We have a new website go to gov.scot

Her Majesty's Inspectorate of Constabulary for Scotland: Thematic Inspection Serious Fraud

Listen

SUMMARY OF RECOMMENDATIONS

HM Inspectorate of Constabulary for Scotland ( HMICS) has inspected how the police service in Scotland addresses serious fraud. The inspection focused on:

  • the strategic approach to fraud, including prevention and detection;
  • the treatment of victims;
  • the availability of the relevant skills to forces faced with complex fraud investigations; and
  • the partners involved in preventing, and responding to, fraud.

Our aim in making the following recommendations is to ensure a more systematic approach to understanding and handling fraud recognising, at the same time, the need to work with relevant stakeholders across the UK:

Recommendation 1: That the Scottish Government consults with stakeholders, including the Crown Office & Procurator Fiscal Service ( COPFS) and the Association of Chief Police Officers in Scotland ( ACPOS), to make certain that legislation, process and interventions relating to fraud in Scotland are no less comprehensive or robust than they are elsewhere in the UK.

Recommendation 2: That the Scottish Government creates a national fraud capability within the Scottish Crime & Drug Enforcement Agency ( SCDEA) structure to co-ordinate intelligence gathering, enhance knowledge of fraud, and initiate and promote prevention and disruption.

Recommendation 3: That forces each identify a single point of contact ( SPOC) for financial institutions reporting incidents of fraud, in order to promote consistency, accuracy and quality of service.

Recommendation 4: That forces adopt consistent and transparent common processes for managing fraud in Scotland. This would specifically include clear recording guidelines to ensure that fraud is recorded in accordance with the Scottish Crime Recording Standard, and common criteria to be used in deciding whether or not to investigate a fraud.

Recommendation 5: That forces increase their use of forensic accountancy to advise on lines of enquiry most likely to prove productive and timely.

Recommendation 6: That forces review their collective needs for fraud training and discuss with the Scottish Police Services Authority ( SPSA) how it might meet these, ensuring that course availability and content are consistent with emerging fraud types, legislation and investigative techniques.

Recommendation 7: That forces' use of data-sharing and -matching be extended to drive intervention strategies, and that consideration be given to extending access to the Scottish Intelligence Database ( SID) to those agencies and organisations dealing with fraud and who are compliant with the Community Security Policy.

TIMESCALES

May 2008 - we recommend that following this inspection, the next step be to establish an SCDEA-aligned fraud post (recommendation 2). Within the first three months the post-holder should do the following:

  • develop an overall programme plan to deliver the recommendations from this inspection;
  • agree the stakeholders, reporting requirements and timescales for discharging these; and
  • initiate work to harmonise how fraud is reported and handled across Scotland.

May 2009 - we would expect that all other recommendations should be discharged by this time.

We believe that the timescales for this work are of particular importance given the progress being made to implement the Attorney General's Fraud Review in the UK.

Introduction

1. Scotland is a major country in terms of financial services, being home to two of the UK's largest banks and a large fund management sector. Edinburgh is one of the top ten European financial centres and is ranked 1 twentieth in the world as a global financial centre. Such prominence makes a safe business environment and positive policing of fraud directly relevant to Scotland's communities and the Scottish Government's strategic objectives of making Scotland 'Wealthier and Fairer' and 'Safer and Stronger'.

Serious fraud

2. The range of types and scale of fraud is almost limitless: from a child using a parent's debit card to top-up a mobile phone, to international companies using auditors to conceal inherently criminal activity over years. When large and complex commercial frauds are detected, innocent individuals, companies and the economy itself can all suffer as a consequence. Fraud is also used by organised crime groups to launder and increase their wealth and by terrorists to fund their activities.

3. 'Serious crime' is a phrase used as often, if not more so than 'serious fraud', and yet even here at least four 2 different definitions are used. In the absence of one clear definition, this report examines a wide range of frauds that some may not consider 'serious'. This is because multiple, simple, low value frauds are often part of a co-ordinated pattern of organised crime, and may be funding terrorist activity. Also, there are some types of incident, for example fraudulently marking a product as complying with safety legislation, that can endanger life.

Cost of fraud

4. Fraud is estimated 3 to cost every man, woman and child in Scotland £330 per year: a total cost to the UK of £13.9 billion. We are all, therefore, victims of fraud. Such victimisation can extend from directly losing money to a criminal, to paying higher taxes to cover the costs of fraud against the public sector, or being charged higher prices for goods and services to reflect fraud losses.

