The nature of fraud
Fraud is a generic category of conduct that involves the use of dishonest or deceitful means to obtain some unjust advantage. In some countries, such as England and Wales, there is a specific offence of fraud, while other jurisdictions have a range of crimes that entail an element of dishonesty—in Victoria, for example, there are over 300 separate criminal offences that could be charged in connection with acts of dishonesty (VPDCPC 2004). Dishonesty is the key attribute that distinguishes fraudulent from innocent conduct. Rather than defining dishonesty in legislation, it is usually a matter of fact for juries to determine in criminal cases (Smith 2013).
Anyone can be a target of fraud, be they an individual or an organisation, and victims can be targeted by individuals or organised groups of individuals. Defining fraud is difficult because of the range of conduct that can involve dishonesty. The lack of an agreed operational definition of fraud is one of the enduring limitations to effective quantification of the scale of the problem. Fraud is not a new phenomenon, but as technology continues to advance and its use increases, additional challenges are presented to those attempting to prevent and to control fraud. Identity-related fraud and other technology-enabled frauds are increasingly becoming areas of concern internationally and affect both the public and private sectors (Lindley, Jorna & Smith 2012). It is difficult to obtain consistent data on fraud in Australian jurisdictions because of different information systems, legislative definitions, data collection practices and prosecution activity. Despite this, it is known that a substantial amount of fraud occurs in the Australian community, affecting individual consumers, businesses and government agencies.
Challenges in estimating the cost of fraud
The difficulties associated with measuring the incidence and cost of fraud have been described in some detail by Lindley, Jorna and Smith (2012). The principal factors include:
- the wide range of types of fraud that must be counted, extending from small-scale credit card fraud through to major corporate financial crime, sometimes costing billions of dollars for one course of criminal conduct;
- the volume of ‘hidden’ fraud, which does not become known to police, or even to the individuals or organisations involved. Unlike more common crimes such as motor vehicle theft where victims are aware that the crime has taken place (even if they do not report it), it is the case that some victims of fraud may not be aware of their victimisation. Examples of this include fraudulent charitable solicitations, insurance fraud and revenue fraud against the government. Mayhew (2003b) explained the difficulties associated with estimating exactly how much fraud is undetected and unreported to the authorities, and calculating the value to place on each of the various categories of fraud. One large-value case of unreported fraud could seriously affect the overall calculation of the total cost of fraud if an inappropriate multiplier were adopted;
- problems of inaccuracy of official crime statistics in which individual offences may be excluded from counting by omission (or on occasions intentionally for budgetary reasons within official agencies), or are wrongly categorised as falling within, or excluded from, the crime type in question;
- the costs of detected fraud are not always known, as victims might not be able to estimate their losses with accuracy. On occasion, even offenders may be unaware of the full extent of their dishonest conduct, showing surprise when evidence of losses is presented to the courts. Associated with reliance on court data is the problem that often only a small, representative sample of counts of fraud are prosecuted, with general estimates of other, often substantial amounts of offending taken into consideration during the process of sentencing. Reliance on the initial amounts alleged by prosecutors can be misleading both because some allegations may not be substantiated, while other matters might have been excluded from the indictment.
As is apparent from the above sections, difficulties associated with reliance on official crime statistics collected by police, prosecutors, courts and correctional agencies can be overcome, to some extent, through the use of crime victimisation survey data. Asking individuals to recall their experience of having been defrauded overcomes some of the problems of measuring unreported fraud, although undetected fraud will still be omitted from matters reported by victims, unless predictions of potential losses are asked for. Fraud victimisation surveys, however, entail other limitations. Surveys typically involve samples in which a small representative group is questioned and its responses used to predict the likely situation in an entire population. This, of course, introduces the possibility of error in predictions and the need for statistical controls to combat this. In the case of survey of organisations’ experience of fraud, often only small and unrepresentative samples are involved. There are also problems of reliability (whether repeated surveys elicit the same answers from the same subjects) and validity (whether the survey is measuring what it is intended to measure; VPDCPC 2004).
Costing fraud using victimisation surveys
Although the ABS CVS does not cover offences of dishonesty and fraud other than personal fraud (ABS 2013a), considerable other information exists about the incidence and cost of many specific sub-types of fraud derived from crime victimisation surveys. One approach to costing fraud would be to examine each of these sources of information and then to arrive at a total estimate for fraud as a whole, based on each of its constituent elements. Unfortunately, complete and accurate survey data do not exist for each of the various sub-types of fraud that have been identified, making such an approach impractical.
