Research and analysis

Economic Crime Survey 2020

Published 3 May 2023

Applies to England and Wales

© Crown copyright 2023

This publication is licensed under the terms of the Open Government Licence v3.0 except where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-government-licence/version/3 or write to the Information Policy Team, The National Archives, Kew, London TW9 4DU, or email: psi@nationalarchives.gov.uk.

Where we have identified any third party copyright information you will need to obtain permission from the copyright holders concerned.

This publication is available at https://www.gov.uk/government/publications/economic-crime-survey-2020/economic-crime-survey-2020

1. Introduction

This bulletin presents the main findings from the Economic Crime Survey (ECS), a sample survey that examines the extent of fraud and corruption against businesses in England and Wales.

1.1 Background

Economic Crime refers to a broad category of activity with the purpose of unlawfully obtaining a profit or advantage for the perpetrator. For the purposes of this research, which seeks to build the evidence base on the scale and nature of economic crime, we focus on fraud and corruption as a subset of wider criminality which benefits from the proceeds of crime or damages our financial system.

There is no universally accepted definition of fraud or corruption: Fraud is generally defined as the use of deception or deceit for personal gain[footnote 1] and corruption typically involves the abuse of power in return for payment or other reward[footnote 2].

Due to the clandestine nature of these crime types, official data sources are generally limited to reported offences[footnote 3] and tend to focus on specific groups and/or closely defined crime activities. The complexity and challenges of this research area mean that there are many evidence gaps, particularly relating to the scale of the threat.

The Economic Crime Survey (ECS) is an important step in building the evidence base on economic crime. The core aim of the survey was to measure the levels of fraud and corruption experienced by businesses and where possible provide contextual information about the incident, the offenders and how crimes were identified by businesses.

It also explored the costs to business, preventative measures, as well as exploring the overall perception of both crime types in the respondent’s sector. It complements other existing evidence sources such as Action Fraud, the Commercial Victimisation Survey[footnote 4], the Crime Survey for England and Wales and police recorded crime statistics.

This research report outlines headline findings from the survey. Further information on the survey design and methodology can be found in the accompanying technical report. Please also refer to the appendix tables published alongside this report for further data.

1.2 Policy context

Economic Crime is a threat to the security and prosperity of the UK, with an estimated cost to the UK of at least £8.4 billion each year[footnote 5]. Frequently, it is serious and organised. While there is not a wholly reliable estimate of the total scale of economic crime, all assessments within the public and private sectors indicate that the scale of the economic crime threat continues to grow.

Fraud is estimated to be the most common crime type in England and Wales, and nearly every individual, organisation and business is vulnerable to fraudsters. Bribery and corruption undermine fair competition and are barriers to economic growth. The threat is also continuously evolving, impacted by the emergence of new technologies, services and products such as crypto-assets.

Building on the foundations established under the first Economic Crime Plan published in 2019, the government’s Economic Crime Plan 2 sets out how the public and private sectors will continue to transform the UK’s response to economic crime to reduce money laundering and recover more criminal assets, combat kleptocracy and drive down sanctions evasion, and to cut fraud.

Fraud

The creation of the National Economic Crime Centre (NECC) in 2018 was a major step forward in the joint response to fraud. The NECC is a collaborative, multi-agency centre, bringing together the National Crime Agency (NCA), Serious Fraud Office (SFO), HMRC, Financial Conduct Authority (FCA), Crown Prosecution Service (CPS) and the City of London Police (the national police lead for fraud in England and Wales). Project OTELLO, a NECC-led private-public sector response to tackling fraud, has led to improved tasking, co-ordinated investigations and sharing of threat data to help tackle some of the most serious and high harm frauds, including courier, romance and investment frauds.

https://www.gov.uk/government/publications/fraud-strategy

A new Fraud strategy sets out how government, law enforcement, regulators and industry will work together to cut fraud incidents. It outlines a series of actions to restrict opportunities for fraudsters to abuse our telecommunications and online networks, make it easier to report scams, ensure victims are reimbursed and supported, improve the law enforcement response to fraud, and make sure every part of the system is incentivised to take fraud seriously.

Corruption

The UK Anti-Corruption strategy 2017 to 2022 outlined a long-term framework to guide efforts to tackle corruption at home and abroad. The strategy set out 6 priorities:

  • reducing the insider threat in high risk domestic sectors such as borders and ports
  • strengthening the integrity of the UK as an international financial centre
  • promoting integrity across the public and private sectors
  • reducing corruption in public procurement and grants
  • improving the business environment globally
  • working with other countries to combat corruption

1.3 Survey Methodology

The ECS was undertaken by IFF Research between February and May 2020. This research report provides Home Office analysis of the survey results.

The survey was completed via Computer-Assisted-Telephone-Interviews (CATI) by 5,000 businesses in the following sectors[footnote 6], highlighted by existing research and intelligence as at particular risk of economic crime:

  • construction (SIC section F)
  • real estate (SIC section L)
  • financial and insurance services (SIC section K)
  • legal services (SIC section M)
  • mining and quarrying (SIC sections B,D,E)
  • wholesale and retail (SIC section G)
  • information and communication (SIC section J)

The target number of interviews in each of these sectors was 800 interviews, which was achieved, or almost achieved, in all but one sector (see table 1 below).

Table 1: Sector coverage and sample size of the ECS

Sector Sample Size
Total 5,000
Construction 811
Real estate 802
Financial and insurance Services 832
Legal services 808
Mining and quarrying 163
Wholesale and retail 804
Information and communication 780

Source: Home Office, ECS: appendix tables

Due to the much smaller size of the mining and quarrying sector, the available sample and resulting number of achieved interviews was much smaller than for other sectors. This means that it has not been possible to present analysis for some questions for this sector[footnote 7].

Further details of the survey methodology can be found in the technical report.

