Table of contents
On 30 June 2023, the House of Lords is due to debate the following motion:
Baroness Morgan of Cotes (Conservative) to move that the Grand Committee takes note of the report from the Fraud Act 2006 and Digital Fraud Committee ‘Fighting fraud: Breaking the chain’ (HL Paper 87).
1. Background to the report
1.1 Legislation: The Fraud Act 2006
The Fraud Act 2006 is the principle legislative tool used to prosecute fraud in England, Wales and Northern Ireland. The act provides for the general offence of fraud and introduces three ways of committing it:
- fraud by false representation (section 2)
- fraud by failure to disclose information (section 3)
- fraud by abuse of position (section 4)
The Crown Prosecution Service (CPS) has explained that in each case the defendant’s conduct must be dishonest, and their intention must be to make a gain, or cause a loss or the risk of a loss to another. However, no gain or loss needs actually to have been made. The maximum sentence for these offences is 10 years’ imprisonment.
The 2006 act also contains further offences relating to the possession, manufacture or supply of articles for use in fraud and obtaining services dishonestly.
1.2 The committee’s inquiry
The House of Lords Fraud Act 2006 and Digital Fraud Committee was appointed in January 2022 and re-appointed in May 2022 at the start of the new parliamentary session. The committee was tasked with considering “a wide range of issues” relating to fraud, including the topics found in its name. In its call for evidence, published in March 2022, the committee explained that its considerations would include:
- how the provisions of the Fraud Act 2006 are used in practice for the detection, prevention and prosecution of fraud
- whether the act is in need of reform
- how the act is being applied to tackle fraud committed online or through digital means
- what more needs to be done across the public and private sectors to stop fraud committed through digital services
The committee received both oral and written evidence, copies of which can be found on its website.
2. The committee’s findings
2.1 An overview of fraud
The committee published its report ‘Fighting fraud: Breaking the chain’ on 12 November 2022. Within the report, the committee set out its findings in relation to the scale of the issue, its impact and how the problem is currently tackled. Some of its findings in these areas are briefly summarised below.
Most common crime
The committee found that fraud was the most commonly experienced crime in England and Wales, accounting for approximately 41% of all crime against individuals. The committee said that a person aged 16 or over is more likely to become a victim of fraud than any other individual type of crime. Fraud was also found to cost the economy billions of pounds every year, with the committee hearing from the Bank of England that it directly affects consumer confidence.
Focusing on the impact of the Covid-19 pandemic, the committee said that while data is incomplete, it had identified an increase in fraud over recent years. The committee reported that in the year ending March 2022, fraud had increased by 25% since the pre-pandemic year to March 2020. It argued that while these figures had begun to stabilise, fraud remained higher than before the pandemic, with data showing losses over the past year totalling “a staggering £4bn”.
Impact of fraud
The committee argued that fraud was not a victimless crime, with its financial and emotional cost found to be “immeasurable”. The committee argued that the financial impact can be significant, particularly in the context of the current cost of living crisis, and that the emotional impact can be “even more traumatising”:
Victims of fraud are socially engineered by malicious fraudsters, many will face a crisis of confidence and lose trust in the authorities and people that surround them, and some may suffer devastating mental health consequences. Unlike almost any other crime, fraud victims are often blamed for the crimes that have been committed against them, which reduces their incentive to report fraud to the authorities. Some will never recover the funds they have lost, and those that do may remain emotionally shattered by their experience. Many will never see the perpetrator face justice.
Role of technology
The committee attributed the recent increase in fraud to the shift towards digitalisation during the pandemic, with more people going online to complete their daily activities. It argued that digital technologies are being used by both domestic and overseas organised crime groups (OCGs) to target victims.
On what makes the UK “a fertile ground for fraudsters”, the committee noted the UK’s widespread use of the English language, its position as a digitalised global financial hub, its adoption of the Faster Payments system, as well as the emergence of crypto assets. As a result of these pull factors, the committee said that digital fraud had increased, with 80% of reported fraud cyber-enabled. This means that while the crime could have taken place offline, the scale, reach and impact have been expanded by the use of online services and digital technology.
The committee explained that a “monumental increase” in authorised push payment (APP) fraud, where a person or business is tricked into sending money to a fraudster posing as a genuine payee, had led it to focus its inquiry on APP fraud and the impact of digital fraud on individual consumers.
