Over the last 9 months, the specie market and the financial industry have seen the value of stored assets increase exponentially. At the mid-year point, for example, this report was tracking the value of gold as up 30 – 50% over 2019, while this update from The Economist around the same time saw the value of cash in U.S. circulation up 11% since February. On the surface, these increases appear as positive developments for those with ownership over the assets, but they are being driven by marketplace uncertainty due to the COVID-19 pandemic. Regardless of how or why it’s happening, this very real and rapid increase in value creates new insurance risks with immediate security implications for all involved.
We sat with Director of Global Operations Neil Watson and Director of U.S. Operations Mike Hyman to help us understand from both the UK and U.S. perspective how businesses can evaluate their security measures, discuss the most common mistakes businesses storing these assets make and forecast how these marketplace changes are disrupting risk assessments and insurance underwriting.
“As the pandemic has hit and times are tight, businesses have leaned on employees that aren’t necessarily adequately trained to move valuables around or audit inventory,” Hyman observed. “For example, if an employer asks a teller to conduct a cash delivery on behalf of the business, that person is not adequately trained to do that.”
“None of us have a crystal ball,” Watson noted. “Is the price of gold going to continue to increase? We’re seeing questions around bullion storage, as well. In the UK, there’s talk of cashless society, which could lead to layoffs, which could cause concern and upset. That would lead us to think more about employee management and infidelity. The risks are going to continue and we just need to be there for our clients to mitigate those risks as the trends ebb and flow.”
Our special 5-part Fraud Week Coffee Break Series continues today where we invite you to spend 10 minutes each day learning about various aspects of fraud detection and prevention through the eyes of our Certified Fraud Examiners and other fraud experts.
For this episode, we interviewed Steven Schwartz, Chief Revenue Officer for Periculus and a recognized innovation leader in the fields of risk management and cybersecurity. Periculus is a digital risk company specializing in helping small businesses measure, understand, and protect against digital risks so they can pursue growth. Before launching Periculus, Schwartz led strategy and insurance at Cytegic, one of the industry’s leading cyber risk quantification platforms, playing a vital role in the company’s successful acquisition by MasterCard in June 2020.
In its September 2020 Fraud in the Wake of COVID-19 Benchmarking Report, the Association of Certified Fraud Examiners (ACFE) reported, “Cyberfraud (e.g., business email compromise, hacking, ransomware, and malware) continues to be the most heightened risk for organizations, with 83% of respondents already observing an increase in these schemes and 90% anticipating a further increase over the next year.”
Many experts believe that organizations were simply unprepared from a cyber perspective for the pandemic and its resulting shift to a remote work environment where employees are now operating outside the usual infrastructure and oversight of their organizations.
As Schwartz explains, “We’re in an interesting time right now, where we’ve never been so polarized, yet so connected. With the increase in digital connectivity comes an exponential increase in the vulnerabilities and threats. The doors are open for attackers to exploit.”
Grab a cup of coffee and spend 7 minutes listening to Schwartz’s view on cyberfraud during COVID-19 and how organizations can better protect themselves moving forward.
How Can Organizations Better Protect Against Cyberfraud?
As with any type of risk an organization faces, it starts with an assessment to develop a true understanding of the risks you face and how those risks might impact your organization. From that place of understanding, you can make decisions about how to effectively mitigate or transfer those risks.
Schwartz explains it this way: “If you just tell me my risk is a 3 out of 5 and that’s all you tell me, I have no idea what that means to my business. But if you tell me I’m a 3 out of 5 with a financial impact of 2 million dollars, it becomes contextualized. And if we take that a step further and we’re able to demonstrate the controls you should invest in because they’re going to have the greatest impact in reducing your risk and financial impact and this is how much you should consider transferring via insurance, we can start to make sense of it all.”
We hope you enjoyed this Coffee Break episode. Come back tomorrow to hear from Neil Watson and lessons learned from real-life stories of fraud.
Today, we continue our special 5-part Fraud Week Coffee Break Series with another episode to address important fraud prevention topics with insight from our Certified Fraud Examiners and subject matter experts. Fraud Week is an annual movement, organized by the Association for Certified Fraud Examiners (ACFE), to champion the need to proactively fight fraud and help safeguard businesses and investments from the growing fraud problem.
For this episode, we interviewed Carlos Rivera, CFE, MAFF, Senior Vice President – Caribbean & Latin America of Lowers Forensics International and Grant Mizel, Financial Analyst, Emerging Markets for Lowers Risk Group. Rivera and Mizel offer their insight to help us understand the importance of situational awareness to an organization’s ability to detect and prevent fraud. They point to the Fraud Triangle as a model for understanding why fraud happens, but also recognize that without situational awareness, the Fraud Triangle is meaningless.
Grab a cup of coffee and spend 7 minutes with Rivera and Mizel:
Formulated in 1953 by criminologist Donald Cressey, the Fraud Triangle theorizes that fraud occurs when a perpetrator feels financial pressure, they are presented an opportunity, and/or they can rationalize the theft. For the Fraud Triangle to be valuable, organizations must be situationally aware. What’s going on in, around, and outside your organization? Which of these internal or external factors might be impacting the opportunities, rationalizations, and incentives that can lead people to commit fraud?
As Rivera points out, “Removing separation of duties and internal audit departments certainly creates the opportunity for employees to commit fraud. However, you have to consider the financial pressure and rationalization that goes along with a national catastrophic situation. In many instances, you’ll have employees who receive salary cuts that may not only feel financial pressure but also rationalize it by claiming what they believe is rightfully theirs, or you may see an employee rationalize through necessity which I believe can be just as powerful of a motivator.”
The COVID-19 pandemic has, unfortunately, led to situations where people have less supervision, more opportunity, and way more financial pressure than before.