1.4 Definitions used in the survey

The ECS covers fraud and corruption. For the purposes of the survey the following definitions were developed for use:

Fraud: The use of deception or deceit for personal gain, often (but not always) resulting in a financial loss for the victim. Response codes included:

  • false or forged personal expenses or claims for work not done
  • false accounting
  • debit or credit card fraud
  • online banking fraud
  • procurement related fraud
  • insurance related fraud
  • investment fraud
  • mandate fraud
  • application fraud
  • business trading fraud
  • any other types of fraud not mentioned

Corruption: The abuse of a position of power for some kind of gain. Examples include, but are not limited to, offering or accepting any undue advantage (for example, bribes and favours) and exerting improper influence over decision-making processes. Response codes included:

  • people offering bribes
  • improper influence being put on people when making business decisions
  • people being unfairly favoured in business dealings, for example, winning contracts and access to information
  • people being favoured in recruitment and appointments
  • people having inappropriate conflicts of interest
  • people conspiring to commit fraud
  • any other types of corruption

In a private sector business setting, not all of the behaviours described above are criminal offences and may instead represent perceptions of dishonest or unethical activities. Whilst this report refers to ‘corruption’ it should be noted that this definition does not necessarily represent illegal activity and the results should be viewed as a more exploratory approach to understanding these types of behaviours in the surveyed sectors.

1.5 Terminology

Throughout the analysis presented in this report and its associated tables, there are 4 key measures of the extent of fraud and corruption against businesses:

  • total prevalence: this is the estimated total number of businesses that have been victims of crime; this scales up weighted data from the survey to represent the population of businesses as a whole
  • prevalence rate: this is the estimated total number of businesses that were victims of crimes, divided by the total number of businesses in that sector, multiplied by 100 to give percentages; this gives the proportion of businesses that were victims
  • total incidence: this is the estimated total crime count for all the sectors surveyed; this scales up weighted data from the survey to represent the population of businesses as a whole in that sector
  • incidence rate: this is the estimated total number of incidents of crime, divided by the total number of businesses in the given sector; the numbers are then multiplied by 1,000 to give the number of crimes per 1,000 businesses, to allow the figures to be compared more easily

1.6 Data cleaning

For questions where respondents were asked to estimate quantities, outliers were identified. Inclusion or exclusion of the outliers was then decided based on contextual information available on the outliers and the types of fraud or corruption being reported. Where statistical outliers have been included, this has been made clear in the report, with the impact of their inclusion on estimates also clarified.

For the number of incidents, outliers were identified using the Cook’s distance statistical technique[footnote 8].

For estimates of the median and mode for financial costs of fraud and corruption, an M-estimator method was used to identify the extreme cases[footnote 9].

1.7 Time periods covered by the survey

The ECS measures experience of fraud and corruption in the 3 years prior to interview to maximise the capture of data given the relatively low prevalence of these crime types. More detailed questions about the nature of the incidents experienced cover the most recent incident. Where such questions are presented, they are described as proportions of respondents who made a specific statement about the latest incident they experienced.

1.8 Cost estimates

For businesses which had experienced fraud or corruption, questions were asked about the cumulative financial costs resulting from all incidents that occurred during the most recent year in which they were victimised (or in the 12 months prior to interview if the year of the most recent incident was not shared)[footnote 10]. Two estimates are presented to show the average costs reported:

  • mean: the mean is calculated by adding the weighted values together, and dividing the total by the weighted number of values and represents the average across the data
  • median: the median is the middle number in a sorted list of numbers; it is helpful for interpreting data where particularly high or low numbers may skew the average

1.9 Unweighted base sizes

The ECS was designed to achieve a large enough sample to allow for robust statistical analysis at the sector level. As some questions were only asked of those who experienced fraud or corruption, unweighted bases will vary according to their response to earlier questions. In some cases, particularly where detailed questions were asked about their experience, unweighted base sizes do not allow for robust comparison between sectors and findings are presented as a total across the sectors. This is particularly the case for corruption, which was less prevalent amongst businesses, than for fraud.

1.10 Significance testing and confidence intervals

Significance testing is used to account for the level of uncertainty around estimates based on a survey sample. For the purposes of this report, sector responses have been compared with the average response across all sectors to identify where responses were higher or lower than the average. Formal statistical significance testing has been used to determine whether an observed difference was likely to be genuine (statistically significant), rather than due to chance.

All significance testing was done using a survey adjusted Chi-square test. Confidence intervals (error margins) at the 95% level were produced around the survey estimates. Where confidence intervals around 2 independent estimates of the same measure do not overlap, the difference between the values is said to be statistically significant. In this report, only statistically significant differences are discussed, unless otherwise stated.

In this report and associated tables, statistical significance is tested against the average figure for all businesses and is presented as follows:

  • * for significance at the 0.05 level
  • ** for significance at the 0.01 level
  • *** for significance at the 0.001 level

1.11 Survey limitations

When interpreting the results presented in this publication, some consideration should be given to various issues around the structure of the survey and of business premises in England and Wales. Due to the limited coverage of the survey the results should not be considered as representative of crime against businesses as a whole, only of crime against the sectors surveyed. Care should be taken when comparing levels of crime between sectors, or between businesses of different sizes, due to differences in the number of such premises in England and Wales as a whole. For this reason, when making comparisons between different sectors it is better to compare the rates of crime between these premises, which control for the different number of premises in each category. In addition, the survey is subject to error associated with sampling and respondents recalling past events.

1.12 Table conventions and rounding of data

The following conventions have been used in tables:

  • ‘0’ indicates less than 0.5 (this does not apply when figures are presented to one decimal point)
  • ‘n/a’ indicates that the question was not applicable or not asked
  • tables show the unweighted base which represents the number of businesses interviewed in the specified group
  • ‘-’ indicates that figures are not reported because the unweighted base number of respondents is less than 30 and therefore the quality of resulting estimates is not deemed sufficient for publication
  • [ ] indicates that the unweighted base is less than 50 and should be treated with caution
  • row or column percentages may not add to 100% due to rounding

Within the report figures are presented using data rounded to the nearest whole number, or to 2 significant figures for costs. A percentage may be quoted in the text for a single category that is identifiable in the tables only by summing 2 or more component percentages. To avoid rounding errors, the percentage has been recalculated for the single category and therefore may differ by one percentage point from the sum of the percentages derived from the tables.

