Cybercrime inflicting damages of $6 trillion globally says UAE-IAA

Cybercrime is inflicting damages to the tune of $6 trillion globally and corporate fraud is costing global businesses $5 trillion annually, and internal auditors have a major role to play in timely detection and prevention, the first-ever symposium on Benchmarking in Internal Audit in Dubai was told.

The UAE Internal Auditors Association (UAE-IAA) organised a symposium on Benchmarking in Internal Audit in Dubai.

The one-day symposium was held at the InterContinental Dubai Festival City (DFC) Hotel, with Chief Audit Executives (CAEs) and their direct reports attending the ‘physical’ event. Seven elite and high-profile organisations participated in this event which included: Dubai Police, Dubai Electricity & Water Authority, General Directorate of Residency and Foreigners Affairs- Dubai, DP World, Financial Audit Authority and Ducab. It provided seven CPE credits.

The workshop was organised to elevate the standards of Internal Auditing and benchmarking with the best in class.

Mr. Abdulqader Obaid Ali, Chairman of UAE IAA Board of Governors, said: “We covered three different areas at the seminar: Internal Control, Fraud and Cyber Security. Questionnaires were discussed amongst the participants on these aspects, and, with their answers and inputs, a White Paper will be prepared and circulated. The White Paper will mark the benchmark for the internal auditors to follow.”

Corporate fraud all over the world is estimated to be some $5 trillion. However, the malaise is not widespread in this region. The UAE is number one in the Middle East in terms of corporate governance and transparency, according to Transparency International.

Internal auditors are contributing to enhance the image of the country that it is a region of good governance and transparency.

“We believe in our leadership, which is inspiring us to reach number one in every field of our activity. For a country which is not even 50 years, we have reached Mars. We don’t do this unless we have visionary leadership. The vision gives us the energy, power and the passion to make sure we behave in the way they wanted. This vision is percolating down to the last internal auditor who must keep moving and adopt best practices.”

“Any internal audit department must go through a quality audit to make sure that their system and the way they are doing the audit are aligned with a standard, Standard 1300 of the IPPF, where we at IAA will perform the service to make sure that the audit department is aligned with the standard.”

Abdulqader exhorted young audit professionals to embrace technology as digitisation is bringing in a revolution.

“If you do not keep abreast of technology, you will become obsolete as technology has changed all our lives and changed every single profession. In order to be a good internal auditor you have to do three things: Know your business, ask questions and be flexible. At the same time, you should know how technology works,” he said.

IAA, which represents 45 per cent of the total 7,000-plus Internal Auditors in the region, has taken the lead to organise this Benchmarking event.

Michael Fucilli, Vice President for Risk Management at Annaly Capital Management, one of the largest mortgage real estate investment trusts in the world, said, corporate fraud is estimated to cost the world economy as high as $5 trillion. Corporate frauds are on the increase, the crime pace is increasing. Consumers, customers and shareholders are paying the price of this corporate fraud. It affects the performance of companies and ultimately impacts the bottom lines, and the economy in general.

There are two types of frauds: employee fraud and corporate fraud. Internal auditors are focusing on the wrong fraud; they look at employee frauds first, but they should also look at corporate fraud. Internal auditors have a responsibility to detect fraud in first instance. It all starts with good governance.

Aakash Bassi, Partner, Forensic Practice Leader, BDO, said compliance programme is an involving topic within the internal audit world.

“Now, more than ever internal audit recognises and perhaps needs to recognise the importance of compliance programme and identify whether or not the programme is effective.

Darren Mullins Partner UAE, Head of Forensic Technology for Accuracy in Middle East, and Paul Wright, Director in Dubai office of Accuracy, made a presentation on Cybercrime and IT Audit.

Darren Mullins said by benchmarking Cybercrime, we can address ever changing risks, reduce the threat, risk appetite, controls and measures and IT bias.

Cybercrime was to the tune of $6 trillion in 2020. Internal auditors have a responsibility to assist the IT team, IT audit team in managing their risks, like any internal audit objective. They will be helping to build a framework for internal audit to assist IT audit in defining what the proper risks are.

Cybercrime is changing constantly and therefore tests are required to actually evaluate how a company is doing from a cybercrime and cyber protection perspective.

Now would be good time for internal auditors to look at what are the potential areas of enhancement as they are better positioned to test the effectiveness of the programme going forward. Internal audit should proactively take a step back and ask what are we doing every year differently or what is the incremental that we are doing every year to help understand more about the organisation’s effect on compliance programme and to help provide inputs to augment that compliance.