Fraud Overview

What Is Fraud?

Defining Fraud

At the moment in England and Wales there is no precise legal definition of fraud and no single criminal offence that can be called fraud. However, there is a common law offence of fraud in Scotland.

Fraud is generally considered to involve theft (the removal of cash or assets to which the fraudster is not entitled) or false accounting (the falsification or alteration of accounting records or other documents).

Assets include commercially sensitive information and intellectual property which would disadvantage its rightful owner if it were to fall into the hands of, or be sold to, a competitor.

The Fraud Bill currently before parliament defines fraud as:

fraud by false representation;
fraud by failing to disclose information; and
fraud by abuse of position.

This legislation is expected to receive Royal assent in 2006. Its introduction will clarify the definition of fraud and hopefully make it easier to prosecute fraud offences.

The organisation may be exposed to:

External fraud: perpetrated by individuals outside the organisation (this includes being the target of organised criminals).
Internal fraud: perpetrated by management or employees.
Collusion: either between employees in the organisation or between someone within the organisation and an outsider.

Managing Fraud Risk

The key aspects of fraud management are:

Prevention: implementation of a culture, supported by policies and procedures, to prevent the Council from becoming a victim.
Detection: implement systems and procedures to detect the early warning signs of fraud taking place. This may include staff training and awareness programmes, whistle-blowers’ hotlines, spot audits and data mining.
Investigation: prepare for fraud by having a fraud response plan that is kept up-to-date.
Insurance: review the Council’s insurance policies such as Fidelity Guarantee Insurance and Directors’ and Officers’ Liability Insurance to ensure that they are consistent with current business risks.

Insurance definitions are:

Fidelity Guarantee Insurance also known as Crime Insurance - indemnifying and protecting employers against financial loss resulting from acts of dishonesty by employees. There are various types of cover that can be sought depending on the specific requirements. These include:

Collective policies: covering named employees for set amounts.
Floating policies: covering all employees up to a set limit.
Blanket policies: covering all employees in general.
Positions policies: provides cover for nominated positions, e.g. accountant, and not the employee by name.
Directors’ and Officers’ Liability Insurance: indemnifies directors and officers for losses arising from claims made against them by reason of a wrongful act related to their duties.

Identifying Types of Fraud

According to a study published in 2002, (Fraud Advisory Panel - Indications of fraud in SMEs) the most prevalent types of fraud by employees seem to be ones that impact on profit and loss as a result of overstating expenses or understating income.

Individually these may be relatively small amounts and are difficult to spot, but when allowed to occur over a long period of time can amount to huge losses.

Indications of fraud may exist (changes in cash flow patterns, variations in accounting ratios, stock shrinkage, customer complaints, etc) but these signs often go unrecognised.

The study also suggests that the popularity of outsourcing may have widened the threat of fraud. The danger of outsourcing stems from a possible over-reliance on the third party’s controls to protect the business’s interests.

Fraud may also involve the theft of information, such as customer databases and staff payroll details. Much of this sensitive information is stored on computers and in recent months a number of high profile organisations have suffered identity theft leading to fraud, not least of which was HM Revenue & Customs where the personal details of some 13,000 members of staff was stolen.

Organisations that consider themselves vulnerable to theft of confidential or sensitive information stored on computers may wish to ensure that:

there are specific restrictions on IT systems whereby access to confidential information is restricted to specific individuals;
the IT system is able to track who is accessing what and when;
computers do not have the ability to copy information to an external or removable device such as memory stick or CD-ROM; or
individuals do not have the ability to email large files of sensitive information to themselves at home or to competitors.

Preventing Fraud

Responsibility for Fraud Prevention and Detection rests with management who have overall responsibility for ensuring the security and integrity of business assets by putting appropriate controls and review procedures in place. Management may in turn designate one person or department with specific responsibility for managing fraud prevention and detection.

For the Council to be effective in countering the threat of fraud, everybody working within the Council must take responsibility for the prevention and detection of fraud.