2. Main Findings

Around 1 in 5 businesses in the surveyed sectors had been a victim of fraud in the 3 years prior to the survey (18%). The incidence rate (number of incidents) was 3,917 per 1,000 businesses. This suggests high levels of repeat victimisation; indeed, 46% of businesses that experienced fraud had experienced more than one incident.

Businesses in the financial and insurance services sector were the most likely to have experienced at least one incident of fraud (21%). Businesses in the information and communication (15%) and legal services (12%) sectors were the least likely.

The most common types of fraud experienced by businesses were debit or credit card fraud (47%), followed by online banking fraud (17%), and procurement related fraud (16%).

One in 20 businesses in the surveyed sectors had experienced corruption in the 3 years prior to the survey (5%). The incidence rate (number of incidents) was 907 per 1,000 businesses. This suggests high levels of repeat victimisation; 78% of businesses that experienced corruption had experienced more than one incident.

Experience of corruption did not vary substantially by business sector, although businesses in the wholesale and retail sector were the least likely to have experienced corruption (3%).

The most common types of corruption experienced by businesses were people being unfairly favoured in business dealings (52%) and people having inappropriate conflicts of interest (32%).

Fraud offences were often conducted remotely and 43% of businesses were unable to identify the perpetrator, while a further 27% said that the offender was impersonating another person or business. Corruption incidents were more commonly conducted in person (52%) or over the phone (28%), with businesses generally able to identify the individual(s) involved. This highlights important differences between the nature of the different crime types.

The mean annual cost per business of all fraud incidents was around £16,000 and the median cost was £1,000. The mean annual cost per business of all corruption incidents was £44,000 and the median cost was £200. Businesses who had experienced fraud or corruption also reported other impacts, including on the wellbeing of their staff (37% and 36% respectively).

Over two-thirds (69%) of businesses reported their most recent experience of fraud, most commonly to the bank (63%), police (32%) or Action Fraud (25%). Only 22% of businesses reported their experience of corruption. When they did, this was most commonly to superiors within the business (34%) or the police (19%). For both crime types, this highlights substantial under-reporting.

The majority of businesses (93%) had one or more measures in place to protect against fraud and corruption. However, only 30% of businesses had an anti-fraud policy in place and 25% an anti-corruption policy.

3. Fraud

3.1 Background

There were an estimated 3.7 million incidents of fraud experienced by adults aged 16 and over in the year ending September 2022[footnote 11]. This accounted for approximately 41% of estimated crime, making fraud the most common crime type perpetrated against individuals. Approximately 1 in 15, or 6.5%, of adults were estimated to be a victim of fraud in England and Wales in the year ending September 2022[footnote 12].

Less is known about the scale of fraud against businesses. Frauds that are reported to Action Fraud[footnote 13] and/or the police provide some information about the scale of fraud committed against businesses. However, as fraud is known to be under reported these provide only a partial picture of the threat of fraud against businesses.

3.2 Prevalence of fraud

The prevalence of fraud indicates how many businesses in the surveyed sectors had experienced at least one incident of fraud in the 3 years prior to interview.

In the 3 years prior to interview, almost one in 5 businesses (18%) had experienced at least one incident of fraud. This represents approximately 206,000 businesses when applied to all businesses in the sampled sectors over a 3-year period[footnote 14]. For over half of businesses who had experienced fraud, the most recent incident was conducted exclusively online (56%).

The likelihood of experiencing fraud varied by sector. Businesses in the financial and insurance services sector (21%) were more likely to have experienced fraud in the 3 years prior to interview compared with all businesses in the sample, while those in the information and communication (15%) and legal services (12%) sectors were less likely.

Figure 1: Proportion of businesses experiencing fraud, by sector

Source: Home Office, ECS: appendix tables. (Significance: * p<.05, ** p<0.01, *** p<.001)

Notes:

  1. Unweighted base: 5000.

The likelihood of experiencing fraud also showed differences by business size. In general, experience of fraud increased with business size; 32% of businesses with 50 or more employees had experienced fraud compared with 25% of businesses with 10 to 49 employees and 17% of those with 9 or less. Further analysis of the risk of victimisation are covered in more detail in section 5 of this report, below.

3.3 Incidence of fraud

The incidence of fraud represents the estimated number of offences experienced in the surveyed sectors in the 3 years prior to interview and totalled approximately 4.5 million.

The incidence rate, also referred to as the crime-rate, gives us the estimated number of crimes per 1,000 businesses and allows easier comparison. Across all business sectors, the incidence rate for any fraud in the 3 years prior to interview was approximately 3,917 incidents per 1,000 businesses, suggesting high levels of repeat victimisation.

Of those businesses which had experienced fraud, half (54%) had experienced just one incident, and 39% experienced between 2 and 10 incidents. Five businesses experienced over 450 incidents, with one business in the wholesale and retail sector experiencing 5,000.

Figure 2, below, shows that the wholesale and retail sector had by far the highest rates of fraud, at 8,652 incidents per 1,000 businesses. This suggests that whilst the wholesale and retail sector was not more likely to have experienced fraud in general, when they had, they experienced a much larger number of incidents than in other sectors. This may reflect the prevalence of certain, high volume, fraud types and high levels of repeat victimisation amongst particular businesses in this sector[footnote 15].

Figure 2: Number of incidents of fraud per 1,000 businesses, by sector

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 5000.

3.4 Types of fraud experienced

Amongst businesses who had experienced fraud, debit and credit card fraud was by far the most common; 47% had experienced this fraud type in the 3 years prior to interview at least once. This was followed by online banking fraud (17%) and procurement related fraud (16%).

Figure 3: Proportion of fraud experienced by businesses, by type

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 902.

There were differences in the type of fraud victimisation between sectors. For example, businesses in the wholesale and retail sector were comparatively more likely to have experienced debit and credit card fraud, and those in the construction sector, online banking fraud. This may reflect vulnerabilities associated with the use of payment systems in these sectors.

