As information flows more freely every day in a world where digitisation is occurring at an exponential rate, the threat landscape has evolved dramatically. Insider threats have become a significant concern for local and global entities.

In today's interconnected world, ensuring the authenticity and reliability of those we engage with in business has never been more crucial. For South African businesses, due diligence now extends far beyond traditional methods. This newsletter explores the importance of integrating both fingerprint identity verification and social media analysis to create a comprehensive approach to verifying identities. This approach not only protects business interests but also fosters trust and security in professional relationships.

Procurement and the tender process are prime targets for fraud, corruption, collusion, and manipulation. With large sums of money involved, opportunities are abound for unscrupulous employees, suppliers, and contractors to engage in illicit activities for financial gain. Organisations can face major financial, legal, and reputational damages if procurement fraud hazards are not adequately identified and controlled.

Financial fraud is a major problem that causes substantial damage each year, wiping away billions. However, there is some hope for individuals as privacy laws such as POPIA have been established to protect personal data from misuse. Additionally, FICA reporting requirements have been put in place to prevent the flow of illicit finance.

Supply Chain Risk Management (“SCRM”) is the process of identifying, assessing, and mitigating commercial crime risks associated with an organisation’s supply chain. For many businesses, the procurement of goods and raw materials is one of the most important functions contributing to the enterprise’s success. KPMG has predicted that supply chain disruptions will continue well into 2023 and beyond.

Recently, the president of South Africa declared a national state of disaster as a cause of loadshedding. Since 2007, South Africa has been in the grip of the ongoing South African energy crisis.

Commercial crime is believed to occur in the presence of three factors, namely, perceived opportunities, pressure, and rationalisation. It is the human element that is exploited by criminals in businesses where management has implemented the necessary controls to curb commercial crime within their systems and administrative functions. It is thus important that an organisation understand the mental health of their workforce to engage with workers that will be able to reduce risks by performing at optimal levels, management must take the time to get to know their employees to comprehend employees’ job satisfaction. Developing relationships with your workforce can address two of the three factors that result in commercial crime, namely, pressure and rationalisation.

Since 2017 there has been a rise in the media on reports of Sim Card Fraud. This relatively new type of commercial crime is known by a myriad of different names, including but not limited to: Sim Jacking, Sim Swapping, Port Out Scams, and Sim Splitting but all of these names describe the basic actions of account takeover fraud that generally will exploit a weakness in multi-factor authentication.

The Economic Times defines a whistleblower as a person who discloses information to the public or a higher authority about any wrongdoing including, but not limited to, commercial crime. The South African legislation states that any person can be a whistleblower when they suspect, witness, or observe behaviour or actions that they believe to be illegal or in contravention of the financial management laws of the country.

A data breach is an incident where information is stolen or taken from a system or person without the knowledge, nor with the authorisation of the owner of the system. As most hackers intend to get personal information of data subjects, all organisations are at risk of experiencing data breaches in some form at some stage.

Identity theft takes on many forms and is an ever-evolving form of commercial crime. What constitutes a commercial crime is not always clear-cut, and it is important to know that simplistic events can occur throughout the business if management is not vigilant during their evaluation of internal controls.

In most industries, an interconnected network of businesses is involved in the ultimate provision of products and services to consumers. Upholding and maintaining the supply chain network is the foundation for mitigating commercial crime risks related to such. In terms of choice, loyalty is slowly being replaced with compliance, as security replaces trust. Digital platforms that are being considered the norm of the technological revolution limit person-to-person contact to mitigate risk and to serve as a tool for a better overall risk profile.

Fraud and corruption are phrases that have become widespread in South Africa, used colloquially by individuals from all walks of life. Fraud and corruption are considered subtypes of Commercial Crime, an umbrella term that refers to all monetary criminal activities that occur within the workplace and against an organisation.

Risks are imposed on all features and facets of the business world, and human error is an overarching cause that can be a pitfall at any time. Systems are built upon the predilection of administrators and authorized users being the only ones able to access them. This poses a significant risk to the business if there is an information leak that would cause reputational damage to the employee or the company

With the advent of digital platforms sweeping the globe businesses should recognise and be aware that risk management is paramount to operational efficiency. The technological future we face is a dark landscape that holds ever-evolving dangers than cannot be managed in advance.

Since the industrial revolution one of the biggest challenges that business face is the changing marketplace that is forcing the business world to adapt to e-commerce as it becomes more and more entwined in our daily lives.

This month's topic is International Fraud Awareness Week, or as it is more informally known, Fraud Week, is a period of time established by the Association of Certified Fraud Examiners (ACFE) in 2000. Fraud has been around since the inception of human history; it is not something that has become a recent phenomenon but with the advent of new technologies on the horizon the threat of fraud has increased proportionally

Company Culture - Culture can be defined as the way of life that is passed down through generations by means of traditions, beliefs, customs, and arts of a specific demographic. Similarly, company culture is defined as the shared beliefs and values present within an organisation, established by top management, and disseminated throughout.

Ethics, or moral philosophy, is the discipline concerned with what is morally good and bad, and what is morally right and wrong. The ethical code that a person follows can determine what choices they make, their actions and views.

An organisation can never exist without risk. This is an absolute that can never be changed, and it is the response to risks that define the longevity of an organisation. One of the most enduring risks that an organisation can face is in how much fraudulent behavior can influence its lifespan or bottom line.

A modern business cannot exist without extending control over its assets, and this includes using those assets to the best of their abilities to further the end goal that the business wishes to achieve. The financial controls in the business are the processes, policies and procedures that are implemented to manage the financial assets of the business.

On 1 July 2021 South Africa will have reached a milestone in the development of the systems in place against fraud prevention. South Africans can officially welcome the Protection of Personal Information Act ("PoPIA"). But the question that arises is how this new development affects the IT industry and the new responsibilities that companies and individuals will be tasked with in this trying period in human history.

Essentially, the purpose of the Protection of Personal Information Act ("POPIA") is to protect people from harm by protecting their personal information. To stop their money being stolen, to stop their identity being stolen, and generally to protect their privacy, which is a fundamental human right. Only through diligent and ongoing effort can an organisation protect itself against significant acts of fraud.

On the morning of 22nd June 2020, the Presidency announced dates for compliance to the Protection of Personal Information Act No. 4 of 2013 ("POPIA").

Cybercrime awareness and ransomware vulnerabilities in the workplace. The necessary controls to maintain a secure work environment

These days, businesses have less reason to fear burglars and thugs than anonymous cybercriminals. While thieves can steal merchandise or damage property, cybercriminals are much more insidious, and the harm they cause can be extensive. When sensitive information is stolen or financial accounts are hacked, the losses can overwhelm even the most spectacular robbery.

Fraud trends and identifiers both globally and in South Africa. A brief summary of the latest in cybercrime trends

Focusing on financial fraud trends within South Africa, as well as giving an overview of current cybercrime trends