Most companies don't have an adequate defence strategy in place
TORONTO, June 11, 2014 /CNW/ - According to EY's latest Global Fraud Survey, one in five (20%) Canadian executives believe bribery or corrupt practices happen widely in business in this country.
"That's disturbingly high," says Mike Savage, EY Partner and Canadian Fraud Investigation and Dispute Services Leader. "Corruption interferes with fair competition for business. To overcome that, companies really need to create a culture where ethical behaviour is at the core of their operations – not just at home in Canada, but also at their overseas operations. They also need to encourage people to speak up if they think something isn't right."
The survey finds that while 74% of Canadian organizations have whistleblowing hotlines in place, that number is still much lower than countries like the US (96%) and the UK (82%).
"The good news is that recent public enforcement action by Canadian authorities does appear to have raised awareness of bribery and corruption here," says Savage. "A full 90% of Canadian respondents said there are clear penalties for breaking the anti-bribery/anti-corruption policies. That's up from 78% two years ago, and higher than the global average of 73%."
Meanwhile, the survey finds 30% of Canadian organizations see cybercrime as a significant risk. Still, 60% say the threat of hackers concerns them.
"The number of Canadian organizations that think cybercrime is a significant risk is unexpectedly low," says Savage. "In reality, the risk is real – and it's growing."
While the pressure on companies for timely disclosure of breaches is rising in many jurisdictions, EY's survey found 74% of businesses globally did not disclose a public breach of security.
"High-profile cybercrime incidents are making headlines on a regular basis," says Savage. "Companies need to have a robust incident response strategy in place, or risk significant reputational — and financial — damage. They can't afford to 'play it by ear' when an incident arises."
The report identifies the following strategies for companies to address fraud in their organizations:
- Board engagement. Boards need to appropriately challenge management and request regular updates regarding fraud, bribery and corruption risk assessments.
- Big data. Mining big data using forensic data analytics tools can improve compliance and investigation outcomes and can help management provide useful summary information to the board.
- Anti-corruption due diligence. Specialized due diligence should be the norm, not the exception.
- Escalation procedures. Companies should have clearly defined escalation procedures, whether to respond to a whistleblower or a cyber incident, to minimize the damage being done.
- Training. Companies should have tailored ABAC training programs; business unit leaders should be evaluated on participation levels, and C-suite executives need to lead from the front.
- Budget support for internal audit and compliance functions. These play essential roles in both improving standards of business conduct and in keeping the company out of trouble.
Most importantly, however, the report urges companies to reinforce their commitment to ethical growth.
"Organizations need to set the tone from the top that fraud and corruption are serious issues that won't be tolerated," says Savage. "Boards should be demanding that their organizations go beyond the basic building blocks. Without a company culture that demands transparency to minimize fraud and help prevent cybercrime, companies are putting their entire business on the line."
EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.
EY refers to the global organization and may refer to one or more of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.
SOURCE: EY (Ernst & Young)
For further information: Erika Bennett, email@example.com, 416 943 5497; Sarah Shields, firstname.lastname@example.org, 604 648 3607; Julie Fournier, email@example.com, 514 874 4308