British Policing Faces The Future

The UK Police is struggling to cope in the face of changing and rising crimes, as a result of falling staff numbers, outdated technology, and fragmented leadership. There has been a 27% increase in crime in the last eight years in the UK. 

The UK House of Commons Home Affairs Committee has also just released their Policing for the Future report which was published on 22nd October and is about the changing trends in crime and policing and the overarching problems facing the police service in England and Wales. 

The main issues raised are funding and investment and that there are three specific areas of growing pressure on policing, online fraud, child sexual abuse, and safeguarding vulnerable people. 

The use of internet-enabled smartphones and tablets has increased drastically during the last decade, and data suggests that 86% of people go online “daily or almost daily” in 2018, compared with 35% in 2006.

Unsurprisingly, this explosion in internet use has been accompanied by an upsurge in online crime, including fraud. 

Earlier this year, it was reported that victims of online fraud are turning to private investigators, due to dissatisfaction with the police response. This report explores the police response to fraud, particularly online, including key trends in offending, the role of Action Fraud, the quality of the police response, capacity and structural issues, and the role of industry. 

Cyber skills and training are also crucial issues that are reported.

Prevalence and trends

The Office for National Statistics (ONS) estimates that there were 3.2 million fraud offences in the year ending March 2018, including 1.7 million cyber-related offences (54% of the total). 

Based on these figures, approximately one in six offences are incidents of online fraud, and fraud (more broadly) is now the most commonly-experienced crime, accounting for 42% of all estimated offences. 

New questions on fraud and computer misuse were only added to the Crime Survey for England and Wales in October 2015, so long-term trends are difficult to assess, although City of London Police (the national lead force on fraud) have said that “Fraud and cyber-crime have grown exponentially”.

The latest annual fraud indicator estimated that fraud costs the UK £190 billion per year, including £134 million from online banking fraud and £568 million from plastic card fraud. 

Action Fraud

Action Fraud is run by the City of London Police, although the contact centre is contracted out, and it works alongside the National Fraud Intelligence Bureau (NFIB). 

Action Fraud has repeatedly attracted negative press attention, after a series of administrative problems and reports of poor service. It was reportedly forced to apologise to almost 2,500 people in 2013, after their crime reports went missing due to an IT error.

Recently Action Fraud has undergone reform, with £35 millions of government funding spent on improvements to the helpline and website, including a new online reporting tool. 

Since October 2016, the call centre has been available 24/7 and the Home Office has invested £5.5 million in a new IT system for Action Fraud and the NFIB. Nevertheless, The Times reported in May 2018 that only cases involving losses of over £100,000 are being passed to a human investigator, with others being “dismissed by a computer algorithm as unworthy of investigation”. 

In August this year, it was reported that Action Fraud only picks up two-thirds of phone calls, with an average wait of 11 minutes and 8 seconds.

The force argued: “The volume of fraud means that investigative resources need to be prioritised towards the most harmful and organised frauds and, where offenders cannot be identified or offenders are based outside the UK, criminal justice outcomes are not always achievable”. 

Giving evidence to us, Temporary Commander Dave Clark, then the national lead officer for online fraud, emphasised that “Action Fraud does not investigate anything. [It] is simply a call centre and an online reporting facility”.

Cases are sent to the force where there are relevant lines of inquiry, such as a local bank account, postal address, internet address or telephone number, rather than where the victim is based, if the crime crosses force boundaries.

Overseas offenders account for a substantial proportion of offences, with approximately 14,000 criminals identified outside the UK in 2017. Organised criminal groups also play a prominent role: last year, for example, Europol disrupted a group which stole more than 8 million euros from over 130,000 payment card holders in 29 EU countries.83

Criticism of the Police Response

A series of reports have been highly critical of the police response to online fraud. A 2015 study of digital crime by HMIC, covering six out of the 43 forces, found “very few police officers and staff who understood either their own roles and responsibilities or those of their force in relation to the investigation of fraud.” 

HMIC found a particularly poor level of knowledge, at all ranks, of the functions of Action Fraud and the NFIB. It also criticised an “absence of strategic leadership and direction” on digital crime in all but one of the forces examined. 

The Public Accounts Committee (PAC) subsequently said that the Home Office “must prioritise efforts to improve the collection and reporting of data on fraud”, and called for the department to work with the City of London Police to establish “opportunities to identify, develop and share good practice in a more systematic way”.

