Security Newswire

EY Names Top Fraud and Corruption Trends for 2014

Companies and their Boards are struggling with increased regulatory burden and the risks associated with operating in emerging markets.  Regulators are challenging corporate compliance and governance models as companies aim to mitigate risk while shareholders expect growth.  The changing landscape for cross-border disputes, bribery and corruption and cyber-crime continues to test compliance and governance models, especially in new markets. 

Brian Loughman, the EY Americas Leader for Fraud Investigation & Dispute Services (FIDS), commented, “Our clients are continually looking for ways to improve their approach to anti-bribery and corruption risk in emerging markets.  However, we see related risks gaining traction with multinationals as well as industry specific risk issues that will persist into FY14.  FIDS has identified six key themes where we expect our clients to focus in 2014.”

Here’s what is expected to emerge in 2014:

  1. Dealing with reputational harm and the business risk associated with cyber-crime will become part of a General Counsel's responsibility set.
    • Traditionally the role of the Chief Information Security Officer (CISO) focused on information security attacks and compromises due to their damaging and potentially public nature.  These risks are requiring immediate and planned responses organized by inside and outside counsel.  Additionally the potential shareholder impact,  risk due to state-run and industrial cyber-espionage, loss of highly valuable IP, unique business process, or client data elevates the responsibility of cyber-security to a Board level exercise.  The related disclosure issues can be complex.
  2. Balancing significant growth opportunities in Africa with perceived corruption risk.
    • With a number of rapidly growing economies and increasingly sophisticated consumer markets, multinationals continue to heavily invest across a wide range of industry sectors.  However, the perceived level of corruption in the region, and the attention of US authorities on business conduct in the region, is prompting organizations to reassess their controls, testing and compliance programs.  Indeed EY’s 2013 EMEIA Fraud Survey found that 83% of African respondents polled viewed bribery and corrupt practice as wide-spread.  Organizations setting up operations in Africa will need to perform robust due diligence in order to manage these risks.
  3. The impact of regulation will be felt stronger than ever by the financial services industry.
    • Notwithstanding the billions of dollars in restitution, fines and litigation costs incurred to date by banks and securities firms, regulatory pressure is not expected to dissipate in 2014.  Important themes from 2013 will likely continue as the industry responds to broad regulatory focus on systemic risk and reacts to Consumer Financial Protection Bureau (CFPB) rulemaking on mortgage loans, student loans and credit cards.  Regulatory enforcement pressure, which heretofore has focused on the largest institutions, may also migrate to midsized banks in 2014 prompting reassessment and enhancement of risk and compliance efforts at this tier.
  4. FCPA compliance will remain a top priority for life sciences companies operating in emerging markets. 
    • The recent enforcement actions in China have shown a notable expansion of the exposure that life sciences companies face when operating overseas.  Gone are the days when enforcement was led solely by US authorities.  Staying on top of the differing anti-corruption laws and standards, particularly in markets where the rule of law is not always clear, will present a challenge and opportunity for companies that depend deeply on growth in those markets.  We can expect even greater attention to compliance processes as well as overall internal control enhancements.
  5. Anti-money laundering and corruption programs to face greater scrutiny.
    • Global regulators and the Department of Justice continue to press large, global financial institutions on the issues of money laundering, trade sanctions and bribery and corruption, stressing the need for robust program controls, sophisticated monitoring systems and knowledgeable personnel at the watch.  The regulatory scrutiny is now moving beyond the traditional banking sector into non-banks, including credit card issuers, insurance providers and gaming enterprises, prompting the need to seriously review and enforce their compliance programs and controls.
  6. The opportunity to leverage "Big Data" in the context of compliance and anti-corruption will allow companies to ask new questions.
    • Data analytics, traditionally the domain of marketing and sales, has effectively migrated into the realm of internal audit, compliance, and corporate oversight.  Companies now have opportunities to use forensic data analytics for proactive monitoring of business data.  Organizations will be able to develop a better understanding of the risks and rewards of forensic data analytics and how these techniques can be used to transform data to help detect potential instances of fraud and implement effective fraud risk mitigation programs.

 

Information from EY Press Release: December 16, 2013

Did you enjoy this article? Click here to subscribe to Security Magazine. 

You must login or register in order to post a comment.

Multimedia

Videos

Image Galleries

ASIS 2013 Product Preview

ASIS International 59th Annual Seminar and Exhibits, September 24-27 in Chicago, Illinois, will include an exhibit hall packed with innovative security solutions. Here are some of the products that will be shown at ASIS this year.

Podcasts

Virtualization and Data Center Security: What You Need to Know for 2014

Data centers are increasingly becoming the center of the enterprise, and data center and cyber security is following the same path for security departments. According to Justin Flynn, a consultant at the Burwood Group, the virtualization of data centers allows enterprises to scale more easily and faster, with a smaller footprint.

However, hosting enterprise data in the cloud can make intrusion detection more difficult – how can enterprise security leaders team up with other departments to keep aware of cyber risks and traffic, and physical and data compliance during the virtual transition? How can CISOs and CSOs discuss cyber threats with the C-Suite to get the resources they need? And how can the proper infrastructure test and verify possible malicious attacks? 

More Podcasts

Security Magazine

August 2014

2014 August

In the August issue of Security Magazine, read about the public-private partnerships and the future of DHS with Frank Taylor, sneak a peek at the ASIS 2014 security products, and read a special report on cyber risk and security. Also in this issue find out why America is in desperate need of a CSO and the most common mistakes in Cyber incident response. The security game has dramatically changed since September 11th, read about what enterprises are doing to keep Americans safe and sound.

Table Of Contents Subscribe

Adopting New Technology

How long do you wait before adopting a new technology?
View Results Poll Archive

THE SECURITY STORE

comptiahighriseproductphoto
CompTIA Security+ Certification Study Guide
CompTIA's Security+ certification is a globally-recognized, vendor neutral exam that has helped over 60,000 IT professionals reach further and higher in their careers. The current Security+ exam (SY0-201) focuses more on being able to deal with security issues rather than just identifying them.
More Products

Clear Seas Research

Clear Seas ResearchWith access to over one million professionals and more than 60 industry-specific publications,Clear Seas Research offers relevant insights from those who know your industry best. Let us customize a market research solution that exceeds your marketing goals.

Vertical Sector Focus: Critical Infrastructures

criticalhomepagethumbFrom terrorism to vandalism, it’s preparedness, response, training and partnerships. Learn about some of the critical security issues facing this sector.

Visit the Critical Infrastructure page to read more.  

STAY CONNECTED

Facebook 40px 2-12-13 Twitter logo 40px 2-12-13  YouTube  LinkedIn logo 40px 2-12-13Google+