Cyber Week: DWP says security experts stopped ‘large attack’ from organised crime during UC surge
As the department processed 4.3 million new claims, fraudsters attempted to cash in
The coronavirus pandemic saw the government provide tens – if not hundreds – of billions of pounds in financial support for businesses and citizens.
And where there is lots of money to be had, one will, unfortunately but inevitably, find fraudsters seeking to divert some of it to their pocket.
For government, fraud was already a nagging problem; in the 2019/20 year, the Department for Work and Pensions recorded its highest-ever level of fraud and error, according to a report published in October by the National Audit Office. This resulted in an overpayment of £4.6bn – equating to 2.4% of all benefit expenditure during the year. It also underpaid £2bn of claimants’ legitimate entitlements: 1.1% of the overall benefit bill.
What is more, the NAO warned that the level of fraud was likely to “increase significantly” in light of the pandemic, during which the department has been required to process 4.3 million new claims for Universal Credit. At the height of the crisis, 100,000 claims were being made each day – at a time when as much as a quarter of the DWP’s workforce was off work as a result of the Covid outbreak.
But it has recently emerged that at least one major fraud attempt – which would have resulted in significant losses – was stopped in its tracks.
Answering a written parliamentary question from fellow Conservative MP Lee Anderson, welfare minister Will Quince said: “Our Integrated Risk and Intelligence Service coordinates the detection of, and response to, fraud risks from organised crime groups seeking to exploit Covid-19. In May 2020, cyber colleagues prevented a large attack on our systems by organised criminals. This prevented substantial sums being paid out to scammers.”
Details of the attack are scarce, but PublicTechnology understands fraudsters made a large-scale and coordinated attempt to defraud the benefits system via its standard application channels.
When asked, the DWP said that it could not provide details of its fraud-prevention methods, nor could it comment on efforts to apprehend the perpetrators of the fraud, as cases are ongoing, it claimed.
“Despite an unprecedented number of new Universal Credit claims as a result of the pandemic, fraud and error in the benefits system remains low with robust plans in place to recover and combat fraudulent claims,” a spokesperson said. “We take any abuse of taxpayers’ money very seriously and those who choose to abuse the system will be thoroughly investigated and may face criminal proceedings.”
In his parliamentary answer, Quince said that “the vast majority of benefits paid remain genuine”.
“Without the interventions we introduced, the overall Fraud and Error rate would have been notably higher,” he added. “We continue to invest in our digital capability and organisational design, with the chancellor announcing £44m at the Spring Budget for the development of this prevent approach. This funding has enabled us to expand our Integrated Risk and Intelligence Service, develop pre-payment ‘risking’ techniques and maintain our new Enhanced Checking Service for high risk claims.”
The minister said that the DWP is “currently revisiting any high-risks claims that were paid during the early period of Covid-19.
“Where fraud does occur, we will investigate it and where fraud is established, we are committed to the use of appropriate penalties and to recovering monies from the perpetrators,” Quince said. “We also continue to work with other government departments and law-enforcement agencies nationally and across borders to ensure appropriate intelligence and resources are shared, enabling the totality of any criminality to be identified and investigated.”
Investigation by PoliticsHome finds Telegram anti-vaccine groups purporting to purvey fake digital and hard-copy certification
User of encrypted messaging service sentenced to 10 years in prison
Government-run competition seeks to combat possible exposure caused by legacy systems
David Currie explains that there is an ‘arms race’ between web platforms and criminals that are equally sophisticated