Case Outcomes

Action Fraud received over 23,000 crime reports per month, on average, during 2016/17; in the same reporting year, 71,133 cases were disseminated to forces, and there were 37,632 “Home Office outcomes”–this includes judicial (8,214) and non-judicial (29,245) outcomes. 

The latter category can include failure to identify a suspect and a determination that prosecution would not be in the public interest, among other outcomes. These figures suggest that little more than one in five (22%) recorded outcomes involved charges or summons, and that as little as 3% of cases reported to Action Fraud may result in charges or summons. 

A report published by the Home Office in June examined the causes of attrition in fraud and cybercrime cases. It concluded that a number of factors contributed to cases being dropped after referral to forces, including confusion in police forces about who is responsible for investigating these crimes; the sheer number of cases disseminated, “and the risk that there are so many crimes they are unmanageable for forces”; a lack of recording of non-judicial outcomes; and a lack of clarity regarding inter-force cooperation, when cases cross force boundaries.

The proportion of fraud cases being investigated is shockingly low, in the context of 1.7 million offences per year and substantial costs to the UK economy, as well as to individual victims. 

The private sector could do much more to reduce the demand on policing from online fraud. This problem can only be addressed effectively with a whole-system approach, including by regulatory reform, if necessary, to force companies to be ‘secure by design’. 

Key private sector companies, those whose customers create the most substantial workload for the police and NCA, should also employ analysts internally to facilitate evidence-gathering by law enforcement agencies. 
If industry partners will not do so voluntarily, the Government should consider imposing statutory requirements on companies to cooperate with law enforcement agencies.

At force-level, there is a clear need to upskill the existing workforce and bring in more staff and officers with advanced cyber skills. 

Parliament.uk:

You Might Also Read:

Machine Learning Algorithms & Police Decision-Making

UK Victims Lose £28m To Cybercrime In 6 Months

« The Pentagon Prepares A Cyber-Attack On Russia
Social Media Companies Scan For Potential Terrorists »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Spiceworks

Spiceworks

Spiceworks provide a range of free apps for IT professionals including network inventory, network monitor, and help desk.

Bsquare

Bsquare

Bsquare DataV software and engineering services help enterprises implement business-focused Internet of Things systems.

CloudLayar

CloudLayar

CloudLayar is a cloud-based website firewall for protecting your website against online threats.

Giesecke+Devrient (G+D)

Giesecke+Devrient (G+D)

Giesecke+Devrient develop security technologies in four major areas: enabling secure payment, providing trusted connectivity, safeguarding identities and protecting digital infrastructures.

CybSafe

CybSafe

CybSafe is a cloud-based platform focussed on addressing the human component of cyber security - an intelligent approach to awareness training.

Ogasec

Ogasec

Ogasec is a cybersecurity company formed by the merger between Aker and N-Stalker in 2017. Solutions include Security & Connectivity Networking, Application Security, and Managed Security Services.

National Initiative for Cybersecurity Education (NICE)

National Initiative for Cybersecurity Education (NICE)

NICE is a partnership between government, academia, and the private sector focused on cybersecurity education, training, and workforce development.

Kratikal

Kratikal

Kratikal provides a complete suite of manual and automated security testing services.

Blackfoot Cybersecurity

Blackfoot Cybersecurity

At Blackfoot, we work in partnership with you to deliver on-demand cyber security expertise and assurance, keeping you one step ahead of threats & compliant with regulations.

Kainos

Kainos

Kainos is a leading provider of Digital Services and Platforms. Our services include Digital Transformation, Cyber Security, Cloud, AI, IoT and more.

StrikeReady

StrikeReady

StrikeReady have developed CARA, an advanced technology solution that offers personalized and proactive assessment and remediation of future and current risk in real-time.

Rhodian Group

Rhodian Group

Rhodian Group (formerly Adar) specialize in providing Technology, Cybersecurity, and Compliance services to the insurance industry.

Entro Security

Entro Security

Entro is the first holistic secrets security platform that detects, safeguards, and enriches with context your secrets across code, vaults, chats, and platforms.

Redington

Redington

Redington offer products and services in solution areas including digital transformation, hybrid infrastructure and cybersecurity.

CYBHORUS

CYBHORUS

CYBHORUS are a team of Italian cyber security experts, specialized in cyber threat defense and strategic and organizational consulting.

Issue53

Issue53

We empower organizations to thrive in the digital landscape. Strengthen your defenses, enhance resilience – Choose Issue53 for a secure and future-ready IT environment.

CyberGrape

CyberGrape

CyberGrape is a client centric managed services company, providing enterprise leading security solutions and helping companies through their IT risk and security challenges.