The Rising Cost Of Online Fraud

Allan Maund, Head of Compliance and Risk at Dains,takes a closer look.

Dated: 24 January 2020 Author: Allan Maund, Head of Compliance and Risk

Research by one of the big four accountancy firms KPMG has highlighted that the cost of alleged cybercrime fraud topped more than £1.1 billion in 2019.

Commercial businesses and the general public are the main parties affected by this rise which is the sixth largest value in KPMG’s Fraud Barometer’s history.

This is a staggering figure. However, this will be lower than the actual figure as many fraud cases remain under-reported.

As I see it, the true scale of financial crime and what it costs businesses in terms of financial loss is greater than that reported.

There’s an over-reliance on financial crime data, collected at a national level and a lack of fraud data globally, so figures tend to be distorted and a number of reports use complex extrapolation models.

Businesses are likely to be losing out more than they realise because a number are not risk aware and they do not have appropriate cyber prevention controls in place. A number of businesses receive assurances they are cyber secure, when simply they are not.

Just because a business has not identified a cyber fraud attack, as these come in many guises and can remain dormant for months or years, it doesn’t mean that their data isn’t already compromised.

Companies tend to overlook the impact of cyber fraud as purely a financial loss, but there’s much more to it than simply a hit on the balance sheet.

The reputational damage resulting from a cyber-attack can have far reaching consequences for a business, regardless of the sector they are in.

Damage to reputation and image does have a significant effect on customer and shareholder confidence, often resulting in a fundamental income reduction.

It is not unknown for customers, shareholders and benefactors to take their business elsewhere and the negative financial snowball is then in motion. Also, it's not uncommon to see plummeting share prices in the corporate sector, so there is no happy ending.

Businesses need to consider their cyber-insurance products very carefully; some policies provide a false sense of comfort. A number of policies require a business’s cyber defences to be at a recognised standard before they are valid, a business needs to challenge the assurance their IT provides them.

Often overlooked is the immediate impact following a cyber-attack. A business needs to ensure the insurance they have affords the required level of support following a cyber-attack. If a business is not able to operate for several days and weeks following a cyber-attack, this could have a significant impact on trading, particularly for those on-line businesses.

As cyber fraudsters technology improves constantly and becomes even more user friendly and less complex to launch an attack, the UK and global economy will continue to be impacted at alarming rates.

A key element for any business to improve their vulnerability is to invest in raising cyber and fraud awareness with employees, ensuring fraud and cyber-fraud are recorded as a business risk, challenging the assurances of the IT provider and finally adopting an overarching effective and proportionate risk management and internal control framework.

At Dains, our Compliance and Risk Team take the time to understand your operating environment, and work with you proactively to identify which areas and activities within the business are the most vulnerable to all types of fraud.

If you become aware of potential fraud, it’s important to get some professional advice as soon as possible from our fraud specialists.

We are able to improve communication, raise awareness and develop plans to mitigate fraud risk, so you’re well placed to combat the threat.

For more information, please contact Head of Compliance and Risk Allan Maund at Dains Accountants on 07415 791807 or email