UK’s Open Door to Telecoms Fraud; Freedom of Information Update

Here’s a quick recap for new readers.  Global telecoms crime is worth USD 38 billion. Money is being laundered and terrorists are being financed. Despite their hard work, the TelCos haven’t been unable to make a significant impact and international frauds continue unchecked. The TelCos agree that crime would be reduced if payment didn’t reach the fraudsters – but, after years of discussion, still can’t agree how to block those payments.

Because the money being made from telecoms crime is subject to seizure the same as any other crime, one answer is to use money laundering legislation – in UK that’s POCA (the Proceeds of Crime Act 2002).  Delegates at the RAG Summer Conference were able to estimate the scale of telecoms crime, but nobody knew how much gets seized as proceeds of crime.

Show me the money!

To answer that question, I raised Freedom of Information requests; one to Action Fraud to establish the volume and value of reported telecoms crime and one to the Crown Prosecution Service (CPS) to establish the volume of telecoms crime prosecutions.

Action Fraud response

Action Fraud was asked to provide data for the years 2013, 2014 and 2015, in relation to the telecoms categories in their own fraud classification:

a) the number of crimes reported under NFIB7 Telecoms Industry Fraud (Misuse of Contracts)

b) the value of crimes reported under NFIB7

c) the number of crimes reported under NFIB52D Computer Hacking – PBX/Dial Through

d) the value of crimes reported under NFIB52D

Action Fraud Reports under: 2013 2014 2015
NFIB7 (Misuse of Contracts) number of reports 5992 5664 1011
NFIB7 (Misuse of Contracts) value of reports £3,931,644 £4,958,218 £1,014,163
NFIB52D – PBX/Dial Through number of reports 384 247 158
NFIB52D – PBX/Dial Through value of reports £5,457,050 £4,868,692 £2,071,520

Ref NFIB 7 – Action Fraud found several misclassified reports within this category.  Since it would take 10 weeks to read every report, only losses exceeding £500,000 were checked.

CPS response

The CPS was asked to provide data for the years 2013, 2014 and 2015, in relation to:

a) the number of prosecutions brought under the Communications Act 2003 section 125

b) the sum of the related dishonest benefit

c) the value of Proceeds of Crime Act (POCA) confiscation orders made in these case

d) the value of any related POCA recoveries

And since CPS charging advice also provides for prosecutions to be brought under the Fraud Act 2006 section 11, or the Computer Misuse Act 1990 section 1, my request included data for prosecutions brought under these Acts and sections where they relate to the provision of telecommunication services.

The response to a) is shown in this table:

Prosecutions under: 2013 2014 2015
Communications Act 2003 s125 3 10 2
Computer Misuse Act 1990 s1 141 105 148
Fraud Act 2006 s11 265 247 158

However, when I checked with the CPS it turned out that none of the Computer Misuse or Fraud Act prosecutions are telecoms related.  So the answers are:

a) prosecutions brought under the Communications Act 2003 section 125 15

b) the sum of the related dishonest benefit £14,179.77

c) value of Proceeds of Crime Act (POCA) confiscation orders nil

d) value of POCA recoveriesnil

Telecoms crime summary

Let’s put all the pieces together.  At RAG’s Summer 2016 event, delegates were polled on the value of UK telecoms fraud:

rag-poca-survey

Based on the responses, I’ve used a fraud figure of £75 million per annum.  Working from that number and the Freedom of Information data above, we can sum up UK’s approach to Telecoms Crime in just 4 lines:

Estimated UK Telecoms Fraud 2013-2015 £225 million
Value Reported to Action Fraud: £22 million
Value Prosecuted: £14,179.77
% Reported Fraud Prosecuted (by value) 0.064%

 
Does that data suggest UK is dealing with Telecoms Crime?
 

How did we get here?

In my opinion, the situation results from a ‘catch 22’ scenario:

arrow-circle-3The Home Office hasn’t paid telecoms fraud much attention because there’s no data to show it’s a problem.

The Police don’t allocate resources because, a) the Home Office doesn’t think it’s a problem and, b) the Home Office doesn’t measure Police performance on telecoms crime.

The TelCos don’t get much assistance because the Police aren’t measured on telecoms crime.  Because telecoms crime doesn’t get investigated, the TelCos don’t bother reporting it and the Home Office remains unaware of the issue. And so on.

As always, the full explanation is more complicated, but that’s the core of the issue.

Where do we go next?

There is light on the horizon.  As a result of the RAG campaign, and the FoI requests, the Home Office is now aware of the scale of telecoms fraud.  Also, recent discussions with Action Fraud have resulted in an offer to meet with industry representatives to establish a common understanding of the issues – watch this space.

And on POCA?

