Eight in ten mid-sized businesses in the Midlands experienced fraud in 2020, with an average loss totalling £160,416 in the East Midlands and £218,750 in the West Midlands, according to a new survey from accountancy and business advisory firm BDO LLP, which lays bare the extent to which COVID-19 has left firms exposed.
More than a third of companies (38%) reported an increase in fraud in 2020 compared with the previous year, with a fifth of East Midlands businesses (20%) and more than a quarter (27%) of West Midlands companies having suffered security breaches through cyber-attacks since the onset of the coronavirus pandemic and associated lockdowns.
BDO’s Fraud Track survey monitored fraud trends at 500 mid-sized UK firms throughout 2020. In the East Midlands, the research found that approximately half of the frauds (47%) were externally generated, however a third (33%) involved collusion between internal and external individuals, while a fifth (20%) were committed against companies by their own employees.
In the West Midlands, more than half of the frauds (52%) were externally generated, however a third (34%) involved collusion between internal and external individuals, while just 14% were committed against companies by their own employees.
The pandemic has exacerbated the risk of being targeted by fraudsters. Eighty per cent of Midlands business owners and directors think their company is more exposed to fraud since the emergence of COVID-19 – with one in five (20%) saying their exposure has “significantly” increased.
One of the main drivers of fraud risk since the first nationwide lockdown in March 2020 is home working, which has opened a gateway to new opportunities for data theft – including impersonation, or ‘spear phishing’, and sophisticated ‘whaling’ frauds aimed at senior executives.
It has also added complexity to the process of identifying and defending against cyber-attacks: pre-pandemic, security was predominantly perimeter-based with firewalls separating the ‘outside’ from the ‘inside’, but cloud services and remote working have blurred these lines.
Despite the rising number of frauds committed against mid-sized firms in 2020, BDO’s survey found that only 61% of Midlands companies have a fraud response plan in place.
Commenting on the findings, Sat Plaha, Forensics Services partner at BDO in the Midlands, said: “The sudden shift to remote working brought about by COVID-19 has amplified cyber-security threats.
“Fraudsters are developing increasingly sophisticated tactics at an alarming rate, including an increasing trend of accounting malpractices that are not being picked up in statutory audit, and the mass digitisation of the workplace has outpaced many firms’ ability to secure themselves against exploitation.
“It’s understandable that business leaders have been balancing the need to react to immediate operational concerns with forward planning and investment in fraud prevention and detection tools. The way business owners and directors act now will be critical in defining to what extent the pandemic facilitates a drain of IP and competitiveness.
“Our research shows that risk has increased and reported fraud is high and business leaders need to tackle this head on to protect the value in their business. Combatting the digital crime wave requires responsible investment to support long-term business resilience.”