Australian businesses report being more vulnerable to fraud and corruption than they were before the pandemic and there is no indication the risk is subsiding. However, technology could be the answer.

In early 2021, KPMG surveyed over 70 senior executives to explore the impact COVID-19 had on the fraud and corruption risk faced by Australian organisations both here and abroad. The research was undertaken 12 months after KPMG initially consulted executives from ASX200 companies and government agencies.

We were surprised to find that many businesses think the worst may still be to come in terms of fraud, given that widespread remote working may start to ease during 2021. Experience has shown that many internal controls don’t travel well which would explain most finding the risks were higher last year.

Dean Mitchell
KPMG Forensic Partner



Key findings from organisations surveyed

  

72%

72 percent reported the risk of fraud and corruption had increased during the pandemic and 85 percent said they did not expect the risk to reduce in 2021.

Organisations attributed the ongoing vulnerability to the continued remote working environment and pressure on preventative control budgets with 25 percent reporting key control programs have been impacted.

92%

92 percent believed the risk of cyber-fraud had increased during the COVID-19 era.

67%

67 percent said they were ‘not’, or were only ‘somewhat’, confident that they had identified most of the fraud that occurred during the last year.

65%

65 percent reported that widespread remote working had increased fraud risk.

62%

62 percent said that employees were the biggest single source of risk, ahead of suppliers and contractors.

Insider threat was their most significant fraud and corruption challenge reported which was similar to our 2020 Fraud Survey. Those with inside knowledge are often best placed to exploit vulnerabilities and take advantage of an organisation when it is distracted and are often able to take steps to conceal their conduct and delay detection.

51%

51 percent reported that the new operating environment had adversely impacted their ability to investigate suspected fraud or corruption.

Traditional investigations relied heavily on in person interviews, document review and forensic analysis.

25%

25 percent had delayed or cancelled fraud and corruption prevention programs during the pandemic.

The delay of fraud and corruption prevention programs could not have occurred at a more critical time. As fraud and corruption risks were increasing and organisations were forced to adopt new business practices, the focus on controls was diminished. This left many businesses exposed to emerging risks and significant potential financial losses.

Lock downs, international and domestic travel restrictions, combined with work force reductions meant organisations could not respond to concerns in the same way they had prior to the pandemic. Organisations responded with a mix of digitally enabled investigations, where digital records and company assets were remotely analysed, and technology enabled detection strategies.

38%

38 percent reported using forensic data analytics or artificial intelligence to help detect fraud and corruption.

Businesses are increasingly turning to technology to help identify the fraud and corruption that was occurring in the new remote working world.

Fraud and corruption analytics is most effective when it is built on actual fraud and corruption attacks that are occurring in the market. Analytics needs to combine custom-built accounts payable testing targeting potential indicators of fraud with enhanced procedures based on common and emerging fraud scenarios.

Eighteen months typically passes before fraud or corruption is detected - research from the global Association of Certified Fraud Examiners suggests. Where there is an internal perpetrator this period of fraud can extend further. It is not surprising that many organisations are looking to technological advances with a view of reducing this detection window.



Fraudsters leave traces when they attack organisations – clues that can be identified. In response, forensic analytics is needed but this is not simply deploying ‘off the shelf’ data tests to terabytes of data. An optimum response involves bringing together former fraud detectives, data scientists and forensic accountants to uncover the warning signs in your financial data.

Dean Mitchell
KPMG Forensic Partner



Key considerations for organisations using technology to reduce threats

 
  • Ensure analytics is built on real world fraud not generic testing.
  • Fraudsters often create quasi-legitimate entities shortly before embarking on their schemes, deploy analytics to identify suppliers who registered their business shortly before delivering their first invoice to you.
  • Trusts or obscure ownership structures are often used to conceal beneficial ownership from victims, ensure the analytics highlights these vendors.
  • Fraudsters often leave an unintended digital clue in less scrutinised employee vs vendor matching criteria, dive deeper beyond name and bank account matching.
  • Changes to addresses and bank accounts are common flags, target emerging schemes including bank account substitution where accounts are switched back to avoid detection.


There were some interesting observations from participants in the survey, which gave further insights into the findings.

A lack of visibility of parts of the supply chain, particularly losing the ability to complete in person audits/inspections has increased the corruption risk in overseas markets. I think the move to people working from home will remain in organisations and I don't think this risk has been properly understood in the long term. I see this in terms of a general lack of supervision, but also a lack of connection to the business day to day which may influence poor decision making.

Survey participant

Many of the fraud items will not have been uncovered yet because remote work practices mean those who intend to cover their activity still have that scope. Counter-fraud resources have been diverted away from many existing programs, increasing their risks. New programs have been rushed out of the door with limited consideration for fraud, which will increase exposure for organisations. Government programs providing relief has also meant that businesses have been targeted to have their details stolen by criminals seeking to defraud the government.

Survey participant





Connect with us

Sign up for insights to help prevent, detect, and respond to fraud and cyber risk – delivered directly to your inbox.

If you would like to discuss the findings of the Fraud Survey 2021 please contact us.

Further reading