As South Africa once again takes its place as the country worst hit by economic crime, cybercrime is becoming a preferred method for perpetrators – and it's set to increase dramatically in the coming years.
This is one of the messages from Louis Strydom, head of forensic services at PriceWaterhouseCoopers, presenting findings from the latest biennial Global Economic Crime Survey.
"The sophistication of criminals is definitely increasing as the scene changes. I believe we will find that the next two years there will be a major focus on cyber and electronic crime."
The Global Economic Crime Survey is conducted over two years and measures the incidence and impact of economic crime on companies around the world. South Africa tops the list of countries hit hy economic crime, with 72% of companies polled reporting incidents over the last two years. This compares to a worldwide average of 43%.
However, this figure is well down compared to the previous one in 2005, which showed an 83% prevalance of economic crime in South Africa, which Strydom attributes to improved methods of detecting and preventing incidents.
"The dominant reason is the emphasis placed both by the public sector – in terms of the prosecuting authority, government and regulations – as well as initiatives like the specialised economic crime courts set up in the last few years.
"It's heartwarming to see initiatives like these starting to pay off."
Losses from economic crime are substantial, and South African companies lose a whopping average of $1,088-million per affected company.
Internal staff members were, predictably, the worst perpetrators of economic crime against companies, at 61%, followed by external perpetrators at 39%, customers at 13% and suppliers at 9%. People without any relationship with the company – such as hackers – accounted for 17% of incidents.
Asset misappropriation was the most prevalent crime against South African organisations during the last two years, at 62% of incidents; followed by corruption and bribery at 38%; accounting or financial fraud at 30%; IP infringement at 17%; and money laundering at 10%. Other crimes accounted for 13%.
Detecting fraud within South African companies is still largely via third parties, with 16% being detected via a whistle-blower; 22% via an internal tip-off and 11% via an external tip-off.
Corporate security picked up only 1% of incidents, compared to 3% by accident. Investigation by law enforcement agencies was responsible for 2% of incidents detected; 1% via regulatory authorities; 4% through a change in personnel; 20% via an internal audit; 2% from an external audit; 1% by audit committee; 3% via fraud risk management; 4% from electronic reports; 10% in other ways; and in 1% of instances companies didn't know.