It’s certainly been an unprecedented time in recent months. Accountants and their clients have been grappling with emergency support schemes and frequent government announcements, shifts to new patterns and locations of working, and in many cases, severely diminished workforces. If that wasn’t enough, an additional side-effect of Covid-19 and the ensuing lockdown has been a rise in the frequency and ingenuity of fraudsters targeting individuals and organisations. This shift requires greater vigilance than ever, and accountants need to be taking appropriate measures to tackle the issue too.
According to the National Crime Agency (NCA), fraud already costs the UK economy £190 billion a year. Covid-19 has simply enhanced these levels and in particular, the NCA is reporting:
- an increase in cases related to suspected fraudulent claims for various Covid-19 Government Priority Schemes. Key trends associated with fraudulent claims include funds being withdrawn quickly, either as cash or transfers to a third party; grants being used for personal expenditure and not to support a struggling business; and claiming grants for furloughed employees to pay their salaries while they are continuing to carry out their regular duties without telling them;
- cases of suspected fraud involving individuals and organisations who have paid for but not received personal protective equipment (PPE) and hand sanitisers;
- cases related to pressurising individuals to take advantage of time-critical investment opportunities; and
- fraudulently raising money for Covid-19 related charities.
What’s more, the tactics are changing too. As well as an increase in reports of phishing emails, texts and phone scams, ‘smishing’ and ‘spoofing’ have come to the fore. Smishing is where fraudsters impersonate other organisations by phone, text or email, in order to obtain personal information, financial information or money. Many claim to be from government departments, banks, or similarly trusted organisations, either offering payment in support of the business, or claiming to issue fines, most recently as part of the NHS Track & Trace initiative for example. Spoofing on the other hand is significantly more sophisticated, Fraudsters can push fraudulent messages into a chain of existing genuine messages from an organisation, thereby building implicit trust, despite directing a user to a fake website or to take a fraudulent action. It is harder to spot, and it is possible your clients don’t even realise it can happen.
So what actions should you be taking, and how can you support your clients?
Accountants have exceedingly privileged positions as one of a business’s most trusted advisers. This means you not only have the unique opportunity to educate clients and help prevent cases of fraudulent activity, but also to be their first port of call if they do fall victim to a scam. In addition, you have a responsibility to uphold your own standards in supporting your clients, and to be alert for less than scrupulous actions that a client might be taking. Now more than ever is a time for increased vigilance regarding fraud at all levels, monitoring for possible breaches, and also implementing effective measures to minimise the risk.
First, you need to follow the advice of the ‘Take Five to Stop Fraud’ campaign, and educate your clients to do the same, before ever parting with money or information. This is a three-step approach which is targeted at individuals, but works just as well for organisations too:
Stop: taking a moment to stop and think before parting with your money or information could keep you safe.
Challenge: could it be fake? It’s ok to reject, refuse, or ignore any requests. Only criminals will try to rush or panic you. Don’t forget to encourage clients to implement internal practices that help identify scams, such as using purchase order numbers or logging purchases and suppliers at the point of sourcing.
Protect: contact your bank immediately if you think you’ve fallen for a scam and report it to Action Fraud, the UK’s national reporting centre for fraud and cybercrime. If you receive a suspicious text message, report it to your network provider by forwarding it to 7726.
Second, if you are “providing accountancy services to the public for reward (the regulated sector)”, then the risk of Covid-19 fraud needs to be reflected in your business’ anti-money laundering (AML) risk assessment, policies, procedures and staff training. Practising accountants should also refer to the guidance issued by the Accountancy AML Supervisors’ Group, which outlines particular risks to accountancy firms; what challenges and factors to consider in respect of non-face to face identification; and verification and associated digital identity services you can use.
Third, if you are concerned about a potential incident or have identified one for yourself or your client, you need to report it to the right agency. It is unlikely to result in the direct recovery of the monies, but this data and information is essential for investigation and monitoring purposes and preventing the same or similar scams in the future. Fraud and cybercrime should be reported to Action Fraud. If you think you have received an HMRC-related phishing or bogus email or text message, or believe that you have identified tax-related fraud, report it to HMRC. Finally, if you have knowledge or reasonable grounds for suspicions of money laundering and/or terrorist finance, accountants are required to submit a suspicious activity report (SAR) to the NCA to discharge your AML obligations. It is important to recognise that money laundering is not only about committing the crime or arranging the original crime, but includes anyone who assists in concealing the origins of laundered money or uses the proceeds of crime.
Anne Davis, Director of Professional Standards of the Institute of Financial Accountants comments “Detecting fraud is and always has been a part of an accountant’s responsibility, but there is a risk that these responsibilities are slipping at a time of unprecedented workloads, or that accountants and their clients are not entirely aware of some of the changes that have happened in recent months. Fraudsters are getting smarter, scams are getting harder to spot, and dispersed workforces mean that it can be exceptionally difficult for clients to maintain their own processes and procedures which normally diminish this risk. Accountants have a responsibility, now more than ever, to be vigilant of these risks, to support their clients and to report what they see.”
For more advice and support on the specific issues, please refer to Action Fraud, The Fraud Advisory panel which also provide weekly emails on fraud trends and recent scams, The National Crime Agency which also issue suspicious activity reports, HMRC which offer advice about scams in their name and recognising phishing emails, and finally to the Government guidance for individuals and businesses on protecting yourself from fraud, which may be helpful for your client.
This article has been provided by The Institute of Financial Accountants