CYBERCRIMINALS are stealing twice as much money from bank accounts as the banks actually report, MPs were told yesterday, as Britain’s elite crime-fighting agency admitted that financial fraud statistics were as good as useless.
Andrew Tyrie, the chairman of the Commons Treasury select committee, said he would write to banks and regulators after hearing a “serious allegation” that banks were “systematically understating the scale of fraud in the banking system”.
Donald Toon, the director of the economic crime command at the National Crime Agency, admitted to the committee that his organisation had “a very limited intelligence picture of the scale of the problem around most economic crimes”.
He said: “Fraud, and economic crime in general, is probably under-reported. We have seen increases in the level of reported fraud, but we have no real basis to make an assessment of whether that is an increase in the fraud problem or an increase in the proportion that’s reported.”
Mr Tyrie said that this was an “extremely concerning” piece of evidence, adding: “We don’t have even halfway reliable stats.”
In its last annual fraud indicator, the government estimated that retail banking fraud cost £475 million a year, based on reports from banks. The Times revealed in August that 3.6 million banking frauds had been left out of official figures.
The Treasury committee heard evidence from six experts yesterday, all of whom agreed that financial frauds were likely to be substantially under-reported.
Mr Tyrie said: “It sounds as if we have a much bigger problem than is currently being admitted.” The findings would be of “considerable concern” to the public because banking fraud “does damage and causes concern well beyond the sum of money involved. It creates uncertainty, a loss of confidence and a loss of trust.”
Richard Clayton, a computer security researcher at the University of Cambridge and a former adviser to banks on cybercrime, said bank insiders had admitted to him that twice the amount of money “goes walkies” from people’s accounts than banks admitted.
Banks published figures for the amount of money they recompensed their customers for thefts, he said. However, they did not have to report when money was stolen from accounts but recovered before it left the banking system altogether.
“They don’t want to frighten people,” Dr Clayton said. “If your account has been accessed without your knowledge and you change your password and everything is fine, then it’s obviously a scare for the bank, but no money goes missing. Moving it out of the banking system in a way that cannot be undone is quite difficult.”
Simon Fell, the acting head of external affairs at CIFAS, the fraud prevention service, said: “People don’t have an awareness of the scale of the problem. We see an awful lot of fraud and report it, but it doesn’t appear in the official crime statistics.”
Alastair MacWillson, a special adviser at PA Consulting Group, said that the problem was likely to be wider than frauds involving sums of money, such as thefts of private data and corporate secrets. “So it’s very difficult to quantify. Banks are obviously reluctant to air the fact that they have a problem, but they can’t really talk about things when they have an incomplete picture.”
Jeff Day, a security consultant at the British Computer Society, said banks were “masters of maths” that should be able to determine the true cost of fraud.
The Times
