6 minute read 5 Apr 2021
Compact drone hovers in front of farmer with remote controller in his hands

Why COVID-19 made fraud and compliance a bigger issue

Brenton Steenkamp
By Brenton Steenkamp

Partner, Forensic & Integrity Services, EY Advisory Netherlands LLP; EY Western Europe and Magreb Forensic & Integrity Services Leader

Tenacious. Honest. Driven. Loves people, enjoys working hard, and travels widely.

6 minute read 5 Apr 2021
Related topics Assurance COVID-19 Cybersecurity Forensics
Upvote

Show resources

Rapid responses to the crisis opened doors to risk. But corrective actions can address today’s problems and build resilience for tomorrow.

In brief

  • After all types of occupational fraud climbed in 2020, 90% of certified fraud examiners foresee further increases in 2021, according to a recent survey.1
  • In a disruptive landscape, policies and controls should be revisited. Efforts to tackle fraud more effectively will strengthen defenses in future crises.

COVID-19 has triggered massive business disruptions that executives continue to address — while, in the background, opportunities for fraud have proliferated while growing harder to detect.

In this environment, businesses have been forced to take quick actions without following normal protocols and due diligence. Governments around the world are sending aid to companies with minimal safeguards. Many employees are working remotely with less security and supervision while under far more stress, increasing the opportunities for malfeasance. Organizations without a strong anti-fraud program and appropriate cybersecurity also face increased compliance risks, such as legal action and regulatory fines.

As the pandemic begins its second year, and as the post-crisis landscape promises some relief as well as more change, organizations should assess how their fraud risks may have grown during the crisis and assess whether the current control environment is sufficient. Companies must consider how they will handle any negative impacts if fraud is uncovered, including the need for financial disclosure, as well as contractual obligations with customers and partners. Organizations should look beyond short-term fixes as they enhance their current processes and policies that are designed to make them stronger long after the crisis ends.

This blog discusses how, and  explores how fraud has flourished, and why more is likely on the horizon.

How the pandemic has increased the risks of fraud

All types of occupational fraud rose in 2020, and 90% of certified fraud examiners expect a further increase in 2021, according to a global ACFE survey.1 Examiners cited cyberfraud as the top risk, with payment fraud, bribery, corruption and employee embezzlement also on the increase. The impact of COVID-19 has increased both the opportunities for fraud and the odds of getting away with it.

Covid-19-key-findings

The sudden shift to remote offices means that many employees are now working in a less-secure environment, with a dramatic increase in electronic communications. Remote workers who are unhappy or unfamiliar with approved telework solutions may install their own software or make greater use of personal devices for business purposes, increasing security risks.

Employees are often coping with new challenges, such as increased workloads, spouse unemployment, childcare demands and illness. Workers who have lost compensation and benefits may feel justified in defrauding employers. Regular procedures have been disrupted, and working remotely makes it easier to create fake signatures, falsify invoices or other accounting records, and request fraudulent payments. The interruption of controls and face-to-face interactions make detection more difficult. In addition, as companies focus on business continuity and adjusting to new ways of working, this diverted attention can lead to weaknesses in their control framework and usual procedures.

Remote workers have also proved more vulnerable to cyber attacks, such as phishing attempts that trick recipients into downloading malware or innocently yet unwittingly providing sensitive company information. These attacks, often using sophisticated social engineering techniques, rose dramatically during the pandemic. Workers receive emails or texts from cybercriminals that appear to be from trusted organizations or even their own colleagues. Scammers also solicit fake donations for those impacted by COVID-19.

Another major source of risk is supply chain disruptions, which have led many organizations to begin new third-party relationships without typical due diligence. Just one-third of respondents to the EY 2020 Global Integrity Report said they were “very confident" that their third parties demonstrate integrity in the work they do. Corruption and bribery stemming from external relationships increase the risks of litigation, regulatory fines and reputational damage. Unvetted vendors can also compromise supply chains and pose risks to customers. The European Anti-Fraud Office has identified hundreds of companies acting as intermediaries, or traders of counterfeit or substandard products linked to the pandemic.2

The struggle for business survival leads to increased avenues for fraud

Businesses that have suffered significant losses due to the pandemic are at particular risk for both traditional and new types of fraud and financial crimes. Common avenues include:

Fraud related to government funding

The urgency of supporting struggling companies has led to widespread theft of taxpayer money. When governments quickly distribute vast sums of corporate aid with limited controls, fraud is bound to occur. For example, dozens of people have been charged with trying to steal a total of US$175 million from the US Small Business Administration coronavirus loan program.3

Tax fraud

Many governments have offered tax relief measures to both large companies and small entrepreneurs. But, as with loan programs, controls have been lacking in order to provide quick relief to businesses.

