Cases of individuals stealing from their employer and customer accounts have increased by nearly three-quarters (74%) when compared to 2022. In its latest Fraudscape update, which includes reporting on cases filed to the Cifas Internal Fraud Database (IFD) in the first nine months of 2023, employees carrying out theft from customer accounts also rose by 27%.
Against the backdrop of the continuing cost-of-living crisis and many employees looking for ways to supplement their income, nearly half (48%) of the 249 cases recorded to the Cifas IFD between January-September this year related to dishonest conduct – a 35% increase compared to the same period in 2022.
Theft of IT equipment accounted for 21% – many items of which would have been stolen with the intention of selling on – with 16% withdrawing funds from customer accounts in a bid to bolster their wages.
Most of the employees that carried out dishonest conduct were aged between 21-30 years-old (42%), with branches (45%) and contact centres (29%) most affected. There was also a jump in older employee cases in 2023 – a 56% increase amongst those aged 51-60 when compared to 2022.
Promisingly, as more organisations explore ways in which they can equip their workforces to better understand internal fraud, cases of staff recognising and reporting colleagues for fraudulent conduct have risen by 38% in 2023.
And during a time in which 1.2 million UK adults revealed they had a second job to cope with rising costs – often referred to as ‘polygamous working’ – Cifas has received an increase of reports of staff sharing log-in details to appear to be working as well as not fulfilling their contractual hours.
The data shows that in the first nine months of 2023, unlawful obtaining or disclosure of personal data rose by over a third (up 36%), and in a large proportion of these cases, disclosure of customer data to a third party featured in 42% of filing reasons.
Tracey Carpenter, Insider Threat Manager for Cifas, said: “The impact of the current economic climate can quickly become overwhelming for those that are struggling to balance their finances with the pressures of everyday life. This can, in some instances, result in employees committing dishonest conduct in their workplaces in an effort to pay bills or repay debts.
“There may also be employees who are disgruntled at work and feel they deserve more in their pay packets each month, and so manipulate the hours worked or inflate their expenses. Some may even turn to organised crime gangs to divulge personally sensitive information about their companies or colleagues in exchange for cash.
“What these insights show is that organisations large and small must remain on top of their internal controls if they want to protect their workforces and keep business assets safe. Insider threat continues to be a very real problem for employers to tackle, and there has never been a more important time to invest in the resources needed to future-proof their workplaces.”
Overall, the Cifas IFD saw a 10% increase in cases recorded compared to the same timeframe in 2022.
Four ways employers can protect against insider threat
- Look at the full employee lifecycle. Undertake checks at the pre-employment screening stage and throughout the employee’s employment – regardless of their role in the organisation – to identify any concerns early on.
- Ensure there are sufficient controls, processes and procedures in place to identify if employees are sending confidential information outside of the organisation to audit trails and general awareness of dishonest conduct.
- Make insider threat controls a priority and invest wisely in technology and expert staff to tackle the issue.
- Protect employees and look after their wellbeing. Knowing that support is available can be the difference between someone seeking help or feeling their only option is to be dishonest.