Contracts signed through different messaging channels, revealing sensitive data in unsecured emails, and intentional employee fraud are among the most common practices that make companies vulnerable in the COVID-19 era

Bucharest, November 24, 2021 - With the onset of the pandemic in Romania, faced with new vulnerabilities, which did not exist until then, companies sought to quickly take measures to adapt to the new reality and invest in improving security systems to ensure business continuity in the conditions of working at home and in hybrid systems. 

As a result, in the last two years, about 401TPTP3T of companies in Romania have improved or are in the process of improving their occupational fraud protection systems, as 1 in 2 organizations, regardless of sector, has reported or accused of increased cases of internal or external fraud since the beginning of the pandemic, according to an analysis by Corporate Intelligence Agency, a risk management company dedicated to the business environment.

The experience of the last two years has demonstrated the risks of home and hybrid work, among the practices adopted that make companies vulnerable being: 

• contracts concluded on various messaging systems (in one case brought to the attention of the Corporate Intelligence Agency, a company was damaged by more than €250,000),

• Disclosure of sensitive data in private, unsecured emails used by hackers for ransomware operations or even deepfake audio attacks (in one Corporate Intelligence Agency case, an attempt was made to authorize a €1 million transfer via a forged voice recording of a long-time partner),

• Employee fraud, such as misappropriation of databases, mail and technology, as well as time theft, with employees logged into company systems but carrying out other activities.

With the imposition of working from home as the norm in many companies in Romania, crime has increased by around 401TPTP3T in fraud cases overall. Some of these are insider crimes that can be detected by the employer itself, but in parallel with the increase in fraud cases, there is also a commensurate weakening of protection mechanisms - in particular, due to the restrictions imposed in the pandemic and the restrictions on effective investigation of these cases.

"In the Romanian business environment, with small exceptions, there is a lack of prevention culture, as companies have a reactive behavior. It is only when something happens that organizations become preoccupied with investing in processes / procedures and systems that allow them to continue their activities. To continue to thrive in such times, leaders in companies need to adapt their business and crisis mindset and invest in systems to prevent, control and prepare employees to adapt to exceptional working conditions. And WFH is a clear case of an asymmetric threat to the integrity of business operations"says Gabriel Zgunea, CEO Corporate Intelligence Agency. 

What companies need to do to reduce vulnerabilities

In order to prevent and detect fraud, companies need to invest in specialized staff with skills in improving compliance and data security systems and IT systems. A minimum increase of around 301TPTP3T in the budget dedicated to this area may be sufficient to limit the potential for internal fraud in organizations.

At a general level, in order to limit the vulnerabilities associated with remote and hybrid working, companies need to make an analysis of new risks and realities, adapt and improve their security systems (by encrypting data and implementing authorization/access filters, for example), but also implement new procedures, tests and work scenarios, after training sessions with companies specialized in risk prevention, which specifically indicate areas particularly exposed and where the number of fraud cases is expected to increase.

Random monitoring of employee activity on the part of the employer, as well as behavioral knowledge analysis and integrity and fraud-prone testing should be assumed as healthy and natural procedures in the organization. "It's a very risky approach for a company not to exercise the control function for reasons of employee comfort or organizational culture, if there are sufficient signs that indicate possible fraud"says Dan Rusu, Senior Partner Corporate Intelligence Agency.

Since the beginning of the pandemic, there have been companies, especially multinationals, that already had BCP (business continuity plan) procedures in place and had a smooth transition to work from home (WFH) and hybrid systems, but most companies were completely surprised by the implications derived from the general lockdown state. Organizations that invest in prevention, both in systems and in employee training, will benefit from a high degree of flexibility in adapting safely to the new reality of the world of work.

About Corporate Intelligence Agency

Corporate Intelligence Agency is a risk management company dedicated exclusively to the business environment, specialized in identifying potential vulnerabilities, risks or business opportunities of the companies that use its services. 

Corporate Intelligence Agency offers premium solutions in Applied Intelligence, Competitive Intelligence and Risk Management, using the latest tools and technologies, along with the dynamism, creativity, and especially the very high level of expertise in the intelligence field of the experts in our team. 

Corporate Intelligence Agency services are addressed to all companies and corporations that understand the importance of using professionals to generate reliable information that can inform decision-making processes, providing knowledge on socio-political phenomena or conjunctures, markets or situations of interest, as well as reducing risks or vulnerabilities in areas that may affect the company's economic and reputational interests.