There are also many inconsistencies in the manner in which subcategories of fraud have been defined in the past making a uniform data collection plan based on victimisation surveys impossible. Care is also need to avoid double counting if a victimisation survey approach is adopted. Some types of fraud such as consumer scams, overlap with other types, such as identity fraud or plastic card fraud; any attempt to aggregate cost estimates from these different subcategories would need to ensure that double counting does not occur.
Nonetheless, it is useful to present the results of these surveys in order to show that the overall total of the cost of fraud arrived at based on official crime statistics is within the total loss estimates based on fraud victimisation data, taking into account the above considerations. In addition, as explained above, victimisation surveys also provide an indication of the extent of unreported crime, which is of critical importance when extrapolating from recorded crime data to total crime estimates.
Fraud against the Commonwealth
Since the estimates of the cost of crime by Mayhew (2003b) and Rollings (2008) were published, the AIC has conducted annual surveys of all Commonwealth agencies to assess their experience of fraud. These are in the nature of fraud victimisation census research that seeks to obtain data from the entire population of agencies and with a mandatory obligation to respond in accordance with the Commonwealth Fraud Control Guidelines (AGD 2011).
Three aspects of this data source differ from officially recorded police deception statistics. First, a broad definition of fraud is used for the purposes of the Guidelines (Section 4) that extends beyond that included in official police definitions of fraud and dishonesty offences. Fraud is defined in the Guidelines as:
Dishonestly obtaining a benefit, or causing a loss, by deception or other means, and may include (but is not limited to):
- accounting fraud (false invoices, misappropriation etc.);
- unlawful use of, or obtaining property, equipment, material or services;
- causing a loss, or avoiding and/or creating a liability;
- providing false or misleading information to the Commonwealth, or failing to provide it when there is an obligation to do so;
- misuse of Commonwealth assets, equipment or facilities;
- making, or using false, forged or falsified documents; and
- wrongfully using Commonwealth information or intellectual property.
This definition of fraud includes both internal fraud alleged against Commonwealth public servants and contractors, and external fraud alleged against other members of the public. External fraud covers some of the largest areas of fraud risk that affect the government including revenue fraud against the Australian Taxation Office (ATO) and welfare and benefits fraud against the Department of Human Services. In 2010–11, for example, the ATO had net tax collections of $273.0b and checked 56,000 tax refunds, preventing approximately $500m in refunds being issued incorrectly. In 2010–11, the ATO undertook over 7.9 million active compliance activities, raising $9.0b in tax liabilities and $2.3b in penalties and interest liabilities (ATO 2011).
In the case of welfare and benefit fraud, in 2010–11, Centrelink completed 2.1 million eligibility and entitlement reviews, including 26,516 customer reviews as result of tipoffs, which led to $64.1m in debts and savings. In 2010–11, Centrelink referred 1,273 cases to the Commonwealth Director of Public Prosecutions (CDPP) to consider prosecution action (see also Prenzler’s (2012) review of welfare fraud in Australia). The results of the AICs survey of Commonwealth agencies, however, reports aggregate data only, making quantification of fraud losses for individual agencies and departments unavailable.
Second, for the purposes of the annual survey, respondent agencies are asked to report their experience of fraud, as defined above, including not only incidents that would fall within the definition of ‘recorded crime’ by police agencies, but also suspected fraud, incidents under investigation and completed incidents, whether the fraud was proved or not and whether the incident was dealt with by a criminal, civil or administrative remedy.
Third, the unit of measurement in the annual survey is ‘incidents’ of fraud, defined as:
all counts alleged during one fraud investigation and might comprise a number of counts of offences that are actually prosecuted. An incident may take place on a single date or over a period of time and may involve one or more accused persons (Jorna & Smith unpublished).
This unit of measurement differs from the unit used in police recorded crime statistics which is the number of persons victimised.
Each of these matters make the data obtained from the annual Commonwealth Fraud Survey of a slightly different nature than from official police recorded crime statistics. Nonetheless, the survey data provide a better indication of the cost of fraud experienced by Commonwealth agencies than any other available source.
In 2011 (the most recent year for which data are available), an invitation to complete the questionnaire was sent to all 192 Commonwealth agencies. Of those invited, 154 agencies provided responses, which represented a response rate of 82 percent. Of those that responded, 40 percent (61 agencies) reported that they had experienced a fraud incident in 2010–11, totalling 91,091 incidents worth $118,878,181, although 20 percent of agencies that experienced fraud were unable to specify a loss. Losses were defined as the total amount, in whole dollars, thought to have been lost to the agency from fraud incidents, prior to the recovery of any funds and excluding the costs of detection, investigation or prosecution (Jorna & Smith unpublished).
