Fraud figures in the UK indicate that there were 3.7 million offences in 2022, with the total value of alleged fraud over £100k reaching UK courts being £1.2 billion. This is a 151% increase in the total value from the previous year.
What is fraud?
Under the UK Fraud Act, there are three main offences:
- Fraud by false representation: Someone makes a dishonest representation (express or implied) to make a gain or cause a loss to another.
- Fraud by failing to disclose information: Someone dishonestly fails to disclose information that they're legally obliged to in order to make a gain for himself or inflict a loss on another.
- Fraud by abuse of position: Someone holding a position of responsibility (which requires him to safeguard the interests of another) dishonestly abuses the position to make a gain for himself or inflict a loss on another.
Other offences include the possession of articles for fraud, making or supplying articles for use in fraud, participating in a fraudulent business, and obtaining services dishonestly.
Who commits fraud?
Organisations of all sizes are finding themselves victims of fraudulent activity. It's important to remember that there are both external and internal perpetrators of fraud.
- Internal threats: examples include disgruntled employees who may pilfer company assets, overstate expenses or overbill customers. Workers may also collude with suppliers to defraud the firm (misappropriation of funds). There may also be fraudulent reporting of company accounts by senior managers.
- External threats: these come from customers (obtaining goods or services without paying or misrepresenting their finances), suppliers (submitting false or duplicate invoices), or representatives (not passing on all the money they receive to our firm). Fraud may also be committed by people who are unknown to us via identity theft, CEO fraud, and so on.
Conducting a fraud risk assessment
To protect your company, you need to be aware of any vulnerabilities you may be exposed to and strengthen your existing arrangements. This is why you need to conduct a robust fraud risk assessment by following four simple steps.
Step 1: Identify risks
Firstly, you need to assess your current operations and processes. To do this, you could refer to historical data as well as emerging trends and patterns.
Step 2: Quantify risks
Estimate the probability and impact of each type of fraud. Use the probability/impact matrix to estimate the level of risk along with your risk exposure.
Step 3: Mitigate risks
Once risks have been identified and quantified, you can use the 4T's model to mitigate them:
- Transfer - in other words, move the financial consequences to a third party. Generally, this involves getting insurance.
- Terminate - the simplest and most often overlooked solution. Stop doing risky things. This can be achieved through changes in practices and processes or by stopping engaging in activities with low reward and high risk.
- Treat - here, you aim to reduce the likelihood and impact of risk. Again, this could involve changes to systems and processes, but importantly, training your team about risk is vital.
- Tolerate - this is the tricky area. You've found a risk know its potential impact, but the cost of doing anything about it isn't worth it. This could include risks with low incidence and medium impact or medium incidence and low impact. However, don't consider doing this with catastrophic losses - like buildings insurance. Failing to transfer that risk before the COVID pandemic has been a stark reminder of why not.
Step 4: Monitor & review risks
It's important to see risk assessment as an ongoing process rather than a one-off task. As part of the identify stage, you will have already gained insights that will help you understand what to monitor and how to review.
But new risks can appear, and the impact and prevalence of threats can change (both up and down). Think of your assessment like you would virus software; there to protect you and regularly needs checking and updating. And that includes keeping both your processes and your people up to date!
Want to learn more about Fraud?
We also have 100+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!
Finally, the SkillcastConnect community provides a unique opportunity to network with other compliance professionals in a vendor-free environment, priority access to our free online learning portal and other exclusive benefits.