In 2023, a UK-based construction company lost £2.8 million after falling victim to an internal payment fraud scheme. Indeed, a former employee created fake invoices that closely mimicked those from genuine suppliers, redirecting payments into accounts they controlled. This is a type of payment fraud that can cost your company dearly. Read on to find out about five other common types of fraud in law and how they are punishable…
Trustpair wipes out B2B payment fraud thanks to ongoing and automated account validation. Request a demo to learn more!
Criminal vs civil fraud: what are the differences?
Under UK law, fraud is broadly defined as dishonest behaviour intended to make a gain or cause a loss. It can be prosecuted under either criminal or civil proceedings, depending on the nature of the offence.
Criminal fraud involves a breach of the Fraud Act 2006 and is prosecuted by the Crown Prosecution Service (CPS) or the Serious Fraud Office (SFO). The burden of proof is high: the prosecution must demonstrate beyond reasonable doubt that the defendant acted dishonestly and intended to defraud.
Potential consequences for criminal fraud in the UK include:
- Imprisonment (up to 10 years)
- Fines
- Confiscation orders under the Proceeds of Crime Act 2002
- Compensation orders to victims
By contrast, civil fraud (also referred to as deceit or fraudulent misrepresentation) is a matter between private parties. A claimant—either an individual or a company—may bring a case in the civil courts to recover losses caused by the fraud.
In civil cases, the standard of proof is on the balance of probabilities—the claimant must show it is more likely than not that the fraud occurred.
Potential outcomes for civil fraud include:
- Restitution (return of misappropriated assets)
- Damages or compensation
- Injunctions or other court orders
The 4 elements of fraud
There are four legal elements of fraud:
- Intentional misrepresentation of a material fact – a fact stated that is purposely false, and it is significant
- Knowledge of falsehood in representation – the offender must have known of the falsity
- Reliance on the facts and truth by the victim – the victim was supposed to rely on the truth or fact or did rely on it
- Damage as a result of misrepresentation and reliance – this could be financial damage or other damage
6 types of fraud
Let’s take a look at some of the types of financial fraud. Financial fraud is a form of white-collar crime – a method of crime that is non-violent and financially motivated.
Internal fraud
This occurs when an employee misuses a business’s property or assets for their own gain or to cause losses to others.
The fraud triangle can be applied to understand why people commit internal fraud. In this theory, the main three motivations are:
- Pressure/incentive: this could be a personal health issue, an urgent need for money, or pressure from an individual higher up in the business
- Opportunity: this happens when there’s a process gap or loose internal controls. It’s easier to commit a scam when you know you won’t get caught
- Rationalization: people who commit internal fraud tend to justify their theft, especially when there’s a personal and urgent need for money.
The risks of internal fraud schemes can be significantly lowered by removing one or more of the elements of the fraud triangle.
To do this:
- Reduce pressure and know your employees to detect any suspicious change or fraudulent behavior
- Reduce opportunity with tight internal controls and anti-fraud software
- Reduce the opportunities for rationalization with fraud awareness training, etc.
In internal fraud cases, an individual may take advantage of their position in the company or ability to take ownership of tasks.
Internal fraud, also known as employee fraud, can look like:
- Theft of cash
- Embezzlement of stock
- Billing schemes
- Personal use of an organization’s equipment
75% of workers in UK say they have stolen from an employer at least once before.
To avoid this scenario, operate the 4-eyes principle as a security measure. This segregation of duties means that different employees are involved in an operation’s lifecycle. Therefore, a worker should not be able to commit fraudulent activities and conceal them.
Identity fraud
Identity fraud refers to a fraudster getting hold of an individual’s stolen personal or financial information without permission. It is also referred to as ‘identity theft’.
Identity fraud can have several impacts on the victims:
- Damage a business’s reputation
- Financial losses
- Time lost spent changing details
- Damage credit status
Vendor fraud
Vendor fraud refers to illegal and unprofessional payments that are made to real and false vendors or suppliers.
Some common types of vendor fraud include:
- Suppliers being impersonated by fraudsters – the buyer gets told by the cybercriminal that payment details such as an account number have changed and offers new details ahead of a transaction. The fraudster may use an email address similar to the supplier’s actual email (for example @trostpair.com instead of @trustpair.com), this is called phishing.
- Supplier email being hacked – fraudsters access the email address and send a hacked email to a supplier. This provides new payment details for the scammer to receive the fraudulent transaction
- An insider – an employee from the payee company may steal a real invoice from a genuine supplier and change the payment details to their own
As these scams are so well-thought-out, it can be several weeks before finance teams become aware of the fraud when the real supplier provides their invoice.