Action on fraud: Law enforcement, Action Fraud and the judicial system
Examining the response to fraud, the committee argued that “law enforcement agencies are chronically underfunded for the fight; only a paltry 1% of law enforcement is focused on tackling economic crime”. The committee also found that digital investigation is outside the capacity of mainstream policing, with the organisational structure for policing fraud “complex and confusing”. The involvement of “a plethora of agencies and bodies” was found to have caused a “vacuum of responsibility and a culture of blame shifting”.
Noting issues with Action Fraud, the UK’s national reporting centre for fraud, and local police forces, the committee argued that a situation had been created where fraud was under-prioritised across government and law enforcement agencies. It argued that this had led to a “permissive culture” towards fraud and the criminals who commit it. The committee said that this attitude has permeated through to “private sector players in the fraud chain” which it argued “have not stepped in to do what they can to prevent consumers being scammed”.
The committee also found that the criminal justice system had “failed to keep pace with the threat” posed by fraud, which had resulted in a “significant decrease” in the prosecution of fraudsters over the last decade. Focusing on the Fraud Act 2006, the committee said that while there was scope for increasing maximum sentencing, it remained “a highly effective piece of legislation”. Further information on the scrutiny of the 2006 act can be found in a post-legislative assessment produced by the Ministry of Justice for the committee.
However, the committee found that the 2006 act had been hindered by court backlogs as well as an “outdated disclosure process” that had failed to keep pace with the changing technological landscape. The committee said that these issues could not be blamed for the failure to find and prosecute fraudsters.
The committee argued that the situation has meant that criminals do not fear facing investigation or justice, and that OCGs from “around the world” can turn to the UK as a lucrative market to commit fraud. The proceeds of such crime can then be used to fund other activities, such as human trafficking and the drugs trade.
Action on fraud: Private sector
Explaining that fraudsters often follow a series of steps before they are able to ‘cash out’ their stolen funds, the committee argued that within this ‘fraud chain’, multiple stakeholders across several sectors enable fraud to take place. The committee argued that “for too long, these businesses have been allowed to enable and facilitate fraud”.
Focusing on the telecoms sector, the committee said that there is no real incentive for it to prevent fraud and that the sector had “allowed blame to be placed elsewhere for too long”. It called for the sector to do more to tackle phishing emails and smishing texts before they reach victims and prevent fraudsters from making spoof phone calls. Phishing is the practice of sending fraudulent communication that appears to come from a reputable source. Smishing is the same practice but refers to the use of SMS text messages to defraud victims.
Similarly, the committee said that web-hosting providers should prevent fraudsters from registering fraudulent website domains and that the tech sector needs to stop fraudsters using online advertising and social media platforms. Overall, the committee argued that until all fraud-enabling industries “fear significant financial, legal and reputational risk for their failure to prevent fraud, they will not act”.
2.2 Key conclusions and recommendations
The committee argued that despite the scale of fraud, “successive governments have failed to tackle the issue with the priority it deserves”. Commenting further, it said:
If citizens were being routinely mugged and having millions of pounds stolen from their wallets in broad daylight, every organisation involved in allowing this to happen would have no choice but to deal with it swiftly, and the perpetrators would be brought to justice in court. Because most fraud is now happening online and often involves social engineering of the victim, the exponential growth in fraud and scams has been invisible and fraudsters face little risk of being caught. This has to stop.
In a press release announcing the publication of the report, the committee highlighted three key conclusions from its work. These focused on the scale of fraud, the role of digital technology during the pandemic and the under-resourcing of enforcement and its affect on the Fraud Act 2006.
Alongside these conclusions, the committee made 65 recommendations. In the press release, the committee highlighted six of these as its key recommendations:
- There are a mind-boggling variety of departments, agencies and ministers with responsibility for tackling fraud. This leads to inefficient policymaking and a lack of accountability in government. We want the government to establish a cabinet subcommittee with a clear mandate to tackle fraud, chaired by and accountable to the security minister.
- At the moment, just 1% of law enforcement is focused on tackling economic crime, the way that fraud is policed is ineffective and agencies lack the digital skills to properly tackle digital crime. We want fraud to be written into the strategic policing requirement, which sets out the top priorities that the police must focus on.
