While the coronavirus pandemic is – as we are so often told – “unprecedented”, it is also conforming to an unfortunate trend: fraud and corruption increase during times of crisis. With institutions and individuals facing new and greater pressures, unethical behaviour can often be the result. As people look for solutions to the present uncertainty, they can end up making themselves easier targets for fraudulent activity. In this article we review some of the forms the scams are taking, consider the response of UK authorities, and offer some guidance as to how businesses can best protect themselves.
The nature of coronavirus-related scams
Some of the most high-profile scams have exploited the shortage in medical products, with criminals selling counterfeit or non-existent supplies of PPE – including a notable instance of a California workers’ union almost paying for 39 million masks which were never, in fact, going to be produced. Alongside this, the Investment Association has registered a spike in phishing emails, often containing “coronavirus” in the title, while the National Economic Crime Centre has reported a surge in cybercrime more generally. The rise in home working has likely played a part here – as people log in from home, it becomes more difficult for employers to keep a close eye on IT security.
In an indication of the scale of the issue, both the Charity Commission and the National Crime Agency have published alerts warning of the increased risk of fraud during the pandemic. Perhaps the most useful notice has come from the Financial Conduct Authority (FCA) (available here), which has provided detailed guidance around scams to watch out for. One particularly prevalent type of scam uses the uncertainty around stock markets to advise people to invest, or transfer existing investments, into high risk investments in entities which are not properly regulated.
How businesses can respond
While firms are likely already to have policies with the aim of reducing the threat of external scams, there is now a particular need to ensure that any measures taken are just as effective in a home working context. Some key points to think about are:
- Ensure that policies are up to date to reflect that staff are working remotely. Firms should carry out a risk assessment for sustained home working and update policies and procedures accordingly. These should reflect the new risks that have arisen – for example, the special vigilance that is needed around communications which purport to be in response to the pandemic, or to check that they have come from an official source.
- Think creatively about keeping levels of supervision and oversight high. The physical separation of home working can make communication more difficult, resulting in decisions being taken in isolation rather than following a full discussion. Ensuring your business has suitable technology to facilitate supervision, as well as scheduling in regular meetings to compensate for the lack of proximity, will guard against these risks.
- Formal processes are only as effective as the culture that underpins them. Fostering an environment in which employees are able to ask questions – and indeed admit mistakes – openly, will ensure that protocols are followed more closely.
A shift to new and more flexible working practices is not something new. Conversations around how best to ensure this takes place securely are going to be useful, even if they have been forced upon us rather more abruptly than anticipated. In any event, the benefits of these conversations will not be limited to security: whether the outcome is better knowledge sharing, more robust internal policies, or better organised supervision, businesses should take this opportunity to stay a step ahead.
This publication is a general summary of the law. It should not replace legal advice tailored to your specific circumstances.
© Farrer & Co LLP, June 2020