Philippa Lamb
Economic crime is on the rise. Digitisation and, of course, lately the pandemic have been key drivers. So where are we now? And what are the big issues to be aware of? What’s being done to counter fraud? To explore all this, I’m joined by two guests with deep expertise on economic fraud, and how it’s being tackled. Arun Chauhan is founder of Tenet Law, he’s a trustee of the Fraud Advisory Panel, and Chris Osborne is Forensic Services Partner at the business advisory firm FRP. Welcome both. Thanks for being with us.
Arun Chauhan
Hi, Philippa. Nice to be here. Thanks.
Chris Osborne
Thanks for inviting me.
Philippa Lamb
Arun, shall we start with a bit of scene-setting? Economic crime, it’s been on an upward trend since 2019. What is the current picture?
Arun Chauhan
The picture, if you read the media or you look at it, looks pretty bleak. I think you have to look at it from both a consumer perspective as well as a business perspective. From the consumer’s perspective, it is pretty painful. I mean, I think all crime in the UK, 40% of that crime is made up of fraud or cybercrime. The drive to online, be it in terms of the way we conduct our lives, from all types of shopping to investments, has led to a greater opportunity for fraudsters and bad actors. And the proximity of those bad actors is further away now, so it’s harder to prosecute. And for businesses, and I’m sure Chris will add more on this side, they’re facing a mix of pressures, be it from interference with faster payments and transactions – so, the cybercriminals interrupting business payments, employees under pressure, due to the cost-of-living crisis – there’s greater risk that they may act in a dishonest manner. And of course, in supply chains there’s a world of problems there. But we’re heading into a bit of a perfect storm with fraud, and as I’m sure Chris could probably add more weight in relation to some of the business issues.
Philippa Lamb
Yeah, Chris?
Chris Osborne
I entirely agree with what Arun’s just said. It’s an important point in time that we face, in terms of we’re just coming out of a global pandemic, which has obviously put a lot of pressure on individuals and businesses. And that has really, you know, playing a quite a significant part in driving up fraud, alongside some of the technological issues that I think we might be talking about later. But during the actual pandemic, obviously, one of the things that was highly unusual was we had, effectively, a workforce – the majority of the workforce – working from home. There were certain opportunities that presented themselves to people. I think part of it was because certain systems of controls hadn’t allowed for the massive amount of people working from home – those took a certain amount of time to catch up. And so there was a certain amount of opportunity, and I suppose also motivation on some people’s part, to take advantage of that. So, I think the general trend has been an increase in fraud, but the pandemic has really sort of helped drive that level up, unfortunately.
Philippa Lamb
The real issue here, Chris, is that fraud is such an agile industry – if I can describe it as an industry. They were very quick, weren’t they, to exploit the pandemic opportunities?
Chris Osborne
Absolutely. I think this is the thing with fraudsters, they are generally quite clever, they spot opportunities and gaps very quickly, and often the government enforcement etc, is some way behind that, and in that in that gap, before loopholes are closed etc, and with the technological advances, which means things can happen so quickly, it does mean that, unfortunately, fraudsters can take advantage of these situations.
So, just to use one example, which has been well publicised, is around furlough fraud, and also the various loans that the government offered during the pandemic to support individuals and businesses. In the rush to support those people, obviously the systems, the controls in order to actually provide that, well, probably in hindsight, were probably not really adequate, which meant that criminals could take advantage of extracting taxpayers’ money.
And now we’re faced with a situation where there’s a very significant amount of money that appears to have been misappropriated – obviously a real issue in terms of how that money might potentially be recouped by the taxpayer. And that’s a real issue, I think, in terms of what, you know, as taxpayers and the government – how do we want to kind of go about that? Is it something that the government will do? Or is it something that the private sector can actually assist with? But that’s a classic example of fraudsters basically taking advantage of a particular situation. Obviously, the government tried to support individuals and businesses in what was seen as sort of as an emergency situation.
Philippa Lamb
Yeah, I’d like to explore what the government response is. Before we get to that – Arun, are there particular historical or legal issues that particularly enable economic crime here in the UK? Do we have a particular problem?
Arun Chauhan
Yeah, I think the foundation of the historic problem is that people, be it within business or individuals, see fraud as something that wouldn’t happen to them. It’s something you’d read about, something you’d hear about in the news, in a business context – “Oh our people wouldn’t do that to us” or “Our business partners, suppliers wouldn’t act in that way towards us”.