Romance fraud
This happens online or on dating apps where fraudsters pose as your ideal partner using a fake profile. They will use pictures of other people and false names and descriptions.
The deceiving individual will chat with you for some time to build your trust and fake a romantic interest in you to forge a relationship with you.
Then, at some point down the line, they will ask for money and may make up a story that they need you to help them financially to get something or pay bills.
In short, they are probably stealing money from you. Alternatively, they could be asking enough questions to get personal information from you to steal your identity.
Health care fraud
Health care fraud in the UK remains a serious concern, affecting both individuals and the NHS. A notable case involved Dr. Rumi Chhapia, a GP in Portsmouth, who embezzled over £1.13 million from local GP practices between August and September 2020 to fund an online gambling habit.
As a consequence, he was sentenced to three years and four months in prison and ordered to repay £238,000 (cfa.nhs.uk). This type of internal fraud undermines public trust and diverts critical funds away from patient care. The NHS Counter Fraud Authority continues to strengthen its oversight and enforcement to combat such cases.
Payment fraud
Payment fraud occurs when a fraudster illegally creates or diverts payments. Fake or stolen payment information may be used to make purchases.
Some of the ways that payment fraud takes place are:
- Fake invoices that look like the original
- Business email compromise (BEC). In the UK, BEC scams have cost companies millions. For instance, in 2020, three British private equity firms were targeted by a sophisticated attack that tricked them into transferring £1.1 million to fraudulent accounts in Hong Kong and the UK. Although banks managed to recover approximately £570,000, the remaining funds were lost.
- Stealing personal details, a credit card or credit cards, or debit cards to buy goods or services
- Making payments using a stolen identity on the victim’s behalf
- Intercepting a check, changing the details, and attempting to exploit it
- Making false customer profiles and attempting fake payments, for example, Union54 experienced an attempted $1.2 billion chargeback fraud case in 2022
Payment fraud prevention
In 2024, 93% of UK companies were targeted by payment fraud at least once and 42% experienced at least 2 successful attacks.
Trustpair’s fraud prevention software makes you immune to B2B payment fraud and goes beyond the Confirmation of Payee regulation. The platform continually checks account information and validates accounts to alert companies of any suspicious activity. This secures your payment chain to avoid one of the types of fraud in business. Keep your business money safe and avoid fraudulent transactions thanks to extensive fraud prevention services.
One of the examples of payment fraud involves both Facebook and Google. Indeed, they were victims of a phishing campaign that cost them $100 million. To commit fraud, the fraudster impersonated Quanta Computer, a vendor of both companies and sent fake invoices to the companies. These invoices were paid. After the person pleaded guilty, Facebook and Google retrieved $49.7 million of the stolen money.
Fraud can have disastrous consequences on companies, not only financial loss! Lee-Ann Perkins, a treasurer with decades of experience, shares her story in our latest video series.
How are frauds punished in UK law?
This usually depends on what the type of fraud was, the scale, and the consequences of fraud.
However, the consequences of the scam for the perpetrator can be a prison sentence, fines, or a restitution order so that the victim is compensated for their losses.
The main types of fraud punishments in UK law include:
Imprisonment:
- Summary Conviction: Up to 6 months in prison.
- Conviction on Indictment: Up to 10 years in prison.
- Conspiracy to Defraud: Up to 10 years in prison.
Fines can be imposed instead of or in addition to imprisonment. The amount can vary but can be significant, especially for serious offenses.
Community Orders: These can include requirements such as unpaid work, curfews, or rehabilitation activities. They are used to restrict the offender’s liberty and provide punishment within the community.
Confiscation Orders are used to recover the financial benefit obtained through fraud.
Additional Financial Penalties such as compensation orders to victims and payment of prosecution costs.
Prison sentences can be avoided and compensation and fines can be enforced depending on the severity of the case. For example : in the UK, a rogue trader exploited a member of the public who used her life savings to pay for roofing work services that weren’t needed.
The criminal had to pay financial penalties including £27,500 in compensation, a fine of £6,500, £4,250 towards prosecution costs, and a £190 victim surcharge.
Recap
There are many different types of fraud in law. For example: internal fraud, identity fraud, vendor fraud, romance fraud, health care fraud, and payment fraud. Depending on whether it’s a criminal fraud case or a civil law case, this can depend on the punishment. Trustpair stops fraudulent activities thanks to ongoing and automated bank account validation.