The COVID-19 pandemic has made the business world a breeding ground for a plethora of risks, with vulnerabilities seeping across several industries.
The world today is in a state of emergency due to the onslaught of the COVID-19 pandemic. Prevailing uncertainties are radically altering societal norms, crippling business operations and impeding economic growth. Its long-term impact is unfathomable right now till a medical breakthrough aids a cure or eradication of the virus.
Unforeseen crises brewing fraud risks
Fraud, bribery and corruption have the tendency to thrive in chaos. The COVID-19 pandemic has made the business world a breeding ground for a plethora of risks, with vulnerabilities seeping across several industries. As companies grapple with operational pressure, disruption around cash management, working capital, supply chain and workforce issues; resorting to unethical shortcuts, fraudulent practices and management overrides may be construed acceptable in these extraordinary times.
The pandemic’s impact is comparable to the aftermath of the 2008 financial crisis where fraud and corruption increased significantly. According to the Association of Certified Fraud Examiners (ACFE), a study conducted after the 2008 recession highlighted that the majority of respondents saw an observable increase in the number of frauds. Almost 80% believed that fraud levels increase in times of economic distress. With a sharp fall in markets worldwide, plunging stocks and job losses, many factors then may be relevant right now, which might impact the global economy.
As the COVID-19 crisis evolves with time, organizations should identify high-risk areas that may emanate from the pandemic’s ill-effects on businesses.
- Misappropriation and window dressing: perpetrators may bend the rules to project a better financial performance through non-disclosure of risks and uncertainties in annual or quarterly reports and unethical and unprincipled balance sheet adjustments. Organizations may also see management override or circumnavigate controls, embezzlement for personal use, related party transactions and diversion of funds for unauthorized or illegal purposes.
- Lapses in integrity: disruption in work pattern and behavior may lead to a short-term rise in whistleblowing complaints. Layoffs can lead to employees indulging in kickbacks, collusion with vendors, insider trading or conflict of interest situations. From a corporate social responsibility (CSR) standpoint, implementation partners may misuse funds allocated for relief efforts and weak controls or governance, which may cause ethical lapses in the programs.
- Counterfeiting: the pandemic provided counterfeiters with an opportunity, given the shortage in multiple product categories because of supply chain disruptions. The limited availability of essential and non-essential products may create a vacuum in the market, influencing counterfeiters to release fake products at a rapid pace after the lockdown is lifted.
- Supply chain risks: some of the imminent risks in the supply chain include change in third party arrangements increasing the risk of exposure to unknown third parties, kickbacks for priority treatment, overcharging by logistics vendor taking advantage of the rise in demand and short supply, and diversion of company products to unauthorized channels.
- Cybercrime, phishing and digital frauds: with remote working set-ups, email phishing, system breaches, malwares, ransomware attacks and social engineering attacks may compromise organizations’ confidential data and employees’ personal data.
- Losses and damages: disrupted supply chain and distorted relationships with business partners are likely to bring commercial complications such as difficulty in recovery of invoices, unwarranted claims and unsolicited disputes.
Reinforcing stakeholder trust in the new normal
The world’s response to dealing with a pandemic 25 years ago would have been a stark contrast. Technology and digital proliferation have been a conduit in raising awareness and as ways to mitigate risks. From a compliance and governance standpoint, a technology-led preparedness model with a focus on current, imminent and long-term risk mitigation can tackle several challenges.
Now: Addressing concerns on the current fraud landscape to the next three months
- Crisis management: this can encompass commercial agreements, establishment of a cross functional COVID-19 task force and constant assessment and monitoring the effects of the pandemic. The business continuity plan should have a specific emphasis on regulatory matters, supply chain disruptions and an adequate response plan.
- Virtual safeguards during remote working: focused efforts should be made to revisit work from home guidelines, additional controls should be incorporated to plug loopholes in data leakage, breach of confidentiality and work efficiency. Companies may consider implementing employee efficiency and sentiment analytical tools to guide, help and monitor staff.
- Supply chain management: organizations can check the viability of key third parties through risk assessment based on new or changed parameters such as liquidity, operating abilities, change in ownership structure, borrowings, workforce, availability of resources.
- Cyber incident response: businesses should mandate protocols for employees such as using secure internet and Wi-Fi connections, virtual private networks (VPN) to connect to company’s secured network when accessing company data, and double-checking external emails to avoid phishing, ransomware, malware or spoofing attacks.
- Reviewing contracts: businesses need to relook contracts with external parties including the force majeure clause to (re)interpret contractual obligations given the current scenario, to understand how the clause could be used in favor of their business interest or to save them from performing any obligations. They should also assess their insurance cover to the extent to which their losses may be covered.
Questions for consideration
- Has your organization’s existing anti-fraud framework been tweaked to adjust to a new business model during the disruption?
- Does your organization have adequate access and anti-fraud control measures built into IT systems?
Next: Dealing with potential fraud risks amidst limited business operations in the next three to six months
- Conducting a fraud risk assessment: businesses should re-look at identifying fraud risks, re-assess the state of regulatory compliance, and tighten anti-fraud and compliance frameworks.
- Revisiting technology infrastructure: the workplace of the future is digitally driven. Modernizing the existing cloud environment, enterprise collaboration, network and physical security, and upgrading cyber forensics for enhanced agility and safeguarding the company will be key.
- Relooking third party risks: the due diligence process will need to be broader to cover background checks, market reputation and allegations of fraud. Automation of vendor onboarding processes through robotics can mitigate possible non-compliance.
- Digital training capsules: as remote working would continue, organizations will need to shift to digital training, including refresher courses to reinforce the integrity agenda and foster a culture of ethics.
- Building resiliency: organizations will have to enhance governance and transparency by integrating the primary touchpoints across various business functions. This will create a holistic model for a rapid crisis management, enabling the organization to respond to risks and build trust.