App Fraud is on the rise

In today’s environment of hyper connectivity loaded with passwords, passcodes, 2 factor authentication and seemingly endless checks on whether or not we can locate all the busses in a picture, it seems almost impossible to think that financial fraud can exist. 

Yet it does. 

In fact in 2021, around £1.3bn was stolen through fraud in the UK alone. Nearly half of this was through Authorised Push Payment (APP) fraud. These scams are increasing in prevalence, up around 25% since 2020. Nearly 200,000 incidents were recorded in 2021. And this figure doesn’t include those who don’t report the fraud, or the roughly 67% of fraud cases that are prevented by the banking institutions before they are completed. According to a Police Foundation report – up to 45% of proceeds from these successful fraud operations go to fund organize crime.

We are all aware of the risk of fraud in the private and corporate world. We are all aware of the risk to the wider community through the impact of organized crime. So owning up to being a victim of such a fraud might seem an odd thing to do.

But here I am, holding my hands up to say that we were one of the latest victims of an APP Fraud.

I do this purely to highlight the dangers and the lasting impact on all parties that cases of fraud affect. Hopefully, if this helps just one individual, organisation or company from falling foul to fraudulent activity, then some good may have come out of this. 

Our case is one of classic APP Fraud. (You can find out more about it here) This occurs where payments are made (authorised) to false accounts. In our situation, fraudsters had established 2 new domain registrations – one mimicking our suppliers, and one mimicking ours. These were almost indistinguishable from their originals. Communication was then diverted from both sides of the supply chain through the new domains.

When payment instructions were received, funds were transferred. The fraudsters continued to communicate through these channels confirming all was well and funds received. Our SWIFT copies were amended to the supplier to show correct account details. Further communication, to both supplier and us ensued. The receiving bank made no comment that the names and details given didn’t match their records. Nor that funds destined for a commercial account, landed in a private one. This elaborate established communication chain, and bank regulation apathy, ensured neither party was aware of the mistake. Only 2 weeks later after a new form of communication (Whatsapp) to check on the payment status was made, did all parties understand the gravity of the situation. 

By this point, it was too late. The receiving bank had processed the payments and the account had been closed. Our suppliers had shipped coffee and not received payment. We had paid for coffee and lost the funds.

What to do?

Police forces in both the Netherlands and the UK were alerted. The recipient bank as well as sending bank were informed. In the 2 months since this case occurred, we have engaged council and the services of lawyers in 3 countries, a specialist private investigative firm, independent financial fraud consultants as well as working closely with both police forces to track those responsible. I dare say we have done more and come further than most in finding out those who are culpable. Our investigation is far from over, and our confidence and resolve at seeing this through to the end is stronger than ever.

However – one problem remains. The pressure from our supplier to repay the funds to their 3rd party financier in order for them to continue sourcing for new seasons coffee. This is a significant challenge, considering our fledgling balance sheet now has a considerable black hole in it. This hole is likely to remain, until we achieve some success at compensation for funds lost. 

The impact of APP fraud activity in the commercial world damages more than just the party who sent the money, but also the supplier of the goods awaiting payment. In our case specifically, a third party pre finance organization has also been affected. Funds it loaned to the Co Operative to source coffee are yet to be repaid. It damages reputations and impacts all parties ability to continue trading successfully.

What can we learn?

Since this case has come to light, it stands to reason that our protocols for new payments are now met with the strictest of tests. All new accounts, for existing as well as new suppliers and clients are re-enforced with a separate communication confirmation– whether this be through Skype or Whatsapp and I urge all reading this to ensure they are doing the same.

Our commitment to our suppliers success and their liquidity as well as mutual growth and collaboration for a bright future together remains steadfast. Those responsible WILL be tracked down. We WILL be compensated for our loss. The Co Operative supplier affected WILL be remunerated for their shipments and we will come through this stronger and more eager to succeed than ever before.

Help is at hand

If you have been or know someone who has been the victim of a similar type of fraud, please don’t hesitate to get in touch. We have learned so much over the past 2 months about what steps to take, who to contact and where to go for assistance – We might be able to help you too.