This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

NEST reports £1.4 million lost to fraudulent incident

Share this article:

The National Employment Savings Trust (NEST) has reported a £1.4 million loss due to fraud.

In its annual reports and accounts, chief executive and accounting officer Tim Jones said that it lost £1.4 million in 2012/13 from a single fraudulent attack, involving the diversion of a supplier payment.

He said: “One adverse event of significance during the year was the discovery of a criminal fraud against the organisation. We responded immediately and have strengthened our defences, although we are chastened by the experience.

“A series of actions to seek recovery of the monies, tighten our controls framework and review business processes across NEST have been undertaken.”

Jones also said that following this event, he asked NEST chairman Lawrence Churchill to remove him from consideration for any non-consolidated award for 2012/13. Churchill called the fraud a "timely reminder of the need for continuous vigilance in the modern world".

The report claimed that the attack occurred in December 2012 when a supplier bank mandate fraud was perpetrated, involving the diversion of a supplier payment. It said that it was notified of this in January 2013 and it was directed at NEST, resulting in a loss of £1,446,000 from its operating budget.

It confirmed that no money was taken from members' retirement pots but this will affect the running costs of the scheme. “As soon as we were made aware of the fraud, we ensured that all relevant regulatory authorities and the police were notified and worked closely with the Department for Work and Pensions to understand how this had happened and to independently investigate the incident,” it said.

“We also initiated steps to strengthen controls over the payment process.

A wider programme of work has since been agreed to further improve NEST systems, people and processes. As part of this, we asked Deloitte to undertake a detailed assessment of the design and operating effectiveness of key internal controls across NEST.”

It is also reviewing its fraud awareness training and has carried out additional training to appropriate staff and has put in place arrangements to identify and monitor emerging fraud risks and to address any control requirements.

“As part of this we are also enhancing our financial crime expertise within the risk team. We will also arrange regular fraud awareness training to ensure our employees are aware of this type of risk and know what action to take,” it said.

Jones said: “I am proud of what we've achieved this year – we have faced significant challenges and hurdles but have delivered for members and employers. We won't always get everything completely right, but we continue to learn and evolve our services to ensure they meet the needs of employers and members.

“The fraud loss NEST incurred represented a serious failure in our system of internal controls. We have taken rigorous and immediate action to strengthen our control environment.”

 

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...

'Sophisticated' Chinese hackers launched attacks against 43,000 computer systems

'Sophisticated' Chinese hackers launched attacks against 43,000 computer ...

A new report reveals that a Chinese cyber-espionage group is closely affiliated with government and carried out attacks against the likes of Fortune 500 companies and government agencies.