3.5 Nature of fraud against businesses

Further questions were asked of respondents in relation to the most recent incident of fraud they had experienced. The most common methods of conducting fraud were via email (24%), via hacking (22%), in person (19%) or over the phone (also 19%). The methods used did not differ substantially by business sector, but significant differences become apparent when the type of fraud is considered. For example, compared with the average for each method:

  • email was more likely to be used in offences of online banking fraud (43%), procurement related fraud (48%) and mandate fraud (80%)
  • hacking was more common for debit or credit card fraud (33%), online banking fraud (37%) and mandate fraud (38%)
  • conducting the offence in person was more likely for false or forged expenses (46%)

Some of these differences are likely to reflect the type of perpetrator involved in conducting the offence. In almost half of fraud incidents (43%) the main perpetrator was either unknown or not easily identifiable by the victim.

Where the perpetrator was known (see Table 2), over a quarter were someone impersonating a person (customer or employee) or business (supplier, contractor or other business). The second most common perpetrator type overall was an existing client or customer (13%).

Some further differences were apparent by fraud type and by sector when compared with the averages shown below. Businesses in the wholesale and retail sector were comparatively more likely to say the main perpetrator was an impersonator (35%) or an existing client or customer (21%); in the financial and insurance sector an existing employee (7%); in the legal services sector an existing supplier (8%) and; in the real estate sector, an existing contractor (7%).

Table 2: Perpetrators of fraud

Perpetrator type Percentage
Someone impersonating one of the other categories listed 27%
An existing client / customer 13%
Competitor/Another business 6%
An existing supplier 3%
An existing employee 2%
A previous employee 2%
An existing contractor 2%
Previous client / customer <1%
Other 5%
Don’t know 43%

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 886.

Within the fraud types, there were interesting differences in perpetrator types:

  • for false or forged expenses, perpetrators were more likely to be existing employees (16%), previous employees (20%) or an existing contractor (21%)
  • for mandate fraud, impersonation was more common (54%)
  • for business trading fraud, perpetrators were more likely to be an existing supplier (11%) or competitor (26%)

It appears to be particularly difficult to identify perpetrators for some fraud types. In 63% of online banking frauds and 57% of debit and credit card frauds the perpetrator was unknown, higher than for other fraud types. This highlights the challenges of identifying offenders given the unique physical (can be conducted remotely or virtually) or technical barriers for some fraud types.

Incidents of fraud were most commonly identified through internal checks of records or accounts (39%, see Figure 4). This was particularly the case for online banking fraud, where 52% of incidents were identified in this way. There was little variation by sector, except for in the wholesale and retail sector, where businesses were more commonly notified by the bank that a fraud had occurred.

Figure 4: How fraud offences were identified

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 886.

3.6 Impact and costs of fraud

Respondents were asked to provide figures for the cumulative costs of all fraud incidents experienced by the business during the year in which their most recent experience of fraud occurred. They were asked the value of the goods, services or money stolen from the business as a result of the incidents of fraud; the total value of the property that had to be replaced or fixed as a result of the incidents; and total costs in terms of lost output.

The impacts and costs of fraud on businesses were considerable. The mean annual costs per business of all fraud incidents experienced was just over £16k. Annual total costs of over £20k were rare (reported by 11% of businesses), while less than 3% reported total costs exceeding £100k. The highest (unweighted) costs to a business for incidents of fraud experienced in a year was £2.61 million. Fourteen per cent of businesses reported no costs resulting from their experiences of fraud.

Businesses in the financial and insurance services had the highest mean costs of fraud at almost £43k, followed by the legal services sector at just under £37k. The wholesale and retail sector reported the lowest costs, at under £10k. It isn’t clear why the costs were higher for the financial and insurance sector, but the handling of large sums of money may be a risk factor.

It is also useful to consider the median costs given the large distribution of costs reported by businesses. The median annual cost per business of all fraud incidents experienced during the year in which they were most recently victimised was £1,000 with the financial and insurance sector reporting the highest median costs (£2,500).

Table 3: Average annual costs of fraud per business

Mean Median Unweighted base
All businesses £16,000 £1,000 901
Financial and Insurance Services £43,000 £2,500 170
Legal services £37,000 £1,000 99
Information and Communication £21,000 £1,000 140
Mining and Quarrying [£19,000] [£2,000] [33]
Real Estate £19,000 £1,800 151
Construction £14,000 £1,300 153
Wholesale and Retail £9,700 £800 155

Source: Home Office, ECS: appendix tables

When asked if any of the costs associated with the incidents of fraud experienced in the most recent year were recovered, over half (55%) said that they were not, while over a quarter (28%) had recovered costs in full and a further 11% had recovered partial costs. 6% had not fully resolved their claim(s). The likelihood of recovering costs showed little variation by sector, except in the case of the wholesale and retail sector, in which businesses were much less likely to have recovered the costs; 68% had not recovered any costs and just 16% had recovered costs in full.

The survey also asked businesses about other impacts of the incidents of fraud experienced in the most recent year in which they were victimised. The most common non-financial impact of fraud to the respondents was implementing new measures to protect against future fraud threats (61%), followed by negative impacts on the wellbeing of staff (37%). Just over a quarter (26%) of the businesses surveyed reported that no other impacts were experienced.

Figure 5: Other impacts of fraud

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 902.

3.7 Reporting of fraud

Over two-thirds of businesses (69%) reported their most recently experienced fraud offence in some way (to an internal board or to an external agency). Frauds were most commonly reported to a bank (63%), followed by the police (32%) and Action Fraud (25%).

There was some variation in reporting behaviours between sectors, with businesses in the financial and insurance services being more likely to report fraud offences (79%). In comparison, businesses in the information and communication sector were less likely (57% reported their experience of fraud).

There was little difference in the favoured agency reported to between sectors, although, compared to the average, businesses in the construction sector were more likely to report to a bank (73%), businesses in the wholesale and retail sector to Action Fraud (31%) and businesses in the financial and insurance sector to a regulator (7%).

More differences in who offences were reported to are apparent when looking at the crime type experienced. For example, debit and credit card fraud and online banking fraud were more likely to be reported to the bank (79% and 91%), and procurement related fraud to Action Fraud (47%).

