We have set our optional cookies. By clicking any link on this page you are giving your consent for us to do this. OR: leave cookies off Read about our cookies

Fraud by insiders increases by over 40%


Analysis of frauds recorded on the Cifas Staff Fraud Database reveals a significant increase in the level of fraud being committed by employees during 2012 (when compared with 2011), most notably:

  • A 43% overall increase in the number of staff frauds recorded in 2012 when compared with 2011 with increases identified in all major types of fraud.
  • Attempts to obtain employment fraudulently (e.g. by withholding or falsely declaring information such as qualifications or previous convictions) doubled in 2012.
  • There was a 22% spike in the number of dishonest actions by staff to gain a benefit by theft or deception (e.g. theft of cash from customer accounts).
  • Frauds where an organisation’s staff stole customer data for personal use have also increased.

(Numerical tables are included in the Notes for Editors below).


Increase in recorded fraud demonstrates success of counter fraud measures, but also dangers

Many organisations readily accept the damage that customer fraud can inflict, but the dangers posed by fraud committed inside an organisation often remain overlooked. With an increase of 43% being recorded during 2012, organisations cannot afford to ignore this threat.

Cifas Communications Manager, Richard Hurley, comments: “The damage done by fraudsters inside an organisation can impact upon balance sheets, customer confidence and staff morale. It can also lead to regulatory and legal punishments to organisations. The 43% increase in staff fraud witnessed in 2012 demonstrates, therefore, that some organisations have invested in better protection and controls – enabling them to identify and prevent more fraud. Some of the frauds, however, demonstrate that organisations remain vulnerable. While these types of fraud are thankfully less commonplace than fraud attempts from outside an organisation, the damage that they can cause is as serious, if not more so.”


Fraudulent attempts to gain employment the main driver

The main reason for the overall increase in staff fraud is the surge in fraudulent attempts to gain employment. During a period of economic and employment uncertainty, many organisations have tightened their recruitment processes; so that applications are vetted and checked thoroughly to verify, for example, that the potential employee is precisely the person who completed the application, has the qualifications claimed, etc. With the overall number of (successful and unsuccessful) fraudulent attempts increasing by over 100% during 2012, the seriousness of the problem is clear.

Richard Hurley notes: “The cost of employing someone who has made fraudulent declarations about their employment skills and history is more than financial. Concealed credit histories, false declarations about previous employment (such as individuals stating that they had resigned when they had actually been dismissed), false supporting documentation and even the use of fake identities have all been recorded as reasons for such frauds being recorded. This demonstrates that the same level of effort made to vet prospective customers should also be paid to an organisation’s potential employees.”


Deceptive actions within the workplace as serious an issue

Attempts to gain benefit by deception or manipulation while in a job remained a serious threat during 2012, with a 22% increase in cases of this kind. The most common reasons for recording such frauds are the theft of cash from either a customer account, or directly from the employer. Attempts to facilitate fraudulent applications or submit false sales figures, however, also contributed to this 22% rise.

Richard Hurley notes: “Economic hardship as a motivation for some fraudsters might generate a level of understanding, but the heartless and exploitative nature of many frauds (many of the instances relate to theft from elderly or vulnerable people’s accounts) only underlines the fact that the perpetrators’ actions have much in common with muggers in the street. While completely stamping out these kinds of fraud is very difficult, responsible employers can help to do so by sharing data on confirmed cases in order to prevent such fraudsters from simply moving on to another organisation. It must also serve as a lesson to organisations to have better support networks in place for staff who are struggling financially, so that they do not turn to committing crime within the organisation.”


Customer data – not just cash – remains a target

The dramatic rise in the number of instances of staff unlawfully obtaining and disclosing personal data (first noted in 2010) was followed by a decline in this kind of fraud in 2011. Unfortunately, 2012 witnessed another increase, meaning that better awareness of this danger may exist but more needs to be done to combat the threat. This fraud type specifically relates to organised criminality, with a large number of proven cases related to staff disclosing customer data to third parties. With data-driven identity crime accounting for approximately 65% of all frauds recorded to Cifas’ other database (the National Fraud Database), this must serve as a warning to all organisations: keep your customer data strictly controlled otherwise it could easily be used to defraud you and your customers.


