Business Standard

100,000 SMEs Victim of ID fraud

Image

Announcement Corporate

Identity thieves are ‘trading up’ from personal to corporate fraud, as they clone the identities of entire businesses.

The study commissioned by life assistance company CPP shows that identity theft has affected almost 100,000 small businesses (1), costing them an average of £13,500 each – £1.3bn across the country – enough to cripple some businesses.

One in five SMEs (22 per cent) admit they may be vulnerable to corporate identity theft due to lax procedures and protocol – but this figure could soar as criminals catch-on to a loophole with Companies House data processing.

Fraudsters’ ‘modus operandi’ typically involves changing company directors’ details or the company’s registered office address, by submitting false documents to Companies House through amendments to the company records via a simple submission of a paper form.

 

Under current systems, Companies House does not verify paper document validity. There are no checks if impostors try to register as new company directors or change a business address. And legitimate business directors are not notified if new company documents are filed, so they may never be made aware of fraudulent claims.

The majority of SME company directors (87 per cent) are not aware of these loopholes, which could put them at risk of corporate identity fraud.

Only one in 10 (14 per cent) is taking advantage of the PROOF scheme offered by Companies House, which offers secure electronic filing of documents to protect them against potential fraud.

And SMEs are also exposed to risk through their own data handling. Nearly half (47 per cent) say that their current employees have access to sensitive company data, almost two-thirds (61 per cent) admit they don’t encrypt company data, and a further fifth (22 per cent) allow employees to take sensitive documents out of the office.

While over a third (34 per cent) of SMEs confess that they don’t understand what corporate ID theft is – they need to as the reality is real. Victims of corporate fraud have experienced fraudsters applying for corporate credit/debit cards, spending money on credit, ordering goods without authorisation and even being able to withdraw funds direct from corporate accounts.

And the impact is severe – with victims reporting their company credit rating being affected as a result, damage to their company reputation and losing customers.

Michael Lynch, fraud expert at CPP said: “Our report demonstrates that corporate identity fraud is a real concern for businesses. It’s key that organisations ensure that they have secure methods of storing sensitive information to avoid falling victim to this growing problem.

“The current loopholes in the Companies House system make it worryingly easy for impostors to steal company information, and forge its identity, which can have huge financial impacts. We urge SMEs to take advantage of the safe online systems in place, to protect their business and for many SMEs, their livelihood.”

Key statistics

  • Almost 100,000 UK small businesses have fallen victim to corporate identity theft 
  • Corporate identity theft costs businesses an average of £13,500 each
  • 22 per cent of SMEs admit they may be vulnerable to corporate identity theft 
  • 87 per cent of SME directors are not aware of loopholes in the Companies House system which could put them at risk of corporate identity fraud
  • Only 14 per cent of SMEs are taking advantage of the PROOF scheme offered by Companies House
  • 47 per cent of SME directors say that their current employees have access to sensitive company data
  • 61 per cent of SMEs admit they don’t encrypt company data
  • 22 per cent of SMEs allow employees to take sensitive documents out of the office
  • 34 per cent of SMEs confess that they don’t understand what corporate ID theft is

Advice for companies

  • Check with Companies House that the details stored for your company are accurate
  • Enrol for the PROOF WebFiling scheme and sign up to the alert system which will warn you of any changes to company details
  • If you receive a call claiming to be from Companies House try to obtain a phone number and contact Companies House immediately. NB. Companies House personnel never contact companies by telephone asking them for their security codes so should businesses
  • Do not rely on Companies House records alone in determining whether to lend goods or services on credit – Companies House is merely a public register and not a credit reference agency
  • Limit the access to company sensitive information to key employees
  • Make sure all company sensitive information is securely destroyed before disposal
  • Ensure that all company sensitive documents are password protected or encrypted
  • Ensure that no company staff can take sensitive documents out of the office in printed format or on unencrypted USB sticks 
  • Ensure all hard copies of sensitive company information are stored in locked cabinets in locked premises

Notes to editor

  1. According to The Department for Business Innovation and Skills in its Small and Medium-sized Entreprise Statistics for the UK and the regions 2008, there are 4.8 million private sector companies in the UK. Small and medium-sized enterprises account for 99.9 per cent of enterprises. http://stats.berr.gov.uk/ed/sme/smestats2008-ukspr.pdf

Research conducted on behalf of CPP showed that one in fifty SMEs (2 per cent) reported that they had fallen victim to corporate identity fraud, so 0.02 x 0.99 x 4,800,000 = 95,040.

