The Crime Statistics Dutch Founders Misread and What They Mean for Your Business

What the CBS Veiligheidsmonitor 2025 Shows

The mechanism behind the headline:

Traditional crime held steady at 20% of the population. Roughly 3 million people experienced theft, burglary, violence, or vandalism between 2023 and 2025. Property crimes dominated at 11%, followed by vandalism and violence at 7% each.

But geography tells a different story.

Amsterdam recorded almost 90 crimes per thousand residents in 2024. Double the national average. Utrecht hit 54 per 1,000. Eindhoven and Rotterdam landed around 50.

Compare to Staphorst at 6 per 1,000, or Hattem, Dalfsen, and Tubbergen at 7.

A tenfold exposure gap.

Meanwhile, online crime rose from 15.6% in 2023 to 16.8% in 2025. Purchase fraud (where you pay but never receive goods or services) climbed from 6.9% in 2021 to 7.9% in 2025. Account hacking stayed persistent at 4.7%, even as device hacking dropped to 2.3%.

The pattern is clear: physical crime stabilized, digital crime escalated, and location-based risk diverged.

Bottom line: Physical crime stabilized, digital crime escalated, and location-based risk widened by a factor of 10 between urban and rural areas.

Why Founders Misinterpret Stable Crime Rates

You read “stable crime rates” and assume the threat environment is predictable.

Wrong.

Stability in traditional crime means the easily preventable crimes already been addressed. What remains is harder to reduce. Conventional security measures deliver diminishing returns.

The CBS data shows this clearly: between 2012 and 2019, traditional crime dropped sharply. Then it reversed between 2021 and 2023, particularly for violent offenses. Now it’s stable again.

The plateau signals an equilibrium. The low-hanging fruit is gone. What’s left requires more sophisticated controls.

Meanwhile, the online threat landscape is moving in the opposite direction.

Fraud reports surged nearly 50% in the first half of 2025 compared to the same period in 2024. The Netherlands now leads all European Economic Area countries in digital payment fraud, with €1.75 billion lost to scams in 2024—approximately 0.2% of GDP.

This is where exposure lives now.

The reality: Stability in traditional crime means easy prevention already happened. What remains calls for sophisticated controls, while digital exposure accelerates in the opposite direction.

The Hidden Cost Structure

Most founders treat crime statistics as abstract risk data.

Wrong again. They’re operational cost indicators.

Operating in Amsterdam means facing 63 registered crimes per 1,000 residents. This translates directly into higher insurance premiums, greater security infrastructure requirements, and potential inventory shrinkage.

Bedrijfsinboedelverzekering (business contents insurance) and aansprakelijkheidsverzekering (liability insurance) price this risk in. Insurers in the big four cities (Amsterdam, Rotterdam, The Hague, Utrecht) charge more and often require proof of security measures to qualify for coverage.

Not a penalty. The market pricing in your location-based exposure.

Compare operating in Almere (25 crimes per 1,000) or a smaller municipality like Hattem (7 per 1,000). The difference is structural cost.

For businesses with location flexibility (warehousing, light manufacturing, back-office operations), suburban or small-town locations offer substantially lower crime exposure than rural areas, without the complete remoteness of rural areas.

The urban advantage (access to customers, talent, infrastructure) comes with a hidden crime tax. Check if the trade-off makes sense for your business model.

Decision point: Urban locations provide market access but charge a measurable crime tax through insurance premiums, security requirements, and shrinkage risk. Calculate the trade-off for your business model.

How Online Crime Threatens Small Businesses

What most founders miss about the online crime data:

Purchase fraud rose 14.5% since 2021. Not random. Criminals are exploiting the rapid digitalization of commerce by targeting points of transaction completion.

For firms operating e-commerce, accepting online payments, or managing customer data, this constitutes direct operational risk.

And recovery rates are devastating.

Eighty percent of surveyed victims didn’t recover any money. One in five reported fraud to police, but only 1% recovered funds through the criminal justice system.

Prevention is the only viable strategy. Once the money’s gone, it’s gone.

The data uncovers a shift in criminal targeting. For the first time, SMEs are more frequently targeted than large corporations (80% versus 75%). Criminals exploit the waterbed effect: as large companies strengthen defenses, attackers move to softer targets.

Small businesses offer easier entry points with less sophisticated security infrastructure.

