Joint Fraud Taskforce board minutes: 18 July 2019
Published 23 July 2021
Attendees
- Chair: Mike Haley (Cifas)
- Alex Rothwell (City of London Police)
- Graeme Biggar (National Economic Crime Centre)
- Katy Worobec (UK Finance)
- Alasdair MacFarlane - Financial Crime Committee (RBS)
- Richard Riley (Home Office)
- James Martin (British Retail Consortium)
- Adrian Gorham - Communications Crime Strategy Group (Telefonica UK)
- Dave Thorne - Devon and Cornwall Police (Observer)
- Neil Masters - JFT Secretariat (Cifas)
- Katherine McNulty - JFT Secretariat (Home Office)
Apologies
- Louise Baxter-Scott (Trading Standards)
- Karen Baxter (City of London Police)
Agenda item 1: Minutes and actions arising
1. Mike Haley (Chair, Cifas) welcomed Graeme Biggar (NECC) to his first Management Board meeting and Dave Thorne (Devon and Cornwall Police) who will be observing this meeting.
2. The board agreed the minutes from the meeting of 29 May. An update on each action arising from that meeting was provided. The below table provides a summary of these updates.
Action | Update |
---|---|
1. Public / private threat assessment to be tabled for discussion at next JFT Management Board meeting. | Complete. |
2. Katy and Richard to seek volunteer experts from the JFT membership to stand up a ‘funds repatriation expert working group’. | Ongoing. Plans are underway to hold the first working group meeting in September. |
3. Mike to seek free consultancy resource to map information sharing gateways from those consultancy agencies who have previously expressed a desire to be involved in the JFT’s work. | Ongoing. Given the work on information sharing being taken forward under the Economic Crime Plan, the board considered it might be better to utilise consultancy support on other areas of JFT work. Mike will contact those firms that have expressed an interest in JFT work, with a view to holding a round table to identify areas of shared interest. |
4. All to provide Karen and Louise with names of individuals to assist with the review of the ‘collective response’ work. | Complete. Alex Rothwell (CoLP) and Lou Baxter (NTS) will be contacting board members to feed into the review. |
5. Draft skeleton performance framework to be circulated to the board. | Complete. Discussion on performance and next steps covered under agenda item 5. |
6. Richard to identify the strategic questions this board needs to consider before a more detailed performance framework can be formulated. These questions to be brought back to the board for discussion at the next meeting. | Complete. Discussion on performance and next steps covered under agenda item 5. |
7. Mike to draft a letter to the lead PCC for fraud. | Complete. Draft letters to PCCs and the Minister to be circulated to the board for comment. |
8. Karen to share the proposal for a ‘fraud protect network’, with all to contribute to formulate a JFT pitch for the Spending Review to be submitted to government. | Ongoing. The draft fraud policing strategy makes clear the need for a national fraud protect network. Alex will share what CoLP have on this. |
Agenda item 2: Feedback from Stakeholder Group meeting
3. Mike reflected on the meeting, noting the interesting discussion on the police response to HMICFRS’s report, and to fraud more generally.
4. Alex Rothwell (CoLP) provided an update on the review of the collective response work. A workshop was held to develop options on what should be the focus of the collective response / disruptions workstream. There are three emerging options: tactical – focusing on specific cases; strategic – addressing the enablers of fraud; and thirdly, a hybrid of both. The next step is to speak to seniors from the JFT to test options with them, with that culminating in a paper to be tabled at the next Management Board.
Action 1:
Alex and Louise to seek views from each board member on the future direction of the collective response / disruptions workstream.
Action 2:
Alex and Louise to table a paper on the collective response / disruptions work at the next Management Board meeting.
5. Alasdair MacFarlane (Financial Crime Committee) noted that of all the JFT work, this is the area that partners can contribute most to. He considered the hybrid option to be the most attractive. Alex noted that he chairs a threat group on fraud against the private sector which looks at the enablers of fraud. Consideration will need to be given to how the JFT’s disruptions work can support that.
6. Katy Worobec (UK Finance) questioned the NECC’s role in this work, and how industry can feed into the threat group on fraud against the private sector. Graeme Biggar (NECC) stated that the NECC have a role to play here. He outlined that the NECC has 4 functions: threat leadership; developing capability across the public sector; the collective voice of operational activity; and the co-ordination of big cases. When it was established, the NECC’s mandate was to focus on the high end of high harm. That seemed to rule out addressing volume fraud. But Graeme considered that didn’t feel quite right – the fact that fraud is a volume crime indicates a level of organisation, and therefore the NECC ought to have a role on volume fraud. He considered that, for fraud, the first 3 functions of the NECC would apply, but it would be unlikely that the NECC would co-ordinate significant fraud operations. Graeme mentioned the pilot the National Data Exploitation Capability (NDEC) are conducting on fraud by ingesting different data sets to enrich the fraud intelligence picture. Katy suggested that UK Finance data could usefully be included in that pilot.
Action 3:
Graeme and Katy to discuss inclusion of UK Finance data in the NDEC fraud pilot.
7. Adrian Gorham (Communications Crime Strategy Group) raised the need for a wider fraud strategy to understand the landscape better, and to help industry identify their role and how they dock in. This sentiment was shared across the board, but Richard Riley (Home Office) cautioned against developing a new fraud strategy when we already have the Serious and Organised Crime Strategy, a joint Economic Crime Plan and the policing fraud strategy in development. Mike suggested that, as a starting point, it would be helpful to map all the different fraud-focused groups, and what each of them they are doing.
