News & Events

UK SMEs at increased risk of mandate fraud due to COVID-19

03-02-2021|Ultimate Finance

By Terry Greenhow, Financial Crime Manager and MLRO, Ultimate Finance


The ongoing remote working requirement in the UK due to the COVID-19 pandemic means there is an increased risk of mandate fraud for businesses. Here, we examine some recent case studies, investigate some of the most common types of mandate fraud and best practices business can implement to avoid them.

According to Action Fraud, the National Fraud and Cyber Crime Reporting Centre, there have been more than 678 coronavirus-themed fraud reports since the outbreak, with actual losses totalling close to £2m. As recently as November 2020, two businesses in Ulster, Northern Ireland were duped out of more than £350,000. The Government’s Counter Fraud Function has produced specific guidance on COVID-19 Mandate Fraud. Mark Cheeseman, Director Government Counter Fraud Function commented,

“The threat from mandate fraud is increasing because the public sector has had to rapidly adapt to new ways of working and is necessarily spending money quickly to deal with COVID-19. This has created new vulnerabilities, which criminals are seeking to take advantage of. This type of fraud carries low risk and potentially high rewards for criminals.

We have already seen instances of attempted mandate fraud around the COVID-19 response. We should not underestimate the sophistication of this fraud. It is not just people emailing to ask for bank accounts to be changed, those attempting it have often harvested information on their targets and use sophisticated techniques to impersonate your suppliers.”

Among the case studies featured in this guidance are examples of Local Authorities, charities and suppliers of PPE to the NHS falling victim to Mandate Fraud. You can read the Government Counter Fraud Function’s full guidance document here.

Here at Ultimate Finance, we have a dedicated Financial Crime team who work closely with government anti-fraud agencies. We do this because, as a responsible lender, we want to help protect our clients from financial crime, and below revisit guidance on how to recognise this type of fraud to protect your business from the risks associated with it.

Mandate Fraud

Today, many fraudsters targeting businesses take advantage of knowledge of existing business relationships to commit Mandate Fraud. Mandate fraud is a high-value fraud that targets companies and involves changing a direct debit, standing order, money payment or bank account mandate, usually related to a business supplier. False payments and money transfers are then sent to fraudsters, rather than the real recipients.

Some banks are also loosening their mandate management procedures to adapt to the current remote environment which opens another opportunity for fraudsters to target companies. With company information easily accessible online via official sources like Companies House, this might be then exposing their business customers to a potentially higher risk of impersonation scams and mandate fraud.

How can Mandate Fraud affect me?

Even with remote working in place, many business are still operating with people on site. It’s not uncommon for contractors to be regularly working at your premises. They can often advertise their services and contact details on their vans or even external signage to let people know work is taking places. Most businesses these days will also receive deliveries from regular suppliers. Fraudsters can also use publicly available company information, such as contract wins announced on the internet and media, to target supplier accounts which are likely to receive large payments.

A fraudster will target a particular victim business by taking note of details such as these and can easily obtain, online, a wide range of information relating to these suppliers and contractors; their domain, contact details, who works there etc.  Besides seeking this information from public sources like companies’ own websites, social media and registrar websites like Companies House, fraudsters can also use direct tactics such as telephone impersonation scams to trick employees and get further details of relevant contacts, supplier reference numbers or sensitive information such as security codes and account numbers.

This then allows them to mimic the organisation.  Below we look at the various steps that could be involved in a case of mandate fraud:

  • Typically, you will receive an email, often followed by a telephone call from the fraudster purporting to be your supplier or contractor.  This is often done by mimicking the website and email domains – making the email address appear legitimate. They may even use the supplier or contractor’s logo, taken from their website, to give further credence.
  • The email will explain that their account details into which you would ordinarily make payment to them have been changed. They will go on to provide details of a new bank account and ask you to change the payment details to reflect this. In some cases, scammers also send payment instructions to your bank directly via email or post.
  • They may even request for any monies currently outstanding be paid immediately to the new account or they may just wait for future payment.
  • You may even ring your supplier or contractor or reply to the email for clarification using the contact details provided in the email.
  • If you’re not alert to these risks and fail to conduct proper due diligence corroborative checks, you may fall into the trap of changing the banking mandate as instructed. You may even do as instructed and make immediate payment of any monies owed outstanding as requested.
  • Sometime later you are contacted by your legitimate supplier or contractor, querying why the normal payments to them have not yet been received.
  • As a result, you might look into this and discover fraud has taken place. You should immediately contact your bank to report this.
  • Your bank contacts the receiving bank i.e. the one subject of the fraudulent mandate and tries to claw back the fraudulent funds.
  • However, it transpires that once received into the recipient bank, a series of immediate electronic transfers were made to a series of multiple other accounts across different banks for much smaller amounts – some of which are offshore.
  • Further enquiries reveal the funds have since all been withdrawn and are unrecoverable.

Staying Protected

We work closely with our clients supporting their business funding needs and ensuring we all remain vigilant to frauds such as these. Below you can see the guidance we employ to ensure we, our clients and their suppliers aren’t susceptible to this type of fraud.

  • Never respond to telephone calls, emails to change banking mandates from any of your suppliers or contractors etc. without conducting further checks.
  • Consider, contractors and suppliers rarely change their banking details given the significant amount of additional administration that goes with it e.g. having to contact all their customers to notify.
  • Always conduct further checks to verify the request is legitimate, contact the supplier directly using established contact details you have on file – never those contained in the email without checking first.
  • When you are having any renovation work done and regular comings and goings of contractors be particularly alert to this.
  • Restrict access to those in your company who have authority to change banking mandates and ensure those who do have this authority are properly trained and alert to the risks of mandate fraud. 
  • Notify your bank immediately if you think you have been a victim of mandate fraud.

In the current climate, attempted cases of mandate fraud continue to rise. Please ensure you remain fraud aware and always carry out the correct financial due diligence when it comes to payments.

You may also like

Let’s get things moving

If you would like to talk to us about any funding needs, call us on 0800 121 7757, register as an Introducer or request a quote for your business today