Digital fraud

Fraud continues to be a major threat to UK business, according to a recent PricewaterhouseCoopers Economic Crime survey, which found that more than half of businesses have been victims of economic crime. The nature of such crime, however, is changing.

With increasing levels of online business activity and a greater dependency on IT, the business world now must brace itself to deal with increasingly sophisticated kinds of fraud.

The proliferation of the internet, and more sophisticated every-day electronic items such as mobile phones with memory cards and iPods, has added a new dimension to the nature of corporate fraud. With more than 90% of all business records now created and stored electronically, new forensic technologies are constantly being updated to respond to the ever-growing and evolving nature of this threat.

Although the developing face of forensic technology makes it easier to detect fraud, in 2006, PwC's Forensic Technology Solutions team saw a 25% rise in the number of cases it handled in comparison to the previous year. Evidence also suggests that small- and medium-sized companies are most at risk as they often fail to anticipate and instil a long-term vision in regard to the security in their IT strategy.

According to PwC's research, investment in IT security systems continues to rise, as technology becomes more effective at tackling such crime. However, this investment by companies must be supported by better levels of risk awareness across the organisation. Here, we outline some of the precautions that companies should consider:

• Companies must endeavour to carry out proactive rather than reactive health checks. Companies and their directors must be aware of their responsibilities as a heightened awareness of both personal and collective liability of non-compliance takes root.
  
  
• Companies should work to make fraud security a 'business as usual' process by training staff and implementing a clear, security policy. Companies should also aim to embed a security-aware culture throughout the business.
  
  
• Companies should use risk assessment strategies to ensure their investment is targeted towards those security controls that offer the greatest business benefit.
  
  
• Companies should ensure they understand their legal rights and responsibilities in relation to digital fraud, and aim to implement internationally-recognised standards of best practice.
  
  
• Companies should put in place contingency plans to ensure that, should an incident occur, it is in a position to respond swiftly and efficiently to minimise any disruption to the business.
  
  
• Companies should ensure that their security defences are integrated and adequately up to date to respond to the ever-changing and increasingly sophisticated technologies being utilised in such crime. These technologies might include Spyware, instant messaging and voiceover IP. However, companies should also bear in mind that hi-tech solutions should sit alongside traditional techniques and processes for tackling crime.

PricewaterhouseCoopers' Forensic Technology Solutions team is made up of specialists trained in the forensic acquisition and analysis of electronic evidence and document management. Using our proprietary tools and forensic laboratories worldwide we provide clients with a highly professional approach to their electronic discovery needs.