Action 4:
Graeme, with support of the JFT Secretariat and all board members, to map out the different fraud-focused groups and what they are each doing.
Agenda item 3: Public and Private Threat Assessment
- Graeme outlined that the Public / Private Threat Assessment was presented to the Economic Crime Strategic Board (ECSB, chaired by the Chancellor and Home Secretary) the week before. There were a wide range of contributors to the assessment, but it was being categorised as a first step. He summarised the findings on fraud, including:
- fraud was increasing, but no single view on how much there is
- an awful lot of it (86%) is cyber enabled
- there’s an increasing sophistication in how victims are being targeted
- identify fraud and insider threat are key enablers
- investment fraud is rising up the agenda, but there’s no easy way to define the top 5 fraud typologies as the data is lacking
- there needs to be better join between money laundering and fraud, and cyber and fraud
9. Adrian highlighted the significance of data breaches which can lead to fraud. There needs to be a balance on how data breaches are communicated to the public, as fraudsters have been known to play on these, creating more of a risk than is the case. Alasdair and Katy agreed on the significance of data breaches on fraud.
10. James Martin (British Retail Consortium) stated that retailers are investing heavily in cyber security, but we need new ways of authorising payments. Mike highlighted the new rules on Stronger Customer Authentication and whether the threat will move elsewhere (e.g. to telephone and mail order channels). He also suggested that we need to consider any future threats that may arise from Open Banking and whether the JFT’s work plan is positioned correctly to respond to them.
11. Richard noted that, in government, we have probably made too fine a distinction between cyber and fraud protect, and we need to align that better. He also stated that the low figures on fraud criminal prosecutions got picked at the ECSB, with the CPS stating that cases weren’t coming through the system for them to prosecute.
Agenda item 4: Economic Crime Plan
12. Richard thanked JFT contributors to the joint Economic Crime Plan, with fraud better represented than it was in earlier drafts. He noted that the ECSB cleared the plan last week and it has now been published. There was a genuine desire for a joint public / private partnership working, and a next iteration of the plan should have the private sector more visibly in the lead on some aspects. Mike noted that the plan reflects the work of the JFT and, for a first plan, sets out a very helpful framework for delivering against all the economic crime threats we face.
13. Graeme noted the need to focus on Protect, but that we also needed to enhance our Pursue response, but that required more resources. He noted that there was no Government mandate to develop a national fraud strategy but, for our collective benefit, considered we needed a framework to work to. Richard agreed, but again cautioned against a full strategy. He noted that we have to be realistic about resources and the immediate priority should be delivering what’s published in the plan.
14. The board agreed that as a first step it would be useful to draw everything that does exist together. Mike stated that this shouldn’t be a complete bottom up / start again approach, but it will help us bring coherence to the activity. Graeme agreed and was keen to be involved in the work.
Action captured in action 4 above.
Agenda item 5: JFT Performance Framework
15. Richard stressed the importance of needing to measure our impact. It’s a commitment in the plan, and the recent NAO report on the SOC Strategy honed in on our inability to measure impact.
16. Katherine McNulty (JFT Secretariat, Home Office) introduced a paper on possible approaches to a JFT performance framework. She highlighted some of the key questions we needed to answer e.g. how do we want to frame our assessment? Outcomes, indicators based, or both? She noted the approaches taken to measure the impact of the SOC Strategy and the National Cyber-Security Strategy, and where JFT’s assessment would need to feed into these. She highlighted the need to be mindful of audiences for the assessment as this may help determine the style we want to take.
17. James noted how crime, and crime prevention is particularly hard to measure. He offered to speak to the NAO to see if there is some good practice we can adopt.
Action 5:
James to speak to NAO to identify good practice in measuring impact.
18. In discussion the board agreed that the performance framework ought to be a combination of both outcomes and indicators, with metrics used to inform the performance assessment, overlaid with a narrative interpretation of those figures. The board agreed that whilst this framework should focus on JFT’s impact, we couldn’t lose sight of how the whole system was performing in responding to fraud. Alasdair noted some of the metrics they use in banking on fraud e.g. absolute net loss (bank and individuals) and fraud prevented (in £ value) and how they could be incorporated into an assessment. Mike summarised highlighting the need for a basket of indictors that we could track, and that could feed an outcome-based assessment of our performance.
19. Richard agreed to develop a strawman based on this discussion and will bring it back to board for consultation.
Action 6:
Richard to develop a JFT performance strawman for consultation with the board.
Agenda item 6: Themes for future Stakeholder meetings
20. Mike proposed a victims and vulnerability focus for the next Stakeholder, to take place in September (precise date TBC).
Agenda item 7: Take Five update
21. Katy presented a paper on phase 3 of the Take Five campaign. New campaign collateral has been completed and is available for Take Five partners. The next phase will launch with Take Five week (precise date TBC, but likely early October) and will include SMEs in its target audience, as well as individuals. A Take Five charter has also been developed committing partners to using the Take Five messages in a consistent way.
22. The board expressed their support for Take Five, and the new campaign material. Alex asked how well it was joined up with policing’s protect messages and offered to speak to Katy about how this link can be improved.
Action 7:
Alex and Katy to discuss how to better align policing’s protect messages with Take Five.
23. Mike closed the meeting, noting that the next Management Board is scheduled for 26 September.