Assuming these 31 agencies that were unable to specify a loss were representative of all agencies that reported experiencing fraud, the grossed-up total losses for all agencies that reported experiencing fraud would be $142,653,810.
As 38 Commonwealth agencies (20% of those invited) failed to respond to the survey, some account needs to be taken of the fact that these agencies might also have experienced fraud but not reported it. Arguably, the value of unreported fraud would be quite low, as the agencies that failed to respond tended to be smaller agencies. Accordingly, a multiplier of 1.10 seems reasonable to account for these unreported losses. In addition, some fraud incidents might not have been detected by agencies, such as allowance-related internal fraud which often goes undetected. Again, it can be assumed that relatively low-value fraud would not have been detected, with a multiplier of 1.05 being appropriate. Applying a multiplier of 1.15, yields a total number of incidents of 104,755 with an estimated loss of $164,051,880.
However, KPMG and other organisations have reported that only a third of fraud is generally detected by organisations. This would suggest a multiplier of three could potentially be used to account for undetected fraud. In addition, other organisations, such as the Association of Certified Fraud Examiners (ACFE) use different methodologies based on a percentage (five percent) of revenue to calculate the amount an organisation loses to fraud. If these methodologies were applied to Commonwealth agencies, the estimated loss could be higher.
In 2010–11, agencies reported that approximately 30 percent of total reported losses were recovered, amounting to $35,780,906. In addition to agency recoveries, in 2010–11, the CDPP secured $31,819,253 from offenders by way of reparation under the Crimes Act 1914 (Cth) and Pecuniary Penalty Orders under the Proceeds of Crime Act 1987 (Cth).
Deducting total funds recovered and reparation for 2010–11 of $67,600,159 from the total estimated losses of $164,051,880 leaves a net total loss due to Commonwealth fraud of $96,451,730.
This estimate of fraud against the Commonwealth includes some matters that would also be counted as part of state and territory official police statistics. In 2010–11, Commonwealth agencies referred 17 incidents involving internal fraud and 58 incidents involving external fraud to state and territory police for investigation and these 75 incidents should be deducted from the number of incidents of fraud recorded by state and territory police below.
In addition, it should be noted that during 2010–11, the Australia Federal Police (AFP) accepted 61 fraud referrals from Commonwealth agencies and declined 23. During the 2010–11 financial year, 29 matters resulted in legal action. This figure may include matters that were referred to the AFP in previous financial years. In 2010–11, the AFP was able to estimate financial losses for 61 of the cases accepted for investigation. The total financial loss estimated for those cases was $12,796,207 or $209,774 per matter (Jorna & Smith unpublished).
In 2010–11, there were 1,746 cases referred to the CDPP for prosecution involving 3,152 defendants. Of the 3,512 defendants prosecuted, 2,615 resulted in conviction with 12 acquittals and 525 that were classified as ‘other’. The total amount initially charged in each fraud type prosecution was $77,960,259, or $22,198 per defendant charged. The CDPP secured $31,819,252.66 by way of reparation under the Crimes Act 1914 (Cth) and Pecuniary Penalty Orders under the Proceeds of Crime Act 1987 (Cth) (Jorna & Smith unpublished).
Fraud against business organisations
Business consultancy practices have regularly conducted surveys of their clients to determine the nature and cost of fraud victimisation that they have experienced. KPMG (2013) for example, invited a sample of Australian and New Zealand organisations in the public and private sectors to complete a questionnaire on their attitudes and responses to fraud. Respondents were asked to consider fraud occurring in their organisation during the period 1 February 2010 to 31 January 2012; a period of 23 months. Fraud was defined as
any dishonest activity causing actual or potential financial loss to any person or entity including theft of monies or other property by employees or persons external to the entity and where deception is used at any time immediately before or immediately following the activity (KPMG 2013: 37).
Useable responses were received from 281 organisations. Respondents experienced 194,454 incidents of fraud worth $372.7m in total, or $3.08m per organisation experiencing fraud. The mean loss per incident was $1,685, although 20 incidents cost over $1m each.
