Fraud biggest business risk after cyber-attacks
DUBAI, May 27, 2018
Forty-eight per cent of Middle East businesses cited fraud and corruption as the greatest risk to their company, followed by cyber attacks (38 per cent), according to the Global Fraud Survey conducted by professional services firm EY.
While 97 per cent of respondents agreed that it is important to demonstrate that their organization operates with integrity, 39 per cent still think that offering cash payments can be justified if they help a business survive an economic downturn.
Charles de Chermont, EY MENA Fraud Investigation & Dispute Services leader, said: “The findings show that there is often a lag between the introduction of stronger anti-corruption laws and a change in behaviour. While new laws and regulations have been introduced and enforcement intensified, non-compliant behaviour still remains, though the Middle East is certainly tackling the issue.”
This year’s survey found that 42 per cent of executives surveyed in the Middle East believe that corrupt practices still occur widely in business.
“Businesses remain vulnerable to significant financial and reputational harm. Management teams must identify and address the root causes of such conduct in their organization. Compliance programs need to keep pace with the impact of rapid technological advancements and the increasingly complex risk environment on business operations,” added de Chermont.
The report finds that individuals shirk responsibility; when asked who is held accountable for ensuring employee integrity, 50 per cent of respondents believe that integrity is the primary responsibility of either management or the board, and only 14 per cent feel that individuals should take primary responsibility for their organization behaving with integrity.
“Organizations need to make it clear that acting with integrity is everyone’s responsibility. The pressing challenge for management and the board, therefore, is to build a robust culture of integrity and compliance in which employees do the right thing because it’s the right thing to do, and not just because a company code of conduct says they should. The encouraging news is that with today’s advances in forensic data analytics, companies can use technology to detect fraud as they seek to improve compliance,” explained de Chermont.
Global regulations that will affect Middle East
The EU General Data Protection Regulation (GDPR), which came into force on May 25, requires all businesses to strengthen the protection of personal data of all EU citizens; the penalty for non-compliance is €20 million ($23.2 million), or 4 per cent of the worldwide annual revenue of the prior financial year, whichever is greater.
“The introduction of GDPR is a major challenge for all organizations. Apart from the need to comply with laws, regulations, contracts and other agreements, embracing a GDPR-compliant approach ensures an organization protects personal data in an increasingly complex regulatory environment. It helps meet the expectations of stakeholders, especially in the light of increasing public awareness and concerns about data privacy in recent times,” concluded de Chermont. – TradeArabia News Service