Analysis of staff frauds recorded by Members of CIFAS – the UK’s Fraud Prevention Service during the first six months of 2011, reveals the continued seriousness of the problem posed by dishonest, fraudulent staff operating within organisations. Key findings include: Dishonest actions by staff to obtain benefits by fraud or deception account for over 50% of all confirmed staff frauds committed in the first half of 2011, rising by nearly a quarter in the first half of 2011 compared with the last half of 2010. Additionally, fraudulent withdrawals from a customer’s account remain one of the most frequently used fraudster techniques – demonstrating that old favourites are never entirely discarded in favour of new, emerging, threats. Theft of customer data by staff remains an ever-present threat, with 65% of such cases involving this data being given to third parties (proving that the tentacles of organised crime continue to plant or coerce staff into aiding their criminal endeavours).
Dishonest actions – the fraudsters’ main weapon During the first six months of 2011 there has been a noticeable surge in the number of staff fraudsters committing dishonest actions to obtain benefits through the manipulation of a third party account: e.g. making changes on an account in order to appear to have met targets, facilitate fraudulent withdrawals or benefit third parties. CIFAS Staff Fraud Adviser Arjun Medhi notes: “In a challenging work-environment, the motivation to commit frauds of this kind is perhaps unsurprising, but with frauds of this kind frequently linked to third parties, the spectre of organised criminal networks targeting staff inside an organisation is one that cannot be overlooked. Organisations must always remember that threats come from both inside and outside, and in these cases the two are often working together.”
The ever present danger Another ever-present danger, of course, remains the old threat of the ‘hand in the till’ – and, in spite of the vulnerability to data-theft (highlighted by CIFAS’ Staff Fraudscape report – May 2011), the first six months of 2011 prove that the old threats never completely disappear. Arjun Medhi explains: “The first half of 2011 saw a 17% increase in the levels of unauthorised activity on a customer’s account, with nearly a half of all of such cases (43%) involving the fraudulent withdrawal of funds from a customer’s account. We frequently hear of the value of data, intellectual property, and changing forms of payment – but it is important to remember that however these frauds are facilitated they are done for money. Cash is still king for the fraudster and these frauds are theft: plain and simple. As with recent increases in the number of cheque frauds (as revealed in Fraudscape Bulletin), in the world of the staff fraudster it truly seems that the old favourites never go out of fashion.”
Data: still valuable, still vulnerable While the overall decrease in the level of unlawful theft or disclosure of personal data is a welcome development – especially considering the high levels recorded in 2010 – the most common reason (65% of cases) for this fraud being perpetrated remains the disclosure of such data, by the inside fraudster, to a third party. With data of this kind proving to be exceptionally valuable to organised criminals, any such theft must sound a clear and loud alarm bell to all organisations that controlling data access is a priority; with robust and stringent policies put in place to vet those whose roles will genuinely require access to data, while protecting the customer. Engagement is the key to dealing with threats.
Further analysis of the frauds recorded to the Staff Fraud Database reveals that the majority of staff frauds are discovered either by the customer, or an organisation’s own internal controls and processes. While this heralds the strength of an organisation’s own anti-fraud procedures, and better fraud awareness among customers, a worrying decrease (39%) in frauds spotted by other staff within an organisation indicates that organisations increasingly need to pay attention to their own culture. Arjun Medhi explains: “There are numerous well-known motivations for fraud; from financial hardship through to dissatisfaction or feeling under undue pressure. Many of these were picked up by the Chartered Institute for Personnel and Development’s recent Spring survey to assess the attitudes and opinions among UK employees.
What this means, therefore, is that an organisation’s anti-fraud processes are essential and must never be sacrificed, but the most important aspect for any organisation is its staff. While most are trustworthy, hard-working and honest – an organisation’s staff are the first barrier to any bad apples lying inside the workforce, and that an unengaged workforce will provide no barrier to the any criminality that might take place.”