There should be a visible, consistent, top-down approach to fraud prevention and detection together with a similar attitude to business ethics and professionalism. If the owners, majority shareholders and senior managers of a business give the impression that there are two sets of standards, then employees will have no loyalty to the company and fraud may become a problem.

Recruitment and Ongoing Personnel Guidelines

Unfortunately most fraud experienced by organisations is committed by its own staff. It is important to have an effective recruitment process designed to deter and prevent fraudsters seeking employment, and a system of personnel management designed to deter existing staff from committing fraud.

The recruitment process must require that references be thoroughly checked and assessed. Temporary staff should be vetted as thoroughly as permanent staff, particularly in vulnerable areas such as finance. You should consider the need for further vetting or screening as employees are promoted, moved to higher risk/sensitive posts or gain access to privileged information. This can be helped by having a clear job application form requesting information that can be independently validated. Some CVs may contain false references, unexplained gaps and/or employment stretched to cover gaps. The job application form should be the starting point for validating the information provided by the prospective employee.

For more information on identifying false or fraudulent CVs please click here

Recruitment agencies have a vested interest in placing employees. Consequently it is important to ensure that any arrangements with recruitment agencies include provision whereby:

the agency will procure the applicant’s consent that all information provided by the applicant can be passed onto the prospective employer; and
obliges the agency to pass these details onto the prospective employer.

Ensure all contracts of employment have specific consents for:

monitoring email and telephones for security and prevention and detection of crime (also check registration under the Data Protection Act);
clear guidelines for the use of confidential and personal information;
clear post-contract obligations such as returning all company property and the use of any company information; and
the retention and recovery of pensions or bonus and incentive payments where fraud has been involved.

Consider having a consistent policy for the declaration of conflicts of interest. Depending on the organisation, all employees should positively declare that they and their immediate family (parents, in-laws, partners and children) have no commercial interest in clients, suppliers or competitors. It may be appropriate to have this declaration re-affirmed on an annual basis.

Enabling Employees to Report Fraud

As part of establishing an anti-fraud culture all employees need to be fully aware that whistle-blowing is an essential element in the fight against fraud.

According to the website for Public Concern at Work www.pcaw.co.uk,

“Someone blows the whistle when they tell their employer, a regulator, customers, the police or the media about a dangerous or illegal activity that they are aware of through their work.”

Where a report of a suspicion of fraud is made in good faith, the employee making the report is now normally protected in law under the Public Interest Disclosure Act 1998.

The Council has a clear Whistleblowing Policy which can be accessed on this site by clicking here.

Help us to fight fraud in the Council - BLOW THE WHISTLE!

If you have any concerns or suspicions about potentially fraudulent activity within the Council please contact the Anti-Fraud Auditor in Internal Audit for an informal discussion:

Email alemarinel@northumberland.gov.uk
Telephone 01670 534143

Click here for further details of the Council's Whistleblowing Policy

Home Page Corporate Fraud Pages Personal Fraud Pages Fraud Presentations Fraud Links Site Map

Fraud Overview

What Is Fraud?

Defining Fraud

At the moment in England and Wales there is no precise legal definition of fraud and no single criminal offence that can be called fraud. However, there is a common law offence of fraud in Scotland.

Fraud is generally considered to involve theft (the removal of cash or assets to which the fraudster is not entitled) or false accounting (the falsification or alteration of accounting records or other documents).

Assets include commercially sensitive information and intellectual property which would disadvantage its rightful owner if it were to fall into the hands of, or be sold to, a competitor.

The Fraud Bill currently before parliament defines fraud as:

fraud by false representation;

fraud by failing to disclose information; and

fraud by abuse of position.

This legislation is expected to receive Royal assent in 2006. Its introduction will clarify the definition of fraud and hopefully make it easier to prosecute fraud offences.

The organisation may be exposed to:

External fraud: perpetrated by individuals outside the organisation (this includes being the target of organised criminals).

Internal fraud: perpetrated by management or employees.

Collusion: either between employees in the organisation or between someone within the organisation and an outsider.