Insider trading

COVID-19’s dramatic impact on share prices led to an apparent surge in insider trading. The US Securities and Exchange Commission saw a 71% increase in tips and complaints from March to September 2020 over that period in 2019, resulting in more than 150 COVID-19 related investigations.4

Bankruptcy fraud

Leaders of companies suffering from declining revenues may resort to asset misappropriation and diversion of funds or goods to keep their organizations afloat.

Insurance fraud

Claims may be inflated or fabricated to profit from the crisis.

Leading practices to mitigate fraud

As businesses navigate their way amid pandemic surges, lockdowns and uncertainty about how quickly vaccines can restore normalcy to our lives, it’s critical to assess fraud risks and move quickly to reduce them. Organizations with a comprehensive anti-fraud program should re-evaluate and update it to reflect impacts from the pandemic. Many existing policies and controls may need to be redesigned and enhanced.

The following leading practices can help any business tackle fraud more effectively, no matter how mature its current efforts are:

  • Identify areas that are most likely to be impacted by fraud and prioritize them for improvement, such as third-party controls and lack of cybersecurity for remote workers
  • Maintain a strong culture of corporate integrity, understanding that adjustments may be needed to engage and support a remote workforce
  • Review COVID-19’s impact on cybersecurity and determine how data protection and governance can be improved
  • Update cybersecurity and integrity training for employees and contractors
  • Consider investing in artificial intelligence, advanced analytics and automation to stay ahead of sophisticated cyber threats, and detect patterns that indicate wrongdoing
  • Evaluate changes to third-party risk due to COVID-19, considering new controls, contracts and other measures to improve data protection and stem corruption
  • Implement new methods and tools for effectively conducting remote conduct reviews and investigations
  • Provide clear, regular two-way communication on policies and practices to workers, third parties and other organizational stakeholders that effectively supplants face-to-face communication
  • Make anonymous whistle-blower reporting available to employees, contractors, suppliers and customers; monitor effectively and follow up on tips
  • Stay abreast of evolving regulations to maintain compliance and reduce penalties should data breaches and/or wrongdoing occur
  • Develop proactive strategies for dealing with proven cases of fraud, such as communicating to the media, customers and third parties; making financial disclosures; and managing contractual obligations

All organizations, even those that find themselves on the brink of bankruptcy, must make the time to tackle the growing risks from fraud. Otherwise, wrongdoing by embattled company leaders, anxious employees or corrupt third parties could cause even greater damage than COVID-19 generated disruptions.

How EY can help

Integrity and Compliance

As regulatory enforcement and public intolerance of corporate misconduct increase, EY professionals help you strengthen your integrity and global compliance frameworks. And, should violations occur or allegations of fraud or corruption arise, EY teams can help you respond quickly to safeguard your business.

Read more

  • Show article references#Hide article references

    1. “Fraud in the wake of COVID-19: Benchmarking report – December 2020 edition,” Association of Certified Fraud Examiners (ACFE), December 2020.
    2. “Inquiry into fake COVID-19 products progresses,” European Anti-Fraud Office, www.ec.europa.eu/anti-fraud, 13 May 2020.
    3. Courtney Bublé, “SBA Relaunches COVID Loan Program As Watchdog Warns About Possible Fraud,” Government Executive, www.govexec.com, 12 January 2021.
    4. “2020 Annual Report,” US Securities and Exchange Commission, www.sec.gov, 2 November 2020.

Summary

Companies that take a thoughtful, comprehensive approach to fighting fraud will be better prepared to handle the next crisis and position themselves for long-term success.

About this article

Brenton Steenkamp
By Brenton Steenkamp

Partner, Forensic & Integrity Services, EY Advisory Netherlands LLP; EY Western Europe and Magreb Forensic & Integrity Services Leader

Tenacious. Honest. Driven. Loves people, enjoys working hard, and travels widely.

Related topics Assurance COVID-19 Cybersecurity Forensics
Upvote