* Asset loss and cybercrime among the most frequent economic crimes *
Asset misappropriation, cybercrime and money laundering are the most common economic crimes affecting businesses in Cyprus, according to the release of the local results of the PwC Economic Crime Survey, conducted among 90 companies.
This defies comments by government officials who deny financial crime takes place here, often playing down foreign criticism of money laundering which, according to the survey, affects one in four companies, which is more than twice the rate of western European countries.
However, at 27% of respondents who said they have experienced economic crime in the last 24 months, there seems to be a mild improvement, as this figure was 31% in the 2014 survey.
Speaking at the PwC event in Nicosia, Christos Christodoulou, head of the Economic Crime Investigation Office of the police said that due to the increasing incidents of economic crime and particularly cybercrime in Cyprus, there is a need for coordinated action between the police and private stakeholders to tackle the phenomenon.
The PwC survey’s findings show that asset misappropriation ranks as the top economic crime, with 58% of respondents falling victim in the past two years. This is followed by cybercrime, which affects 25% of companies in Cyprus. However, the survey also found that companies are not taking the necessary safety precautions to avert it, as only 32% of them have plans in place to deal with such incidents.
The third most common crime is money laundering with 25% of Cypriot companies stating they have fallen victim over the past two years, in contrast to 11% of all the companies in West Europe participating in the survey.
Accounting and tax fraud followed (with 21% and 13% respectively), then mortgage fraud (13%), bribery and corruption (13%), competition law infringement (8%), intellectual property infringement (4%), abuse of confidential information (4%) and procurement fraud (4%).
According to the PwC survey, in financial terms, 33% of Cypriot organisations that faced an incident of economic crime lost more than 50,000 dollars; with 8% stating losses of more than 1 million dollars.
The PwC event also featured a presentation on the significance of Cybersecurity to companies as it constitutes more than a challenge but a necessity for business. According to the Global State of Information Security survey also conducted by PwC in cooperation with other partners in May last year with the participation of more than 10,000 executives and IT directors, SMEs reported losses up to 75% in revenues due to security breaches.
In his address during the presentation, PwC CEO Evgenios Evgeniou referred to the need to combat economic crime by implementing stringent measures and effective legislation.
“Education and a change of culture is required, which begins first and foremost with the actual cells of the economy: the businesses,” Evgeniou said.
“All the organisations, regardless of size or field of activity, are potential victims of economic crime. What is most important, however, is the ability that all organisations without exception have to take specific preventive measures to deal with this phenomenon, in a way that averts these dangers and impacts positively on their general operation”.
In this year’s global study, the 6,337 participants covered a broad range of business sectors in 115 countries, while in the survey specific to Cyprus, 90 companies and organisations participated from the areas of financial and professional services, technology, transport and communications.
The Cyprus survey also found that 42% of organisations have not performed fraud risk assessments while 8% do not know if they have done so, and 77% use internal sources to perform an internal investigation. As regards cybercrime, most companies were found not to be adequately prepared for or even understand the risks faced, while only 32% of organisations have a cyber incident response plan in place.
As regards risks and responsibilities, 7 in 10 organisations said they have in place a business ethics and compliance programme, and 66% of respondents rely on their internal audit (IA) function in assessing the effectiveness of their compliance programmes. Currently only 5% of respondents say they are using other, promising external and internal monitoring approaches.
Evgeniou added that “the survey results for Cyprus confirm that our country is not much different from the rest of Europe. All organisations, large or small, can become the victims of economic crime, yet all organisations can take specific steps to mitigate the risk.”
“Performing an annual fraud risk assessment, fraud related internal audits and establishing a good whistle-blowing mechanism are some actions that organizations can take proactively. Educating personnel, investing in the set-up of an internal audit department and performing a cyberincident response plan can also assist in the timely identification of fraud, Evgeniou concluded.
The PwC survey also found that 67% of respondents reported less than ten incidents of economic crime, compared to 62% in Western Europe. In other words, 25% of respondents reported more than ten incidents whereas this figure was higher in Western Europe which was at 30%, from which the majority reported 11-50 incidents. This might be explained by the fact that Cyprus companies are much smaller in terms of size and scale of operations, though it could also suggest that not all incidents of economic crime are detected due to lack of proper controls.