Table 4: Reporting behaviour for fraud

Reported to Percentage
Bank 63%
Police 32%
Action Fraud 25%
Lawyers 3%
Regulator 3%
Insurer 3%
Client / Supplier 2%
Superiors in business (for example, director or owner) 2%
The company involved 2%
Web host 2%
National Crime Agency 1%
Trading Standards 1%
Other 5%
Don’t know 0%

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 624.

For the 28% of businesses that didn’t report their fraud offence, the most frequently cited explanation was it was either too inconvenient or too much hassle to report (17%). Other reasons for not reporting fraud were that respondents thought reporting wouldn’t make any difference (15%) or viewing the incident as a private matter that should be dealt with internally (15%). There was little variation between sectors and fraud types for the reasons for not reporting fraud offences.

4. Corruption

4.1 Background

Whilst there is no universally accepted definition of corruption, it is generally understood to involve the abuse of power in return for payment or other reward. It encompasses a range of activities, but, other than a relatively new measure of corruption recorded by the police, there are no other direct measurements of the level of corruption in England and Wales[footnote 16]. At 97 cases, the most recently published statistics (year ending September 2022)[footnote 17] show low levels of reporting and, taken with the findings of the Economic Crime Survey discussed below, are likely to be a considerable underestimate of the true level of offending.

The definition of corruption used in this survey includes a mixture of activities, which in a private sector business context will not all be punishable by law. Whilst this section refers to incidents of corruption, the results should be viewed as reflecting, in some cases, dishonest or unethical behaviours rather than reportable offences.

4.2 Prevalence of corruption

The prevalence of corruption indicates how many businesses in the surveyed sectors had experienced at least one incident of corruption in the 3 years prior to interview.

In the 3 years prior to interview, almost one in 20 (5%) businesses had experienced at least one incident of corruption. This represents approximately 55,295 businesses when applied to all businesses in the sampled sectors over a 3-year period. Overall, experience of corruption did not vary substantially by business sector, although businesses in the wholesale and retail sector were significantly less likely to have experienced corruption.

Figure 6: Proportion of businesses experiencing corruption, by sector

Source: Home Office, ECS: appendix tables. (Significance: * p<.05, ** p<0.01, *** p<.001)

Notes:

  1. Unweighted base: 5000.

4.3 Incidence of corruption

The incidence of corruption represents the estimated number of incidents experienced in the surveyed sectors in the 3 years prior to interview and totalled just over 1 million.

The incidence rate gives us the estimated number of incidents per 1,000 businesses and allows easier comparison. Across all business sectors, the incidence rate for any corruption in the 3 years prior to interview was approximately 907 per 1,000 businesses. Given the low prevalence of corruption (5% of businesses), this suggests high levels of repeat victimisation.

Of those businesses which had experienced corruption, almost 4 out of 5 (78%) had experienced more than one incident, and over half (57%) experienced between 2 and 10 incidents. Five businesses experienced 360 or more incidents. This highlights that whilst the number of businesses who experienced corruption was relatively low, the number of incidents that this small group experienced was high.

The financial and insurance services sector experienced the highest rates of corruption, at 2,898 incidents per 1,000 businesses. In comparison, the next lowest rates were seen in the legal services sector, at 1,334 incidents per 1,000 businesses. The real estate and mining and quarrying sectors saw the lowest rates at 382 and 294 incidents per 1,000 businesses respectively[footnote 18]. The likelihood of experiencing corruption showed very little difference by business size. However, caution is required in interpreting the incidence and incidence rates of corruption estimated from the survey. Interpretations of the different corruption types listed to businesses may differ, and some forms may reflect dishonest or unethical behaviours rather than offences in all circumstances.

Figure 7: Number of incidents of corruption per 1,000 businesses, by sector

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 5000.

4.4 Types of corruption experienced

Amongst businesses who had experienced corruption, the most common was being unfairly favoured in business dealings; 52% of businesses said they had experienced this type of corruption at least once in the 3 years prior to interview. Inappropriate conflicts of interest and people offering bribes were the next most commonly experienced types of corruption, with 32% and 21% respectively.

Figure 8: Proportion of corruption experienced by businesses, by type

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 247.

Whilst overall experience of corruption did not vary substantially by business sector, some differences are apparent when looking at the type of corruption experienced:

  • businesses in the construction sector were more likely to have experienced people being unfairly favoured in business dealings (72%)
  • businesses in the information and communication sector were more likely to have experienced people having inappropriate conflicts of interest (47%)
  • businesses in the real estate sector were more likely to have experienced people offering bribes (52%)

4.5 Nature of corruption against businesses

Further questions were asked of respondents in relation to the most recent incident of corruption they had experienced. In comparison with fraud offences, incidents of corruption were much more likely to take place either in person (52%), or over the phone (28%). Smaller proportions said that the incident was conducted via email (15%). The method of conducting corruption varied very little by sector, except for in the real estate sector where almost three-quarters of incidents took place in person.

More notable differences in the methods used to conduct corruption were apparent when comparing the different types of corruption to the average across all sectors. For example:

  • incidents in which people were offering bribes were much more likely to be conducted in person (78%)
  • people being unfairly favoured in business dealings were more likely to take place via a tendering process (11%)
  • people conspiring to commit fraud was more likely to take place via email (21%) or a letter (9%)

The majority of businesses who had experienced corruption were able to identify the perpetrator, likely because the incidents were commonly conducted face-to-face or over the phone (see Figure 9). For just under a third (32%) of businesses, the main perpetrators were existing clients or customers. Other common responses included competitors (18%), existing employees (10%), contractors (10%) or suppliers (9%).

Figure 9: Perpetrators of corruption

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 245.

4.6 Impact and costs of corruption

Respondents were asked about the total cost to the business of corruption incidents, such as lost contracts or fines, during the year in which their most recent experience of corruption occurred. The mean annual costs per business of all corruption incidents experienced was just over £44k[footnote 19].

Almost half (49%) of businesses reported no costs from their experiences. Sixteen per cent reported total costs of £5k or less and a further 13% reported costs between £5k and £20k. Total costs of between £20k and £100k for all incidents in the most recent year of experiencing corruption were identified by 8%. Thirteen per cent reported costs of £100k or more.

