1. Introduction
- Fraud
Fraud can be described as dishonestly causing loss to another or exposing another to a risk of loss by means of a false representation.
“Fraudulent Practice” means any act or omission, including misrepresentation, that knowingly or recklessly misleads, or attempts to mislead, a party to obtain a financial benefit or to avoid an obligation.
Fraud can take place internally within an FI, for example employees creating ghost customer accounts to achieve sales targets or falsifying expenses for financial gain; or externally, for example a customer inflating salary details to obtain a mortgage or impersonating someone to access account details and steal funds.
Fraud often results in employees of FIs (including senior managers) being dismissed or fined for wrong-doing and the FI and its customers loosing significant sums of money to fraud.
- Tax evasion
Tax evasion is the illegal evasion of taxes by individuals, corporations and trusts e.g. Corporation Tax, Value Added Tax (VAT) or Income Tax. It can include:
- being knowingly concerned in, or in taking steps with a view to, the fraudulent evasion of tax;
- aiding, abetting, counselling or procuring the commission of a tax evasion offence; or
- being involved in the commission of an offence consisting of or being knowingly concerned in, or in taking steps with a view to, the fraudulent evasion of a tax.
It can involve deliberately avoiding paying due tax or providing false information to cheat the tax system. Small businesses and sole proprietors are one of the largest contributors to tax evasion as it is harder for the government to identify and prosecute skimming or non-reporting of minor income. Charities are also prone to over-stating charitable contributions.
Tax evasion must not be confused with tax avoidance, which is the legal use of tax laws to reduce one’s tax burden, but aggressive forms of tax avoidance can border on tax evasion. Both tax evasion and tax avoidance can be viewed as forms of tax non-compliance as it involves activities that intend to subvert a state’s tax system, albeit tax avoidance is generally lawful. Many countries, including the UK, have implemented tax evasion laws where breaches can result in significant penalties.
2. Best practice for FIs: A risk-based approach
- Fraud controls
A counter fraud framework will share many similarities with a strong ABC programme and many fraud controls will be accounting and financial controls. Fraud such as using false identities can often be used in money laundering offences, and AML controls should also be leveraged to detect fraudulent activity. Similar to other financial crimes, a risk assessment should be performed to identify higher risks for internal and external (customer) fraud.
Counter-fraud systems and controls should be embedded in the FI’s wider FCC programme. These include:
- Consideration of the FI’s exposure to fraud risk in the organisation’s risk assessment.
- Formulation of policies and procedures that include preventive measures and customer checks, fraud response plans and investigation procedures.
- Establishment of an appropriate governance structure that ensures Senior Management oversight.
- Staff awareness on what constitutes fraudulent behaviour and the FI’s approach to fraud, including relevant policies and procedures.
Controls to prevent internal fraud
- Segregation of staff duties e.g. sales and collections;
- IT and physical security controls including password, email monitoring/surveillance;
- Reconciliation checks of customer loan books;
- Employee Reference and Conflict of Interest checks and Chinese walls;
- Whistle-blowing process;
- Fraud detection, investigation and response teams;
- Training & Awareness.
Controls to prevent external fraud
- FIs should leverage customer due diligence measures to verify their customers’ identity and minimise fraud risks, including checks against fraud databases (where available). Enhanced due diligence should be applied to high risk customers;
- Additional verification should be used in cases where identity is being confirmed electronically, copy documents are being used, or the customer is not there in person;
- Customer awareness of fraud including identity fraud, investment fraud, various scams;
- Customer / payment verification and card/internet security.
- Tax evasion controls
FIs should have policies and procedures in place to prevent Associated Parties (including employees, agents, introducers, consultants and brokers) from facilitating UK or foreign tax evasion. FIs should also undertake a risk assessment to understand higher risk areas for tax evasion and tax avoidance including: business in offshore tax havens or countries with heightened risk of bribery and corruption, client types including high net worth individuals (HNWIs); provision of tax advisory services or provision of complex/structured transactions. Policies/procedures should include:
- Top-level/Board commitment to prevent tax evasion;
- Due diligence requirements including: employee checks; enhanced due diligence of higher risk customers (e.g. HNWIs) and transactions (complex structures/ownership); review of products that can be prone to tax misuse; third party checks;
- Communication and training on policy requirements;
- Consequences for breaching of policy requirements;
- On-going monitoring and review of policies/procedures and controls.
- International best practice
- Identity Fraud: Tax Evasion and Money Laundering Vulnerabilities, OECD – https://www.oecd.org/ctp/crime/identity-fraud-tax-evasion-and-money-laundering-vulnerabilities.htm
- Guidance Note on Fraud Risk Assessment and effective and proportionate anti-fraud measures, European Commission, 2013 – https://ec.europa.eu/regional_policy/sources/what/future/pdf/preparation/guidance_fraud_risk_assessment.pdf
- Fraud Risk Management – A guide to good practice, Chartered Institute of Management Accountants – https://www.cimaglobal.com/Documents/ImportedDocuments/cid_techguide_fraud_risk_management_feb09.pdf.pdf