Tactical change: Criminals moved from hardened corporate targets to SMEs with weaker security infrastructure. Small businesses now face higher targeting rates than large corporations.

Where Your Business Is Most Vulnerable

Account hacking stayed at 4.7% while device hacking dropped to 2.3%.

This gap tells you something: the weakest link shifted from device security to credential management.

Endpoint security improved. Password practices, phishing susceptibility, and authentication procedures didn’t.

For businesses, employee training and multi-factor authentication matter more than firewall upgrades. The vulnerability lies in how your team handles access credentials.

The CBS data also shows AI tools fueled a spike in insurance and retail fraud, with cases rising to over 9,000 in 2024 (up 1,000 from 2023). This technological change means traditional authentication techniques are becoming obsolete.

You need counter-AI detection, not standard fraud checks.

Security evolution: The threat moved from devices to credentials. Employee training and multi-factor authentication now matter more than hardware upgrades.

Three Critical Decision Points for Your Business

The crime statistics show three decision points.

First: location-based cost structures.

Crime rates should factor into your cost-benefit analysis when choosing a physical business location. Operating in Amsterdam provides access to customers, talent, and infrastructure, but at 63 crimes per 1,000 residents, you’re paying for access through higher security costs.

For businesses with location flexibility, smaller municipalities offer substantially lower crime exposure. The difference between Amsterdam and Almere is 2.5x. The difference between Amsterdam and Staphorst is 10x.

Not risk. Budget.

Second: digital security investment priority.

With online crime affecting 16.8% of the population and growing, digital security deserves proportional investment. For micro and small businesses operating e-commerce, accepting online payments, or managing customer data, this is required infrastructure.

You need SSL certificates, secure payment processing (iDEAL verification, Mollie, or Stripe with fraud detection), two-factor authentication systems, and routine security audits.

The Autoriteit Persoonsgegevens requires businesses to implement appropriate technical measures under the AVG (Dutch GDPR implementation). These crime statistics show why.

Third: regulatory compliance intersection.

The AVG requires you to block unauthorized access to data. The 4.7% account-hacking rate and 10.3% online fraud rate indicate that regulatory compliance and crime prevention overlap.

Experience a data breach due to inadequate security, and you face enforcement action from the Autoriteit Persoonsgegevens. Fines can reach €20 million or 4% of global revenue.

Crime statistics aren’t operational concerns. They’re regulatory risk indicators.

Regulatory intersection: Crime prevention and AVG compliance overlap. Inadequate security creates both operational and regulatory exposure with fines up to €20 million or 4% of global revenue.

Controls to Reduce Exposure

What lowers exposure based on the data:

For location-based risk:

• Factor crime rates into your location decision when you have flexibility. The cost difference between urban and suburban locations includes security infrastructure, insurance premiums, and potential shrinkage.
• Operating in high-crime municipalities, ensure adequate bedrijfsinboedelverzekering and aansprakelijkheidsverzekering. Consult with a specialized bedrijfsverzekeringsadviseur to optimize coverage relative to location-based risk.
• Document your protection protocols. Insurers in major cities often require proof of controls to qualify for coverage.

For digital security:

• Implement multi-factor authentication for all business accounts. The data shows account hacking remains persistent—single-password protection is insufficient.
• Use secure payment processing with fraud detection (iDEAL verification, Mollie, or Stripe). Purchase fraud rose 14.5% since 2021, and recovery rates are under 1%.
• Train employees to recognize phishing and manage credentials. The shift from device hacking to account hacking means human behavior is the primary vulnerability.
• Conduct periodic security audits. With 66% of Dutch businesses inadequately prepared for cyberattacks, this creates a competitive advantage for security-conscious entrepreneurs.

For cross-border transactions:

• Heighten due diligence for international suppliers. Purchase fraud affects international transactions where Dutch consumer protections don’t apply.
• Use payment methods with escrow or buyer protection for significant cross-border purchases.

What Crime Stabilization Means for Security Investment

The long-term drop in traditional crime ended. The CBS stated clearly: “The long-term falling trend in crime beginning at the turn of the century has not been sustained in recent years.”

Stabilization is neither positive nor negative data, nor good news.

Conventional security investments are experiencing diminishing returns. The easy wins are over. What remains requires more elaborate risk management.

