The National Crime Agency has issued a fraud alert to the industry over an increasing number of “invoice mandate” frauds in 2013, with one construction business losing a reported £1.1m to the scam.
The National Crime Agency, working with the National Fraud Intelligence Bureau, has said that there were 34 reports of invoice mandate fraud from the construction industry between 1 January and 13 October this year.
The cases were reported to Action Fraud, the UK’s national fraud and internet crime reporting centre.
The majority of industry companies that have fallen victim to the fraud were large scale civil engineers, although a number of smaller companies contracted on their behalf also reported being victims of mandate fraud.
The losses incurred ranged from £138 up to £1,101,165, with the majority estimated at between £95,000 and £160,000.
David Barnes, policy & research officer at the CIOB, said: “Incurring losses of up to £1m is hugely damaging to businesses and may even lead to insolvency for some firms. The fraud alert should serve as a warning to contractors and suppliers to be vigilant against unscrupulous activity and the CIOB recommends adopting simple checks and balances to prevent fraud of this nature.”
Mandate fraud, also known as creditor fraud, payment diversion fraud and supplier account fraud, involves criminals contacting companies, either by email, letter or telephone purporting to be a supplier or customer. They then advise the company that their bank account details have changed which enables them to take control of the account and to benefit from unauthorised payments from the company. This then leaves both the legitimate supplier and customer out of pocket.
The majority of approaches to the companies were by email (56%) using either the construction company’s email address or a similar one. Other victims have been contacted by telephone (21%) or by letter (18%). In these cases a company letterhead was used with a signature forged on behalf of the company director. It is not known how the criminals are accessing the client list to know who to contact within the companies they are targeting.
The NCA suggests that contractors look out for the following indicators if they suspect their business is being targeted:
- The letters sent may appear as genuine letters on company headed paper and signed off by the company directors or accountants.
- The letters will provide details of the new account with the wording that “these amendments should take place immediately”.
- There does not appear to be a preferred bank for the change of account details.
In addition, it has these recommendations to help prevent mandate fraud:
- Ensure that all financial paperwork is shredded to avoid theft of the company identity/logo and prevent the bank details being obtained by others.
- Employ due diligence checks, ie any notification of a change of bank account should require further verification by contacting the supplier/customer directly before implementing any changes. A single point of contact should be set up within each business on a pre-agreed number who can verify any legitimate changes.
- Internet and email users should be encouraged to change their passwords regularly to avoid criminals accessing their accounts. Companies should regularly check their emails, websites and bank accounts to ensure these details are not being hacked.
- Ideally, every employee of the company should have their own computer and log-in details to avoid criminals hacking into multi-user computers easily.
The NCA says that if you believe your company has been a victim of mandate fraud then you can report this to Action Fraud by visiting www.actionfraud.police.uk/report_fraud or by contacting 0300 123 2040. You may also wish to contact your local police force.