It is also useful to consider the median costs given the large distribution of costs reported by businesses. The median costs for all businesses was £200. Due to the relatively small number of businesses who had experienced corruption, the costs of corruption could only be estimated for 4 sectors. Businesses in the construction sector experienced the highest mean costs (£58,000), although this finding should be treated with caution due to the low base of between 30 and 50 businesses in each of the sectors, listed in Table 5, below, experiencing corruption.

Table 5: Average annual costs of corruption per business

Mean Median Unweighted Base
All businesses £44,000 £200 200
Construction [£58,000] [£5,500] [36]
Information and Communication [£35,000] [£2,300] [38]
Legal Services [£24,000] [£0] [33]
Real Estate [£9,300] [£0] [39]

Source: Home Office, ECS: appendix tables

The most common other impact of corruption to respondents was a loss of their customer base (39%) or a negative impact on the well-being of staff (36%). Thirty per cent of businesses said they did not experience any other impacts resulting from their experience of corruption.

Figure 10. Other impacts of corruption

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 245.

4.7 Reporting of corruption

Less than a quarter of businesses (22%) reported their most recent corruption incident in some way (to an internal board or to an external agency). Whilst there were some differences in reporting by sector (for example, 48% of businesses in the financial and insurance sector reported their experience compared to 15% in the information and communication sector) these differences were not statistically significant.

Amongst businesses who had reported their most recent experience of corruption, internal reporting was most common, with a third (34%) reporting to seniors within the business. Smaller proportions reported the incident to the police (19%), a regulator (9%) or Action Fraud (6%)[footnote 20]. This suggests that the number of corruption offences recorded by the police may be a considerable underestimate of the true scale of corruption.

Table 6: Reporting behaviour for corruption

Corruption incident reported to: Percentage
Superiors in business (for example, director or owner) 34%
Police 19%
The company involved 10%
Regulator 9%
Client / supplier 8%
Action Fraud 6%
Trading Standards 5%
Government department / MP 4%
Bank 1%
Internal teams, for example, IT dept, fraud dept, compliance team 1%
Other 10%
Don’t know 1%

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 66.

For the large proportion of businesses that didn’t report their experience of corruption (78%), the most frequently cited explanation was that it was a private matter and dealt with internally (25%), it was a common occurrence (18%), there was a lack of evidence or they were unsure it was corruption (16%), or they were unaware who it should be reported to (15%)[footnote 19].

5. Preventative measures

All businesses were asked if they had measures in place to protect themselves from becoming the victim of fraud and corruption. Nine out of 10 (93%) said they had one or more measures in place, with the most common being IT security (87%), internal checks (60%) and internal audits (43%). Much smaller proportions had specific policies in place; 30% of businesses had an anti-fraud policy and 25% an anti-corruption policy.

Figure 11. Preventative measures against fraud and corruption

Source: Home Office, ECS: appendix tables

Notes:

  1. Unweighted base: 5000.

There were notable differences in the preventative measures taken by the different sectors. The financial and insurance services sector and the legal sector were the most likely to have measures in place, with 99% of businesses in each saying they had one or more. The construction sector was the least likely to have measures in place at 88%.

High proportions of businesses in the financial and insurance sector and the legal sector reported having a number of different measures in place, including anti-fraud and anti-corruption policies, staff trained to counter fraud and corruption and having whistle-blowing policies in place. This may in part be due to the higher levels of regulation in these sectors. In comparison, the mining and quarrying and wholesale and retail sectors were more likely to have surveillance, such as CCTV, as a preventative measure (52% and 51% respectively, compared with an average of 38% across all the sectors).

The likelihood of having preventative measures in place also showed differences by business size, with the largest businesses (50 or more employees) being the most likely to say they had both basic and specific measures in place. For example, 70% had a whistleblowing policy or hotline, 69% an anti-fraud policy, 71% an anti-corruption policy and 46% had staff specifically trained to counter fraud and corruption, all significantly higher than the average for all businesses.

6. Perceptions and risks of experiencing economic crime

6.1 Perceptions of fraud

Businesses were asked about how common they thought fraud was in their sector. Overall, across the sectors, 39% of businesses said that fraud was very common (13%) or common (25%), though responses varied by sector. For example, 47% of businesses in the financial and insurance services sector and 45% in the legal sector said that fraud was common or very common in their sector. Perceptions of how common fraud was did not seem to necessarily reflect the true risk of victimisation, as outlined below.

6.2 Risk of experiencing fraud

The overall risk (prevalence) of experiencing fraud at least once in the 3 years prior to interview was 18%. This level of risk will vary according to several factors. However, many of these characteristics will be closely associated so caution is needed in the interpretation of the effects of these when viewed in isolation. Further analysis using logistic regression can be used to control for interrelated characteristics and to identify which are independently associated with increased risk of victimisation.

Logistic regression is a statistical technique that estimates the impact of each possible risk factor, while controlling for the others, and can be used to estimate how much the risk of victimisation is increased or reduced according to different characteristics or behaviours. Although logistic regression can be used to explore associations between variables, it does not necessarily imply causation and results should be treated as indicative rather than conclusive.

Multivariate logistic regression of businesses who had experienced fraud showed that the characteristics which contributed most to the risk of victimisation were ‘size’ and ‘sector’.

Business size did not show a straightforward correlation with fraud; although the likelihood of experiencing fraud generally increased gradually with business size, intermediate sized businesses (25 to 49 employees) also had significantly higher risk (twice as large) than smaller ones. The largest business (with 250 or more employees) had the highest risk at almost 10 times higher than the smallest businesses.

Along with size, business sector is the characteristic that most significantly predicts risk of victimisation. Controlling for all other factors:

  • the legal services sector had significantly lower likelihood of victimisation than any other sector
  • the financial and insurances sector had the highest likelihood (more than twice the size of the legal sector, which had the lowest levels of fraud)

6.3 Perceptions of corruption

Businesses were less likely to think that corruption was as common as fraud in their sector: 19% overall said that corruption was very common or common compared with 39% for fraud. Businesses in the construction sector were the most likely to perceive corruption as common or very common (25%) and businesses in the wholesale and retail and legal services the least likely (both 14%).