So, it was always a reactive state, people wouldn’t believe it would happen to them. And equally on the consumer side it was people would not believe that they’d fall for a scam or a fraudulent act. In terms of the political backdrop, there are multiple government agencies and bodies and different aspects of police force dealing with economic crime, and it hasn’t been as coherent as perhaps we would have liked it to be with the benefit of hindsight. So historically, we haven’t been set up for addressing fraud as quickly.
You talked about the agility of fraud, and because we haven’t thought about fraud historically, as something which affects everybody, and could affect every business, we’re not very agile in dealing with it and responding. You almost get this, certainly for businesses, you get this almost this headless chicken kind of moment where they suspect fraud may have happened, but they don’t know what to do, who to call, how to investigate, where to go, and in those critical early hours after fraud is discovered, so much loss can occur. And, you know, it’s not just businesses, it’s individuals as well. We’re just not educated about fraud well enough.
Philippa Lamb
Yeah. As you say, there’s an issue around education, there’s an issue around joined-up response. But Chris, what are the most common types of fraud that chartered accountants might come across?
Chris Osborne
Well, I can really only talk from my own experience, I think probably in the last four or five years, in terms of cases that myself and my team have worked on, they’ve predominantly been cases involving employees of a business or a charity. And it’s typically in organisations, which do not have a particularly strong culture, a sort of anti-fraud culture, and they don’t have particularly strong systems and controls.
As Arun commented just then, typically companies think that it’s not going to happen to them, and unfortunately it often does. So, they often find themselves in a situation whereby there’s been some kind of allegation or suspicion of fraud, and they want an investigation to take place to determine how the fraud has been perpetrated, if there has in fact been a fraud, and what the impact is. And also often these businesses are regulated, or charities, or businesses are regulated in one way or another, so obviously they do have an obligation to report that to regulators. And what we find is that typically an employee or person who’s involved with the organisation, that has perhaps been in place for quite a long time, is a trusted individual, and perhaps the fraud has been going on for quite a long time. So, they are sort of trusted individuals.
And then there is the shock, obviously, of being a victim of economic crime, and wanting to: a) to make sure that the person repays the money, if it’s possible to recover the money; and b) to ensure that that then doesn’t happen again. So often, on the back of a fraud, there is a determination by the organisation to then put things in place to mitigate that from happening again. So, employee fraud is definitely something that we’ve seen in the last few years. I think, going forwards, we’re going to see much more of that, and I think also involving directors and potential sort of collusion with other companies.
My suspicion, I don’t know if Arun agrees with this, is that the economic backdrop that we’re facing – and I think it’s unfortunately going to get worse, with interest rates, supply-chain issues, all of these issues is going to put more and more pressure on our businesses. And I think that’s when we often see some of this nefarious activity coming out of the out of the woodwork.
Arun Chauhan
I was just going to come back on something for a sec. I completely agree, the economic backdrop is going to lead to greater pressure on the directors or businesses, although supplying businesses to create more opportunity to make money. One of the typical errors we’ve seen, much like Chris with employee fraud, but in terms of procurement and supply chain, is business decision-makers. Where they’re being caught by fraud is not in their core business line, but it’s in the peripheral lines of running a business. So, for example, I’ve seen a company get caught out on a large-scale fraud relating to getting franking machines and photocopiers. They’re a manufacturer of jewellery, but they got caught by supply-chain issues on areas which are outside of the core business, which they don’t understand. But there was a deal to be had in their mind. And that’s what I think we’re going to see, is people are looking to save money because of that squeeze Chris is talking about, and it’s going to be in areas which aren’t their core business. And that’s where they’ll drop their guard and they’ll look for the deal, but that’s where the weaknesses will be exposed, and the fraudsters know they can expose those loopholes.
Philippa Lamb
So that’s a red flag, isn’t it? What other red flags should accountants, businesses be watching for?
