The amount of money lost by clients through platform fraud more than trebled last year with £1.8m taken in successful frauds, the highest amount ever recorded, statistics from the Investment Management Association have revealed.
The fraud occurs when someone uses existing client details to access their account and manipulate bank account or address details to fraudulently withdraw funds.
The IMA asks its members to return fraud statistics every six months. Money Marketing has obtained figures relating to around 82 per cent of members. These have been extrapolated by the IMA to include an estimate of the fraud statistics for the remaining 18 per cent of members.
The data shows losses incurred from such fraud during 2013 rose to £1.8m from £590,000 in 2012. The number of successful cases reached a record high of 51, in comparison to 32 in 2012 and just 21 in 2009.
The number of prevented fraud cases also more than doubled during that period to 274, rising from 117 cases in 2012.
There was an 80 per cent increase in the number of attempted frauds while the value of those frauds more than doubled during that time.
Cofunds has seen the value of attempted account frauds on its platform increase to £1.3m in 2013 from just £55,000 in 2012. The platform is warning advisers to be on the alert.
Cofunds head of marketing Stephen Wynne-Jones says the increased demand for faster payments could be driving the surge in fraud attempts.
He says: “Cofunds fears the industry-wide demand for faster payments is exposing a weak point in current best practice for validating clients. As the adoption of faster payments increases, there is a danger that if not addressed, the industry will be left exposed to fraudsters exploiting those weak points.
“We are only one part of the chain. We believe the scale of the problem needs to be raised so advisers can understand the lengths that fraudsters will go to.”
IMA regulatory adviser Adrian Hood has urged firms to ensure they have the correct processes in place to detect fraud attempts.
Hood says: “Whilst 2013 saw a hike in the number of attempted frauds that have been reported to us by IMA members, the success rate has remained lower than in previous years.
“This suggests that as fraudsters try to be more sophisticated in their methods, the industry is responding by improving their systems to identify and stop them.
“It is of course important all parts of the chain remain committed to developing robust processes to catch such cases as early as possible.”
Avalon Investment Services dir-ector Harry Kerr says the platform has seen a number of fraudulent att-empts which usually look to withdraw all of a client’s funds.
He says individual attempted fraud values have ranged from £5,000 to £100,000. All attempts were unsuccessful.
One platform, which wished to remain anonymous, said it had rec-ently had a fraudulent attempt to withdraw around £10,000 which was prevented at platform level after bypassing the respective adviser.
An FCA spokesman says: “Fraudsters are as inventive as they are unscrupulous, and always on the lookout for new ways to part people from their money.
“To help guard against fraud and counter the risk that they may be used to further financial crime, firms regulated by the FCA should have adequate systems and controls in place.” Overall, fraud reported to the IMA by its members jumped 75 per cent to just under 350 reported attempts in the first half of 2013, compared with the 200 reported frauds in the second half of 2012.
The Lang Cat principal Mark Polson says: “Given the rise in platform usage it is probably surprising that attempted frauds are not higher, as scammers understand this market will probably climb.
“It is really hard for platforms because they want to make their kit easy to use whilst trying to protect customers.
“There are certainly a lot of platforms working with advisers on this, but if a client got in touch direct they could be vulnerable and it may be something fraudsters would look to exploit. In fraud cases, the chain of firms is only as good as its weakest link.”
Another adviser platform which wished to remain anonymous said there had definitely been an uptick in attempts, usually through req-uests to withdraw money sent to advisers.
In January, Standard Life warned advisers to be aware of fraudsters attempting to impersonate clients after four IFA firms and their clients were scammed resulting in money being taken from Standard Life products.
The company says organised criminal gangs have hacked client email accounts and used them to identify where they have invested money.
The gangs then use the email account to contact the customer’s adviser, providing bank details and asking them to encash their investment to a new account.
Standard Life says some of its clients have been targeted by the scam, with four savers seeing money fraudulently withdrawn. The FCA says it does not require advisers to have insurance against investment fraud and it would only hold a firm responsible for paying redress if they were at fault.
Investment consultancy Gbi2 managing director Graham Bentley says the prevalence of fraud is why some platforms still require wet signatures from clients when withdrawing funds.
Bentley says: “At least with a signature you are much more likely to be sure the client is not a fraudster. This is the problem of taking instructions via email- these days you cannot be certain an email comes from the person named in your inbox.”
Bentley adds it is likely that the platform would be responsible for compensating any client losses in the event of a fraud.
Thomas and Thomas Financial Services managing director Darren Lloyd Thomas says: “We discussed this at a recent board meeting after receiving an email from a client who claimed they were stuck abroad and had to release funds.
“We tried to validate this with the client and it turned out to be a fraudulent attempt. It may be these cases are partly being driven by RDR as advisers see their clients less in person.
“Small advice firms have the advantage here because they have closer ties and relationships with their clients so as a result are less likely to be fooled.”
Expert view: Stephen Wynne-Jones
The IMA statistics show this is an industry-wide issue.
As a major platform, we take these matters seriously – not only because of our position, but because we process thousands of instructions every day and it is essential we have robust controls to stop attempted fraud attempts happening, which we do. We also test our controls regularly.
We have put together some dos and don’t’s for advisers.
- Check the identity of anyone requesting confidential data or information online
- Validate all email instructions have come from a legitimate source or person
- Think very carefully before submitting any personal information online
- Choose passwords that are unique mixtures of letters and numbers. Remember to change them regularly and dispose of data securely, whether in paper or electronic form (including back-up files and hard drives).
- Open email attachments unless you are absolutely sure who sent them
- Respond to emails asking you to update or confirm account IDs, PINs or passwords
- Click on links to websites whose legitimacy you have any doubts about
- Work on sensitive or highly confidential matter in public Wifi hotspots
Stephen Wynne-Jones is head of marketing at Cofunds