News

U.K. lenders have mostly filled the gaping holes through which criminals are believed to have siphoned billions of pounds of loans intended to mitigate the economic impact of the novel coronavirus, but now face a mountain of potentially fraudulent claims to investigate.

Launched by U.K. Chancellor Rishi Sunak in May 2020, the Bounce Back Loan Scheme has provided financial relief for struggling businesses after the British government imposed the first nationwide lockdown to curb the spread of the novel coronavirus. Almost £45 billion has been lent to approximately 1.5 million firms to date.

But the expectation of disbursing emergency cash quickly—sometimes within 24 hours of an application—required banks to shelf their usual credit and anti-fraud checks and instead allow applicants to self-certify their annual turnover, trading history and other data. U.K. officials estimated in October that up to £26 billion in loans had been lost to defaults and fraud.

Now, nine months after the Bounce Back Loan Scheme began, those same banks have come under pressure to weed out abuse, investigate and report a significant volume of suspected fraud schemes, close accounts and claw back stolen funds while continuing to vet new applicants.

“The losses are going to be astronomically high … there was just a huge amount of abuse that was quite difficult to detect because of the way [the loan program] was operating in the early days,” a compliance officer for a lender in London told ACAMS moneylaundering.com on condition of anonymity. “It’s certainly one of the biggest things on my desk right now.”

Business clients need only a current account to receive a bounce-back loan of up to £50,000, with no repayment due the first year. Loans are completely covered by the taxpayer, leaving banks that administer them off the hook for any losses.

Matt Cox, a senior fraud specialist at ‎FICO in London, told moneylaundering.com that a large percentage of frauds against the lending program have taken one of two forms: first-party frauds in which firms seek loans from multiple banks or inflate their turnover to secure more funds; and impersonations, where fraudsters pose as executives of legitimate companies to obtain loans.

A typical example of the first type of scheme emerged in July, when investigators with London’s Metropolitan Police arrested two men suspected of recruiting others to establish and use fake companies to apply for bounce-back loans.

Police detained the suspects after finding several loan applications in their vehicle during a routine drug search, and subsequently moved to freeze 10 bank accounts holding more than £550,000.

That same month, a luxury car dealer in Scotland managed to stop a fraudster from purchasing a £40,000 Porsche with funds from a bounce-back loan he had fraudulently obtained using the name of the same dealership and other details that he found online.

Recovering funds tied to the second type of scheme tend to pose the more difficult challenge because legitimate firms often do not realize they have been impersonated and defrauded until several months have passed, Cox said.

“That money will be gone, siphoned off to cryptocurrency, international payments and cash,” he said. “The difference is that [fraudsters] have had more time because of the speed of the rollout, the scale of the program and the fact that the loans don’t need to be repaid immediately.”

Various applicants have inflated their turnover, used forged documents to show their firm conducted business before the pandemic, or conspired with criminals to revive dormant accounts for legal entities, secure bounce-back loans, then move the proceeds through accounts held by money mules.

“Of course there were controls, but significant reliance had to be placed on self-certified information,” the compliance officer in London said. “There was incredibly limited guidance [from U.K. officials] on what was expected, and what … fraud against the scheme actually meant.”

A second compliance officer for a major U.K. bank told moneylaundering.com that her institution had to reassign employees from other departments to help process the enormous volume of applications it received under the Bounce Back Loan Scheme.

“This means that staff with out-of-date, slightly rusty knowledge will be dealing with these applications, possibly making the process less robust than usual,” the second compliance officer said. “The pressure of the volumes clearly creates an issue in itself, even for experienced staff.”

By November, U.K. banks had rejected more than 27,000 suspicious applications seeking more than £1 billion in loans, the state-owned British Business Bank told lawmakers that month.

Investigations

On Jan. 4, the British Business Bank launched an investigation into frauds against the Bounce Back Loan Scheme and other pandemic-related lending programs, and signed a £1 million contract with the global consulting firm PwC to assist the inquiry.

