Financial services firms lack confidence in their cyber security controls, according to Kroll’s annual Global Fraud and Risk Report

  • Security , Cybersecurity , Fraud Detection
  • 16.10.2019 11:35 am

Financial services firms are least likely to have confidence in the effectiveness of their cyber security detection mechanisms compared to other sectors, according to new research from the latest Global Fraud and Risk Report released by Kroll, a division of Duff & Phelps, the global leader in risk mitigation, investigations, compliance, cyber resilience, security and incident response solutions. Over a quarter (27%) felt that their cyber risk mechanisms were ineffective, 8% more than the global average (19%).

The sector experienced above-average levels of data theft, (31% vs. 29% globally), demonstrating that financial services firms are a target for criminals looking to steal sensitive, valuable information.

Kroll’s annual Global Fraud and Risk Report, with research conducted by Forrester Consulting, examines the current global risk landscape, understanding the biggest risks facing global companies and the steps being taken to prevent, detect and respond to daily threats.

Only 60% of business leaders felt their firm’s whistleblowing programme was an effective method of detecting risks, the lowest of all risk detection mechanisms, and 6% below the global average (66%). Given that whistleblowing tip-offs to the US financial regulator, the SEC, have seen an 18% spike in the last year, it is clear that financial services firms need to enhance their own internal whistleblowing programmes to ensure potential issues are raised early, before they escalate. 

The report revealed that financial services firms are more likely than any other to be targeted by adversarial social media activity, over a third (35%) of financial services business leaders noted that they had experienced this over the past 12 months, almost 10% (8%) above the global average (27%). Perhaps ironically, financial services firms are also the least likely to prioritise combating negative social media activity, with just over half (56%) of firms noting this as a significant or high priority, compared to 63% across all industries surveyed.

As the most regulated of all sectors, it is unsurprising that incidents of bribery and corruption (13%) and money laundering (18%) were lower than or close to average (23% and 16% respectively) for all industries. As such, these firms are also more likely than others to prioritise the prevention of money laundering, with almost three quarters (73%) of firms noting this as a top priority (vs. 62% industry average).

The research also found that financial services firms are less concerned than other industries about future risks. Only 38% were concerned about military conflict (compared to 51% average), and less than half (47%) about climate change (compared to 54% average). Most notably, financial services firms express the least concern of all regarding the impact of cryptocurrencies. Only 38% of business leaders were concerned about the destabilisation of fiat currency due to cryptocurrency, compared to a global average of 53%.

Howard Cooper, a Managing Director in Kroll’s Business Intelligence and Investigations practice, comments:

“Financial services firms have long been subject to regulatory scrutiny, which has been a significant driver behind many of the existing risk management strategies in the sector. The risk landscape has evolved to include a new set of threats, including adversarial social media activity from customers, competitors and bad actors, which can cause serious reputational damage. Our survey shows that financial services firms are the most targeted by this threat, yet the least likely to be taking steps to tackle it. Firms can address these risks head on by implementing effective monitoring and detection tools, and having robust plans in place to respond to potential issues swiftly and appropriately.”

Related News