Thursday 13 February 2020 5:32 am

Fighting shadows: Each technology advance puts new weapons in the hands of cyber-criminals

Helen Brand is the chief executive of ACCA.
ACCA, Chief executive

US Supreme Court Justice Louis Brandeis, talking about the benefits of openness and transparency, famously said that sunlight is the best disinfectant. And, conversely, we are all rightly suspicious of anything that hides in the shadows and conceals identity and motive.

Global cybercrime is able to exploit technology to create anonymity and avoid accountability as never before. And it now costs the global economy an estimated $3.5 trillion (£2.7 trillion) a year — greater than the UK’s GDP.

The development of economic crime has progressed in parallel with the development of trade and business technologies. The big question we must ask is whether this change in business technology effected by the digital revolution has had a similar impact on the commission, detection and prevention of economic crime.

A new report from ACCA and EY — Economic Crime in a Digital Age — addresses this fundamental question, and asserts that digitalisation has led to an increase in the volume and velocity of economic crime attacks, as well as an expansion in their scope and reach.

Cybercrime allows criminals to avoid physical security and swift deterrents. They use a wide arsenal of technologically-aided scams to siphon funds from legitimate institutions and private individuals.

The bad news for society is that cyber-pirates tend to stay at least a couple of steps ahead of the law. Their agility and focus on exploiting chinks in the digital armour of companies and systems mean that law enforcement and regulators can struggle to stay ahead of their scams.

And in today’s digital world the cyber-criminal can operate across borders, covering their tracks in increasingly sophisticated ways.

This all adds up to a huge headache for lawful businesses which are striving to stay safe in the face of a ceaseless tide of hacks, scams and invisible assaults. For regulators and policymakers, economic crime in a digital age presents challenges which include, at a minimum, anonymity, accessibility, and accountability.

Our report found a pressing need to create a regulatory environment that supports financial innovation as well as limiting the risks for consumers and businesses. Policymakers and regulators must overcome the technology lag so that international law keeps pace with innovation.

It is an urgent need, because every technological advance also puts new weapons in the hands of the digital felons. Economic growth flourishes on technological breakthroughs, but so does crime. That creates problems for regulators, legitimate businesses, and their customers at every step.

This lag between what criminals can do and how we stop them is widened by the skills and knowledge deficits in the regulatory and law enforcement community.

Rogue actors are increasingly abusing emerging technologies to threaten data integrity. To combat that risk, companies must consider the scope to mitigate their risk through tools like artificial intelligence, robotic process automation, and cyber security linked to their critical processes and data.

Embedding a culture of integrity is critical for organisations. Achieving that through a combination of data insights, governance, culture, controls and procedures will help businesses protect themselves in the constantly transforming risk landscape.

And this is about much more than the bottom line. Financial crime takes an enormous human toll. People suffer as a result, losing savings, jobs and sometimes much more.

These crimes are faster and much more frequent, with technology being an enabler to break the law. But what must be remembered is that in every case the protagonist is human, and it is the corruption of the human decision-making process that is essential to the success of the criminal venture.

Finance professionals are part of the essential defence against cybercrime. Professional accountants recognise that business technology is no longer an administrative tool.

It is a fundamental component of the compliance environment and an integral part of the defences as it becomes a vector of attack.

Making the right decisions — at both strategic and tactical levels — will depend on the right talent having the right skills and the right information to tackle the rapidly changing digital world.

It is why bodies like ACCA and those we work with need to continuously evolve our education and training to fight this twenty-first century threat.