Of relevance to the calculation of a multiplier for fraud offending is the fact that only 39 percent of respondents estimated that they had detected over 80 percent of fraud incidents; while 30 percent of respondents estimated that they had detected less than 40 percent of fraud incidents. In KPMGs 2012 survey report, 46 percent of major incidents of fraud were reported to police or a law enforcement organisation, a reduction from the 60 percent of incidents that were reported in this way in the KPMG 2010 survey. In KPMGs 2012 survey, eight percent of respondents recovered losses in full while another 49 percent made partial recovery of losses. Some 43 percent failed to recover any funds (KPMG 2013). In interpreting these results, it should be recalled that the reference period was 23 months that included 10 months prior to 2011 and that respondents came from both Australia and New Zealand.
In 2003, the AIC and PricewaterhouseCoopers (Smith 2003) published the results of a study that examined 155 completed files relating to 208 accused persons from each of the Australian states and territories as well as the Commonwealth and New Zealand (10 jurisdictions in all) relating to 165 males and 43 females, 183 of whom were convicted of fraud offences. The study focused on cases involving ‘serious fraud’. Files were mostly selected by the police and prosecution agencies concerned, in accordance with the criteria of seriousness of the fraud involved and year of determination. ‘Seriousness’ was defined on the basis of the following criteria:
- financial loss (generally over $100,000 unless other factors made the case of unusual seriousness or complexity); and/or
- sophistication in the planning and or execution of the offence (such as through the use of computers, electronic transfers of funds, forged instruments, multiple false identities etc); and/or
- organisation of the offender(s) (such as the presence of multiple offenders, cross-border activities relating to the movement of individuals or funds, large numbers of victims etc); and/or
- fraud offences committed by professionals such as solicitors, accountants, financial advisers, mortgage brokers etc who carry out serious offences involving breach of trust concerning clients’ funds.
Over the two years in question (1998 and 1999), the 155 files involved $260.5m in respect of the total amount sentenced, $13.5m recovered as restitution prior to sentencing and $143.9m suffered as the total amount of actual loss. The maximum amount sentenced in any one case was $80m. The largest losses were sustained in Queensland, with the Commonwealth, New Zealand, New South Wales and South Australia all involving losses in excess of $2m each (Smith 2003). Although these data are somewhat dated, they do indicate the average high value that fraud can involve in serious cases. For the present exercise, it is necessary to take into account the fact that some fraud cases entail extremely large amounts of financial loss.
One fraud type that has been subjected to rigorous research concerns consumer scams perpetrated largely against individuals. It is sometimes known as personal fraud, consumer fraud or scams, however, the conduct generally involves the use of unsolicited invitations to send money or personal information to criminals who use various techniques including social engineering to extract funds from their victims. Much consumer fraud involves the misuse of personal information or ‘identities’ and most is facilitated through the use of online communications (Jorna & Hutchings 2013). In Australia, national surveys of householders have found that the proportion of persons aged 15 years and over who have experienced personal fraud over the preceding year has increased from five percent of the population in 2007 to 6.7 percent in 2010–11 (ABS 2012a, 2008). This represents an increase of 382,100 victims who reported an increase in losses from $977m in 2007 to $1.4b in 2010–11. Three in five victims of personal fraud (60% or 713,600 persons) lost money, an average of $2,000 per victim who incurred a financial loss. The median loss for personal fraud was $300. This means that half the number of people who lost money due to personal fraud lost less than $300 and half lost more than $300.
Another survey designed to capture data on the experience of consumer fraud is the online survey undertaken annually by the AIC on behalf of the Australasian Consumer Fraud Taskforce, which comprises 22 government regulatory agencies and departments in Australia and New Zealand that work alongside private sector, community and non-government partners to prevent fraud. The survey for 2012, which asked respondents about their experiences in the preceding 12 months, attracted 1,576 respondents from Australia and New Zealand. Outliers, typically very large loss figures from respondents who appeared to have misunderstood the question, were removed from the analysis. Sixteen percent of the sample who had received an invitation sent their personal details, suffered a financial loss or both in response to at least one scam (n=231; 14.7% of the total sample). One hundred and six participants (7.1% of the sample who received a scam invitation and 6.7% of the total sample) sent their personal details only, 46 participants (3% of the sample who received a scam invitation and 2.9% of the total sample) suffered a financial loss only and 79 participants (5.3% of the sample who received a scam invitation and 5% of the total sample) lost money as well as sent their personal details. Of the 231 victims who reported having suffered a financial loss, 108 (46.8%) disclosed the amount. This reportedly ranged from $3 to $1,000,000. With outliers removed ($1,000,000 reportedly lost due to a scam reported in the ‘other’ category), the reported financial loss totalled $846,170, ranging from $3 to $195,000 (mean=$7,908.13; median=$500.00; Jorna & Hutchings 2013).