Meanwhile, the digital threat landscape is accelerating in the opposite direction. Fraud reports surged 50% in the first half of 2025. The Netherlands leads Europe in digital payment fraud. AI tools are weaponizing routine fraud faster than traditional authentication techniques can adapt.

For expat entrepreneurs, this creates a decision environment where security allocation matters more than security spending.

Structure your business to absorb risk without losing control.

The crime statistics show where exposure lives: location-based physical risk, digital transaction vulnerability, and credential management weakness.

Install controls at those three points. You reduce exposure before it becomes expensive.

Structure is cheaper than recovery.

Core principle: Security allocation matters more than security spending. Install controls where exposure lives: location-based physical risk, digital transaction vulnerability, and credential management weakness.

Frequently Asked Questions

How do crime rates affect business insurance costs in the Netherlands?

Insurance premiums are priced based on location-specific crime exposure. Bedrijfsinboedelverzekering and aansprakelijkheidsverzekering cost more in Amsterdam, Rotterdam, The Hague, Utrecht. Insurers frequently require documented security measures to qualify for coverage in high-crime municipalities. The difference between urban and rural premiums reflects the tenfold difference in crime rates.

What is the recovery rate for online fraud victims in the Netherlands?

80% of online fraud victims recover nothing. Only 1 in 5 reports fraud to police, and only 1% recover funds through the criminal justice system. Prevention is the only viable strategy. Post-incident recovery is functionally impossible.

Why are SMEs now targeted more than large corporations?

80% of SMEs face targeting issues, compared with 75% of large corporations. Security professionals call this the waterbed effect: as large companies strengthen defenses, attackers shift to softer targets. Small businesses offer easier entry points with less sophisticated security infrastructure.

Which security measures matter most for Dutch micro businesses?

Multi-factor authentication for all business accounts, secure payment processing with fraud detection (iDEAL verification, Mollie, or Stripe), employee training on phishing and credential management, and periodic security audits. The data shows account hacking outpaces device hacking, making human behavior the primary vulnerability.

How does location choice affect crime exposure for businesses?

Amsterdam records 63 crimes per 1,000 residents. Staphorst records 6 per 1,000. This tenfold difference translates directly into security costs, insurance premiums, and potential inventory shrinkage. For businesses with location flexibility, suburban or small-town operations offer substantially lower crime exposure.

What AVG compliance requirements intersect with crime prevention?

The AVG requires stopping unauthorized access to data. With 4.7% account hacking and 10.3% online fraud rates, inadequate security creates regulatory exposure. Data breaches caused by weak security trigger enforcement action by the Autoriteit Persoonsgegevens, with fines up to €20 million or 4% of global revenue.

How has purchase fraud changed since 2021?

Purchase fraud rose 14.5% since 2021, climbing from 6.9% to 7.9% of the population. This growth demonstrates criminals exploiting the rapid digitalization of the commerce industry, targeting points of transaction completion. International transactions face a higher risk where Dutch consumer protections don’t apply.

Why did account hacking stay high while device hacking dropped?

Account hacking remained at 4.7% while device hacking fell to 2.3%. This gap shows the weakest link shifted from device security to credential management. Endpoint security improved, but password practices, phishing susceptibility, and authentication procedures lagged. Employee behavior matters more than hardware security.

Key Takeaways

• Traditional crime stabilized at 20%, but online crime rose to 16.8% and continues accelerating, with purchase fraud up 14.5% since 2021.
• Location creates a tenfold crime exposure gap: Amsterdam reports 63 crimes per 1,000 residents versus 6 in Staphorst, directly affecting insurance costs and security requirements.
• Recovery from online fraud is functionally impossible: 80% of victims recover nothing, making prevention the only viable strategy.
• SMEs are now primary criminal targets: 80% of small businesses are targeted, compared with 75% of large corporations, as attackers exploit weaker security infrastructure.
• Credential management is your weakest point: Account hacking stayed at 4.7% while device hacking dropped to 2.3%. Employee training and multi-factor authentication matter more than hardware upgrades.
• Crime prevention and AVG compliance overlap: Inadequate security creates both operational and regulatory exposure, with possible fines up to €20 million or 4% of global revenue.
• Security allocation matters more than security spending: Install controls where exposure lives (location-based physical risk, digital transaction vulnerability, and credential management weakness). Structure is cheaper than recovery.