Risks far too underestimated

Risks far too underestimated

DAY

Companies tend to underestimate the risk of fraud to which they are exposed. And yet, cybercriminals are more active than ever!

A March 2022 survey of business executives and owners by MNP found that 80% of respondents rated the risk of financial fraud in their business as low or moderate. 

< p>Only 20% perceive it as high. These figures contrast sharply with reality, when you consider that on average 5-6% of a company's annual revenue can be swallowed up by fraud. 

Furthermore, one in four will soon or later hit by this scourge and even twice rather than once, which indicates that they did not put security measures in place even after an initial attack.

Finding loopholes

Corey Bloom, FCPA, CFE, Partner and Eastern Canada Leader, Investigations and Forensics at MNP, says the situation has further aggravated with the pandemic. 

“Cybercriminals take advantage of the situation when you go through periods of change, because it allows them to find vulnerabilities and exploit them. For example, there were a lot of layoffs and therefore certain control processes were no longer applied,” she explains. emergency created potential security breaches. The digital signature also generated risks of false signatures or contracts signed by the wrong person,” says Simon Gaudreau, CPA auditor, CFE, Director, Investigations and Forensic Accounting at MNP. 

“Acquisitions and everything related to the reorganization of a company are also part of the risky changes in terms of cybersecurity,” he says.

The human factor

Companies generally believe that fraud can only come from technology. Yet they are wrong, says Simon Marchand, CFE, Vice President, Products and Risks at GeoComply. He underlines in fact that the human factor is often neglected whereas it is rather dominating.

In other words, employees are often the weak links, either through negligence or ignorance of the risks, or because they are going through a difficult financial period and may be receptive to attempts at corruption orchestrated by fraudsters. 

< p>Even long-time employees can be a doorway. 

In fact, according to the Report to the Nationspublished by the Association of Certified Examiners (ACFE) in 2022, there is a correlation between the number of years of experience and the level of risk, in particular for SMEs, seniority being proportional to the financial losses related to fraud.

“There is no magic recipe for monitoring employees. Instead, we need to raise awareness and establish good practices,” notes Simon Marchand. He adds that the establishment of a whistleblower telephone line is also very effective. 

“Two thirds of cases of internal fraud or risky practices are discovered through this type of line” , he says.