The UK's Fraud Prevention Service - CIFAS - published its research study on Employee Fraud today. The findings include:

Findings

• All but 2 organisations had experienced employee fraud
• The largest actual loss was £1.3 million during the period January to September 2003
• The largest potential loss was £3.8 million during the same period
• Smaller organisations typically saw less than 10 employee fraud cases each in the period
• The largest organisations typically saw between 50 and over 100 employee fraud cases each in the period
• The largest organisations are dismissing over 100 staff a year each for employee fraud
• Over 60% of those responding reported that the employee frauds they had uncovered involved collusion with people outside the company

Total losses are estimated to exceed £40 million and total dismissals to exceed 1,500 per annum but the figures could be much higher.

Fraud Types

Some typical examples of employee fraud included:

Example 1 - An application for employment contains material falsehoods. The applicant claims to have just returned to the UK after a gap year travelling overseas. Investigation reveals the employee was working in the UK during the previous 12 months and was dismissed for misconduct - for fraud. Other scenarios could include qualifications not held, a false employment history, a false reference or use of a false identity.

Example 2 - A bank call centre clerk reports they have seen another employee print some confidential customer data and place it in their bag. Investigation reveals the employee had been offered money for the information while out for lunch one day in the bank's uniform.

Example 3 - A staff member is overheard on their mobile phone in a toilet cubicle, telling someone the security details for a specific customer's account, enabling the third party to empty the account of money.

Theft or misuse of data for use in identity fraud and impersonation featured highly throughout the research. Other employee frauds included:

• Misappropriation of funds
• Theft of cheques
• Over-riding decline decisions so as to open accounts for family and friends
• Inflating expense claims
• Pretending relatives have died to take bereavement leave
• Forging signatures
• Removing money from customer accounts
• Falsifying documents
• Selling company assets at below their true value in return for payment

Best Practice

The lack of employee recruitment checks and controls in some organisations lies at the heart of the employee fraud problem. The research showed the importance of companies ensuring that the checks they carry out on potential employees are more rigorous than those they undertake when opening new accounts for customers.

The research identified that best practice includes the following checks:

• Confirmation of previous employment details, sometimes going back 10 years or more
• Confirmation of all qualifications
• Confirmation of identity (name and address)
• Credit reference agency checks
• Fraud prevention checks including a CIFAS check
• Taking up references
• Checks of own internal fraud databases

Most organisations run 'fit and proper' checks annually, particularly for those members of staff that are regulated by the FSA.

Solutions

One of the solutions being considered by CIFAS to assist financial services companies to identify employee fraudsters when they first apply for a post is to create a database of shared information about individuals who have been identified as fraudsters by other companies. The database could then be checked prior to a job offer being made. This process assumes the necessary Data Protection Act consents would be put in place, and mirrors the way in which the financial services industry identifies fraud on applications to open accounts.

It is also planned to develop best practice guidance on employee fraud with advice and support from the Chartered Institute of Personnel and Development (CIPD). As CIFAS Chief Executive, Peter Hurst says, 'We know we already have the support of many employee fraud investigators in our Member companies and many HR managers too, but this is more than just a fraud issue. We welcome the involvement of the CIPD as partners in helping us to achieve a consensus on how to tackle some of the employee relations issues.'

Notes

• During 2003 CIFAS commissioned two consultants to carry out a research exercise with the CIFAS Membership and to hold a series of discussion workshops on employee fraud for both fraud prevention specialists and human resource managers. The two consultants were Andrew Kaye, a former Director of Lloyds UDT who has substantial experience of fraud issues and Sue Wishart, formerly a senior manager with Experian, whose consultancy is focused on getting the most from data sharing, fraud prevention techniques and business processes.
• 127 organisations participated in the study through 70 representatives. Some representatives had responsibility for a group of companies. The representation included all the major names in the financial services industry. The participants were asked to complete a questionnaire and then took part in a series of 9 discussion workshops held regionally.
• CIFAS has over 15 years experience of data sharing to prevent fraud and already operates a successful database containing details of customers and potential customers who have committed fraud. In 2003 checks of the database reduced its Members' fraud losses by £487 million.

CIFAS is the UK's Fraud Prevention Service with over 240 Member organisations spread across banking, credit cards, asset finance, retail credit, mail order, insurance, investment management, telecommunications, factoring, and share dealing. Members share information about frauds in the fight to prevent further fraud. CIFAS is unique and was the first data sharing scheme of its type in the world. Other schemes modelled on CIFAS have been set up in South Africa and Ireland.

Click here to return to the press index