By Daniel Hunter
Cyber crime is one of the biggest concerns for UK businesses, according to EY’s 13th Global Fraud Survey.
Specifically, 74% of respondents stated cyber crime to be a high risk to their organisation, compared to 49% globally - second only to Brazil at 76%.
The survey included in-depth interviews with more than 2,700 executives across 59 countries (of which 50 respondents were from the UK), including chief financial officers, chief compliance officers, general counsel and heads of internal audit.
Globally, nearly 40% of all respondents believe that bribery and corruption are widespread in their country however, in contrast, this drops to 18% in the UK. Despite the UK performing well on serious fraud and corruption, the survey did highlight that almost half (46%) of UK executives are willing to offer corporate entertainment in order to retain business — far higher than the global average of 29%.
John Smart, Head of EY’s UK Fraud Investigation & Dispute Services (FIDS) practice, said: “The rest of the world is playing catch up with the UK in recognising cybercrime as a serious threat. High-profile cybercrime incidents and a number of government initiatives may have played an important role in ensuring high awareness of this issue amongst business leaders here in the UK.”
Smart warned: “The conversation now needs to move onto how businesses respond to these dangers. Awareness is just the beginning and business leaders need to ensure robust incident response strategies are in place. When a data breach does occur, many companies fail to investigate how and why an attack has taken place, which can leave networks compromised and exposed as the full extent of the breach is never uncovered.”
The cyber threat from within
The research also found that businesses perceive employees to be a bigger concern (36%) than organised criminals (26%) when it comes to sources of cybercrime.
Paul Walker, Head of Forensic Technology and Discovery Services at EY, said: “The results may not necessarily indicate mistrust between employers and employees when it comes to cybercrime issues. The issue is whether employees take cybercrime as seriously as management do.
“Employees are sometimes seen as the weak link with individuals susceptive to phishing emails — where spoof emails are sent out in an attempt to gain passwords or confidential information, downloading viruses and transferring files to unauthorised personal devices.”
Encouraging picture on fraud compliance
The UK is performing significantly better than the rest of the world when it comes to getting the basics right around fraud and corruption. According to the survey, 94% of respondents agree that senior managers in the UK have strongly communicated a commitment to anti-bribery policies — roughly 10% more than the global average.
UK businesses are also top of the preparation table, with 88% having attended some form of bribery and corruption training. Furthermore, the UK is third globally when it comes to whistleblowing procedures, with 82% of respondents stating that their organisation has a whistleblowing hotline.
Despite these important processes being in place, 14% of UK businesses still reported a significant fraud in the last two years and 18% of executives consider bribery and corruption to be widespread. This may demonstrate that a culture of good compliance is failing to work its way down organisations.
Confusion over the Bribery Act
Smart said: “Overall, the UK continues to demonstrate a strong commitment to integrity and anti-bribery/anti-corruption compliance and this is supported by legislation such as the Bribery Act. UK companies take their responsibilities seriously in this area and the results show a significant level of self-enforcement.”
He concluded: “However, the fact that 46% of UK businesses said it was okay to offer entertainment to retain business shows there is still confusion regarding what is and is not acceptable. If gifts or entertainment are being offered as a quid pro quo or with a direct link to retaining business they are probably bribes. With the summer events season approaching it is more important than ever for companies to be extra vigilant around entertainment and satisfy themselves that what they offer is appropriate and reasonable."
To learn more about protecting yourself and your business online, take a look at our business advice articles on cyber security.
Join us on