Cyber breaches and insider threats, which include malicious insiders stealing, manipulating or destroying data, are the fastest-growing risks driving investment in FDA, according to EY’s 2016 Global Forensic Data Analytics Survey, Shifting into high gear: mitigating risks and demonstrating returns.
The survey was conducted with 665 executives globally across nine industry sectors, including financial services, life sciences, manufacturing and power and utilities. Interestingly, "cyber breach or insider threat" is the second-highest risk area on which 70% of respondents focus their FDA efforts. “Internal fraud” risk, an area that has long been managed using FDA, was ranked as the top use case at 77%.
We hope that our findings will help businesses understand and articulate the threat of fraud and cyber risks and the value of forensic data analytics in managing these risks.
Demand growing across the board
Current and emerging risks driving demand
Organizations are looking to use FDA due to concerns over growing current and emerging threats, as well as the increasingly complex regulatory environment. Across all industries, the fastest-growing threat in the fraud risk universe is from cyber breaches and insider threats — and respondents recognize the importance of harnessing FDA to respond to these new threats.
Increased urgency by C-suites to adopt FDA
"Executive corporate management" was listed as the top beneficiary of FDA as indicated by 73% of the respondents, followed by "Internal Audit" and the "Board" at 69% and 68%, respectively. C-Suite respondents also indicated a greater sense of urgency around FDA adoption with 74% agreeing they needed to do more to improve their current anti-fraud procedures, including the use of FDA tools, as compared to 69% for non-C-Suite respondents.
A maturing FDA landscape
Companies are investing more of their FDA spend on proactive initiatives
Focus on major FDA deployments is growing compared to our 2014 survey results, with higher levels of spending on advanced tools and proactive surveillance monitoring of larger volumes of data from a wider variety of sources. Sixty-three percent of the respondents are investing at least half of their FDA spend on proactive monitoring initiatives.
Organizations are not recognizing the full spectrum of value FDA can deliver
Despite improving maturity overall, many organizations lack an understanding of the wide spectrum of value that FDA can deliver. When asked about the main benefits of using FDA, 79% indicate the ability to detect fraud that they couldn’t detect before, and 78% indicate earlier fraud detection; however, only 42% indicate reduced costs of their anti-fraud program.
FDA deployment: what are the key hurdles?
Sixty-eight percent of the respondents felt that they needed to improve management’s awareness of the benefits of FDA in their anti-fraud programs.
FDA success can be improved by:
- Articulating the business case for FDA to management — When articulating the return on investment, companies need to focus on the full spectrum of value that FDA can deliver, including cost reduction and improved risk management.
- Building teams with the right skills — Successful deployments require technical skills, domain knowledge and data analytics expertise, yet few organizations have all of these skills in place.
- Deploying the right technology — While we have seen an increased level of adoption of advanced FDA technologies, there is still a substantial number of companies that are not using them.
What does good look like
Our survey found those organizations receiving positive results from FDA have a number of elements in common. They are more likely to:
- Investing more of their total compliance and anti-fraud spend in FDA
- Harnessing sophisticated analytics tools, including social media, web monitoring and data visualization, in combination to identify rogue activities, patterns and trends
- Incorporating larger data volumes and a wider variety of data sources (both structured and unstructured)
Embracing the FDA revolution: going the distance
The rapidly evolving digital world is seeing more new risks for companies to evaluate, manage and mitigate. As a result, regulators are employing more tools to detect noncompliance and working across borders to prosecute offenders. This environment has alerted boardrooms to the need to manage their risk much more effectively than before.
What more to look for in the survey:
- Detailed case studies
- FDA maturity model
- Exhaustive graphs and charts presenting broader FDA capabilities to help mitigate insider threat, cyber and fraud risks