Comment from Cifas Staff Fraud Expert

Cifas Staff Fraud Expert, Arjun Medhi, concludes: “Organisations have increasingly come to terms with the idea that the vulnerabilities within an organisation are as dangerous as those that outsiders might try to exploit. Combating these through improving controls, responsible monitoring, and sharing data and best practice in terms of prevention are therefore methods that responsible organisations are already using to counter such threats. These figures are in one way encouraging as they demonstrate that such organisations are aware of, and are identifying, those dangers and countering fraud. But it is equally clear that more must be done by other organisations to prevent their businesses and their customers from being punished from within. While it is true that most staff are honest, hardworking and reliable, guarding against the few bad apples must become an increasing priority for all organisations – otherwise the frauds highlighted here will only continue to increase.”


Notes to Editors:

1. Cifas is the UK's Fraud Prevention Service with 270 Member organisations spread across banking, credit cards, asset finance, retail credit, mail order, insurance, investment management, telecommunications, factoring and share dealing.  Members share information on identified frauds in the fight to prevent further fraud.  Cifas is unique and was the first data sharing scheme of its type in the world.  Other schemes modelled on Cifas have been set up in Southern Africa and Germany.

2. Cifas launched its Staff Fraud Database in 2006, which currently has over 80 Members covering over 230 organisations sharing information on frauds that have been perpetrated against Cifas Staff Fraud Members. Members are drawn from the UK financial services industry, but also from telecommunications, insurance, recruitment and other business sectors. The launch of the Database was carried out in consultation with: the Information Commissioner’s Office, the Financial Services Authority; the Confederation of British Industry; the Trades Union Congress and Chartered Institute for Personnel and Development.

3. The following tables show a summary of the statistics and the number of fraud cases recorded by Cifas Staff Fraud Members during 2012, broken down by the type of fraud identified.  Definitions are given below the table.






% Change

Fraud cases identified




Cifas Members must investigate and reach a ‘burden of proof’ (i.e. there must be evidence of an identifiable criminal act) before filing to the Staff Fraud Database. More than one reason for filing a fraud can be identified, meaning that the total number of reasons can differ from the number of staff fraud cases identified. Reasons for filing to the database are defined as:



Fraud Type



% Change

Account Fraud




Dishonest action by staff to obtain a benefit by theft or deception




Employment application fraud (successful)




Employment application fraud (unsuccessful)




Unlawful obtaining or disclosure of commercial data




Unlawful obtaining or disclosure of personal data





Account Fraud Unauthorised activity on a customer account by a member of staff knowingly and with intent to obtain or attempt to obtain a benefit for himself or others.

Dishonest action by staff to obtain a benefit by theft or deception – Where a person knowingly, and with intent, obtains or attempts to obtain a benefit for himself and/or others through a dishonest action, and where such conduct would constitute an offence.

Employment application fraud (Successful) A successful application for employment or to provide services with serious material falsehoods in the information provided. This includes the presentation by the applicant of false or forged documents for the purpose of obtaining a benefit.

Employment application fraud (Unsuccessful) An unsuccessful application for employment or to provide services with serious material falsehoods in the information provided. This includes the presentation by the applicant of false or forged documents for the purpose of obtaining a benefit.

Unlawful obtaining or disclosure of commercial data The use of commercial/business/company data where the data is obtained, disclosed or procured without the consent of the data owner. This includes the use of commercial data for unauthorised purposes that could place any Member at a financial or operational risk.

Unlawful obtaining or disclosure of personal data The use of personal data where the data are obtained, disclosed or procured without the consent of the data controller. This includes the use of personal data for unauthorised purposes that could place any Member at a financial or operational risk.

4. 2012 Fraud Trends: Fraud increase driven exclusively by identity crime (17 January 2013).


< Return to the Press Centre