Fraud - the outlook for 2023

‘There is currently an epidemic of fraud in England and Wales. The level of fraud has been increasing year on year and this growth accelerated during the pandemic to an unprecedented level’[1] So states the House of Commons Justice committee on fraud. 

The House of Lords report, ‘Breaking the Chain’ states that ‘Fraud is the most commonly experienced crime in England and Wales today.’[2] Meanwhile the Office of National Statistics show that there were 3.8 million fraud offences in the twelve months up to June 2022.

Increasing digitalisation of our way of life offers new opportunities for criminals to attempt to carry out frauds against us as individuals as well as against our firm and our customers.  Organised crime groups are able and willing to take advantage and use digitalisation to increase their opportunities for fraud. Against individuals, common frauds include the many versions of phishing, APP fraud, romance scams, or other scams.  Against firms, criminals seek to get past cyber security through, again, phishing, as well as business email scams, theft of client identity information, ransomware attacks, and many others.

Fraud is a huge problem, one to which all of us are exposed and which we need to be vigilant about to protect ourselves, our customers and our firm.

Fraud against individuals is all around us and is growing at an alarming rate.  We need to be aware of these to protect ourselves and to protect our customers.  Given the sheer scale of fraud there are many predictions as to what the most prevalent frauds in 2023 may be.  Mark Sellman in the Times at the end of last year predicted five main frauds to watch out for, as listed by Which? Magazine.

These are:

• Money mule requests: These are requests which are intended to cause someone to unwittingly allow a criminal to use their bank account for illegal purposes
• Card theft: Criminals take advantage of opportunities for fraud with credit or debit cards, or prepaid cards.  
• Fake apps: Fake apps are designed to look and work like legitimate and often familiar apps and are often included in official app stores. They are used to carry out a range of illicit activities.
• Spoof calls or texts
• Online purchase scams

Phishing attacks will continue to be prevalent.  These involve scammers using email, text messages and other methods to steal personal information and even money from you. 

There are many variations of phishing attacks and these may be aimed at customers or the staff in your firm  For example, some phishing attacks may pose as a request for information from your firm, and some manage to use personal information they already have to persuade the target to part with more information or even money; so-called grandparent scams, for example.

Advanced push payment (APP) frauds are one of the fastest growing scams.  This type of fraud is intended to persuade you or a customer to make a bank transfer. The criminal may  pose as someone at your bank, or another trusted organisation, typically with an urgent demand to transfer money. 

Cyber fraud is an ongoing and rapidly growing risk to firms.  While firms will have extensive cyber security in place, there remains a huge risk to firms through fraudsters ability to reach staff through emails.  For example, business email scams involve malicious emails sent from outside the firm, and which are designed to look like internal emails. Typically, these emails may include a link to be clicked on, or an attachment to open.  These have been known to be supported by deep fake video or audio messages.

There are too many versions of fraud, both online and in person, to mention them all.   What is important is that your staff and your customers are continually alert, question , and refuse to be rushed into any action that may lead to loss of money or personal information. 

In light of the fraud trends highlighted above, it is not surprising that regulators, such as the UK Financial Conduct Authority (FCA), are increasing their focus on fraud and other financial crimes.

In September 2022, Sarah Pritchard (FCA Executive Director, Markets) emphasised the role that financial services firms play in preventing and detecting fraud:

 “You are the first responders and front line in the fight against financial criminals…We aim for the force multiplier effect: professionals in firms scanning and being alert to red flags, using their human knowledge and instinct to interpret the clues from conversations and customer behaviour; technology identifying unusual patterns of activity; and information shared with regulators, and law enforcement.”

She went on to highlight the impact of the cost of living crisis, and the potential financial crime risks associated with it. “We are already seeing more scams such as loan fee fraud, ghost broking, and false access to rebates from utility companies. And we anticipate a potential rise in people being recruited to act as money mules too.”

Unsurprisingly, there is an expectation that firms review and strengthen their fraud prevention controls. However, the FCA expects more:

“Is your firm doing enough to raise [customers'] awareness of crimes such as APP fraud, pension scams and ghost broking so they are not easily exploited?”

This expectation was reiterated in a Dear CEO letter issued to life insurers in December 2022, which recommended that life insurers use anti-scam communications to help protect customers. It also links into recent FCA initiatives (e.g. Fair Treatment of Vulnerable Customers and the new Consumer Duty) which place significant emphasis on consumer support.

There is no doubt that both firms and consumers face a heightened risk of fraud in the current economic environment.

It is, therefore, important that firms review their fraud risk assessment, fraud prevention and detection controls and their customer support processes.  These will need to be reviewed often and updated as necessary based on the evolving type and scale of fraud risk for your firm.  An effective fraud risk assessment requires an ability to think like a fraudster and to apply that thinking to the particular fraud risk characteristics of your firm.

Staff will need to be trained to recognise red flags relating to fraud risk, both general risks and those specific to your firm.

Communications to customers should be relevant, accessible and practical and should focus on the key fraud risk types associated with the products and services your firm offers. 

It may also be worth reviewing the FCA’s “ScamSmart” campaign, which provides some useful advice for consumers.

[1] House of Commons Justice Committee: Fraud and the Justice System Fourth Report of Session 2022–23

[2] House of Lords: Fighting Fraud: Breaking the Chain

Bruce has been working in financial services for nearly 40 years, 25 of these as a learning professional focusing on compliance for a wide range of financial services companies, mainly through the analysis, design, creation and implementation of global training programmes for Tier 1 Banks and FTSE 100 companies. He has been Global Head of Compliance Learning for such firms three times and has provided compliance learning consultancy to similar companies many times. 

Bruce has vast experience in successfully delivering compliance-related training in Europe, The Middle East, the Far East, India, North America and Africa. Bruce’s training is highly effective with a clear focus on how adults learn most effectively, using innovative design and delivery, which combines a stimulating, culture-sensitive, learning environment with the highest standards of professionalism and a focus on the required knowledge, skills and behaviours of banking professionals.

Bruce provides excellent training events on compliance, with a specific focus on financial crime, including all aspects of anti-money laundering, anti-bribery and corruption, fraud and sanctions.