6.4 Risk of experiencing corruption

The overall risk of experiencing corruption at least once in the 3 years prior to interview was 5%. Initial analysis has shown very little variation in experience of corruption. When comparing sectors to the wholesale and retail sector, which had the lowest likelihood of victimisation, the information and communications sector and real estate sector had significantly higher likelihood, almost twice as large. However, at the overall level, sector was not a significant predictor of the risk of corruption.

Due to the relatively small number of businesses who had experienced corruption, it has not been possible to run multivariate logistical regression analysis to determine which factors contribute most to the risk of victimisation.

7. Conclusions

This report sets out the headline findings from the Economic Crime Survey on the scale and nature of fraud and corruption in 7 key sectors. While the survey may not be wholly representative of all businesses, it provides an important first insight into the experience of fraud and corruption in the business sector, including the scale and impact of incidents.

7.1 Scale

Overall, one in 5 businesses had been the victim of a known fraud and one in 20 a known corruption in the 3 years prior to interview. Given the hidden nature of these crimes it is likely that the true number is higher, and the incident often goes undetected. The number of incidents revealed by the survey is substantially higher than those reported to, and recorded by, law enforcement agencies.

Whilst the proportion of businesses experiencing fraud are relatively low, and lower still for corruption, the number of incidents experienced by those businesses is substantial. This suggests in both cases, high levels of repeat victimisation amongst businesses. Indeed, 46% of businesses who had experienced fraud and 78% of businesses who had experienced corruption had experienced more than one incident.

The most commonly experienced type of fraud was debit or credit card fraud, with half of businesses who experienced fraud reporting this type of offence. For corruption it was people being unfairly favoured in business dealings, with half of those experiencing corruption reporting at least one experience. Whilst this report highlights which types of incidents are most common, more research and analysis are required to fully understand the impacts and harms.

7.2 Nature

Understanding how offences were committed and who the perpetrators were is important for understanding how best to both protect and respond to the threat from economic crime.

Fraud offences were most commonly committed via email or by hacking, though this varied somewhat by offence type. Given the generally remote nature of many of the fraud offences experienced by businesses, it is unsurprising that almost half were unable to identify the perpetrator. In comparison, corruption was much more likely to take place in person or over the phone, with some variation in the methods used across the different types of corruption.

For fraud offences 43% of perpetrators were unknown, with a further 27% impersonating another person or business. In stark contrast, the majority of businesses which had experienced corruption were able to identify the perpetrator involved. Impersonation was uncommon for corruption incidents, with the main perpetrators often a person or business known to the victim (such as, a competitor, employee, contractor or supplier).

7.3 Impacts

The survey shows that the impacts of fraud and corruption on businesses are considerable. Though relatively uncommon, businesses reported (unweighted) yearly costs as high as £2 million for fraud and £1 million for corruption. Whilst experiences of fraud were more common, the average costs for corruption were higher, suggesting while corruption was rarer, it had a greater impact financially.

Non-financial costs were also considerable. Experience of both fraud and corruption were shown to lead to a decrease in the wellbeing of staff. Almost two-thirds of businesses experiencing fraud said they needed to put in place new measures to prevent against future victimisation. For corruption, a loss of customer base was another common impact.

7.4 Risk factors

The analysis shows that sector has a significant association with the likelihood of experiencing fraud and corruption. However, even if the sector as a whole is not at a higher risk, some types of fraud and corruption were more likely to occur in some sectors than others.

Multivariate logistic regression was used to estimate the impact of different risk factors on the likelihood of experiencing fraud (it was not possible to run this analysis for corruption due to the smaller number of businesses who had experienced corruption). This analysis showed that the characteristics which contributed most to the risk of fraud victimisation were business size and sector. In particular, the financial and insurances sector had the highest likelihood of experiencing fraud and the legal sector the lowest.

This suggests that measures to prevent or disrupt economic crime should be targeted appropriately to different sectors, and by crime type, to have maximum impact.

7.5 Reporting

Businesses who had experienced fraud were much more likely to report the incident than those who had experienced corruption (69% compared to 22%). Significant variations in reporting behaviours were observed by sector and type.

The agencies to which incidents were reported also differed between fraud and corruption. Businesses who had experienced fraud were most likely to report to an official organisation (usually a bank, but also the police or Action Fraud). In comparison, for those who had experienced corruption, the incident was most commonly reported to a superior in the business or to a lesser extent, the police or the company involved. These findings highlight substantial under-reporting of both crime types (though for corruption this may to some extent reflect the types of corruption experienced by the private sector as being unethical rather than illegal).

The reasons given for not reporting reveal important barriers to a more effective reporting system. For fraud, responses varied, but the most common included inconvenience, not thinking anything would be done or that it was dealt with internally. For corruption, the most common response was that it was dealt with internally, that it was a common occurrence, or they were unsure if it was corruption.

Eleven per cent of businesses experiencing fraud and 15% of businesses experiencing corruption said that they were unaware of who the incident should be reported to. Taken together, these findings suggest more needs to be done to signpost a clear single point for official reporting, particularly for corruption which tends to be viewed as an internal issue.

7.6 Prevention

Almost all businesses had one or more measures in place to protect against fraud and/or corruption, although these were most frequently IT security and internal checks or audits rather than specific measures such as anti-fraud or corruption policies, which were much less common. There was considerable variation in the use of preventative measures by business sector; the financial and insurance services sector and the legal sector were the most likely to have measures in place, whilst the construction sector was least likely. It is possible that this may reflect differing levels of required regulation between the sectors.

7.7 Implications for our approach to economic crime

The ECS is the first of its kind to give insight into the scale, nature and impacts of fraud and corruption on businesses. The analysis highlights important differences both between, and within, fraud and corruption and indicates that economic crime cannot be tackled using a one size fits all approach.

The findings demonstrate that there is real value in understanding sector experience and how this impacts on victimisation. This will shape the thinking around our response to these crimes and how best to work with businesses to tailor preventative and protective activities to different sectors. Indeed, consideration should be given to repeating the survey, whether to capture change in the already surveyed sectors or to explore experience of economic crime in other sectors.

