The exposure of small UK project management organisations to fraud



By Dr. Robert Chapman

United Kingdom


This article is based on research carried for the recently published book: “The SME business guide to fraud risk management” which found that “fraud is omnipresent and highly corrosive”. The article aims to provide: an insight into how toxic fraud is for small and medium sized enterprises (SMEs) together with a high-level overview of the degree of exposure to fraud; the types of fraud that may be perpetrated; a simple way of understanding their nature; and a possible response process. It also seeks to provide an element of the context in terms of the scale of fraud and the government’s response to what is a complex and evolving crime. The book highlights that exposure to fraud SMEs can result in a loss of: clients; business partners; customer base; reputation; funds; and or staff. In addition, “a serious fraud event can result in a business struggling to recover for years, or even lead to its collapse”[1]. Fraud is estimated to be the most prolific crime in England and Wales[2]. Of significance is that it surfaces in a myriad of business functions and its perpetrators are constantly evolving new ways to search out company vulnerabilities. The most common types of fraud impacting project management organisations are procurement fraud, bribery, ransomware attacks, intellectual property theft, identity fraud, asset misappropriation fraud, financial statement fraud and business email compromise (including invoice fraud).

Incidence of fraud

According to the National Crime Agency (NCA), in 2019 fraud was the most common type of crime in England and Wales[3]. The NCA reported that there were an estimated 3.8 million incidents of fraud in the year ending September 2019, a third of all estimated crime, and an increase of 9% on the previous year. The trend continues. The Crime Survey for England and Wales estimated that in the year ending March 2020 there were 3.7 million incidents of fraud[4]. Fraud made up over a third (36 percent) of the total estimated crime and was the largest stand-alone crime type. The methods adopted by criminals to implement fraud are constantly evolving. UK Finance[5] have reported that they have seen the emergence of criminals openly advertising fraud and scam services for sale online, including template phishing websites and custom-built scam applications which replicate real banking applications.

Attention to fraud

Directors’ meetings typically focus on health and safety processes, securing new business, new and existing commissions, changes in staff, invoicing, income and running costs. Topics of discussion may also include the more difficult subjects of staff disciplinary issues, client complaints, falling income, unpaid invoices, the imminent expiry of loan agreements or professional indemnity claims. Unfortunately, fraud risk management is rarely on a director’s radar and is seldom included on director meeting agendas. This can prove to be ruinous. Particularly when it is assumed that fraud will only be perpetrated by those outside the organisation and not by employees. If you are the owner of and run a small project management organisation which you are seeking to grow, conversations you do not want to have with a client are you have been hacked and project information has been deleted, corrupted or stolen, or that you have had to let the project manager dealing with their project go, as the business has had to downsize as a member of the finance team had been stealing from the business, or yes the reports in the press that a member of staff has been found guilty of attempting to bribe a government official to win new business were true.

The cost of fraud to businesses

As identified in CIMA’s and the CGMA’s fraud risk management guides[6], surveys are regularly carried out in an attempt to estimate the true scale and cost of fraud to UK businesses. These and subsequent guides highlight that survey findings vary and it is difficult to obtain a precise picture as to the full extent of the country’s exposure to fraud. However, these guides all paint a consistent picture; that fraud is ubiquitous and remains a very serious and costly problem. The cost of business disruption, including diminished employee productivity and business process failures (which occur after a cyberattack), continues to rise at a steady rate. According to the National Fraud Intelligence Bureau (NFIB), reported losses in the UK increased by 38% in financial year 2018/2019, to £2.2 billion. This may be a very conservative figure, for according to ‘The Financial Cost of Fraud Report’ (published in 2019 by the independent consultancy firm Crowe in conjunction with the Centre for Counter Fraud Studies at the University of Portsmouth[7]), fraud is costing businesses and individuals in the UK a colossal £130 billion each year.


To read entire paper, click here

How to cite this paper: Chapman, R. J. (2022). The exposure of small UK project management organisations to fraud; PM World Journal, Vol. XI, Issue V, May. Available online at https://pmworldlibrary.net/wp-content/uploads/2022/05/pmwj117-May2022-Chapman-exposure-of-small-uk-pm-organisations-to-fraud.pdf

About the Author

Robert J. Chapman, PhD, MSc.

United Kingdom


Dr Robert J Chapman is an international risk management specialist. He has provided risk management services in the UK, the Republic of Ireland, Holland, UAE, South Africa, Malaysia and Qatar on multi-billion programmes and projects across 14 different industries. He is author of the texts: ‘Simple tools and techniques for enterprise risk management’ 2nd edition, published by John Wiley and Sons Limited, ‘The Rules of Project Risk Management, implementation guidelines for major projects’ 2nd edition published by Gower Publishing and ‘Retaining design team members, a risk management approach’ published by RIBA Enterprises. He holds a PhD in risk management from Reading University and has been elected a fellow of the IRM, APM and ICM and is a former member of the RIBA. Robert has passed the M_o_R, APM and PMI risk examinations. In addition he has provided project and risk management training in Scotland, England, Singapore and Malaysia. Robert is an external PhD examiner.

To view other works by Dr. Chapman, visit his author showcase in the PM World Library at https://pmworldlibrary.net/authors/robert-j-chapman-phd/

[1] Robert James Chapman (2022) “The SME business guide to fraud risk management”, Published by Routledge in the UK and USA
[2] HMICFRS (2021). “State of Policing-The Annual Assessment of Policing in England and Wales”. Her Majesty’s Chief Inspector of Constabulary
[3] NCA (2020) The National Crime Agency’s National Strategic Assessment of Serious and Organised Crime
[4] HMICFRS (2021) “Spotlight report. A review of Fraud: Time to Choose, A revisit of the 2018 fraud inspection to assess progress of the recommendations and areas for improvement” https://www.justiceinspectorates.gov.uk/hmicfrs/wp-content/uploads/a-review-of-fraud-time-to-choose.pdf. Her Majesty’s Inspectorate of Constabulary and Fire & Rescue Services (HMICFRS) .
[5] UK Finance is a professional body representing banking and finance industry organisations whose goal is to promote a safe, transparent and innovative banking and finance industry.
[6] CIMA, 2008, “Fraud risk management, a good practice guide”, and CGMA (2016) the Chartered Global Management Accountant’s report “Fraud risk management, a guide to good practice”.
[7] The report considers and analyses 690 loss measurement exercises which have been undertaken around the world during the last 20 years to accurately measure the financial cost of fraud. The exercises took place across 40 different types of expenditure in 49 organisations in 10 countries. https://www.crowe.com/uk/croweuk/-/media/Crowe/Firms/Europe/uk/CroweUK/PDF-publications/The-Financial-Cost-of-Fraud-2019.