- Security TWENTY
- Women in Security
The annual cost of fraud in the UK could be as high as £193 billion per year, a new report suggests. This dwarfs previous estimates produced by the UK Government which put the figure at around £50bn in 2013.
The Annual Fraud Indicator 2016 has been produced by the UK Fraud Costs Measurement Committee (UKFCMC) supported by credit checking company Experian and chartered accountants PKF Littlejohn and is based on research by the University of Portsmouth’s Centre for Counter Fraud Studies.
The UKFCMC has revised and renewed research undertaken by the Government up to 2013.
The private sector has been under the biggest attack from fraudsters, with both SMEs and large enterprises losing an estimated total of £144bn a year. By far the biggest source of fraud for these businesses relates to procurement; £127bn. Procurement fraud includes crimes such as the submission of false invoices or the awarding of contracts in exchange for bribes. The report highlights that procurement is so vulnerable because of the sheer size of spending , as well as the high volume, low value nature of transactions and the breadth of fraud it is susceptible to.
Prof Mark Button, pictured, Director of the University of Portsmouth’s Centre for Counter Fraud Studies, said: “The level of losses suffered by the public sector and central Government as a result of fraudulent activity are immense. Government suffers in a similar way to the private sector from vulnerabilities in procurement but also telling is the more than £15bn lost annually to tax fraud largely from people and organisations not declaring and under-declaring income.”
Chris Clark, UK and Ireland CEO at Experian said: “The startling figures that have come out of the Annual Fraud Indicator illustrate the scale of the fraud problem currently facing the UK. £193bn per year underlines that there is much more still to do, despite evolving anti-fraud measures.
“And it’s not just a problem for UK government, businesses and charities. It has an impact on every individual in the UK. Although 95 per cent of the fraud taking place is not a direct to end consumer cost, those lost funds are passed on to individuals in the form of higher costs on products and services. Every transaction we make, whether that is buying a washing machine or putting money into a savings account, is affected by the fraud epidemic.”
Jim Gee, Chair of the UK Fraud Cost Measurement Committee and Head of Forensic Counter Fraud Services at PKF Littlejohn, said: “Fraud has a pernicious social and economic impact on the UK. Private sector companies are less financially stable and healthy than they would otherwise be; public sector organisations cannot provide the quality of public services that we pay our taxes to get; and even charities are deprived of the full value of the donations which we make.
“It is best seen as similar to a clinical virus – something which continually mutates and changes as fraudsters seek the greatest benefits for the least risks. The best way to reduce its extent and cost is to make sure our organisations are fraud resilient and able to protect themselves against a continually evolving threat.
“This report continues the Government’s work producing an Annual Fraud Indicator to provide a view of its total cost across the UK. It reflects a growing understanding that unless we understand the nature and scale of fraud we cannot apply the right solution to diminish it.”
Other big types of fraud impacting UK businesses identified include:
– Payroll fraud, which accounts for losses of £12bn per year – 8 per cent of the total cost of fraud to the private sector
– The charity or ‘third sector’ is hit with fraud costs of £2bn per year
– Mortgage lending, which suffers losses equivalent to £1.3bn annually and in which 84 applications out of every 10,000 are suspected to be fraudulent
– Insurance sector fraud, costing £1.3bn a year through illegitimate claims with an estimated 350 frauds every day
– Fraud in the public sector of around £37.8bn is equivalent to 5.5 per cent of the £694bn spent annually. Central government bears the majority of this cost at around £30bn per year. Procurement fraud is again a major source of losses, costing central and local Government a combined £10.5bn per year.
Other hits to Government include:
– Tax fraud costing £15.4 billion every year, equal to 3pc of the total tax revenue;
– Fraud losses in the NHS relating to income and expenditure amounting to £2.5 billion;
– Housing tenancy fraud, estimated at £1.7 billion;
– Benefit and tax credit fraud, estimated at £2.4 billion;
– Grant fraud, estimated to cost £2.7 billion.
