Dealing with increased fraud risk in a crisis

17-09-2020

By Sarah Shreeves, CIPFA Head of Training

How does a crisis increase fraud risks?

Fraudsters and organised criminals will have no qualms about taking advantage of a time of heightened risk.

A crisis leads to urgency in delivery. This means that time available to build in due diligence measures is reduced. Getting the right balance between speed of confirming an award or contract and conducting full checks to prevent fraud is a delicate one and in times of crisis the former often trumps the latter.

In addition, staff resources will be stretched. Maybe there’s illness, or staff members have been redeployed to frontline services or to different tasks than usual. Stretched resources can impact our ability to maintain the segregation of duties that we need, and might create challenges in relation to conducting monitoring activities: can we go and see sites, can we get documentation that we need?

There’s a heightened risk from remote working. Fraudsters are taking advantage of the fact that people are working alone, under pressure, without their usual peer networks and potentially with reduced IT/information security measures.

How have fraudsters taken advantage of this particular crisis?

We have seen a lot of fraud related to business grants, including fraudsters impersonating companies, or companies claiming for support when they have already ceased trading or are not entitled to it. Furlough fraud has also been prevalent, where employers are claiming furlough support for staff but the staff are still being asked to go into work. In the UK, a man was recently arrested over an alleged £495,000 fraud of the furlough scheme.

Fraudsters are seeking to profit from the anxiety and uncertainty felt by business owners during this difficult time. There have been reports of businesses paying for assistance to access grants and support available to them, which then doesn’t materialise, or businesses being asked to provide confidential information in order to receive a grant.

There have been many reports of fraud relating to the procurement of personal protective equipment (PPE). Because of the need for haste in its procurement, fraudsters have taken advantage of the relaxation of some of the usual processes, or the inexperience of the purchaser, and there have been reports of non-delivery of goods following receipt of payment or delivery of sub-standard equipment which has not been fit-for-purpose.

Can a crisis tempt more people to turn to fraud?

Hard times can cause people to make choices that they would never normally consider, such as when someone from within an organisation who has always been honest decides to take advantage of the unusual circumstances to start committing fraud.

In his Fraud Triangle, the criminologist Donald Cressey sets out the three ‘drivers’ for fraud and unethical behaviour. For some staff members, COVID-19 has created conditions for these drivers to be strengthened. They are:

Pressure to commit a criminal act. This can include fear of redundancy or money worries and COVID-19 may have heightened these
Opportunity to commit a criminal act. As discussed COVID-19 has increased opportunities for fraud via relaxation of due diligence, staff unfamiliarity with new processes, stress and staff shortages, and working from home.
Rationalisation. The person committing an unethical act needs to be able to rationalise, or justify, what they are doing. People may consider that personal gains via fraud are a ‘drop in the ocean’, or that their crime is ‘victimless’ and that ‘no-one will notice’, or even that they deserve the personal gain after years of good service has gone unrecognised. Externally, this driver may cause normally honest people to make fraudulent claims during COVID-19, rationalising again that their gain is a ‘drop in the ocean’ or that this is their ‘right’ after years of paying taxes, for example.

How can we manage our fraud measures as we enter a ‘new normal’?

As we move past the initial urgency of the crisis it will be important to reinstate full fraud prevention measures, and redress the balance between speed of confirming awards and contracts with the need to conduct full checks to prevent fraud.

It will also be crucial for fraud investigators to review awards and contracts made during the crisis and take action, including referrals to police where required. This is not only the right thing to do in relation to ensuring proper use of public funds, but it will also act as a strong deterrent in the event of similar circumstances happening in the future.

Employers should be alert to the threat of insider fraud, conduct reviews of transactions and activities completed over the last few months and take time to review processes and protocols as we move forward in a new post-COVID-19 working environment.

On a positive note, in relation to fraud and public services the COVID-19 crisis has enabled more joint working, more data sharing, and greater use of technology – all of which will hopefully be a lasting shift and support efforts to prevent, detect and take action against fraud.

This article first appeared in Public Finance Focus.