Task force announced to crack down on “shameful” UK fraud

“Fraud shames our financial system,” said Home Secretary Theresa May as she announced a new task force to combat fraud in the UK last month. She continued: “It undermines the credibility of the economy, ruins businesses and causes untold distress to people of all walks of life. For too long, there has been too little understanding of the problem and too great a reluctance to take steps to tackle it.”

The task force will represent a new level of collaboration between government, law enforcement and the banking sector, and is committed to “tackling fraud and reducing its devastating impact.”

The announcement of the task force hasn’t come a moment too soon: last year, fraud was included in the crime figures for England and Wales for the first time, and the figures were sobering. The survey suggested that 5.1 million cases of fraud occurred in 2015, ranging from credit card scams to the CEO email racket, when an employee is duped into transferring money by a false email from the CEO.

Financial Fraud Action UK warns that small businesses are increasingly becoming targets for fraudsters. “Criminals are turning their attention to businesses because successfully scamming a company can net the fraudster a much bigger haul than they could steal from an individual. Fraudsters also understand that small businesses are used to processing all kinds of payments and so a simple request to change an invoice or provide some financial information has a good chance of deceiving an accounts department,” said Katy Worobec, Director of FFA UK. It’s clear that businesses must be alert to the increasing risks, and prepared to defend against these kinds of attacks.

Invoice scams represent one of the fastest growing areas of fraud that affects small businesses. Fraudsters send out a false invoice to a company, often with a payment due date that has passed, and threaten that non-payment will affect credit rating. These fake invoices are often targeted to lower-level admin employees in the hopes that they will be paid quickly in a panic – and not questioned. A more sophisticated version of the scam is sending invoices as attachments that, if opened and downloaded, will give the scammer access to information stored on the infected computer. Another variation is mandate fraud, where a company is duped into diverting legitimate invoice payments into the fraudster’s bank account.

It is essential that all employees are trained and regularly reminded to be on alert for potential fraud. Any unusual invoices must be double-checked, anyone phoning to update the payment details of a regular direct debit must be thoroughly vetted, and emails purporting to be from senior staff members must be verified before action is taken. Companies must also remember that fraud is constantly evolving, and fraudsters go to great lengths to deceive. So while it’s important to train staff to spot fraud, a general awareness of the risks and a healthy suspicion of anything unusual are also valuable defences against criminal activity.

How can VinciWorks help?

Our Fraud and Market Abuse training suite is designed for employees at all levels and provides an overview of what fraud is, why people commit fraud, and the behaviours necessary to identify and report suspected fraud.

How are you managing your GDPR compliance requirements?

GDPR added a significant compliance burden on DPOs and data processors. Data breaches must be reported to the authorities within 72 hours, each new data processing activity needs to be documented and Data Protection Impact Assessments (DPIA) must be carried out for processing that is likely to result in a high risk to individuals. Penalties for breaching GDPR can reach into the tens of millions of Euros.

“In a world older and more complete than ours they move finished and complete, gifted with extensions of the senses we have lost or never attained, living by voices we shall never hear.”