Meeting tomorrow’s challenges, embracing risk intelligently

Global Economic Crime Survey 2024

Coworkers looking at tablet in office at night
  • Insight
  • 15 minute read
  • October 30, 2024
55%

of Irish and UK firms experienced fraud in the last 24 months.

62%

of Irish firms did not perform a full fraud risk assessment in the last 12 months.

50%

of Irish companies don’t have a third-party risk management programme or don’t do any form of risk scoring as part of their programme.

25%

of Irish firms risk-score third parties, well below the 54% global average.

A fresh look at persistent problems: survey insights

The 2024 Global Economic Crime Survey offers insights into how boards and business leaders are addressing daily economic crime risks. While leaders express confidence in their compliance programmes, many neglect preventive measures. Only half of Irish companies have a third-party risk management programme or include risk scoring in their processes.

Fraud, in all its forms, remains a persistent challenge

While cybercrime continues to be the most reported fraud for Irish and UK companies, supply chain fraud and procurement fraud are on the rise. Fraud within your supply chain or procure-to-pay process can take many forms, including supplier favouritism, kickbacks, bid rigging, counterfeit goods, fraudulent billing, misappropriation of assets, and even cybercrime attacks.

The most disruptive economic crimes

Not surprisingly, the four most frequently reported frauds, corruption or economic crimes are also the most disruptive and serious in terms of impact on organisations. These are cybercrime, customer fraud, supply chain fraud and procurement fraud.

Worryingly, the survey highlights that Irish companies are lagging behind global efforts to mitigate fraud risk. Only 38% of Irish companies completed an enterprise-wide fraud risk assessment in the last 12 months, with an additional 6% planning to do so within the next year. This compares unfavourably with the global response rates of 59% and 12%, respectively.

Our survey also highlights that 25% of Irish respondents do not use data analytics to identify procurement fraud, waste or abuse within their business, higher than the global rate of 18%. Additionally, only 31% of Irish businesses attempt to quantify their losses to procurement fraud, compared to 53% globally. These findings indicate substantial room for improvement in mitigating fraud risk and using available tools to combat it.

Mitigating economic crime risk in your supply chain

Rising public scrutiny and a rapidly evolving regulatory landscape are placing increased pressure on companies to identify and mitigate supply chain risks. These risks include sanctions, environmental issues, forced labour and other human rights abuses. Many new EU regulations mandate supply chain mapping and human rights-related risk assessments. For example, in March 2024, the European Council and Parliament announced a provisional agreement to prohibit products made with forced labour. More recently, the European Council adopted the Corporate Sustainability Due Diligence Directive, requiring large companies to establish due diligence procedures to prevent, identify and mitigate adverse impacts on human rights and the environment caused by their operations or those of their business partners.

78% of Irish companies report confidence in their understanding of third parties (vendors, suppliers, distributors, customers, etc.). They claim to have developed a comprehensive understanding, using a risk-based approach to due diligence and continuous monitoring to note changes in risk profiles.

However, the survey suggests that Irish executives may have false confidence or a blind spot regarding supply chain risks, as most do not universally employ best practices to mitigate third-party risk effectively. We take a deeper look below.

Risk scoring

Risk scoring is a crucial component of an effective third-party risk management programme. Without it, there is no way to tier the level of due diligence and ongoing monitoring that one party merits relative to another. Yet only 25% of Irish companies include risk scoring in their risk management programmes. This compares unfavourably with other jurisdictions, where 74% of UK companies and 54% of global companies risk-score their suppliers.

Supply chain mapping

To fully understand where the highest risks lie within their supply chains, many companies have begun supply chain mapping. However, this momentum is not as pronounced within Irish companies. As illustrated in the chart below, 77% of UK companies have mapped their supply chains, whereas only 41% of Irish companies report having done so. This is an area of concern.

Human rights violations

More than one in three executives globally (34%) believe that assessing the risk of forced labour in their supply chain is a priority for their company. However, this frequency drops to just 22% among Irish respondents.

Given the scrutiny on forced labour in supply chains, boards of directors should prioritise this issue before it escalates into a crisis. This begins with requiring annual updates from management, including progress on supply chain mapping. These updates should encompass a comprehensive risk assessment of the company’s supply chain, identifying potential risk factors or red flags that may indicate forced labour. Reassessments of supply chain maps should occur at least annually. Additionally, companies should include contractual language with key suppliers, obligating them to update the company regarding changes to at least their own ‘tier one’ suppliers (those they contract with directly).

Export controls and sanctions

Geopolitical tensions, including the Russia-Ukraine conflict, US-China tensions and uncertainty in the Middle East, have intensified the regulatory environment around export controls and sanctions. Multinational companies, regardless of their stance on policy priorities, must comply with these legislative and regulatory changes.

Our research indicates that the business community is indeed attentive to these developments. Among Irish executives surveyed, 53% agree that sanctions and export controls imposed by governments have grown more complex in the last two years, and 44% report that sanctions are being enforced more robustly.

Third parties are recognised as posing the biggest threats to sanctions compliance for Irish organisations.

Economic crime prevention: what organisational leadership can do

Given the complexity and constantly changing environment, senior management and board members should actively address the organisational plan for mitigating third-party risks. Here are specific actions they can take:

Procurement, Legal, and Compliance

  • Assess the sufficiency of your third-party risk management approach.

  • Revisit third-party risk assessment processes to incorporate leading practices.

  • Support the case for investment in analytics, including artificial intelligence (AI) and generative AI (GenAI).

  • Ensure alignment with the CEO and board regarding the nexus between growth and risk.

  • Identify strategies for collaboration between internal audit and legal/compliance, including third-party risk assessments and onsite audits.

Boards and business executives

  • Reconsider if briefings on third-party risk are of sufficient frequency and insight.

  • Help break down functional silos that may interfere with effective compliance and risk mitigation.

  • Encourage collaboration between the first, second and third lines to increase efficiency and effectiveness.

We are here to help you

Our experienced team of forensic accountants, investigations experts and corporate intelligence specialists have worked on some of the largest commercial litigation and forensic investigations in our jurisdiction and beyond.

We support our clients in investigating accounting issues or financial irregularities, whether they have arisen through fraud, economic crime or genuine errors. Our integrity due diligence team uses deep open-source intelligence searches to help clients understand risk areas, including sanctions, the environment, forced labour and other adverse media reports regarding parties in their supply chains.

For assistance with any of these matters, contact us today.

About the survey

PwC’s 2024 Global Economic Crime Survey is the latest in a series of studies dating back more than 20 years. In our research, conducted between January and March 2024, PwC surveyed nearly 2,500 companies across 63 territories, including more than 30 in Ireland. Two-thirds of respondents were C-suite executives, including 450 General Counsel, Chief Compliance Officers and Chief Audit Executives. We also conducted over 45 interviews with senior executives from major corporations around the world to discuss their leading practices. This body of research gave us a unique lens on how today’s boards and business leaders are addressing the economic crime risks their organisations are navigating daily. PwC Research, PwC’s global Centre of Excellence for market research and insight, conducted this survey.

You can view the results of the global survey here.

Deals Advisory

Meeting tomorrow’s challenges, embracing risk intelligently.

Contact us

Deirdre McGrath

Partner, PwC Ireland (Republic of)

Eoghan Linehan

Director, PwC Ireland (Republic of)

Mark Archibald

Senior Manager, PwC Ireland (Republic of)

Follow PwC Ireland