Fighting Fraud (Fraud Act 2006 and Digital Fraud Committee Report) Debate
Full Debate: Read Full DebateViscount Waverley
Main Page: Viscount Waverley (Crossbench - Excepted Hereditary)Department Debates - View all Viscount Waverley's debates with the Home Office
(1 year, 4 months ago)
Lords ChamberMy Lords, this has been a most productive debate on an issue I fear might only get worse, unless it is robustly addressed. As always with the challenge of putting forward original contributions while being tail-end Charlie, I will focus on some key takeaways. Having reflected on some of the extensive points that stood out from the committee’s report and the Government’s response, I have little doubt that a number of challenges should be urgently addressed, including the fact that law enforcement and government lack efficient co-ordination and operational capability. That is just the beginning, to illustrate the scale of the problem.
Due to the level and sophistication of fraud, companies must adopt a culture of suspicious inquiry. To protect and support their sales efforts, companies need free access to case studies, and FAQs and proactive alerts would be of interest. Merely reporting to Action Fraud, while formalising and gathering the data, in no way ensures that wider sharing of data and, ultimately, regulatory and criminal action and remedies are enforced. Anti-fraud measures such as Action Fraud have been ineffective when compared to what could be achieved if they were exploited properly. More focus should be on action and, importantly, on ensuring the knowledge and experience to act quickly.
The all-important technology used by criminals is better anonymised, making effective follow-up difficult. Law enforcement and government lack the necessary latest digital technologies to counter the threats, including securing the wrong technology for the job, which could take years to unpick.
Insufficient accountability for delivery exists, and it is too easy to hide non-delivery. Current legislation overcomplicates and hinders the process of evidence collection and quick action, with insufficient consideration given to the private sector to assist law enforcement agencies and government. This contrasts with the military model, which actively seeks help.
I will venture a number of pointers for consideration. Enabling better use of the private sector and factoring in the experience of qualified investigation companies, with the added benefit of leveraging operational capability, is as relevant to the fraud environment as it is in many instances where government could usefully adopt a differing mindset. I also suggest enabling access to the latest anti-fraud technology held by private companies, through government frameworks such as ACE and tracer, developing the co-ordinated and technology-sound effort that is urgently required to counter fraud threats.
Advances in technology make the task more challenging, with sophisticated frauds often launched from outside the UK, making detection and response difficult. Those who perpetrate modern frauds are technology-savvy, sophisticated criminals who meticulously plan their activities to protect and preserve revenue streams.
Given the level of criminality, an anti-fraud tsar should be given oversight to ensure accountability. Often, the problem with digital fraud is that the legislation and, therefore, the ability to respond is simply not there. The creation of a working group under parliamentary supervision, or a central figure such as a tsar or anti-fraud commissioner to implement quick-fix measures, would produce dividends. An operational fraud centre that not only analyses but co-ordinates, such as an effective Action Fraud and the NECC—with clear operational power and capability—would, additionally, greatly assist, as would providing a due diligence and educational hotline for the public to report suspect activity, alongside a central social media monitoring tool to alert people to fraud attempts.
I suggest encouraging companies to incorporate anti-fraud measures, as is the case with modern slavery and anti-bribery, and an expert asset recovery unit to recover assets in civil fraud cases, along with enabling private funds to help sponsor anti-fraud activity. Two examples of developing a robust, unified and co-ordinated response from government, law enforcement and the private sector are: urgently developing a working group to conduct a thorough review of what hinders—and, conversely, what helps—fraud investigations; and reviewing the unintended consequences of data laws that restrict fraud investigation, alongside a lighter-touch GDPR and the reinstating of the successful multiagency asset confiscation unit within the Ministry of Justice. This has been spoken about for years, with various initiatives launched, such as Action Fraud, but they have failed to have the intended impact.
I suggest deepening co-operation with banks—while recognising their advances on the algorithm sets to watch for incoming fraudulent transactions and spotting and responding to fraud—and devising a deeper co-operation model between banks, tech companies and the legal, accountancy and investigation companies which often encompass former law enforcement officers. This is a quick fix, and existing models of interbank co-operation could be adopted. There is frustration at the lack of action in this regard.
The FCA is a pivotal organisation, and the combined endeavours with the director of the NECC, her successor and the NCA intelligence director—all of whom left the NCA to take up senior roles in the FCA—should be taken full advantage of to include strengthening tactical issues to lead to better strategic oversight and direction from the FCA. Government should urgently bring forward measures to enable the FCA to regulate crypto assets and enlarge current rules, relaying the results of examination of blockchain, under regulation, to private companies, which have fewer priorities and extensive resources.
An urgent review that uses experienced investigators and advanced investigation tooling, including AI, to assess where assets could be recovered would be useful. I did not think of it this morning, but I wish I had asked ChatGPT what comments it would make on anti-fraud measures that might assist this debate; I will do so this afternoon.
We should ensure that Companies House becomes a more active, transparent gatekeeper and is provided with appropriate resources, aided by developing a dedicated whistleblowers’ anti-fraud hotline, combined with the appropriate legal protection for whistleblowers, similar to Crimestoppers, with reward incentives as a viable way to combat fraud. The noble Baroness, Lady Morgan, spoke of the need to incentivise the whole anti-fraud environment, and she is absolutely right. The list goes on, but implementing operational response by adopting the counterterrorism “four Ps” mantra of pursue, protect, prevent and prepare should be fully applied to identify and frustrate fraud.
I acknowledge conferring with Harod Associates to confirm some salient points of detail. The question of how private investigation companies could be more usefully utilised and added to the toolkit should be examined. Often equipped with more powerful investigation tools, and with many fraud investigators under the command of former law enforcement seniors, they could provide a significant resource to assist. Set fees for many of these companies could be set at government rates and recovered as costs.
Many existing recommendations are felt to be hard to achieve, or advance with glacial speed. The more involved I become in an unrelated national review, the more I find that government working in silos instead of in partnership is a national trait; a sea-change in government’s mindset is required. I noted references to the international space and fully intend to include fraud in my ESG programme. I encourage government to do likewise.