- There are several sectors involved in the fraud chain, but they do not all face the same incentives to tackle the problem. Until all fraud-enabling industries fear significant financial, legal and reputational risk, they will not act. So, we call for the introduction of a new corporate criminal offence of ‘failure to prevent fraud’, applicable across all sectors, accompanied by significant financial penalties.
- There is no single, national campaign to raise awareness about how to protect yourself against fraud, and how to report it if it happens. The government should introduce a single, centrally funded consumer awareness campaign in partnership with industry to remedy this.
- The Online Safety Bill contains several important measures to prevent fraudulent content and scam advertising from appearing on online platforms and to hold tech companies accountable when they fail. The bill must be brought to parliament urgently [The bill was paused in summer 2022. Several clauses were recommitted to a House of Commons public bill committee in December 2022, after the committee’s report was published. The bill is currently part way through its committee stage in the House of Lords.]
- Finally, the UK has one of the most advanced digital banking systems in the world. While this is great for businesses and consumers, it makes the UK a lucrative market for fraudsters who want to quickly cash out stolen funds. We are calling for the introduction of a delay lasting no more than several hours on certain high-risk payments. This would give banks more time to analyse whether a payment might be fraudulent.
These recommendations were reiterated in the report’s summary.
Commenting on the findings, the chair of the committee, Baroness Morgan of Cotes (Conservative), highlighted the scale of fraud in the UK and its impact, and argued that it is “under-resourced, under-prioritised, and its impact is widely underestimated”. To address these issues, Baroness Morgan argued that the “government must act”.
3. Government response
3.1 Overview
The government responded to the committee’s report on 9 March 2023. Stating that it had carefully considered the committee’s 65 recommendations, the government said that the report had highlighted several important areas for its attention. The government explained that its response set out how it intended to address these issues. In addition, it said that the report had helped to shape its forthcoming fraud strategy (an overview of this strategy can be found in section 4 of this briefing).
In the overview of its response, the government noted that the committee’s recommendations covered a range of topics, including, but not limited to, upskilling the public to spot scams; working with the finance, telecommunications and technology sectors to ‘design out’ fraud by taking preventative steps at the design stage; and modernising the UK’s legislative framework to combat fraud. The government also recognised that it would be “unable to fight fraud alone and that a unified and co-ordinated response from government, law enforcement and the private sector” was required. It argued that together, “we can better protect the public and businesses, reduce the impact of fraud and increase the disruption and prosecution of fraudsters”.
3.2 Response to key recommendations
As part of its response, the government replied to the six key recommendations set out by the committee, with five of the recommendations taken forward, at least in part:
- On the call for the government to establish a cabinet subcommittee with a clear mandate to tackle fraud, which would be chaired by and accountable to the security minister, the government highlighted the joint fraud taskforce. The government said that it recognised that fighting fraud requires “a concerted and coherent public-private sector approach”. As a result, the security minister chairs the taskforce which “brings together all relevant government departments, law enforcement partners, charities, regulators and private sector stakeholders”.
- For the recommendation that fraud be written into the strategic policing requirement (SPR), the government said that the Home Office had worked with policing partners to “shape a revised version of the SPR, which has now been published, giving fraud greater prominence”. The government also said that it recognised recommendations made in this area and would set out its updated position in the SPR.
- Responding to the recommendation for the introduction of a new corporate criminal offence of ‘failure to prevent’, the government agreed that “the current law on corporate criminal liability does not adequately hold organisations and their senior persons to account for offences”. It noted a Law Commission review published in June 2022 on options for reform, and said it was working to “determine a case for strengthening the law on corporate criminal liability”. The government also said that it was committed to addressing the need for a new failure to prevent fraud offence through the Economic Crime and Corporate Transparency Bill. In addition, it highlighted the Online Safety Bill and the creation of a duty on social media and search engine companies to put into place systems and processes to prevent fraud on their platforms. In April 2023, the government published a factsheet on the new failure to prevent fraud offence.
