KPMG is pleased to present its 2022 outlook on fraud, cyber attacks and compliance concerns across the Americas. Our survey of more than 600 executives across multiple industries confirms anecdotal evidence about the effects of the pandemic on these three interconnected threats: it reveals that fraud, compliance concerns and cyber attacks are common, have increased in severity — and are expected to become more frequent.

Are companies in the Americas managing to fend off this triple threat? This research suggests that many have limited defenses in place, and the shift to hybrid or remote working is making existing controls less effective.

Key Findings

Our survey reveals that fraud, compliance concerns and cyber attacks are common, have increased in severity, and are expected to become more frequent.

fraud survey icon

The majority of companies across North and Latin America reported that they have suffered losses from fraud, compliance breaches, and/or cyber attacks.

fraud survey icon

Large companies are more at risk of fraud.

fraud survey icon

Fraud threats differ between North and Latin America.

fraud survey icon

The COVID-19 pandemic has made things worse.

fraud survey icon

Businesses expect fraud, compliance risk and cyber attacks to rise.

fraud survey icon

Not enough companies are completely on top of fraud controls, compliance and cyber security.

   

A united defense against a triple threat

The results of the survey indicate that fraud, compliance risks and cyber attacks are widespread, growing dangers for companies across North and Latin America. Increasingly, companies need to mitigate what KPMG calls the 'threat loop', which comprises the triple threat of fraud, compliance risk and a growing array of cyber security threats. Defending against this threat loop requires a collective, interconnected effort. Companies need to look at the impact created by these threats in conjunction, rather than just the risks they pose in isolation.

Fraud compliance cyber thread loops

Companies have urgent priorities

  • Fraud: Never discount the possibility of an inside job. A significant 31 percent of respondents say their companies have suffered from fraud perpetrated by an insider in the past year.
  • Compliance: Compliance is a reputational issue. More respondents say that reputational considerations cause their leaders to pay attention to compliance than say the same of fines and enforcement.
  • Cyber security: Slow and steady will not win the cyber security race. Respondents tell us it takes about a month, on average, for a cyber attack to be fully contained, and most seem satisfied with how well their companies do in this area. This indicates that there is a potentially fatal lack of urgency in how companies are responding to the threat of cyber attacks.

  

Fraud, non-compliance and cyber breaches are the costly norm

Of the risks that we examined, respondents indicated that their companies are most likely to have experienced cyber attacks.


1.5%

The percentage of profits large companies are losing due to fraud and non-compliance.



The reality of a triple threat

The reality of a triple threat

  

Covid-19 and the impact on the risk environment


Overall, 86% of respondents say that remote working has negatively affected at least one element of fraud prevention, compliance and cyber security programs at their company.


Half of respondents tell us that working from home has negatively impacted their companies’ ability to respond to fraud.

The shift to remote working has increased our risk of fraud, due to a reduced ability to monitor and control for fraudulent behavior.

Fraud survey pie chart

Working from home has negatively impacted our ability to respond appropriately to fraud in our business.

Fraud survey pie chart

The anti-fraud controls we had in place pre-pandemic have not been effectively updated to reflect the new working reality.

Fraud survey pie chart

       

Risk levels are rising…

69%


of respondents expect an increase in the risk in at least one of either external or internal fraud in the next year.



29%

project a rise in both.




Worries about growing cyber crime are widespread

77%

say that cyber-security risk will increase in the next 12 months.



7%

Only 7% foresee a decline.


New requirements and tougher enforcement ahead

  

Bar graph

  

Is your company prepared for the triple threat?

Fraud, non-compliance and cyber attacks present an expensive threat to companies across the Americas, which has been exacerbated by the pandemic. 

Most companies have some defenses in place, but comprehensive excellence is rare.

The majority of companies are set to spend more money in, and increase leadership focus on, these areas.

KPMG recommends that they consider taking the following five steps to mitigate the triple threat.

Top 5 things to consider

  

one number icon

Set the right tone from the top

two number icon

Carry out a risk review

three number icon

Communicate effectively

four number icon

Strengthen detection

five number icon

Create a culture of enforcement and accountability

Get in touch

Related content