Dear Suella,

There is much to welcome in the long-overdue Fraud Strategy, finally published last week, not least the action previously proposed by the Labour Party in areas ranging from the blocking of spoofed scam calls to the reform of disclosure rules in complex fraud cases. We look forward to working with you constructively on implementation of those and other measures.

However, the most glaring omission from this new strategy was any serious, distinct analysis of the fraud being committed against UK businesses, or how the government plans to address it, and there are two aspects of this omission in particular that I wanted to write and raise with you.

 

The Economic Crime Survey 2020

As you will know, the Economic Crime Survey 2020 (ECS) examined the fraud and corruption experienced over a three-year period by 5,000 businesses in England and Wales, representative of seven key sectors across the economy. The survey was completed by the Home Office in the early weeks of the pandemic, and the results have sat with your department unpublished since then.

The survey was eventually – and quietly – published last Wednesday alongside the new Fraud Strategy, but its publication was not mentioned at all in your accompanying written ministerial statement to Parliament, or in your ‘Dear Colleague’ letter to MPs, and its contents were only referenced once in the entire 74 pages of the Fraud Strategy document.

That decision to bury the Economic Crime Survey seems all the more inexplicable and unjustifiable when we consider how significant its findings are for the fight against fraud. Just by way of a reminder, I will summarise them briefly for you below.

Number of offences

Based on the ECS’s statistically-robust sample of businesses in the seven key sectors (representing 1.15m of the 5.5m private sector companies in England and Wales at the start of 2020), 18% (206,000) of those companies said that they had experienced fraud in the previous three years.

That finding led to the single reference to the ECS in the Fraud Strategy, where – in Paragraph 13 – it stated that “in 2020 around one in five businesses had been a victim of fraud in the previous three years”. But what that reference omitted to mention was how many different offences the 18% of businesses said that they had suffered, particularly when operating in sectors like ‘retail and wholesale’ where particular business types are repeat targets for fraudsters.

Section 3.3 of the ECS provides the answer, revealing that businesses in the seven sectors said that they had suffered an estimated 4.5 million separate offences of fraud over the three-year period in question, roughly 1.5 million a year.

In 86% of cases, businesses in the surveyed sectors said that they had incurred losses as a result of those fraud offences, which means that – in theory – they should have been recorded as crimes.[1] However, of those businesses who had experienced fraud, only 63% said they had reported the most recent offence to their bank, 32% to the police, and just 25% to Action Fraud.

Amount of losses

We now come to the amount of losses incurred by those businesses as a result of those offences. Annex 3 of the Fraud Strategy explains that “due to data constraints, the cost of fraud offences committed against businesses…are out of scope” of the estimated losses provided in the strategy.

That may be a valid decision given the warnings in the ECS that figures for the seven surveyed sectors cannot be extrapolated for all businesses in England and Wales. However, it is surprising that the Fraud Strategy did not at least reference the estimate of costs for those seven sectors.

According to Section 3.6 of the ECS, the average cost of all fraud experienced by businesses during the year in which the most recent offence had occurred was £16,000. If that average annual cost was reflected across the estimated 206,000 businesses in the seven sectors who said they had experienced fraud in the previous three-year period, the costs would total around £3.3 billion.

While that £3.3 billion estimate is high enough as it is, it should be noted that it only covers direct losses suffered as a result of fraud, the costs of any property that had to replaced or fixed, and the lost output from time spent dealing with fraud incidents.

It does not include any of the other factors, such as ‘defensive expenditure’ and ‘emotional harm’, that were taken into account in the estimate of the cost of fraud to individuals included in the main Fraud Strategy, despite the fact that 61% of businesses affected by fraud said they were forced to spend money on new preventive measures, and 37% said that their staff wellbeing was affected.

Overall impact

In summary, the Economic Crime Survey found that more than a million fraud offences were committed annually against businesses within seven key sectors, according to the companies themselves; that they lost billions of pounds as a result; and that hundreds of thousands of these offences went unrecorded in the official data for police-recorded fraud.

Bizarrely, these crucial figures from the ECS have been totally ignored in the key data and targets contained in your new Fraud Strategy, which relate solely to the number of fraud offences and losses reported by members of the public.

What makes those omissions even more stark is that, as already stated, the seven sectors examined in the ECS equated to just a fifth of the total businesses in England and Wales at the start of 2020, so – even allowing for the fact that we cannot extrapolate from their experience to all other sectors – the figures above represent only a small proportion of the total impact on businesses.

In addition, because the ECS survey process was carried out in early 2020, it will not have reflected the explosion in online fraud that was seen during the pandemic, and which other surveys of business fraud (such as PWC’s Global Economic Crime Survey) have shown led to a considerable increase in the incidents of fraud faced by UK firms.

