Up to 400,000 fraud reports may not have been referred to the police because of a 15-month long IT issue, a Which? Money investigation can reveal.
The failure stemmed from a breakdown in data sharing between the National Fraud Database, maintained by Cifas - which describes itself as 'the UK's leading fraud prevention service' - and the City of London Police's National Fraud Intelligence Bureau (NFIB).
Here we explain how this IT mix-up could have harmed fraud victims.
We found that crime reports weren't automatically shared between Cifas and City of London police from October 2018, when the City of London Police launched a new crime-reporting service, until recently.
Based on official figures from previous years, we estimate that at least 300,000 fraud cases weren't referred to police since the problem began, but that number could easily be as high as 400,000.
In fact, in the year before the data feed went down there were more crime reports to the NFIB made through Cifas than there were from members of the public through Action Fraud.
Cifas's 500-plus members include major banks, financial institutions and government bodies such as the Home Office. Its members share information about fraud to limit future attacks.
It claims on its website to share information with the NFIB 'on a daily basis', in order to 'support the development of crime packages disseminated to UK police for investigation and prosecution'.
Hundreds of thousands of cases - many of which are likely to involve large sums of money - have either been investigated without crucial pieces of evidence, or potentially not investigated at all.
Which? Money Editor Jenny Ross said: 'It beggars belief that one of the country's most crucial reporting tools did not function for so long.'
'People are suffering from the devastating financial and emotional impact of scams every day, and victims need to know the authorities are taking these crimes seriously.'
City of London Police said the technical difficulties have now been resolved and that they now have access to 95% of the missing crime reports.
Cifas told us that it had supplied crime reports on a case-by-case basis to City of London Police while the data feed was down.
Which? Money discovered this data sharing gap while examining the proportion of fraud cases that end up being reported to the police.
We found that only 15% of fraud victims filed police reports (typically through Action Fraud), compared with 52% of robbery victims, 44% of victims of violent crime, 36% of theft victims and 33% of victims of criminal damage. (All figures from the Office for National Statistics).
This graph shows the proportion of fraud crimes that were reported to police in comparison with other crime groups (blue). It also shows the reporting rate of different sub-categories of fraud (red).
The only crime group we found to be less commonly reported than fraud was computer misuse. This includes hacking and is so closely related to fraud that the two groups are often combined. Both groups fall within the remit of the NFIB and Action Fraud.
There are several reasons that fraud is so badly under-reported, according to the ONS. These include assumptions that the crime is too trivial or the fact that no loss was incurred (15%), as well as a perception that the police wouldn't want or be able to do anything (10%).
However, most significantly, 40% of fraud victims do not report fraud to the police because they have already reported it to their bank or another financial institution. Such reports are fed back into the City of London Police through either Cifas or UK Finance (depending on the exact nature of the crime).
This diagram shows the UK's complex fraud reporting chain. The data feed between Cifas and Action Fraud was down for more than a year from October 2018.
The discovery that the best part of half a million crime reports did not make their way from Cifas to the NFIB highlights just how vital it is that victims contact Action Fraud as well as their bank.
City of London Police said that its advice, regardless of previous technical problems, is for fraud victims to file an Action Fraud report in addition to letting their bank know.
A spokesperson for the force said: 'It is still imperative [for victims] to report to Action Fraud, as additional information can be obtained.'
A recent report by Sir Craig Mackey, ex-deputy commissioner of the Met Police, found that 'fraudsters currently operate with impunity'. He added: 'There is an overwhelming mismatch between the scale of fraud offences and the capacity and the capability of forces to investigate them.