Research Methodology
The research involved an online survey conducted by research company ResearchNow among 507 SMEs across the UK between 25 February and 3 March. The questions concerned awareness of corporate identity theft, profiles of victims of corporate identity theft and the levels of data protection that SMEs currently put in place to protect against corporate identity theft.

Invenio Research analysed the SME research and carried out a separate investigation into Companies House procedure during March-April 2010. This involved interviews with Companies House, a study of examples of fraudulent paper forms submitted and documentary research on corporate identity fraud in the UK, including journal articles, conference proceedings, official publications and statistics. 

The CPPGroup Plc
The CPPGroup Plc (CPP) is an international marketing services business offering bespoke customer management solutions to multi-sector business partners designed to enhance their customer revenue, engagement and loyalty, whilst at the same time reducing cost to deliver improved profitability. 

This is underpinned by the delivery of a portfolio of complementary Life Assistance products, designed to help our mutual customers cope with the anxieties associated with the challenges and opportunities of everyday life.

Whether our customers have lost their wallets, been a victim of identity fraud or looking for lifestyle perks, CPP can help remove the hassle from their lives leaving them free to enjoy life. Globally, our Life Assistance products and services are designed to simplify the complexities of everyday living whether these affect personal finances, home, travel, personal data or future plans. When it really matters, Life Assistance enables people to live life and worry less.

Established in 1980, CPP has 10 million customers and more than 200 business partners across Europe, North America and Asia and employs 1,900 employees who handle millions of sales and service conversations each year.

In 2009, Group revenue was £292.1 million, an increase of more than 12 per cent over the previous year.

In March 2010, CPP debuted on the London Stock Exchange (LSE).

What We Do:
CPP provides a range of assistance products and services that allow our business partners to forge closer relationships with their customers.

We have a solution for many eventualities, including:

  • Insuring our customers' mobile phones against loss, theft and damage
  • Protecting the payment cards in our customers' wallets and purses, should these be lost or stolen 
  • Providing assistance and protection if a customer's keys are lost or stolen 
  • Providing advice, insurance and assistance to protect customers against the insidious crime of identity fraud
  • Assisting customers with their travel needs be it an emergency (for example lost passport), or basic translation service
  • Monitoring the credit status of our customers 
  • Provision of packaged services to business partners’ customers

CPP is an award winning organisation:

  • Finalist in the National Insurance Fraud Awards, Counter Fraud Initiative of the Year category, 2009
  • Finalist in the European Contact Centre Awards, Large Team and Advisor of the Year categories, 2009
  • Named in the Sunday Times 2008 PricewaterhouseCoopers Profit Track 100
  • Finalists in the National Business Awards, 3i Growth Strategy category, 2008
  • Finalist in the National Business Awards, Business of the Year category, 2007, 2009 and Highly Commended in 2008
  • Named in the Sunday Times 2006, 2007, 2008 and 2009 HSBC Top Track 250 companies
  • Regional winner of the National Training Awards, 2007
  • Winner of the BITC Health, Work and Well-Being Award, 2007
  • Highly Commended in the UK National Customer Service Awards, 2006
  • Winner of the Tamworth Community Involvement Award, 2006. Finalist in 2008
  • Highly Commended in The Press Best Link Between Business and Education, 2005 and 2006. Winner in 2007
  • Finalist in the National Business Awards, Innovation category, 2005

For more information on CPP click on www.cppgroupplc.com

This is an email from the CPP Group Plc, Holgate Park, York, YO26 4GA; telephone +44 (0)1904 544500. This message may contain information that is confidential. If you are not the intended recipient, you may not peruse, use, disseminate, distribute or copy this message. If you have received this message in error, please notify the sender immediately by email, facsimile or telephone and either return or destroy the original message.

The CPP Group Plc accepts no responsibility for any changes made to this message after it has been sent by the original author. This email has been scanned for all viruses by the Webroot Email Security System.

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: May 26 2010 | 7:35 PM IST

Explore News