Compared to some other types of crime experienced by businesses, such as theft[footnote 21], fraud, and even more so corruption, are lower prevalence crimes. However, the ECS has shown that incidence is high and has significant impacts on affected businesses.

Whilst this report identifies the most prevalent types of incident, it does not identify those with the highest levels of harm, financial or otherwise. There would be value in understanding the impacts of each type of incident to inform whether action should be focussed on those that occur most frequently, or those that are less common but have significant impacts on the affected business.

Businesses reported both financial costs and non-financial impacts of victimisation that may well differ from more traditional types of crime. For example, for both fraud and corruption, businesses reported impacts on the wellbeing of staff. For corruption, businesses reported a loss of customers, business activities being halted and reputational risks. These impacts should be considered alongside the more obvious financial costs.

Lastly, the findings highlight substantial under-reporting, meaning the true incidence remains unknown. Whilst fraud was more likely to be reported (and to an official agency), reporting of corruption was spread across a variety of different organisations, if not dealt with internally. If we are to tackle under-reporting and improve data on economic crime, we must tackle key barriers to reporting.

  1. The government’s new Fraud Strategy defines fraud as follows: A fraud involves an act of dishonesty, normally through deception or breach of trust, with the intent to either make a gain or cause a loss of money or other property. 

  2. Since the survey was carried out, the cross-government Joint Anti-Corruption Unit (JACU) situated in the Home Office has, in collaboration with academics at Sussex University, developed a conceptual framework for future government anti-corruption work. The definition states that ‘Corruption is the abuse of entrusted power for private benefit that usually breaches laws, regulations, standards of integrity and/or standards of professional behaviour’. 

  3. Fraud against individuals is also captured in the Crime Survey for England and Wales (CSEW) 

  4. Whilst the Commercial Victimisation Survey includes some questions on fraud, it captures limited detail of these offences. It does not include questions on experience of corruption. 

  5. Understanding organised crime 2015/16 second edition (publishing.service.gov.uk). A more recent estimate looking at the total cost of fraud to society for individuals in England and Wales was estimated to be at least £6.8 billion in 2019-20. This includes the money lost by victims, the cost of caring for victims, and the costs of recovery, investigation and prosecution of fraudsters. Further details on the methodology used can be found in the annex of the Fraud Strategy

  6. Defined by the UK Standard Industrial Classification 2007 (SIC) and sampled from the Inter Departmental Business Register (IDBR). 

  7. Data for all sectors are included in the totals for all sectors even when data are not presented at the individual sector level. 

  8. A high Cook’s distance indicates that a data point has a large effect on the mean. The Cook’s distance technique was applied to the total number of incidents of fraud and corruption to identify outliers that fell above the cut-off point. In the case of this analysis the threshold of 4 divided by the sample number, which is a commonly used threshold, was applied. This resulted in 4 values of fraud total incidents (5 cases) and 5 values of corruption total incidents (5 cases) to be highlighted as outliers. 

  9. ‘The purpose of robust estimation is to produce an efficient estimator in the presence of outliers, while minimizing bias. This is done by reducing the influence of the outliers on the estimator. To evaluate robust estimators, the usual properties such as bias and precision are of interest, as well as others that we will briefly define here. The breakdown point is the smallest fraction of contamination that can cause the bias of the estimator to become infinitely large, at which point the estimator is said to break down’ – Franklin et al (2001: 699), ROBUST MULTIVARIATE OUTLIER DETECTION USING MAHALANOBIS’ DISTANCE AND MODIFIED STAHEL-DONOHO ESTIMATORS

  10. For businesses whose most recent experience of fraud or corruption was during 2020, cumulative costs provided would have only covered incidents experienced between the start of the year and the date of interview between February and May 2020, rather than a full 12-month period. 

  11. Crime Survey in England and Wales Appendix Table A1 

  12. Crime Survey in England and Wales Appendix Table A3 

  13. Action Fraud is the UK’s national reporting centre for fraud and cybercrime in England, Wales and Northern Ireland. 

  14. The total number of businesses in the underlying population was 1,154,840. See the ECS technical report for more details of the survey sample. 

  15. The overall incidence and incidence rates presented here include the 5 businesses who reported over 450 incidents. While these businesses were identified as outliers from a statistical perspective, there was no evidence that these related to any response or sampling error and were potentially reflecting high levels of repeat victimisation occurring in some parts of the business community. It was felt that excluding these cases would have led to an unintentional underestimate of the overall incidence. Further details of the approach taken regarding outliers are included in the accompanying ECS Appendix Tables

  16. The Joint Anti-Corruption Unit (JACU; a cross-government unit at the Home Office) has been working with the independent U4 Anti-Corruption Helpdesk and other partners to develop a set of global indicators to indicate the progress of the UK in reducing corruption. These can be found in the Anti-Corruption Strategy 2017-2022 Year 3 Update 

  17. Crime Survey in England and Wales other related tables - Table F17 Corruption offences recorded by the police, by quarter 

  18. The overall incidence and incidence rates presented here include the 5 businesses who reported over 360 incidents. While these businesses were identified as outliers from a statistical perspective, there was no evidence that these related to any response or sampling error and were potentially reflecting high levels of repeat victimisation occurring in some parts of the business community. It was felt that excluding these cases would have led to an unintentional underestimate of the overall incidence. Further details of the approach taken regarding outliers are included in the accompanying ECS Appendix Tables

  19. Two statistical outliers were removed from the data. These related to reported (unweighted) costs of corruption of £2 million and £47 million respectively. Contextual information on the turnover and size of the 2 businesses was used to consider the reliability of the 2 statistical outliers. If the outliers are included in calculations, they increase the mean costs to businesses to £110k.  2

  20. Due to the small numbers of businesses reporting experience of corruption, it is not possible to analyse differences in who incidents were reported to, or reasons for non-reporting, by sector or corruption type. 

  21. For example, the 2021 Commercial Victimisation Survey estimated 27% of retail and wholesale business premises experienced theft in the previous year. 

Back to top