Significant increase in risk from cyber breaches and insider threats among top drivers of investment in forensic data analytics (FDA)

  • Share
  • FDA most applied at managing bribery and corruption risk,  internal fraud, and cyber breach or insider threat
  • Organizations yet to recognize and reap full value of FDA
  • Use of FDA on the rise as organizations plan to increase spending on FDA over the next two years

SINGAPORE, 28 JANUARY 2016 – Cyber breaches and insider threats, which include malicious insiders stealing, manipulating or destroying data, are the fastest-growing risks and are driving investment in FDA, finds EY’s 2016 Global Forensic Data Analytics Survey, Shifting into high gear: mitigating risks and demonstrating returns. A respective 62% and 58% of global and Singapore respondents state that the level of concern of this risk area has increased over the past two years.

The survey was conducted with 665 executives globally, including 40 in Singapore, across nine industry sectors that cover financial services, life sciences, manufacturing and power and utilities.

When looking at the current use of FDA tools to investigate incidents or manage risk, the survey found that in Singapore, 80% of the respondents (global: 68%) ranked bribery and corruption risk as the area for the highest use of FDA. Internal fraud (75%) and cyber breach or insider threat (63%) were the second and third most highly ranked areas where FDA is used. These were however the top two highest ranked areas for global respondents at 77% and 70% respectively.

Reuben Khoo, EY’s Asia-Pacific Leader for Forensic Technology & Discovery Services, Fraud Investigation & Dispute Services, says: “For organizations, the threat of cybercrime is an everyday reality, posing a dynamic and relentless challenge. Boards and senior management need to strengthen their organizations’ ability to detect and respond by incorporating FDA as a critical component of their risk management and compliance programs. This is especially critical given the current regulatory enforcement environment and market reaction to instances of alleged corporate fraud, bribery and cyber breach.”

Organizations yet to recognize and reap full value of FDA

Global and Singapore respondents both view the benefits of FDA as being able help in early fraud detection (Singapore: 73%; global: 78%); detecting fraud that one could not have detected before (Singapore: 70%; global: 79%); and speeding up responses in investigations (Singapore: 70%; global: 71%).

However, organizations are not recognizing the full spectrum of value that FDA can deliver: only 33% and 42% of Singapore and global respondents respectively think that FDA can help with reduced costs of anti-fraud program.

Also, organizations have a long way to go to reap the full benefits of FDA. Only 3% and 11% of Singapore and global respondents say that they have fully realized the benefits of using FDA with regards to early fraud detection, and only 15% and 9% feel the same with regards to reduced costs of anti-fraud programs. 

Relatedly, making the business case for FDA to management seems to remain a challenge. About two-thirds of respondents (global: 68%, Singapore: 65%) say they need to improve management’s awareness of the benefits of FDA in the company’s anti-fraud program.

Khoo explains: “We see a general sense of urgency to adopt FDA, yet there is also a need to educate senior management on the need for sufficient investment. We believe the gap between their perception of the need for FDA and their reluctance to fund it can stem from the lack of awareness of the full spectrum of risk management benefits that FDA can deliver.

“Despite the risk universe evolving, the main perceived benefits of FDA have not changed to keep pace. Furthermore, full benefits are not reaped when FDA capabilities and techniques are not aligned to the risk issues that companies are trying to address. By using purpose-fit technology capabilities and advanced analytics to help focus detection, investigative and compliance monitoring efforts, FDA can deliver the expected benefits including cost reduction.”

Plans to increased FDA investment

With just 55% of global respondents saying that their FDA spend is sufficient, a drop from 64% in our 2014 survey, it is no surprise that three out of five say that they plan to spend more on FDA in the next two years.

When looking at the reasons for increased investment, the survey found that responding to growing cybercrime risks and increased regulatory scrutiny are the top drivers. How FDA tools are deployed is also changing, with 63% and 70% of global and Singapore respondents respectively saying they invest at least half of their FDA budget on proactive monitoring activities.

Khoo adds: “Given the level of pressure organizations are facing on fraud prevention, it is no surprise that the majority of respondents are expending more effort on proactive initiatives. Surveillance monitoring programs utilizing FDA can help organizations to strengthen their compliance programs, improving corporate culture and bolstering the confidence of regulators and other stakeholders.”

FDA use on the rise

In response to increased risks, the use of advanced FDA is becoming mainstream, with new technologies and surveillance monitoring techniques widely used to help companies manage current and emerging fraud and cyber risks.

The rising maturity of corporate FDA efforts is also evident through the growing sophistication in their use of data. Seventy-five percent of global respondents and 72% of Singapore respondents routinely analyze a wide range of structured and unstructured data, enabling them to gain a comprehensive view of their risk environment.

FDA maturity leads to positive results

The findings also show that there are striking similarities among those organizations that have reported positive results from their FDA efforts, such as:

  • Investing more of their total compliance and anti-fraud spend in FDA
  • Harnessing sophisticated analytics tools, including social media, web monitoring and data visualization, in combination to identify rogue activities, patterns and trends
  • Incorporating larger data volumes and a wider variety of data sources (both structured and unstructured)

Khoo concludes: “Traditionally, organizations turn to FDA tools to help with their investigations. However, today, FDA is becoming indispensable to proactive risk management more so with the increasing complexity of the issues and big data. Organizations need to recognize the role advanced FDA can play not only in their reactive investigations, but also in their proactive surveillance, compliance, anti-fraud and cyber breach response efforts.”

-ends-

Notes to Editors

About EY

EY is a global leader in assurance, tax, transaction and advisory services. The insights and quality services we deliver help build trust and confidence in the capital markets and in economies the world over. We develop outstanding leaders who team to deliver on our promises to all of our stakeholders. In so doing, we play a critical role in building a better working world for our people, for our clients and for our communities.

EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients. For more information about our organization, please visit ey.com.

This news release has been issued by Ernst & Young Advisory Pte. Ltd., a member of the global EY organization.

About the survey

Between June and September 2015, researchers from Longitude Research, a business-to-business research and content agency, conducted 665 interviews across 17 countries with organizations actively using FDA. Respondents had to be the decision-makers responsible for their company’s anti-fraud program.

About EY’s Fraud Investigation & Dispute Services (FIDS) practice

Dealing with complex issues of fraud, regulatory compliance and business disputes can detract from efforts to succeed. Better management of fraud risk and compliance exposure is a critical business priority — no matter the industry sector. With our more than 4,200 fraud investigation and dispute professionals around the world, we assemble the right multidisciplinary and culturally aligned team to work with you and your legal advisors. And we work to give you the benefit of our broad sector experience, our deep subject matter knowledge and the latest insights from our work worldwide.