Features | 09/02/22

Fraud in the UK has reached epidemic levels. It’s estimated that there were 3.8 million fraud offences in England and Wales in the year ending June 2019, the scale of which was experienced by Cifas members.

The National Fraud Database, which Cifas operates, received a case of fraudulent conduct committed against a member organisation every two minutes on average in 2020. Three in five of these cases related to identity fraud, whereby a criminal impersonated an innocent party, or created a synthetic identity, to open a new account.

Identity fraud is a growing issue in the UK largely because of the role it can play in facilitating further crimes, and every individual in the UK (regardless of age, gender or wealth) is a potential target.

Recent technological innovations in the payments industry have created a better customer experience for genuine customers. However, the likes of increased automation, quicker processing and faster payments make the industry attractive to criminals searching for ways to bypass measures put in place to detect fraud. For example, by using stolen personal details obtained through the likes of phishing scams, data breaches or a business insider, criminals can commit identity fraud to impersonate an individual and apply for loans and other products.

One of the greatest control measures loan providers use to protect against this risk is bank account verification checks, which confirms the destination account for the loan belongs to the individual applying for the loan. Criminals are aware of this, and Cifas members have reported criminals combining the identity fraud with other fraudulent activities to transfer the funds out of the account.

One example of this is authorised push payment (APP) scams, losses from which increased by 71% in the first six months of 2021 according to UK Finance. In the era of fast payments, fraudsters can have the funds from the identity fraud deposited into an account and transferred to another account within a matter of hours.

One recent example of an APP scam impacting Cifas members was a text message claiming to come from a bank’s fraud department. In this message, recipients were told that a loan had been applied for in their name, and this was followed up by a phone call advising the recipient that once the funds had been received, they should be forwarded on to a ‘safe’ account.

Another example reported by a Cifas member saw a fraudster utilising screen-sharing technology to alter a victim’s online banking. By hashing the webpage, the online banking screen showed the fraudulent loan had been paid into the victim’s account by a government department. By convincing the victim that they were calling from that department and the money had been sent in error, the victim forwarded the funds on to another account controlled by the fraudster.

In whichever way criminals disappear with the funds from the fraudulent loan, it’s typically the loan provider who takes the financial hit from the identity fraud as they write-off the loan as a fraud loss. Not only does this have a detrimental impact on the loan company, its customers, staff and shareholders, but also wider society itself.

A recent report by the Royal United Services Institute (RUSI) proved the link between fraud and organised crime. Funds stolen from identity fraud victims go on to fund high-harm crimes committed by organised crime groups, such as people and drug trafficking, as well as terrorist financing. It is therefore vital that loan companies are supported in their efforts to tackle identity fraud to prevent the funds ending up in the coffers of organised crime.

Cifas is a not-for-profit organisation collaborating with members in their fight against the threat of fraud. Cifas’ National Fraud Database is the UK’s largest repository of identity fraud cases, with hundreds of organisations from across different sectors reciprocally sharing their fraud risk data and intelligence to the benefit of themselves and the wider Cifas community.

As well as traditional data matching, recent technological enhancements have enabled Cifas members to receive additional risk information to mitigate against the threat of identity fraud.

In 2020, Cifas launched its facial matching service in the National Fraud Database. This allows organisations to search images against documents previously identified as being false, altered or fraudulently obtained genuine documents. This is a particularly useful feature where criminals try to use the same victim’s details and documents to apply for products and loans multiple times.

Other enhancements to the service include Location Based Alerts, which warn organisations to multiple recent victims of identity fraud near a searched address. Enhanced Analytics also analyse the criteria of every search made by all members and will detect instances where multiple searches are made with a common element of data alongside multiple different identities.

Over the last year Cifas has also launched our newly developed Digital Fraud Check Scheme. This allows members to contact each other through a secure platform where there is a suspicion of a fraud risk to confirm key details, and ultimately decide whether there is a fraud concern.

The Cifas community exists to help all organisations lead the fight against fraud through the provision of data, intelligence and learning. We are continuing in our discussions with lenders in Cifas membership as to how we can further support them in their battle against identity fraud and are keen to hear from any organisation wanting tackle the fraud epidemic.