Managing Fraud Risk

The key aspects of fraud management are:

Prevention: implementation of a culture, supported by policies and procedures, to prevent the Council from becoming a victim.

Detection: implement systems and procedures to detect the early warning signs of fraud taking place. This may include staff training and awareness programmes, whistle-blowers’ hotlines, spot audits and data mining.

Investigation: prepare for fraud by having a fraud response plan that is kept up-to-date.

Insurance: review the Council’s insurance policies such as Fidelity Guarantee Insurance and Directors’ and Officers’ Liability Insurance to ensure that they are consistent with current business risks.

Insurance definitions are:

Fidelity Guarantee Insurance also known as Crime Insurance - indemnifying and protecting employers against financial loss resulting from acts of dishonesty by employees. There are various types of cover that can be sought depending on the specific requirements. These include:

Collective policies: covering named employees for set amounts.

Floating policies: covering all employees up to a set limit.

Blanket policies: covering all employees in general.

Positions policies: provides cover for nominated positions, e.g. accountant, and not the employee by name.

Directors’ and Officers’ Liability Insurance: indemnifies directors and officers for losses arising from claims made against them by reason of a wrongful act related to their duties.

Identifying Types of Fraud

According to a study published in 2002, (Fraud Advisory Panel - Indications of fraud in SMEs) the most prevalent types of fraud by employees seem to be ones that impact on profit and loss as a result of overstating expenses or understating income.

Individually these may be relatively small amounts and are difficult to spot, but when allowed to occur over a long period of time can amount to huge losses.

Indications of fraud may exist (changes in cash flow patterns, variations in accounting ratios, stock shrinkage, customer complaints, etc) but these signs often go unrecognised.

The study also suggests that the popularity of outsourcing may have widened the threat of fraud. The danger of outsourcing stems from a possible over-reliance on the third party’s controls to protect the business’s interests.

Organisations that consider themselves vulnerable to theft of confidential or sensitive information stored on computers may wish to ensure that:

there are specific restrictions on IT systems whereby access to confidential information is restricted to specific individuals;

the IT system is able to track who is accessing what and when;

computers do not have the ability to copy information to an external or removable device such as memory stick or CD-ROM; or

individuals do not have the ability to email large files of sensitive information to themselves at home or to competitors.

Preventing Fraud

For the Council to be effective in countering the threat of fraud, everybody working within the Council must take responsibility for the prevention and detection of fraud.

Recruitment and Ongoing Personnel Guidelines

Unfortunately most fraud experienced by organisations is committed by its own staff. It is important to have an effective recruitment process designed to deter and prevent fraudsters seeking employment, and a system of personnel management designed to deter existing staff from committing fraud.

For more information on identifying false or fraudulent CVs please click here

Recruitment agencies have a vested interest in placing employees. Consequently it is important to ensure that any arrangements with recruitment agencies include provision whereby:

the agency will procure the applicant’s consent that all information provided by the applicant can be passed onto the prospective employer; and

obliges the agency to pass these details onto the prospective employer.

Ensure all contracts of employment have specific consents for:

monitoring email and telephones for security and prevention and detection of crime (also check registration under the Data Protection Act);

clear guidelines for the use of confidential and personal information;

clear post-contract obligations such as returning all company property and the use of any company information; and

the retention and recovery of pensions or bonus and incentive payments where fraud has been involved.

Enabling Employees to Report Fraud

As part of establishing an anti-fraud culture all employees need to be fully aware that whistle-blowing is an essential element in the fight against fraud.

According to the website for Public Concern at Work www.pcaw.co.uk,

“Someone blows the whistle when they tell their employer, a regulator, customers, the police or the media about a dangerous or illegal activity that they are aware of through their work.”

Where a report of a suspicion of fraud is made in good faith, the employee making the report is now normally protected in law under the Public Interest Disclosure Act 1998.

The Council has a clear Whistleblowing Policy which can be accessed on this site by clicking here.

Help us to fight fraud in the Council - BLOW THE WHISTLE!