The Mail on Sunday reported later that month that HSBC, Barclays, NatWest and Lloyds Bank had frozen hundreds of accounts and terminated bounce-back loan agreements on suspicion of fraud.

Both developments came after U.K. Finance, an industry group representing British financial institutions, set up a weekly “fraud collaboration” group for compliance officers to discuss trends and typologies related to the crime.

Banks have exchanged similar data on pandemic-related fraud with investigators, regulators and other officials through a public-private forum run by the National Crime Agency’s National Economic Crime Center.

Fraud decreased in the second half of last year as lenders implemented additional controls at varying rates, such as greater scrutiny of self-declared annual turnovers, and procedures to flag individuals who apply for loans at several institutions, said Cox, the anti-fraud specialist.

“Banks have now had time to start looking back at what’s been approved, investigate potential frauds sitting within their loans portfolio and apply those lessons to new applications,” Cox said. “They are not waiting for another year, when repayments start to be missed.”

Some banks have used vendor-supplied, digital-profiling tools to identify IP addresses, telephone numbers and other data linked to suspected fraudsters, and discover connections between different bounce-back loan applications.

“We’ve definitely had a number of bounce-back loan investigations that … have become part of something much bigger, a much larger case where the use of the bounce-back loan is only one component,” the compliance officer in London said.

Criminals have frequently turned to networks of money mules to launder the proceeds of frauds against the Bounce Back Loan Scheme, and sometimes have directed them to borrow money and declare bankruptcy.

“There’s a lot of attention now on bounce-back loan fraud,” a third compliance officer for a U.K. lender said on condition of anonymity. “What that’s done is give people … a new opportunity to make money out of the account they’d set up for other money-laundering purposes.”

Many banks have allocated significant resources towards identifying and reporting fraudulent applications by outside parties to the U.K. Financial Intelligence Unit while also accounting for the threat of an inside job.

On Jan. 23, the U.K. National Crime Agency arrested three men in London, all in their early 30s and working for an unnamed financial institution, as part of an investigation into fraudulent claims totaling £6 million. Investigators suspect the three alleged “professional enablers” helped criminals siphon loans through doctored applications and documents.

The arrests came four months after the U.K. Department for Business inked an agreement with the National Investigation Service, or Natis, which investigates corruption and organized crime against the public sector, to help detect suspicious claims and investigate “priority fraud cases.”

A spokesman for the Department for Business declined to discuss details of investigations and funding. Natis did not respond to multiple requests for comment.

But schemes against COVID-19 loans are in no way unique to Britain.

The U.S. Paycheck Protection Program has lost tens of billions of dollars to fraud since launching in March 2020. Germany, Europe’s largest economy, has logged thousands of suspected attempts to defraud the country’s €1.1 trillion COVID-19 relief package, and Dutch and French authorities have made similar proclamations.

Moneyval, the Financial Action Task Force’s representative in Europe, reported in September that criminals have exploited the widespread disruption of due diligence throughout the continent to run various schemes during the pandemic.

Given the scale of abuse against the Bounce Back Loan Scheme, U.K. officials should set up a public inquiry to review their decisions and ensure that future public-backed financial assistance programs have proper controls in place from the outset, Helena Wood, a financial crime consultant in Winchester, England, told moneylaundering.com in an email.

“The government needs to have a clear and transparent strategy, backed by significant ring-fenced policing resources, to respond to this and bring offenders to justice,” Wood wrote. “It is not clear whether the current allocation of resources is sufficient.”

A spokesperson for HM Treasury defended the U.K. government’s handling of the Bounce Back Loan Scheme, claiming in an emailed statement that thousands of businesses and millions of jobs have been protected.

“We targeted this support to help those who need it most as quickly as possible and we won’t apologize for this,” the spokesperson wrote in the statement. “We’ve looked to minimize fraud … with lenders implementing a range of protections, including anti-money laundering and customer checks, as well as transaction-monitoring controls.”

Contact Koos Couvée at kcouvee@acams.org