A further source of information on consumer scams is the data collected by the Australian Competition and Consumer Commission (ACCC) in connection with complaints of scams made to it each year (ACCC 2011). From 1 January to 31 December 2011, the ACCC received 83,150 scam-related contacts (82,338 scam reports and 812 inquiries). In 2011, the ACCC received reports of losses arising from scam activity of $85,607,748. In 2011, almost 88 percent of consumers contacting the ACCC about scams reported no financial loss. The remaining 10,028 (almost 13%) reported losses ranging from very small amounts for unsolicited credit card deductions up to $3.5m for a business that was a victim of advance fee fraud. The most prevalent loss category was between $100 and $499, with a median loss of $500.
In 2002, the Securities Industry Research Centre for the Asia-Pacific Ltd estimated the cost of identity-related fraud in Australia. This modelling study involved some 120 organisations in the public and private sectors including the financial industry, telecommunications and other infrastructure industries, as well as the retail industry. It was found that identity fraud cost Australian large business $1.1b for the year 2001–02 (Cuganesan & Lacey 2003). Some 57 percent of this ($626m) involved the costs of resources consumed performing identity-related fraud response activities including risk assessment, deterrence, prevention and detection, as well as investigations, restoration and recovery. A further 38 percent ($420m) related to fraud losses actually incurred by users. Opportunity costs amounted to five percent of the total ($56m)—that is, resources spent on identity-related fraud responses that could have been deployed in generating income for the organisation (see Cuganesan & Lacey 2003). The Securities Industry Research Centre study found that less than 10 percent of identity fraud events detected by organisations that provide and/or collect services and benefits were reported to police. Those organisations that actually issue documents used as evidence of identity, however, reported on average 19 percent of events to police. Of those reported cases, between 46 percent and 63 percent were solved. On average, between 46 percent and 55 percent of fraud offences contained identity fraud-related events (Cuganesan & Lacey 2003).
Many incidents of cybercrime also entail an element of fraud, particularly deception involved in phishing and online consumer scams. The present report, as was the case with Mayhew (2003a, 2003b) and Rollings (2008), has not included the cost of cybercrime, other than where it fell within the cost of fraud as described below. Further research is needed to quantify the cost of cybercrime and cybersecurity, particularly attacks perpetrated against business and government, as well as the cost of preventing and responding to these. It is likely that cybercrime would add considerably to the costs of crime in Australia, on the basis of overseas estimates.
The US Department of Justice’s national computer security survey estimated that cyber-attacks cost American businesses US$314m in 2005 (Rantala 2008). More recently, in the United Kingdom, according to a joint report published in 2011 by the Office of Cyber Security & Information Assurance in the Cabinet Office and information intelligence experts at Detica, the overall cost to the economy from cybercrime was estimated to be £27b per year (NFA 2012), although Anderson et al. (2012) subsequently published an extensive critique of the methodology employed, distinguishing between direct and indirect costs, and also between primary cybercrime and shared criminal infrastructure.
The Ponemon Institute and Symantec (2011) have also undertaken research to quantify the cost of data breaches in the United States. In 2010, the average organisational cost of a data breach was US$7.2m, an increase of seven percent on 2009. Data breaches in 2010 cost their companies an average of US$214 per compromised record, with the most expensive data breach costing a company US$35.3m to resolve.
Payment card fraud
Statistics on fraud perpetrated on Australian-issued payment instruments are published by the Australian Payments Clearing Association. During the calendar year 2011, the total value of the 1,151,825 fraudulent transactions reported was $301,647,315 (APCA 2012). This included fraud on Australian-issued cheques, proprietary debit cards and scheme credit, as well as debit and charge cards. In addition, 213,328 fraudulent transactions were perpetrated in Australia on cards issues overseas worth $67,832,108. The total of both amounts in 2011 was $369,479,423. This amount represents the total of fraud perpetrated and not amounts actually lost by individuals or organisations. Losses are, however, borne by financial institutions, scheme operators, merchants or individuals making the total amount a good indication of the cost of payment fraud in Australia in 2011.
