Industry experts called for more investment in
engaging with staff rather then regulation as a way to mitigate
business risk at the Tenth PwC Corporate Accountability conference
in London this week.

“Culture is vitally important and we need to
develop a culture of disclosure, of security and of leadership,” US
Southern district of New York attorney Preet Bharara said in a key
note speech.

Panellist’s then discussed how to create a
culture of compliance with regards to a company’s codes of ethics
agreeing that engaging with people is the most successful means to
combating corporate fraud.

“We don’t use rules, but principles. […]. We
don’t talk about ethics to our employees, but about responsible
behaviour and we need to learn how to get non-financial risk in
people’s mind,” BAE Systems head of business David Harris said.

Transparency International board member Jeremy
Carver pointed out there still isn’t enough protection for
whistleblowers, while they represent a great potential to make sure
companies behave in the appropriate way.

Cyber crime

A panel discussion covering the growing cyber
crime threat to business expressed the importance for companies to
train people on responsibility as well as promoting a
mindset-change among businesses.

“We have to recognise that breaches will occur
and we have to adopt the same risk modelling as in other fields as
containing the problem is the main challenge,” Europe Middle East
and Africa technology security chief Greg Day said.

PwC director of One Security William Beer said
the key to help clients against cyber crime is “understanding” it
is not an “IT problem but everybody is accountable; a sense of
clarity; and be prepared for an inevitable attack”.