Arun Chauhan
Well, there’s a variety, I think, there’s, from an employee fraud perspective, there are classic red flags about – Chris has talked about culture – but there’s also about control of individuals bypassing their segregation of duties. So, for example, you will say on paper, someone dealing with purchasing and someone dealing with payment, there are separate control mechanisms. But the two individuals sit side by side in the office, and they’re pretty friendly with each other, so there’s an opportunity created. Often, I think, where organisations don’t have the culture where they’ll report and talk about fraud openly, you will lead to a greater red flag that people, if they don’t communicate about it, it means they’re not going to reveal it. But the biggest red flag is the one we’re all facing with the economy, and it’s back to what Chris said, we’re facing a period of time where it’s going to get worse. And if you haven’t got that cultural issue right, people are going to start doing the right thing for them rather than the right thing. We’d want everyone’s moral compass to point due north, but I’m not sure it always does.
Philippa Lamb
As you say, culture is key. Presuming then, there will always be nervousness, won’t there, in organisations, about reporting suspicions? You know, that preference not to rock the boat. Presumably that’s a big issue, too.
Chris Osborne
So yeah, in terms of reporting to regulatory bodies, I can understand the reticence around that, but I think companies really have an obligation to report and the reticence I guess is around, you know, reputational risks, it’s around the time and the cost of potential investigation. So, regulators are very much encouraging companies and directors etc to come forward to report a suspicions and potential issues, but I can understand from a kind of corporate’s perspective, and obviously it’s dependent on their motivations and the advice that they’re getting from their legal advisers, etc. But I can understand why companies may be reluctant, shall we say, to kind of put their issues out into the public domain and everything that kind of goes with that.
Philippa Lamb
It’s an internal issue, too, isn’t it? I mean, before you even get to the point of companies reporting to regulatory authorities, internally, people’s reluctance to voice suspicion?
Chris Osborne
Yeah, absolutely. And I think, as Arun talked about, it’s about a culture and the culture is set very much by the board, by people, you know, the top executives, and to my mind it should be an open culture, a forum whereby people can express openly or potentially anonymously through whistleblowing hotlines, that type of thing, suspicions that they may have about potential inappropriate relationships with suppliers, for example, or why potentially the finance department is treating certain issues the way they are, you know, from an accounting treatment perspective.
All of these issues should be something that one would hope to be openly discussed and raised to the most, you know, to the appropriate level. And that really does come from the executive level and the kind of way that they approach business. So, it is really important that there is an open and transparent culture. It’s not a blame game within, you know, within a corporate or a charity, etc. It’s something that can be discussed in an open, non-blaming culture.
Philippa Lamb
So, Arun, it’s a policy and procedure issue?
Arun Chauhan
I think it’s a policy and procedure issue, but I think it’s, we touched on it already, an education issue. So one of the things I encourage amongst businesses, say for example – and not for profit, so this is certainly something, for example, with charities or housing associations – you want everyone in that organisation to understand, I can only put it in this way, really what fraud looks like, smells like, you know, it appears like, because people see fraud as something that is very black and white, but it has, you know, real shades of grey. One person’s view on dishonesty is not the same as someone else’s. So, you need to have that policy and procedure in place, but it’s only going to work if people understand what they’re looking for. So there needs to be an open engagement about fraud. I often encourage businesses to have fraud on the agenda at every level in the business, once every six months in a team meeting, once every year.
And I’d actually ask anyone in the organisation: “In your job role, how would you defraud your own company? What are the weaknesses?” They are the systems and controls that can be fed up to directors of compliance, heads of governance assurance, internal audit – those people who can then set the controls because they learn from the people on the shop floor. So it’s an ongoing engagement, and policy and procedure has to have ongoing engagement as a central pillar to work.
Philippa Lamb
Thinking about counter fraud at a national level, the government’s released a feedback statement outlining its plans for audit and corporate governance reform – what’s your feeling about that? How do these measures address corporate fraud? Do you think they’re going to be effective? Chris?
Chris Osborne
I think the intentions are right. I think that the issues again, I think, are around the time lag involved in terms of actually producing a white paper etc. And then the actual laws and regulations coming into place. So, I sort of sense there’s a bit of frustration in some ways, in terms of the time that it inevitably takes for these things to be implemented. And also, I think one has to bear in mind that the government are striking a balance between a regime whereby the UK attracts businesses and the high net worth individuals that want to set up businesses.
Obviously then, in terms of the audit market, to balance in terms of what is required, in terms of the rigour of audits and trying to do that in a proportionate manner. So, it appears that they have listened to lots of different interested parties and come up with some of these proposals. It is somewhat of a balancing act. No one party is going to be, no one interested party, is going to be entirely happy with some of the suggestions, but I think my sense, overall, is that they’re trying to achieve the right balance.