The absence of POCA proceeding in telecoms made me wonder how it’s used in other industries so I’ve requested the Home Office to provide data.  In particular, for the years 2013, 2014 and 2015:

  • the number of civil recovery proceedings initiated
  • the value of civil recovery proceedings initiated
  • the value of unlawful property forfeit.

The response is due soon and will be published here and via the RAG website.  Please feel free to contact me with any questions.

David Morrow
David Morrow
Dave has 35 years of law enforcement, investigation and fraud management experience including multiple international assignments. He is a recognised telecoms fraud expert and for a number of years chaired the GSMA workgroup responsible for Security & Fraud Risk Assessments.

Starting in HM Customs & Excise, Dave moved from uniformed duties to spend 5 years in Investigation before taking a commercial investigation role with Network Security Management. Amongst other assignments, this included a secondment to help establish the Jamaican Government’s Revenue Protection Division, where he made Jamaica’s largest ever financial recovery.

Following 6 years of commercial investigation, Dave joined Vodafone where, in the early days of mobile, he worked closely with law enforcement; he was one of the few civilians invited onto the Computer Crime Course at Bramshill. Dave’s counter-fraud initiatives saved millions in UK (e.g. £24m p.a. on credit card fraud) and he was seconded to help establish Corporate Security in the company’s largest networks, Turkey and India, and also performed fraud reviews for partner networks including Azerbaijan, Croatia, Libya and Ukraine. Dave now provides fraud management support as an independent consultant.
  • akrittok

    Hi David,
    Very interesting article.
    I was wondering though can this turn out to be a can of worms? Is there a legal basis in the UK for a telecom operator to investigate potential telecom fraud cases to begin with? Access to that level of info and metadata should not be subject to oversight by law enforcement/judge and most importantly, a warrant?
    Isn’t this a double edged sword when the more standardization is applied to telecom fraud the more scrutiny it will bring to something that for the most part remains a pretty opaque process (the investigation itself).
    Curious to hear your point of view on this

    Akrittok

    • David Morrow

      Hi Akrittok, and thanks for your questions.

      Investigating telecoms fraud hasn’t been a deterrent so I’m proposing that we don’t investigate – we stop the money flow so there is no incentive for the criminals and, consequently no fraud and therefore no need for expensive, inefficient investigations. Where we haven’t been able to stop the money but we know where it went, we use civil powers to freeze and recover it.

      In answer to your question, yes, it is legal for an operator to investigate telecoms fraud in UK; its the same in many countries. Those investigations may not be subject to law enforcement/legal oversight but they are required to comply with all relevant laws and privacy regulations and may be subject to prosecution if those laws/regulations are broken. I think that more official scrutiny of telecoms fraud can only be a good thing – the authorities won’t act until they realise the scale of organised crime in telecoms.

      • Akrittok

        Hi, thanks for the answer.
        Perhaps I misunderstood the whole point – to stop payments from reaching the fraudsters one needs first to identify who the fraudsters are and for that one needs to do an investigation?

        Thanks for confirming that there is a legal basis for the investigations, I was not aware of this. From my knowledge, most operators use a brute force approach when analyzing fraudulent behavior. If police were involved, their capabilities would be severely diminished compared to what I’ve seen operators do, most probably they would need a warrant for every piece of information they obtain, nevermind being able to cross check that with other suspects. I was also thinking that perhaps a lot of the “evidence” that telco operators may obtain during an investigation would not hold up in court since it would not have been obtained through legal channels. Thanks again for your insight.

        best regards,
        akrittok

        • David Morrow

          Hi Akrittok, the approach I’m proposing doesn’t identify the fraudsters, just their fraudulent calls. If a court decides the evidence shows those calls are fraudulent then payments in relation to those calls are proceeds of crime and can be frozen by the court. I dont care who the fraudsters are – I just want to detect their frauds and use the evidence to have any payments frozen; no investigation required.

          Hope that helps,

          Regards
          David

  • Jerry

    Solve most toll fraud on the outbound side (B party) by autoblocking fraud calls in real time using TollShield. This undermines the fraudsters ‘revenue’ model – they make zero money as calls cannot proceed. AI and machine learning algorithms ‘pre-authenticate’ all SIP calls at the network edge. See http://www.tollshield.com for more info.

    • Good work ‘Jerry’, a.k.a. @disqus_rFQzYggFU1. Was your objective to trash the reputation of TollShield by abusing the comments system to leave a wanky spam advert on the one website where real telecoms risk professionals routinely castigate shitbag vendors? If so, you just nailed it. Your comment will remain in glorious public view as documentary evidence that TollShield is run by greedy cretins who are too stupid and/or lazy to check out a website before they spunk their unwelcome advert across it. And this comment will remain in public view to encourage readers to laugh at your expense.