Cyber crime has become the second most common type of economic crime being experienced by financial services firms, after asset ‘misappropriation,’’ according to a survey by PricewaterhouseCoopers.
Two-thirds of firms say they’ve been hit by the theft or ‘misappropriation’ of financial assets, according to global survey of 3,877 resondents in 78 countries across multiple industries.
But 38 percent of financial services respondents say they have been hit by cyber crime of one sort or another. That compares to just 16 percent of firms, across all industries.
PwC defines a cyber crime as:
‘an economic crime committed using computers and the internet. It includes distributing viruses, illegally downloading files, phishing and pharming, and stealing personal information like bank account details. It’s only a cybercrime if a computer, or computers, and the internet play a central role in the crime, and not an incidental one.’
The survey, entitled The Global Economic Crime Survey, asked 3,877 people – from 78 countries and a range of industries – a number of questions on economic crime and cyber crime.
“We have found that highly regulated industries, such as financial services, typically report more economic crime,’’ said Tony Parton, partner in Forensic Services for PwC UK. “Their procedures and systems require greater levels of transparency, which increase the likelihood of detecting incidents of fraud.’’
Financial firms typically have better detection mechanisms, as well, he said.
The detection method that has shown the greatest increase in effectiveness is ‘’suspicious transaction monitoring,’’ increasing from 5 perent of reported incidents in 2009 to 18 percent in 2011. This electronic method automatically detects irregularities and suspicious transactions, and is commonly used in the financial services sector, PwC said.
Financial services firms also typically must guard mainly against attacks from outside their networks. In financial crimes, “the main perpetrator usually (comes) from outside the organization,’’ PwC said.
The financial services sector represented 23 per cent of the overall survey population with 878 respondents from 56 countries.
Here is a summary of PwC’s cybercrime findings:
• Cybercrime now ranks as one of the top four economic crimes.
• Reputational damage is the biggest fear for 40% of respondents.
• 60% said their organisation doesn’t keep an eye on social media sites.
• 2 in 5 respondents had not received any cyber security training.
• A quarter of respondents said there is no regular formal review of cybercrime threats by the CEO and the Board.
• The majority of respondents do not have, or are not aware of having, a cyber crisis response plan in place.
Tom Steinert-Threlkeld writes for Securities Technology Monitor.