To date, UK taxpayers have funded pandemic business loans totalling over £70 billion. But have some banks failed to implement adequate controls to prevent widescale fraud due to government’s insistence for a lightning speed roll out of the scheme? Edward Vaughan, a former National Crime Agency Officer and now Head of Banking at TruNarrative, believes radical scrutiny is needed.
Last year saw the government introduce three business loan programmes to support companies through the pandemic. One, the Business Bounce Back Loan Scheme (BBLS), allowed smaller companies to borrow between £2,000 and £50,000 on some very favourable repayment terms.
Back in May 2020, it was a welcome lifeline thrown by the chancellor, with the government, UK taxpayer, and issuing banks – bearing responsibility to ensure repayment and underwrite the loans. Good news for businesses but a potential risk for almost everybody else.
The perfect storm
The implementation of the programme, by necessity, was extremely rapid: the UK economy was in crisis and to ensure that speed of pay-out was achieved, some of the more traditional risk processes may have been overlooked including formal credit and affordability assessments with reliance placed on self-certification by the applying business.
Further, some banks who deployed legacy banking onboarding solutions lacked the digital fraud detection strategy to spot those bad-actors. It’s hardly surprising the opportunity for serious and systemic fraud was, and still remains, huge.
By now we’ve all seen the headlines of various unscrupulous characters reportedly indulging in new cars etc, supposedly courtesy of a government loan programme designed to help them weather the hard times over the last year. Whether or not these are indeed examples of unethical lending and borrowing, it is easy to see how the taxpayer might perceive the scheme as the public purse subsidising possibly underservant businesses and owners.
To make matters worse, the threshold for eligibility was set low: any companies trading on the 1 March 2020, who were adversely affected by coronavirus (COVID-19), and who hadn’t applied or received a Bounce Back Loan Scheme, were entitled to the loan.
Diluted checks and controls
In a recent report investigating the BBLS, The National Audit Office noted that eligibility criteria were less strict than for CBILS and CLBILS, leading to an increased credit and fraud risk. A third-party review has also confirmed a “very high” level of fraud risk attributable to self-certification, multiple applications, lack of legitimate business, impersonation and organised crime. Any investigation professional will tell you that criminals have indeed exploited poor risk and controls in some banks to fraudulently access the funds.
A £26 billion bill?
The potential impact is sobering. HM Treasury statistics show BBLS borrowing over £44.74bn, across more than 1.9m applications. The Department for Business, Energy & Industrial Strategy (BEIS) and the British Business Bank estimates that as high as 60% of borrowers may default on the loans, (either through a fraudulent claim or an inability to pay) resulting in a £15-26 billion cost to the government based on current scheme lending.
That’s said, the harsh reality is that some businesses may not have survived the pandemic and are subsequently and genuinely unable to pay.
The ability of the government and banks to underwrite these loans in order to support those businesses is crucial. However, the lack of checks to verify the applications of the businesses and individuals who were applying for these make it difficult to separate the legitimate loans from the fraudulent ones.
We’re now seeing some major banks starting to freeze bank accounts that may be linked to this type of fraud – but clearly it’s too little, too late. The funds have been received and likely laundered through the financial system, leaving little, if anything, to recover from suspect beneficiary accounts.
All loans were digitally transacted, so the process could (and should) have been more technologically robust, ensuring each bank’s control environment would scrutinize several key fraud indicators: identity verification, documents, biometrics and more. But with the government pressure to rapidly deploy the scheme, is it any wonder that criminals exploited the slightest of gaps in the process when the banks didn’t have time to design and test a new and robust control environment? The time bomb is ticking, as everyone waits to see what happens once the repayments start to fall due.
The solution: a National Task Force
I believe we now need swift, decisive and unfortunately costly remedial action. We simply cannot afford to create a global perception that the UK is a permissive environment for financial crime. The UK should be a safe harbour for financial practices, championing rigorous, best practice controls to detect and prevent money laundering.
I propose parliament should debate this issue and respond with immediate, substantial funding to the National Crime Agency (NCA) to establish a National Task Force. The NCA has a national remit and a structure in place, but currently has neither the resource allocation or budget to additionally embrace an issue of this magnitude. This will demand a huge investment – tens of millions of pounds. It poses immense challenges in terms of finding the specialist skills needed to proactively pursue instances of BBLS fraud, and uncover further related criminal activity and other money laundering taking place.
BBLS Fraud task force
A BBLS fraud task force will require a multi-year commitment – there are huge complexities in investigating and prosecuting fraud offences which often take years to achieve a successful conviction. Investment in technology will allow the task force to effectively analyse big data, revealing invaluable patterns and leads. It will open up channels of enquiry into organised crime groups and even terrorist-affiliated organisations across the UK and internationally.
I believe wider agencies and regulated entities, such as each bank that was party to lending, should be mandated to collaborate. Under 6AMLD, fraud is a predicate offence, so banks will be highly nervous about exposing any failings in controls around their role in enabling money laundering. The current Suspicious Activity Reports (SARs) regime to the NCA is not fit for purpose here: information sharing needs to be open and more targeted. As an integral part of the task force, banks can openly share case concerns with relevant supporting data to the team for analysis. It will allow clusters of questionable defaulters to be identified rapidly, exposing and prioritising potential criminal network links.
Intelligence led approach
As a former counter-terrorism intelligence analyst, and NCA Officer , I know from experience that this kind of initiative will require many intelligence analysts and officers. Information and intelligence sharing is key. A ‘data first’ intelligence led strategy, utilising technology such as network analysis and discovery, should feed directly into the task force based on the performance of loans. Taking this intelligence led approach will shine a light on the most harmful criminal networks, allowing them to be identified, targeted, and dismantled effectively with the appropriate resources.
The BBLS oversights are unfortunate, and the risk and exposure to fraud needs to be addressed. But, given the right investment and resources, a dedicated NCA task force could, at the same time, provide the critical intelligence dividend needed to peel back the wider structure of UK organised crime groups and money laundering activity.