The cost of fraud carried out directly against individuals is now £9.7bn per year with identity fraud being the single largest contributor at almost £5.4bn. It is estimated that there are up to 3.25 million victims. Given the rise in identity theft and the prevalence of cyber-crime, this is only expected to grow.
The Annual Fraud Indicator, between Experian, PKF Littlejohn and the University of Portsmouth’s Centre for Counter Fraud Studies, aims to gauge the true scale of fraud in the UK. For the full report findings visit: http://www.port.ac.uk/centre-for-counter-fraud-studies/uk-fraud-costs-measurement-committee/.
Rob Norris, Director of Enterprise and Cyber Security in EMEIA at Fujitsu, says: “The fact that the cost of fraud in the UK could be as high as £193bn is no surprise. You just need to look at the amount of companies being hit by attacks to see the growth of fraud and malicious intent. Criminals seek money and companies have it – it’s as simple as that.
“To combat this growing risk, it’s vital both consumers and organisations take a proactive approach when it comes to security. Organisations need to focus on the integration of threat intelligence and other information sources to provide the context necessary to deal with today’s advanced cyber criminals. There must also be a clear and well-rehearsed crisis management plan for a breach, addressing internal and external communication. Whereas consumers need to ensure they use different passwords for different applications and are aware of the security risks when using payment information. As the number of these threats continue to increase exponentially, no businesses nor consumer can afford for cyber-security not to be their number one priority.”
And Lisa Baergen, director at NuData Security, says: “One of the largest growing fraud vectors is digital fraud. The global threat environment is rapidly changing, and the growing size and scope of breaches and exposure of personally identifiable information (PII) is concerning, because it can expose people to significant fraud. Individual point solutions for fraud prevention fail to deliver the visibility needed to protect financial institutions from threats posed by an increasingly complex world of cyber crime.
“This year, we have determined that fraudsters are leveraging more sophisticated attack vectors, focusing increasingly on account takeover and account creation. In 2015 we identified 45.95pc of accounts created, across our financial institution and e-commerce clients, as fraudulent attempts against customers of some of the largest banks and merchants globally. This was a 66pc increase in account creation fraud since 2014, when the rate was 27pc of all accounts.This shows us that thieves are beginning to value user accounts, with related details of payment information attached, more highly.
“This puts an additional burden on the institution to protect their customers from fraudsters that know their customers better than the banks do. In order to hijack an account, fraudsters often attempt to login, just like regular users, using password information gathered from highly publicised data breaches. Expecting consumers to maintain strong, non-reused passwords has proven to be ineffective. To protect their brand and customers, the banks and financial institutions must figure out how to detect fraudsters utilising this rising amount of stolen identity data. The good news is that we can now harness the power of behavioural attributes to verify the authentic users. Behavioural analysis serves as a means of understanding how legitimate users truly act without interrupting their experience, thereby predicting and preventing fraud from occurring. Becoming complacent in an age of massive data breaches is both a financial and reputational hazard.”
And Yaroslav Rosomakho, Principal Consulting Engineer for Advanced Threats at Arbor Networks, said: “The news that fraud costs the UK up to £193bn per year shouldn’t come as a surprise. Hackers are smart, resourceful and more motivated than ever before, and will do anything to get what they want – money. To ward off fraudsters, organisations need to take a proactive approach to protecting themselves. This includes not just relying on automated tools and preventative measures, but also active threat hunting and indicator of compromise investigation.
“The monitoring of network infrastructure and the user-base is also important as increasingly organisations are the target of a cyber-attack and need to have solutions to deal with any event as quickly as possible. Preventing an attacker from gaining a foothold within a network is desirable. But as malware evolution and network and service infrastructure changes have made it much more difficult to keep attackers out, organisations need to focus on detection and remediation as part of their efforts to keep fraudsters at bay.”