The Australian Bureau of Statistics (2012) Personal Fraud Survey, found that approximately half (49.9%) of all credit card fraud victims reported the incident to an agency. The agency most commonly reported to was a bank or financial institution, with 41.7 percent of credit card fraud victims reporting to a bank or financial institution. Approximately one in five victims reported the incident to a credit card company (20.1%) and one in 10 to the police (11.0%). Just under three-quarters of victims (72.4%) sought reimbursement from their card issuers, with just under two-thirds of victims receiving reimbursement (64.0%). Nearly all victims of credit card fraud (95.5%) had money fraudulently transacted on their cards. Around a third of victims had between $1 and $100 fraudulently transacted (34.9%), over a quarter had between $101 and $500 fraudulently transacted (28.1%), 13.2 percent had between $501 and $1,000 fraudulently transacted, 18.8 percent had between $1,001 and $5,000 fraudulently transacted, and 4.5 percent had $5,001 or more fraudulently transacted. One in three victims (33.2%) indicated that they had lost money even after receiving reimbursement, with 15.2 percent of victims losing $100 or less, 9.1 percent losing between $101–$500, 4.2 percent losing between $501–$1,000 and 4.8 percent losing over $1,000.
A study in 2003 (IGA 2004) estimated that the total cost of insurance fraud in 2003 was $2.1b, or $73 per insurance policy paid in Australia. This was using the known figures for insurance fraud and adjusting them to the industry assumption that 10 percent of insurance claims made are fraudulent (IGA 2004). This is the most recent estimate made of general insurance fraud in Australia, although applying the 10 percent fraud rate to the $30b in insurance claims made annually in Australia would result in a fraud cost of $3b for Australia; although it is inappropriate to apply the same rate of fraud to different categories of policy (KPMG 2012).
KPMG (2012: 16) reported that
the [Association of British Insurers] ABI estimates the total value of undetected general insurance claims fraud in the United Kingdom to be over £2b per annum. This equates to between 7 percent and 10 percent of claims by value and between 10 percent and 15 percent of claims by volume, depending on the type of insurance cover’ (KPMG 2012: 16).
KPMG (2012) estimates that only one-third of insurance fraud is detected by businesses in Australia. In the absence of more precise data, the estimate of $2.1b losses will be used for present purposes.
In Australia, the Australian Crime Commission has conservatively estimated that organised crime costs Australia between $10 and $15b annually (ACC 2011). As Australia does not have separate organised crime offences, these costs would be included within the other categories of crime covered in this report.
Money laundering, the process whereby the origin of dishonest and/or illegally obtained money is concealed so it appears to come from a legitimate source, is not costed separately for the purposes of this report, as the laundering of the proceeds of crime does not impose a separate cost to society over and above what has already been estimated in each individual crime category. However, it is acknowledged there will be a cost of money laundering through lost productivity of legitimate business and individuals’ time spent on the laundering of illegal profits. Individual costings of loss of productivity are included elsewhere.
Stamp and Walker (2007) estimated in 2004 that the total proceeds of crime (noting that this differs from the total costs of crime as estimated in this report) were $3.8b, with fraud (around $2.3b) being the largest component.
Table 26 summarises the above estimates of the cost of fraud for each of the subcategories considered. Although it would be inappropriate to total these estimates due to problems of double counting, non-comparability of the data collection definitions and categories used and different reference periods, it does give an indication of the large scale of different types of fraud recorded in various sectors in Australia and importantly, of the fact that some fraud types involve extremely large amounts and others relatively small sums. On the basis of this information, the present report will undertake separate estimations for the cost of fraud in four categories—fraud against the Commonwealth, serious organisational fraud, personal fraud and other fraud.
|Fraud category||Source||Reference period||Sample size||Incidents (n)||Unit cost ($)||Total estimated cost ($m)|
|Fraud against the Commonwealth||Jorna & Smith unpublished||2010–11||154 agencies||104,755||1,566||96.5|
|Fraud against organisations||KPMG 2012|| Feb 2010
|Serious fraud in Australia and New Zealand||Smith 2003||1998–99||208 accused persons||n/a||125,633 median loss||143.9 lost|
|Consumer fraud||Jorna & Hutchings 2013||2011||1,571 respondents||231 lost money||500 median loss||0.846|
|Personal fraud||ABS 2012||2010–11||26,405 households, >15 yrs||713,600 lost money||300 median loss||1,400|
|Scams||ACCC 2012||2011||ACCC 2011||82,338 complaints||500 median||85.6|
|Identity fraud||Cuganesan & Lacey 2003||2001–02||120 large organisations||n/a||n/a||1,100 cost; 420 lost|
|Payment card fraud||APCA 2012||2011||All Australia||1,365,153||271||369.5|
|Insurance fraud||IGA 2004||2003||All Australia||75 per policy||2,100|
|Money laundering – fraud component||Stamp & Walker 2007||2004||All Australia||2,300|
An integrated approach to costing fraud
In the absence of national fraud victimisation survey data, the present report makes use of both fraud victimisation survey data that exist in respect of fraud against the Commonwealth and personal fraud, as well as officially recorded police statistics on fraud for the remaining fraud categories for which victimisation survey data are unavailable. Appropriate adjustments are taken into account to avoid double counting. In addition, an allowance is made for a number of high-value serious frauds when calculating the unit cost of these matters.