As a result, in its September 2020 Fraud in the Wake of COVID-19 Benchmarking Report, the ACFE reported, “77% of respondents said they had observed an increase in the overall level of fraud, with one-third noting that this increase has been significant.” Furthermore, the ACFE reports, “Our findings indicate this uptick is likely to continue; 92% of respondents expect to see a further increase in the overall level of fraud during the next year, and nearly half expect that increase to be significant.”
Mizel remarks, “You talk about the Fraud Triangle and opportunity, when you give folks the opportunity, they are most likely going to take advantage. You can head that off by putting structures in place, rigor, documentation, automated processes… when you think about the employee, it’s not strange from a fraud examiner’s perspective that someone without oversight would take advantage of the situation.”
We hope you enjoyed this Coffee Break episode. Come back tomorrow to hear from Steven Schwartz, Chief Revenue Officer of Periculus, about cyberfraud during COVID-19.
Fraud Week is an initiative of the Association of Certified Fraud Examiners (ACFE) to promote anti-fraud awareness and education. Today, we begin a special 5-part Fraud Week Coffee Break Series where we invite you to spend 10 minutes each day learning about various aspects of fraud detection and prevention through the eyes of our Certified Fraud Examiners and other fraud experts.
For this episode, we interviewed Mark Lowers, CFE, Founder and CEO of Lowers Risk Group, and Brad Moody, CFE, CFI, EVP of Operations for Lowers & Associates.
Grab a cup of coffee and spend 8 minutes listening to the experienced voices of Mark Lowers and Brad Moody:
According to the ACFE, there are three primary categories of fraud: Asset misappropriation (seen in 86% of reported cases), corruption (43% of cases), and financial statement fraud (10% of cases). Within those broad categories are a number of fraud types:
The Fraud Tree:
Source: ACFE Report to the Nations
Considering that organizations lose 5% of their revenues to fraud each year, it’s helpful to understand how fraudsters are able to conceal their activities. Here’s what the ACFE report found:
Source: ACFE Report to the Nations
“(Bad actors,) especially in the IT world, one thing that they’re very good at is they’re very patient so a lot of the systems that have been impacted have been inside the corporate networks for a long time in order to gather information in order to perpetrate the crime,” explains Brad Moody.
Adding in the COVID Layer
We also have to look at how the COVID-19 pandemic crisis has impacted fraud. The ACFE is reporting increases across the board in nearly every type of fraud during COVID and expects these impacts to continue to have an impact for some time to come.
Mark Lowers explains it this way: “It’s really not that surprising (to see an increase in fraud right now) on the basis you have a tremendous remote workforce today. And those that are in designated work environments, you’re working with reduced staff because not everybody is considered essential. So, the layers of controls and the layers of operational controls that have historically been in place, in some cases people are doing workarounds to get work done. Anytime you do those workarounds, you have an opportunity for fraud to occur.”
Source: ACFE, Fraud in the Wake of COVID-19: Benchmarking Report
As the ACFE explains, “Travel bans, employees working remotely, and an increased reliance on technology and economic uncertainty have become the reality for many organizations around the world. And while these and other hurdles present numerous logistical and operational challenges, they also open the door to the increased pressure, opportunity, and rationalization that can lead to fraud.”
In fact, the ACFE report found increases in cyber fraud (social engineering, phishing, ransomware schemes), financial statement fraud, payment fraud, and employee embezzlement. Just about every category of fraud has been on the rise during the pandemic.
Lessons Learned from the Financial Services Industry
Cash is the culprit in many asset misappropriation schemes (theft of cash on hand, theft of cash receipts, fraudulent disbursements) and these cash-related fraud schemes can last a median duration of 14 months or more. The longer a fraud remains undetected, the greater the financial loss.
Here at Lowers Risk Group, we work extensively with the financial services industry and specifically with the cash servicing industry. As Mark Lowers and Brad Moody explained, while the industry, on the whole, is doing a great job during these extremely tough circumstances to protect their people and assets, the industry also provides a perfect backdrop for organizations of all types looking for ways to shore up their own internal controls.
We hope you enjoyed this first Coffee Break. Come back tomorrow to learn about the critical role of whistleblowers and auditors in your fraud prevention program.
Cryptocurrency, a form of digital payment that can be spent or traded online for goods and services, is still a relatively new concept. As such, it’s perceived value as both a medium for financial exchange and a potential investment changes frequently. But with the often-astounding value a single token or cryptocurrency exchange can have, keeping cryptocurrency secure remains a static concern for security professionals monitoring its maturation.
For most traditional businesses, the COVID pandemic has impacted operations significantly, the most relevant example in the crypto discussion being banks and other financial institutions. However, we’ve also seen online and ecommerce businesses like Amazon benefit greatly. Crypto occupies a unique place in the economy because, while a digital currency, its handling often remains a protected physical asset.
During COVID, our team has seen an increase in marketplace awareness about Crypto. And while the data is still murky on an increase in usage, every security professional is acutely aware that with an increase in awareness comes an increase in the potential for theft or fraud. We had a chance to speak with Brad Moody, Executive Vice President of Operations for Lowers & Associates, about the current state of Crypto in 2020, including how companies are securing Crypto exchanges during COVID, the adaptations they’ve made, as well as some current trends.
“Interesting enough, there’s a growing appetite for the working from home aspect,” he said. “Normally, it’s almost like a boiler room type of thing, but now these companies are trying to get out of real estate to be very minimal while also still be able to perform the same transactions at a very high level maintaining security. We’re starting to see that quite a bit. When you start with a highly secure location, though, what happens when that goes away?”
In today’s Coffee Break, Brad explains why it’s important to understand what companies can do to maintain that integrity from the outside in.