- On the recommendation for a single centrally funded consumer awareness campaign the government agreed with the importance of raising public awareness on the issue of fraud. It explained that it had established a new public engagement team at the National Economic Crime Centre (NECC) and the National Crime Agency (NCA) to “drive work across the public and private sectors to coordinate anti-fraud communications, analyse what is most effective, and create consistent messages for the public”. The government also noted several of the “numerous existing campaigns that deliver fraud messages”. However, it recognised the limits to communication campaigns to protect against evolving fraud and said that its new fraud strategy would set out “how we are also expecting industry to do more to block frauds in the first place”.
- The committee called for the Online Safety Bill to be urgently reintroduced to Parliament, with amendments on fraudulent advertising aimed at platforms of all sizes. In response, the government agreed that companies “must take preventative steps to tackle fraudulent advertising”. It outlined a duty contained in the bill that would be imposed on the largest social media platforms and search engines to take proactive steps to prevent fraudulent adverts on their services. However, it said that the bill was designed to “be proportionate” and that smaller companies pose a smaller risk and have fewer levers over paid-for ads.
- On the call for a delay for certain high-risk payments, the government highlighted the Payment Services Regulations 2017. It explained that under these regulations, banks and other payment service providers must ensure payments are credited to the receiving account by the end of the next working day. It therefore argued that service providers can already hold up payments and refuse to make payments where this is permitted. However, the government said that it was investigating amending legislation to enable payment service providers to delay payments beyond these timescales in limited, high-risk fraud scenarios.
4. Recent development: The government’s fraud strategy
The government response to the committee’s report referred to its ‘Fraud strategy’, which was published on 3 May 2023. Within this strategy, the government argued that fraud poses a “significant threat to the people, prosperity and security of the UK”. It added that the high volume of fraud and severity of the risk it poses threatens the UK’s national and economic security and enables terrorism and organised crime. The government also highlighted that its 2021 ‘integrated review of security, defence, development and foreign policy’ recognised the problems posed by fraud. In addition, the 2023 integrated review refresh recognised the importance of the fraud strategy in “stopping the exploitation of the UK’s financial systems and economic openness for criminality and corruption”.
Noting the financial and emotional harm caused to victims, the government said that its strategy set out an aim of reducing fraud by 10% on 2019 levels by the end of this Parliament (which will end in December 2024 at the latest). It explained that it would put protecting people at the heart of its response and outlined a number of actions it would be taking. The government said that it had already committed £100mn of “new money to bolster law enforcement in the fight against fraud” as part of a wider £400mn investment in tackling economic crime.
In addition, the government set out its planned actions under a series of overarching aims. On stopping fraudsters “from trying to make victims of us all”, the government said it would:
- ban cold calls on all financial products to stop fraudsters duping people into buying fake investments
- ban SIM farms which are used by criminals to send thousands of texts at once
- review the use of mass text aggregators and explore next steps to stop fraudsters from being able to send scam texts in bulk messages
- stop more scam calls by making it harder for fraudsters to ‘spoof’ UK numbers to make it look like they are calling from a legitimate UK business
- stop people from hiding behind fake companies and create new powers to take down fraudulent websites
The government also said that it would make it easier to report scams by replacing Action Fraud with a “state-of-the-art system for victims to report fraud and cybercrimes to the police”. It also said that it would work with industry to ensure that intelligence is shared quickly with each other and law enforcement, with action taken early to stop fraud.
On ensuring victims of fraud are reimbursed and supported, the government said it would change the law so that more victims get their money back. It also committed to overhauling and streamlining fraud communications “so that people know how to protect themselves from fraud and how to report it”.
To improve the law enforcement response to fraud, the government said it would:
- launch a new national fraud squad with over 400 new specialist investigators, and make fraud a priority for the police
- deploy the UK intelligence community and lead a new global partnership to “relentlessly pursue fraudsters wherever they are in the world”
- imprison fraudsters through better investigation and prosecution processes for fraud and digital offences
The government also said it would make sure that every part of the system is incentivised to take fraud seriously by:
- making the tech sector put in place extra protections for customers and introducing “tough penalties for those who do not through the Online Safety Bill”
- ensuring large tech companies make it as simple as possible for users to report fraud on their platforms
- highlighting which platforms are the safest, making sure that companies are properly incentivised to combat fraud
In addition, the government said that there were cross-cutting themes that it would tackle, including working internationally, improving data sharing across and beyond government, and tackling the problem of money mules (a type of money laundering used by fraudsters).
Cover image by Freepik.