The approach adopted may be summarised as follows.
- Cost of fraud against the Commonwealth (AIC survey) +
- Cost of personal fraud (ABS survey—including credit card fraud and identity fraud) +
- Cost of serious fraud (AIC & PricewaterhouseCoopers and KPMG surveys) +
- Cost of police recorded fraud (inflated to account for undetected and unreported incidents) less:
- cost of Commonwealth fraud incidents dealt with by state and territory police;
- cost of personal fraud incidents recorded by police;
- cost of serious fraud incidents recorded by police;
- cost of losses recovered by victims and or prosecution agencies.
Cost of fraud against the Commonwealth
As indicated above, in 2011, Commonwealth agencies reported to the AIC that they had experienced 91,091 incidents of fraud worth $118,878,181 (Jorna & Smith unpublished). Inflating this figure for those cases for which a cost estimate was not reported and applying a multiplier of 1.15 to account for undetected and unreported fraud, it is estimated that there were 104,755 incidents with an estimated loss of $164,051,880. Deducting total funds recovered and reparation for 2010–11 of $67,600,159 from the total leaves a net total loss due to Commonwealth fraud of $96,451,730.
Cost of personal fraud
Also as indicated above, the Australian Bureau of Statistics (2012a) found in its national survey of 26,405 households in Australia that there were 1,188,100 victims of personal fraud aged 15 years or more in 2010–11. As there are likely to be very few victims of fraud under the age of 15 years, no adjustment has been made for this.
Three in five victims of personal fraud (60% or 713,600 persons) lost money, an average of $2,000 per victim who incurred a financial loss with a median loss of $300. Total losses were $1.4b.
Personal fraud included consumer scams, as well as credit card fraud and identity theft. Accordingly, the 1,365 fraudulent transactions worth $369.5m reported by APCA (2012) overlap with these losses in respect of credit card fraud only. The ABS (2012a) found that an estimated 662,300 Australians aged 15 years and over were victims of credit card fraud in the 12 months prior to interview, although the number of fraudulent credit card transaction is not reported.
The ABS (2012a) found that 40,000 incidents of personal fraud were reported to police (3.4%). This is a much lower reporting rate than the 17.3 percent of victims who reported scams to the police in the AIC’s 2012 online Consumer Fraud Survey (Jorna & Hutchings 2013). The AIC’s sample was, however, self-selected and likely to be composed of respondents who were willing to report their experiences officially. Although not all matters reported to police are officially recorded, it is reasonable to deduct the 40,000 cases reported to police that the ABS (2012a) found in order to avoid double counting.
Cost of serious fraud
Both Mayhew (2003a, 2003b) and Rollings (2008) provided an estimate of the cost of a small proportion of serious fraud cases that each resulted in substantial losses. Rollings (2008) considered 367 serious fraud cases that had been referred to the AFP worth approximately $491m, or an average of $1.34m per case. For the present report, however, these cases are included within the category of Commonwealth fraud.
KPMG’s (2013) survey of 281 organisations found 194,454 incidents of fraud, with losses of $327.7m over the two years examined; 20 of which involved losses over $1m each, totalling $49.7m or $2.5m each on average. The research into 104 serious fraud cases in 1998 and 1999 by Smith (2003) found a similarly high mean loss of $667,360 per case (excluding New Zealand and Commonwealth cases), with a total actual loss of $69.4m for Australian state and territory cases alone, after deducting amounts recovered.
For present purposes, it is assumed that 300 fraud incidents would have involved losses of $1.5m each, totalling $450m in respect of serious fraud incidents reported to police.
As indicated above, KPMG (2013) found that only 46 percent of major incidents of fraud were reported to police. Inflating these estimates of serious fraud incidents, it can be estimated that there would be 438 incidents in total worth $657m in respect of reported and unreported serious fraud in 2011.
Cost of police recorded fraud
Although the term ‘fraud’ has been adopted, the precise crime categories relied on varied across police jurisdictions in Australia. Police data collection categories relevant to fraud were ‘deception’ (Victoria), ‘fraud’ (New South Wales, Western Australia, Queensland and the Australian Capital Territory), deception/manipulation (South Australia), ‘fraud and similar offences’ (Tasmania), ‘fraud and related’ (Northern Territory) and ‘fraud and deception’ (Commonwealth). In addition, police data in New South Wales related to the calendar year 2011, while all other jurisdictions were for the financial year 2010–11. These variations mean that data from each police jurisdiction might not be completely comparable.
