Cybercrime & fraud
What is the difference between fraud and money laundering?
Fraud involves deception and misrepresentation to make money. It can be one of many crimes, such as forgery or a credit scam, cheque and invoice redirection fraud and CEO Fraud. Fraud is generally approached as a loss problem within an organisation.
Money laundering is the process by which the ownership and control of the proceeds of criminal activities are disguised (or laundered) so that these appear to have come from a legitimate source. It is most often addressed as a compliance issue within an organisation. Financial institutions and other designated persons engage in anti–money laundering activities in order to comply with law.
Criminal activity related to fraud generates money that needs to be laundered, so where there is fraud there is money laundering. Fraud is a crime and a predicate offence to money laundering, meaning that money laundering is a derivative crime. A crime such as a fraud must take place before the proceeds of the fraud are then laundered.
Cybercrime - introduction
The growth of information and communication technologies (ICTs), increasingly sophisticated innovations and more internet users has led to a corresponding explosion in the incidence of cybercrime worldwide. The onset of the pandemic has only served to exacerbate the problem. An ever-evolving threat landscape exists which requires constant revision of responses at national and international level.
In PwC’s Irish Economic Crime Survey 2020 “Fraud and Economic Crime - an evolving challenge” 41% of Irish based respondents said their firm had experienced customer fraud, (higher than global peers at 35%). 18% said that the cost of the fraud was immeasurable, or they did not know its cost, while 11% said that they spent over €800,000 on remediation after an incident.
Click here to read the UK National Cyber Security Centre Annual Review 2021. It referred to the pandemic pivot and the proliferation of scams as a result, the fight by industry and government against cybercrime and the increase this year in the National Cyber Security Programme budget. You can also read the UK Government's National Cyber Strategy 2022 which it updated in February 2022 and the Cyber Security Sectoral Analysis 2022 Research report published by the Department for Digital, Culture, Media and Sport in the UK in February 2022. The Cyber Security Sectoral Analysis project has helped to track the growth and performance of the UK’s cyber security sector since 2018. The report builds on previous reports and contains information about the UK cyber security sector, including the number of businesses operating in the sector, the sector’s contribution to the UK economy, the number of people employed and the products and services offered by these firms.
What is cybercrime?
The term is largely used to encompass a range of criminal activities that use information and communications technology (ICTs) and examples include data breaches, network attacks or attacks against critical infrastructure. One such attack was seen in May 2021 when the Irish Health Service Executive sustained a major strike on its systems with a demand for a ransom. This onslaught cost millions and took months to rectify.
The term also encompasses content related offences (such as online distribution of hate speech material or incitement to commit acts of terrorism) and traditional offences (e.g. fraud, forgery and identity theft).
The Irish Department of Justice has a Cybercrime Division responsible for developing policy in relation to the criminal use made of the internet and information technology. The website describes what cybercrime is and can be accessed here. Also, follow the link to access its October 2020 report Cybercrime: Current Threats and Responses.
The National Cyber Security Centre (NCSC) which comes under the Department of Environment, Climate and Communications is responsible for advising and informing the Irish Government IT and Critical National Infrastructure providers of current threats and vulnerabilities associated with network information security. Click here to access its website and the following link to access its booklet 12 Steps to cyber security for Irish business.
What should you do to protect yourself and your practice from cybercrime?
Information on legislation or the legal position of practices on cybercrime is beyond the scope of these pages .Practical responses may be useful to consider in addition to any legal remedies which might be available to a business or firm. Please click the links to access the following:
Fraud
Some reference material is available on fraud. See as follows:
Ireland
During Fraud Awareness Week 2022 which ran from 28 March -1 April 2022, An Garda Siochana Financial Intelligence Unit issued a series of press releases which can be viewed here. The press releases deal with what is and how to avoid business e mail compromise fraud, bribery and corruption, investment fraud, accommodation fraud and account takeover fraud.
The Irish Central Bank encourages the public to be alert to scams which are on the rise; it is important to be able to recognise a potential scam and know how to protect yourself. They have issued a video and explainer on how to spot a scam using the SAFE test: Stop, Assess, Fact check, Expose and Report. You can read more and access the video here.
United Kingdom
In October 2021, the UK Government published a fraud sector charter containing an assessment of fraud threats in the accountancy sector. It is a voluntary charter between law enforcement, professional supervisory bodies and government to better understand and tackle fraud. It sets out actions to tackle fraud in the accountancy sector including improving information regarding fraud and enhancing Companies House data.
In February 2022 the Treasury Committee of UK Parliament published a report on fraud, scams and economic crime. It has called for additional Government action to combat fraud and scammers. The report urges legislation against online fraudulent adverts and for the government to seriously consider whether online giants should reimburse those who fall victim to scams on their platforms. It makes recommendations such as appropriate resourcing and whether a single law enforcement agency would be more effective. Readers can access the report, a summary and conclusions and recommendations by following the links on this page.
Click here for the UK Serious Fraud Office business plan 2022/2023. It outlines the key activities that the SFO will undertake in 2022-23 to deliver on its mission and strategic objectives.
The Fraud Advisory Panel is a UK charitable company limited by guarantee. It works to give universal access to knowledge, skills and resources to protect against fraud. Please
click here to access their website and get information on their latest resources and upcoming events. Please click here to access an article on our Professional Standards Dept. webpages,
an introductory guide to Money laundering and the proceeds of crime from the Fraud Advisory Panel.
EU/other
In December 2021 the European Payments Council issued its 2021 Payment Threats and Fraud Trends Report which provides an overview of the most important threats on the payments landscape , including social engineering phishing and malware. The report tries to increase awareness and suggests some measures for control and mitigation of threats.
These pages are provided as resources and information only and nothing in these pages purports to provide professional advice or definitive legal interpretation(s) or opinion(s) on the applicable legislation or legal or other matters referred to in the pages. If the reader is in doubt on any matter in this complex area further legal or other advice must be obtained. While every reasonable care has been taken by the Institute in the preparation of these pages, we do not guarantee the accuracy or veracity of any resource, guidance, information or opinion, or the appropriateness, suitability or applicability of any practice or procedure contained therein. The Institute is not responsible for any errors or omissions or for the results obtained from the use of the resources or information contained in these pages.