Brazil, Mexico, China, India, Indonesia, Russia and Turkey.
    • PricewaterhouseCoopers 41 Size of participating organisations Definitions of economic crimes % companies Due to the diverse descriptions of individual types of economic crime in countries’ Up to 200 34 legal statutes, we developed the following categories for the purposes of this survey. The descriptions were read to each of the respondents at the start of the survey to 201 to 1,000 35 ensure consistency. 1,001 to 5,000 21 More than 5,000 10 Fraud/economic crime The intentional use of deceit to deprive another of money, property or a legal right. Mean number of employees 2842 Asset misappropriation (inc. embezzlement/deception by employees) The theft of company assets (including monetary assets/cash or supplies and equipment) Industry groups participating by company directors, others in fiduciary positions or an employee for their own benefit. % companies Aerospace & Defence 2 Accounting fraud Company accounts are altered or presented in such a way that they do not reflect the Automotive 5 true value or financial activities of the company. Chemicals 4 Communication 2 Corruption and bribery (inc. racketeering and extortion) Typically, the unlawful use of an official position to gain an advantage in contravention Energy, Utilities & Mining 7 of duty. This can involve the promise of an economic benefit or other favour, the use of Engineering & Construction 7 intimidation or blackmail. It can also refer to the acceptance of such inducements. Entertainment & Media 3 Money laundering Financial Services 13 Actions intended to legitimise the proceeds of crime by disguising their true origin. Government Services/Public Services 2 IP infringement (inc. trademarks, patents, counterfeit products and services, Healthcare 3 industrial espionage) This includes the illegal copying and/or distribution of fake goods in breach of patent or Insurance 4 copyright and the creation of false currency notes and coins with the intention of passing Industrial Manufacturing 15 them off as genuine. It also includes the illegal acquisition of trade secrets or company Pharmaceuticals 3 information. Retail & Consumer 6 Technology 6 Transportation & Logistics 4 Other Industries or business activities 15
    • 42 The 4th biennial global economic crime survey Methodologies and acknowledgements The Editorial Board The Fourth Global Economic Crime Survey editorial board consisted of the following individuals: PricewaterhouseCoopers Investigations and Forensic Services • Claudia Nestler, Partner, Germany Leader and Survey Sponsor • Steven Skalak, Partner, Global & US Investigations Leader • John Wilkinson, Partner, Eurofirms Leader • Tony Parton, Partner, United Kingdom • John Donker, Partner, Hong Kong/China Leader • Roger Stanley, Partner, Central & Eastern Europe Leader • Luis Madasi, Partner, Brazil • Mona Breed, Managing Director, Global Advisory Client Issues • Jennifer Johnson, Director, Survey Project Manager Martin-Luther-University (Halle-Wittenberg, Germany) www.econcrime.uni-halle.de • Prof. Dr. Kai Bussmann, Chair of Criminology & Penal Law, (Halle/S., Germany) • Markus Werle, Economy and Crime Research Center (Halle & Berlin, Germany) TNS Emnid (Bielefeld, Germany) www.tns-emnid.com • Oliver Krieg, Director Social & Opinion Apostasy (London, UK) www.apostasyinnovation.co.uk • Dominic Parker, Strategic Partner, Apostasy Ltd Particular thanks in compiling this report are also due to the following at PricewaterhouseCoopers: Noel McCarthy, Jennifer Cibinic, Karena Kay. pwc.com/crimesurvey © 2007 PricewaterhouseCoopers. All rights reserved. ‘PricewaterhouseCoopers’ refers to the network of member firms of PricewaterhouseCoopers International Limited, each of which is a separate and independent legal entity. Design by studioec4 18562 (9/07)
    • PricewaterhouseCoopers 43
    • pwc.com/crimesurvey