Around three-fourth of corporate frauds in South Asia take place in India as the country sees a surge in bribery and corruption in recent years. "Usage of new-age technology, tools, and innovative schemes to target companies as well as individuals have become the biggest challenge before the companies," Arpinder Singh, Partner and Head – India and Emerging Markets, Forensic & Integrity Services, EY, told Samrat Sharma of Financial Express Online in an interview. He also added that the limited availability of resources such as budgets, skilled staff and training provided to identify fraud; lack of adequate internal controls or compliance frameworks; high dependence on third parties and little due diligence in verifying their credibility and integrity have made the Indian companies more vulnerable to fraud incidents.
Here are the excerpts of the interview:
How much are the Indian businesses losing due to fraud?
The financial and reputational impact of fraud, bribery, and corruption on businesses worldwide is substantial. According to an EY report, the perceived level of bribery and corruption in emerging markets, including India has continued to be double that of developed markets since 2012. Forty percent of India respondents said that fraud, bribery and corruption is widespread in their business.
While there are no official numbers, reports by the Association of Fraud Examiners (ACFE) state that organizations can incur a 5% loss to their annual revenues because of fraud, and that companies across 125 regions suffered a loss of $7 billion in 2,690 varied situations of occupational frauds. Here, India had 72 cases of fraudulent incidents among the 96 cases in South Asia. These coupled with the potential damage from regulator enforced penalties and brand erosion can be very detrimental to the bottom line.
What are the different types of fraud in the Indian business landscape?
Typically, organisations face vulnerabilities based on the sector they operate in and the market peculiarities in India. However, some types of fraud that are sector agnostic and can affect any organizations are bribery and corruption; sales, service or distribution-related; data or Intellectual Property (IP); creation of fictitious employees, preferential treatment for certain employees, duplicate payments to one employee, and sharing of confidential HR-related information; capital expenditure or procurement; and fake cash expenses.
How to recognise fraud?
Companies or their stakeholders can keep an eye out for some common red flags to recognise fraud or unethical practices. For instance, a skewed business performance or unusual profitability in comparison to competitors, little or no implementation of internal controls, governance frameworks may indicate issues. Another aspect can be irregular related party transactions or their limited disclosure. Perpetrators of fraud can also show certain behavioural signs that may be red flags such as radical lifestyle changes, financial or legal issues or oddly close relationships with key vendors or customers.
What makes an organisation vulnerable to fraud?
Tone at the top, management commitment and the leadership's approach to drive the message of ethics and integrity is paramount. The common vulnerabilities in an organization from a fraud perspective include limited availability of resources such as budgets, skilled staff and training provided to identify fraud; lack of adequate internal controls or compliance frameworks; and high dependency on third parties and little due diligence in verifying their credibility and integrity. The use of technology as a tool by cybercriminals is another area that can expose organizations to a myriad of fraud risks.
What are the different challenges related to compliance and fraud?
Managing fraud and corruption risks, encouraging ethics and setting up compliance benchmarks can present many challenges for corporates. Today, fraudsters are extensively using new-age technology, tools, and innovative schemes to target companies as well as individuals. There is also a high use of third-party intermediaries where services to be provided are often less defined or generic or lack proof of service and situations related to conflicts of interest between employees and third-party intermediaries. Companies may skip conducting adequate due diligence for these third parties and employees or have gaps in regulatory compliance leading to increased risks.