Philippa Lamb
Arun, tell us, what’s your feeling about the government response?
Arun Chauhan
I endorse everything Chris is saying, I think it’s a much-needed response. There’ll be critics that say it doesn’t go far enough, there wants to be a kind of higher hurdle in terms of holding people to account in terms of some of the issues we’ve seen historically around corporate failure, and the role maybe auditors had in that. People often cite Carillion as an example. But for those that suffer as a result, the creditors, ultimately, and that includes the taxpayers with HMRC, it’s a step in the right direction. And there are a number of changes and reforms across different aspects of the fraud landscape, be it for the banking industry or otherwise, it’s welcomed, because it shows that there is an acceptance of the problem and an acceptance of the need for change. And that can only bring momentum. So broadly, I’m happy it’s going in the right direction. And you’d hope it would just continue to go in that fashion.
Philippa Lamb
Presumably implementation is going to be the big issue there is it? And time frame – how soon are we going to see this this response in practice?
Chris Osborne
I think the timeline is an issue. I think, in terms of the auditing of companies, then, as we’ve already seen, the audit industry is changing. There’s a divestment of, a potential divestment, and a split of audit practices with consulting practices, which has obviously been an area that the audit firms have, the Big Four firms especially, have been criticised. So that is already, or there’s a lot of conversation at least, in terms of potential actions around that which firms are sort of taking into their own hands. But I think also, I mean, in terms of the kind of time lags involved in terms of implementation, it really is a political issue as much as anything else in terms of getting some of these things on to the statute, but which appears to be some way off. So, I suspect that there will be some changes, which actually happened, potentially before some of these things are put into law.
Philippa Lamb
But of course, this is an international problem, isn’t it? I mean, is there collaboration on the response internationally to countering fraud?
Chris Osborne
In terms of counter fraud, I mean, there are a number of organisations that are seeking to sort of collaborate between the various jurisdictions. I think, certainly, in terms of the UK and the US, there’s quite a lot of collaboration. But what I would say is that there certainly could be a lot more I think that, you know, sharing of information and best practice, there certainly could be a lot more of that on the counter fraud side. I would say my experience that the collaboration is more focused towards the investigation of potential frauds once they’ve actually taken place. Again, there could be certainly a lot more done on that side. But I think in terms of counter fraud, there’s, I think, less focus on that, and probably more focus on the post-event side of things.
Philippa Lamb
Clearly, there is a lot of work to be done on this. There is a lot of work being done. But is it enough to halt the rise of economic crime? What do you feel about this? Do you feel the trajectory will, regardless, still be upwards? Because it has been hasn’t it, for some considerable time? The fraudsters are actually beating the system.
Arun Chauhan
Yeah, I think the trajectory will continue to rise. We see one alarming statistic at the moment that 2% of budget for policing goes to counter fraud, whereas, as I mentioned, 40% of all crime is fraud and cybercrime. So, the fraudsters see a great opportunity that the chances of being caught and prosecuted are relatively slim, be it for the reasons of proximity that they’re not located in this country, or just police haven’t got the resources. So, it’s starting to turn this onus back on businesses, back on individuals to understand and educate themselves around fraud and, you know, the most important thing for any business listening to this podcast, it’s going to be about their controls, its education and controls, because this problem isn’t going away, it is only going to get worse in my view, which is a real shame.
In the UK, we seem to be a hotbed for fraudsters to try their game. We have the faster payment system, which really is a real enabler. We have obviously all the online companies that also enable fraudsters to get to the victim or impersonate organisations, and so there needs to be this balance of getting controls improved, but also people understanding why they’re improving their controls, and I come back to understanding what fraud looks like and getting on top of the issue that way as well.
Philippa Lamb
We’ll leave it there for today, but this is doubtless a topic we’ll come back to. Arun Chauhan and Chris Osborne, thanks very much for helping us focus on fraud.
Arun Chauhan
Thanks for having me.
Chris Osborne
Pleasure. Thank you very much.
Philippa Lamb
If this is a subject you’d like to know more about, check out the show notes on your app or visit the podcast page on the ICAEW site. That’s ICAEW.com/insights/podcast. Thanks for listening. If you’ve enjoyed this episode, please do rate, review and share it, and subscribe to ICAEW Insights wherever you get your podcasts. We’ll be back later in the month. Join us then.