For both the above reasons, it seems obvious that the 2020 ECS should have provided the template for regular surveys with a broader range of businesses in subsequent years, designed to give us an equivalent source of data on the fraud experienced by businesses as we currently get from the Crime Survey for England and Wales in respect of the general public.

Instead, as far as I am aware, no repeat of the ECS has yet been commissioned, let alone broadened to the full range of business sectors or placed on a regular footing, and the way the 2020 survey results were buried last week does not give confidence that their significance for the fight against fraud has been properly understood. I hope this is something you will rectify.

 

Hidden Fraud

While it was at best a misguided decision for the new Fraud Strategy to ignore the findings of the ECS, it is also crucial to acknowledge that – when it comes to understanding and tackling the impact of fraud on business – there is only so much we can learn from asking businesses themselves how many offences they have suffered and what losses have resulted.

What that kind of survey cannot do is estimate the number of offences – and losses – experienced by businesses as a result of the fraud that has gone undetected, commonly known as ‘hidden fraud’. For that, we must turn to the kind of analysis done by the independent UK Fraud Costs Measurement Committee (UKFCMC) in their Annual Fraud Indicator reports, and previously done within the Home Office by the former National Fraud Authority.

As you will know, the most recent such report was published by the UKFCMC in November 2017, estimating the UK’s annual losses from fraud as £190 billion, of which almost three-quarters were suffered by the private sector. The two biggest components of those private sector losses – procurement fraud (£121.4bn) and payroll fraud (£12.7bn) – tend to be committed by individuals working within a company or its supply chain, and are extremely hard for businesses to identify.[2]

The damage done by ‘hidden fraud’ is a particular concern for those small businesses who may lack the resources to engage in the kind of forensic accounting and audit controls that larger firms routinely use to identify and address unexplained losses.

Yet, astonishingly, there is no discussion of ‘hidden fraud’ against businesses anywhere in your new fraud strategy, let alone any plans to tackle it. In a 22,000-word report presented as “a cross-government strategy that covers fraud where the victims are members of the public or businesses”, the two biggest offences in that category – procurement and payroll fraud – are not mentioned once.

 

Conclusion

It is conceivable that, in the government’s desire to announce a new ‘voter-friendly’ strategy on fraud the day before the local elections, the decision was taken – consciously or otherwise – to downplay or downright ignore the offences and losses suffered by businesses, in order to focus more narrowly on the impact of fraud on the general public.

Whatever short-term political factors dictated that decision, it is no basis for a serious, long-term strategy designed to tackle the totality of the fraud crisis we face as a country. To develop that kind of strategy, our starting point must first be to answer five fundamental questions that were not even addressed by the document you published last week:

1. How much are we currently losing each year to fraud across all sectors and households in the UK, compared to the last estimate of £190 billion produced in 2017?;
2. What is the breakdown of those losses, both in terms of the sectors that are affected, and the types of fraud being committed across each sector, and how has that changed since 2017?;
3. What total volume of fraud incidents are we facing across each sector, whether attempted, successful or hidden, and what proportion of those are reported and recorded as offences?;
4. What is the current rate of enforcement across each sector, in terms of the percentage of incidents where suspects are identified, and if possible, charged and convicted?; and
5. What resources are we currently deploying as a country to tackle different areas of fraud, and how does the deployment of those resources match up to the offences and losses in each area?

If we were to establish the answers to those questions, through new research if required, it would give us the foundation we need to develop a truly comprehensive strategy to tackle the fraud crisis, and to deploy our country’s counter-fraud resources and expertise for maximum effect.

Unfortunately, last week’s new Fraud Strategy – despite its many welcome elements – does not come anywhere close to what we need, as exemplified by the lack of any serious, substantive analysis of the scale and nature of fraud facing businesses, or specific plans to tackle it.

I hope this will therefore not be the last word on the subject, and that you will commit to updating and broadening the new Fraud Strategy on a regular basis, informed by further editions of the ECS, and in particular, revisited entirely when the UKFCMC produces its next report on the full scale of the country’s current losses. It is in all our interests to get this right, but that must mean addressing every element of this crisis, not just those issues that are most politically-salient.

Yours sincerely,

Emily Thornberry
The Rt Hon Emily Thornberry
Shadow Attorney General

11/05/2023

 

 

[1] 14% of the businesses who had experienced fraud said they had suffered no losses as a result, placing those offences in the category of ‘attempted fraud’, which – as you know – is not currently recorded as a crime in England and Wales.

[2] The fact that businesses find it so difficult to identify these types of fraud is evident from the results of the ECS, where existing employees and suppliers represented just 5% of those identified as perpetrators by the businesses who had experienced fraud, and where procurement fraud represented only 16% of the offences identified by businesses.

 

Featured Image © House of Lords 2022 / photography by Roger Harris