UK’s Open Door to Telecoms Fraud; Freedom of Information Update

Here’s a quick recap for new readers.  Global telecoms crime is worth USD 38 billion. Money is being laundered and terrorists are being financed. Despite their hard work, the TelCos haven’t been unable to make a significant impact and international frauds continue unchecked. The TelCos agree that crime would be reduced if payment didn’t reach the fraudsters – but, after years of discussion, still can’t agree how to block those payments.

Because the money being made from telecoms crime is subject to seizure the same as any other crime, one answer is to use money laundering legislation – in UK that’s POCA (the Proceeds of Crime Act 2002).  Delegates at the RAG Summer Conference were able to estimate the scale of telecoms crime, but nobody knew how much gets seized as proceeds of crime.

Show me the money!

To answer that question, I raised Freedom of Information requests; one to Action Fraud to establish the volume and value of reported telecoms crime and one to the Crown Prosecution Service (CPS) to establish the volume of telecoms crime prosecutions.

Action Fraud response

Action Fraud was asked to provide data for the years 2013, 2014 and 2015, in relation to the telecoms categories in their own fraud classification:

a) the number of crimes reported under NFIB7 Telecoms Industry Fraud (Misuse of Contracts)

b) the value of crimes reported under NFIB7

c) the number of crimes reported under NFIB52D Computer Hacking – PBX/Dial Through

d) the value of crimes reported under NFIB52D

Action Fraud Reports under: 2013 2014 2015
NFIB7 (Misuse of Contracts) number of reports 5992 5664 1011
NFIB7 (Misuse of Contracts) value of reports £3,931,644 £4,958,218 £1,014,163
NFIB52D – PBX/Dial Through number of reports 384 247 158
NFIB52D – PBX/Dial Through value of reports £5,457,050 £4,868,692 £2,071,520

Ref NFIB 7 – Action Fraud found several misclassified reports within this category.  Since it would take 10 weeks to read every report, only losses exceeding £500,000 were checked.

CPS response

The CPS was asked to provide data for the years 2013, 2014 and 2015, in relation to:

a) the number of prosecutions brought under the Communications Act 2003 section 125

b) the sum of the related dishonest benefit

c) the value of Proceeds of Crime Act (POCA) confiscation orders made in these case

d) the value of any related POCA recoveries

And since CPS charging advice also provides for prosecutions to be brought under the Fraud Act 2006 section 11, or the Computer Misuse Act 1990 section 1, my request included data for prosecutions brought under these Acts and sections where they relate to the provision of telecommunication services.

The response to a) is shown in this table:

Prosecutions under: 2013 2014 2015
Communications Act 2003 s125 3 10 2
Computer Misuse Act 1990 s1 141 105 148
Fraud Act 2006 s11 265 247 158

However, when I checked with the CPS it turned out that none of the Computer Misuse or Fraud Act prosecutions are telecoms related.  So the answers are:

a) prosecutions brought under the Communications Act 2003 section 125 15

b) the sum of the related dishonest benefit £14,179.77

c) value of Proceeds of Crime Act (POCA) confiscation orders nil

d) value of POCA recoveriesnil

Telecoms crime summary

Let’s put all the pieces together.  At RAG’s Summer 2016 event, delegates were polled on the value of UK telecoms fraud:

rag-poca-survey

Based on the responses, I’ve used a fraud figure of £75 million per annum.  Working from that number and the Freedom of Information data above, we can sum up UK’s approach to Telecoms Crime in just 4 lines:

Estimated UK Telecoms Fraud 2013-2015 £225 million
Value Reported to Action Fraud: £22 million
Value Prosecuted: £14,179.77
% Reported Fraud Prosecuted (by value) 0.064%

 
Does that data suggest UK is dealing with Telecoms Crime?
 

How did we get here?

In my opinion, the situation results from a ‘catch 22’ scenario:

arrow-circle-3The Home Office hasn’t paid telecoms fraud much attention because there’s no data to show it’s a problem.

The Police don’t allocate resources because, a) the Home Office doesn’t think it’s a problem and, b) the Home Office doesn’t measure Police performance on telecoms crime.

The TelCos don’t get much assistance because the Police aren’t measured on telecoms crime.  Because telecoms crime doesn’t get investigated, the TelCos don’t bother reporting it and the Home Office remains unaware of the issue. And so on.

As always, the full explanation is more complicated, but that’s the core of the issue.

Where do we go next?

There is light on the horizon.  As a result of the RAG campaign, and the FoI requests, the Home Office is now aware of the scale of telecoms fraud.  Also, recent discussions with Action Fraud have resulted in an offer to meet with industry representatives to establish a common understanding of the issues – watch this space.

And on POCA?

The absence of POCA proceeding in telecoms made me wonder how it’s used in other industries so I’ve requested the Home Office to provide data.  In particular, for the years 2013, 2014 and 2015:

  • the number of civil recovery proceedings initiated
  • the value of civil recovery proceedings initiated
  • the value of unlawful property forfeit.

The response is due soon and will be published here and via the RAG website.  Please feel free to contact me with any questions.

David Morrow
David Morrow
Dave has 35 years of law enforcement, investigation and fraud management experience including multiple international assignments. He is a recognised telecoms fraud expert and for a number of years chaired the GSMA workgroup responsible for Security & Fraud Risk Assessments.

Dave now provides fraud management support as an independent consultant.