The exposure of small UK project management organisations


to fraud: Update



By Dr. Robert Chapman

United Kingdom


The purpose of this updated paper is to keep the subject of fraud on the ‘radar’ of project management organisations. Since writing the first article in May this year, the fraud landscape has changed significantly.  The most important development is that fraud is on the rise and will likely increase even further due to changes to the UK economy. The predictions made by KPMG[1] are likely to prove accurate. The audit and assurance consultancy considers that widespread concern over the significantly increased costs of living in the UK, (driven by very substantial increases in food, fuel and energy costs), will be an added driver for insider fraud cases. Early signs are there will be a substantial rise in fraud committed by employees and management. In parallel, fraud committed by external ‘actors’ (criminals) is also on the rise. While PwC’s survey[2] of 1,296 business executives across 53 countries and regions confirmed fraud remains ubiquitous, (with 46% of responding organisations reporting they had experienced fraud, corruption or another economic crime), of particular note is that the survey found a rising threat from external perpetrators “who are quickly growing in strength and effectiveness”.

Cybercrime clearly poses the greatest threat. Perpetrators goals continue to be multi-faceted. Ken McCallum, of the UK’s intelligence service MI5, has warned that fake profiles are being created on social networking sites such as LinkedIn and Facebook on an “industrial scale” with the view to building relationships with employees of high-tech businesses and others to ultimately securing sensitive information[3]. Similarly, vigilance is key, particularly when trading with new entities. Within the UK, a BBC investigation[4] uncovered that criminal gangs had set up over 100,000 fictitious companies at Companies House using the addresses of unsuspecting property owners. These owners have then had to deal with overdrafts, loans, insurance demands and credit card debts. The BBC’s findings support the Treasury Committee Report referred to below under ‘UK Government Initiatives’. On a more positive note, as announced by Brian Fung of CNN Business[5], more than a dozen companies are collaborating on a single open standard for sharing data about hacking threats which it is hoped will help organisations detect cyberattacks more quickly. Those involved in developing the standard include Amazon, IBM, Salesforce, Cloudflare and CrowdStrike.


The initial paper was based on research carried for the recently published book: “The SME business guide to fraud risk management” which found that “fraud is omnipresent and highly corrosive”. Given the rise in fraud, the guidance contained in the book has gained greater importance.  The previous paper aimed to provide: an insight into how toxic fraud is for small and medium sized enterprises (SMEs) together with a high-level overview of the degree of exposure to fraud; the types of fraud that may be perpetrated; a simple way of understanding their nature; and a possible response process. It also sought to provide an element of the context in terms of the scale of fraud and the government’s response to what is a complex and evolving crime. The book highlights that SME’s exposure to fraud can result in a loss of: clients; business partners; customer base; reputation; funds; and or staff. In addition, “a serious fraud event can result in a business struggling to recover for years, or even lead to its collapse”[6]. Fraud is estimated to be the most prolific crime in England and Wales[7]. Of significance is that it surfaces in a myriad of business functions and its perpetrators are constantly evolving new ways to search out company vulnerabilities. The most common types of fraud impacting project management organisations are procurement fraud, bribery, ransomware attacks, intellectual property theft, identity fraud, asset misappropriation fraud, financial statement fraud and business email compromise (including invoice fraud).

Incidence of fraud

According to the National Crime Agency (NCA), in 2019 fraud was the most common type of crime in England and Wales[8]. The NCA reported that there were an estimated 3.8 million incidents of fraud in the year ending September 2019, a third of all estimated crime, and an increase of 9% on the previous year. The trend continues. The Crime Survey for England and Wales estimated that in the year ending March 2020 there were 3.7 million incidents of fraud[9]. Fraud made up over a third (36 percent) of the total estimated crime and was the largest stand-alone crime type. The methods adopted by criminals to implement fraud are constantly evolving.


To read entire article, click here

How to cite this paper: Chapman, R. J. (2022). Update: the exposure of small UK project management organisations to fraud; Commentary article, PM World Journal, Vol. XI, Issue IX, September.  Available online at https://pmworldlibrary.net/wp-content/uploads/2022/09/pmwj121-Sep2022-Chapman-exposure-of-small-uk-pm-organisations-to-fraud-update.pdf

About the Author

Robert J. Chapman, PhD, MSc.

United Kingdom


Dr Robert J Chapman is an international risk management specialist. He has provided risk management services in the UK, the Republic of Ireland, Holland, UAE, South Africa, Malaysia and Qatar on multi-billion programmes and projects across 14 different industries. He is author of the texts: ‘Simple tools and techniques for enterprise risk management’ 2nd edition, published by John Wiley and Sons Limited, ‘The Rules of Project Risk Management, implementation guidelines for major projects’ 2nd edition published by Gower Publishing and ‘Retaining design team members, a risk management approach’ published by RIBA Enterprises. He holds a PhD in risk management from Reading University and has been elected a fellow of the IRM, APM and ICM and is a former member of the RIBA. Robert has passed the M_o_R, APM and PMI risk examinations. In addition he has provided project and risk management training in Scotland, England, Singapore and Malaysia. Robert is an external PhD examiner.

[1] KPMG (2022) “Fraud Barometer: Annual Report for 2021, The latest fraud trends and patterns affecting the UK economy” and internet page,  https://home.kpmg/uk/en/home/insights/2022/01/fraud-barometer.html

[2] PwC (2022) “PwC’s Global Economic Crime and Fraud Survey 2022, Protecting the perimeter: The rise of external fraud”. 61% of respondents occupied roles in the C-Suite.

[3] Sky News (2022) “Foreign spies using LinkedIn on ‘industrial scale’ to dupe government officials”, Tuesday 17 May 2022, UK

[4] BBC (2022) “Bogus companies scam: We never knew our home was on the list” Shari Vahl, 11 August

[5] Brian Fung (2022) “More than a dozen companies developing single standard to detect cyberattacks faster” CNN Business, 10 August 2022.

[6] Robert James Chapman (2022) “The SME business guide to fraud risk management”, Published by Routledge in the UK and USA

[7] HMICFRS (2021). “State of Policing-The Annual Assessment of Policing in England and Wales”. Her Majesty’s Chief Inspector of Constabulary

[8] NCA (2020) The National Crime Agency’s National Strategic Assessment of Serious and Organised Crime

[9] HMICFRS (2021) “Spotlight report. A review of Fraud: Time to Choose, A revisit of the 2018 fraud inspection to assess progress of the recommendations and areas for improvement” https://www.justiceinspectorates.gov.uk/hmicfrs/wp-content/uploads/a-review-of-fraud-time-to-choose.pdf. Her Majesty’s Inspectorate of Constabulary and Fire & Rescue Services (HMICFRS) .