In 2011–12, there were 97,550 fraud and dishonesty offences recorded by police throughout Australia according to data obtained from individual police agencies in each state and territory. Added to this, are the 61 fraud referrals from Commonwealth agencies to the AFP in 2010–11. The financial loss associated with these 61 cases alone was $12,796,207, or $209,774 per matter (Jorna & Smith unpublished). The total number of recorded fraud offences in Australia was, therefore, 97,611.
From this number of recorded fraud offences should be deducted the 75 incidents of fraud against the Commonwealth that were referred to state and territory police by federal agencies in 2010–11 (Jorna & Smith unpublished) and the 40,000 incidents of personal fraud that the ABS (2012a) found had been reported to police in 2010–11, as well as the 438 serious fraud incidents, as estimated above. This leaves a total estimated number of officially recorded fraud incidents of 57,098.
It is assumed that recorded fraud accounts for 25 percent of all fraud—thus, for every fraud offence there are three that go either unreported or undetected (Mayhew 2003b). Inflating the estimate of 57,098 by a multiplier of 4.0 yields a total of 228,392 fraud offences.
In estimating the unit cost of fraud offences, both Mayhew (2003b) and Rollings (2008) adopted different values for recorded and unrecorded fraud on the assumption that a person or organisation was more likely to report a higher value fraud than a lower value incident. Mayhew applied a unit cost of $9,900 for recorded frauds in 2001 and Rollings (2008) increased this to $21,500 for 2005. Mayhew (2003b) estimated a unit cost of unreported fraud at $1,590 for 2001, while Rollings (2008) inflated this to $3,390 for 2005 as the unit cost of unrecorded fraud.
Inflating these estimates for prices in 2011 yields a unit cost for recorded fraud of $25,724 and a unit cost for unrecorded fraud of $4,056.
Applying these to the estimated number of recorded and unrecorded frauds, yields a total cost for recorded fraud of $1,472,338,800 and a total cost for unrecorded fraud of $696,447,640, totalling $2,168,786,400.
Indirect fraud costs
Both Mayhew (2003b) and Rollings (2008) added to the direct property loss associated with fraud and an amount to represent lost output including investigating, responding and reporting incidents of fraud, assisting the authorities with the prosecution of incidents, disruption to business as systems and controls are examined to prevent a repetition of the incident, and replacement of staff who were involved in the incident. Incidents of identity fraud might also include loss of time to have evidence of identity documents reissued and repairing one’s credit rating. Fraud can also entail intangible costs such as occurs when a victim is required to sell a home or wind up a business in order to recover losses. Occasionally, health may be affected including stress-related illnesses and even suicide; however, as in previous AIC reports, in the absence of research into the health costs associated with fraud victimisation, this has not been included.
Mayhew (2003b) valued these indirect fraud costs at 40 percent of the total cost, which adds and additional $1,729m to the total estimated property loss from all types of fraud of $4,323m.
Total estimated fraud costs
The total cost of the various estimated components of fraud amounts to $6,052m, as indicated in Table 27. This is almost one-third (28.9%) less than the estimate for 2005. The reason lies partly in the reduced number of officially recorded fraud offences (1.8% fewer than in 2005), but mostly due to the revised and improved method of calculating the incidence and cost of fraud. When Mayhew (2003b) and Rollings (2008) undertook their assessments, there were no victimisation surveys undertaken of fraud against the Commonwealth or personal fraud. The present study has made use of both these surveys, which have provided a much sounder basis for the estimating of the cost of these two important elements of the cost of fraud in Australia. Much remains to be done, however, to improve the estimation of the unit cost of both serious fraud incidents, as well as other forms of fraud recorded by police. In addition, further research is needed to provide a more accurate indication of the cost of lost output, intangible costs and medical costs arising from fraud victimisation. In the absence of such research, the present estimation that fraud cost Australia $6b in 2011 is an approximate indication only.
|Fraud category||Incidence||Total cost ($m)|
|Commonwealth fraud (including undetected and unreported, less recovered)||104,755 incidents||96.5|
|Personal fraud (based on national victimisation survey)||713,600 victims||1,400|
|Serious fraud (estimated)||438 incidents||657|
|Police recorded fraud (excluding above categories)||228,392 offences||2,169|
|Indirect costs (40% for lost output and intangible costs)||All||1,729|
a: Medical costs have not been estimated