Exposure to fraud is growing, according to ORX’s H2 Top Risk Review
ORX, the global association of operational risk professionals has today released its H2 Top Risk Review. The report shows that although rankings have remained reasonably consistent since H1, External Fraud has risen from sixth position to the fifth biggest risk. At the same time, Internal Fraud has seen a significant increase in materiality score, making it one of the fastest growing risks. ORX attributes the rise in fraud exposure to socioeconomic pressures, continued geopolitical tensions and an increase in sophistication of fraud methods enabled and accelerated by AI. In the face of these challenges, employees are also becoming more vulnerable to external fraudsters seeking to recruit internal Threat Actors, making the boundary between Internal Fraud and External Fraud more permeable.
The geopolitical landscape acts as a driver across many risks, not just External Fraud. Survey responses indicate that although, on one hand, there is a sense of getting used to political unrest, recent developments (e.g. a high-profile assassination in the USA and drone sightings in Europe) are reinforcing a general sense of uncertainty. Increasingly, geopolitics is the thread responsible for weaving the interconnected nature of risk.
Perhaps less surprisingly, due to ongoing digital transformation, and deeper embedding of AI to support business operations across sectors, the top four risks are consistent with H1’s report: Information Security (including Cyber), Third Party, Technology and Data Management.
When comparing year on year, scores paint a picture of progressive turbulence as even the usually stable bottom four risks (internal fraud, legal, statutory reporting & tax, physical security & safety)have seen particularly high percentage increases.
Steve Bishop, research and information director at ORX comments: “Industries are navigating complex digital transformation journeys. As a result, they’re relying on third-party providers to deliver critical services. All of this is against the backdrop of an ever-more turbulent external environment. While, the right external expertise does help speed up transformation, it does also create a further threat to manage.”
Like external fraud, business continuity has moved up a place since H1, and up two rankings year on year. Survey respondents recognise that strengthening operational resilience must extend beyond business continuity management, in response to complex digital infrastructures, disruptive cyber attacks, physical climate events and geopolitically motivated attacks.
For the first time, ORX asked participants of the Top Risk Review, to predict their scores for each risk in six months’ time. The results were surprisingly optimistic, with almost all average predictions lower than current scores. Tools investment, tighter governance to improve oversight, maturing third party risk programmes and new programmes to drive a more unified approach to risk, are some of the tactics risk managers plan to deploy. However, as many participants also expected the environment to remain volatile, it remains to been seen whether this predicted reduction in scores will happen.
Bishop concludes, “Survey participants acknowledged the important role risk management plays in enabling safe, coordinated and effective change management at pace – in this world of increasingly interconnected risks.”