Cifas data reveals the range of fraud risks facing organisations

In its half year Fraudscape report, Cifas has revealed in the range of external and internal fraud risks faced by organisations. These substantial and growing threats come against a backdrop of additional legal requirements for organisations to put ’reasonable procedures’ in place to prevent fraud.

Between January-June 2023, Cifas members recorded just over 186,500 cases of fraudulent conduct to the National Fraud Database. Particularly notable within these numbers is the scale and growth in attacks on both customers and companies.

• Over 122,000 cases of identity fraud - which accounts for 66% of all cases recorded in the period - with plastic card and asset finance products particularly targeted.
• A 180% increase in the number of companies targeted for identity fraud, particularly for telecoms and loan products. There was also a significant rise in criminals impersonating brokers to offer fake loans or other business services in order to harvest company details to impersonate the company.
• The highest increase in cases related to the takeover of existing facilities, which increased by nearly a quarter (22%). This included Impersonation of banks to socially engineer victims to share their financial and personal information or make payments to a so-called ‘safe account’.

Attacks against organisations also came from employees, which can have a devastating impact on an organisation’s finances, staff and customers. In the first six months of the year, 151 instances of fraudulent conduct were recorded to the Cifas Internal Fraud Database, with nearly half of these (46%) relating to dishonest actions by staff.

The government’s impending failure to prevent fraud offence will mean that large organisations could be prosecuted if an employee or agent commits fraud for the benefit of the company where the organisation has failed to put ’reasonable procedures’  in place to prevent the fraud.

Mike Haley, CEO of Cifas said, ’These figures illustrate the targeted attacks organisations increasingly face from both external and internal sources. In addition, the impending ’failure to prevent’ fraud offence will create further legal liability for those organisations that fail to put ’reasonable procedures’ in place to combat these attacks and protect their customers and staff. 

‘With the large majority of staff now hybrid or working from home, employees are finding it easier to commit fraud against their employer. We have also seen a rise in criminals approaching staff on social media offering financial incentives to share business and customer information that can then be used for fraud.

‘Organisations must ensure that employees are checked throughout the lifecycle of their employment - not just when they join an organisation – and also give them the training and knowledge to help them better recognise and understand the consequences of committing fraud.’

Notes to editors

The latest Fraudscape report is available here.

For press enquiries please email press@cifas.org.uk

Contact us at press@cifas.org.uk