5. These estimated costs are based on the latest published figures and specifically exclude major areas such as income tax fraud and European Union fraud. Estimates for these factors raise the figure to £20 billion per year. The loss to the UK public sector alone is estimated at £6.434 billion. The National Fraud Initiative 4 shows savings to the public purse in Scotland of £23 million to date, a figure that is expected to increase as more data on public servants is brought into scope. Figures obtained from APACS (the UK's Payments Association) show that losses in Scotland due to crime with plastic payment cards totalled £11.5 million in 2007, a rise of 16% on 2006.

6. The ACPO report (restricted) on organised mortgage fraud in the UK was circulated in March 2008, with extracts made available to the media. This report, which included data gathered from Scotland, found that organised crime groups are using mortgage fraud to launder profits from activities including prostitution, drug and human trafficking. This imposes costs and losses upon society, not just the financial services sector, through factors such as over-valuation and transfer of wealth to criminals. It also implies the collusion of corrupt professionals.

7. Organised criminals are quick to react to changes that affect them and it is likely that the 'credit crunch' and changes in mortgage products will lead to further different fraud trends being identified.

8. The impact of fraud is not only monetary. Counterfeit goods sold fraudulently as real products can and do endanger life and safety. Recent media reports have highlighted, for example, the increasing use of counterfeit medications. We also know from the experiences of other countries outside the UK that, once fraud becomes an established and almost endemic form of crime, its growth can be very difficult to contain. In such circumstances, the turning of so many blind eyes can only hasten the spread of economic and social corruption.

Fraud in Scotland

9. In Scotland fraud is mainly dealt with under common law, as opposed to England and Wales where statute law applies. Recent improvements to legislation in England & Wales include the Fraud Act 2006 and The Serious Crime Act 2007. The Fraud Act has very limited applicability to Scotland and none of the new offences created applies in Scotland.

10. Some forces and the SCDEA suggested to us that the current legal framework for fraud in Scotland be reviewed, to establish whether sufficient law enforcement powers exist and whether those that do exist are used effectively. The Fraud Act, for example, provides clear, easily understood legislation. It also contains some elements that could, if adopted in Scotland, offer simpler ways of attacking complex frauds and potentially lead to a greater probability of conviction with less effort than common law requires.

11. Stakeholders believed too, that the proceeds of crimes of fraud needed to be pursued more actively and boldly. (We intend to carry out a subsequent thematic inspection of asset confiscation.) Forces also suggested that having procurators fiscal who specialise in fraud would help when selecting cases and clarifying evidence requirements and charges to be libelled. This last point is clearly a matter for the Crown, and we aware that other considerations may mitigate against specialisation in prosecution. Nevertheless we offer this perspective from a policing point of view, for consideration.

12. A very significant number of financial institutions, based in either Scotland or England, operate across the UK. As most business is carried out in England, companies are most used to working with English legislation and process. This has been the source of some confusion when a financial institution has, for example, sought a single point of contact ( SPOC) for reporting fraud or a production order for further information, from a Scottish force. This is because Scottish forces do not currently use such SPOCS and employ a notably different process for obtaining production orders.

13. The Serious Crime Act 2007 does confer some information-sharing and data-matching powers on Scotland, but these are limited to reserved bodies (such as HM Revenue and Customs ( HMRC), the Department for Work and Pensions ( DWP), and so on). We believe that in order to improve our ability to detect and disrupt fraud, these powers should be extended to other organisations, including commercial bodies, in Scotland (see para 56).

14. Two years after it was announced, the UK Government published the findings of its Fraud Review in October 2007. On the back of this, and following stakeholder consultation, the Government provided £29 million of funding "to help make the UK the world's hardest target for fraudsters" 5. In practice, however, the main findings of the review relate predominately to England and Wales and propose the establishment of the following:

National Strategic Fraud Authority ( NSFA)
A public/private/government partnership to devise and implement a national fraud strategy, including measuring fraud losses and creating an anti-fraud culture.

Multi Agency Co-ordination Group ( MACG)
This will be part of the NFSA and will include representatives of law enforcement, prosecuting agencies, regulators and professional bodies. Its role is to task and enforce the NFSA identified anti-fraud initiatives.

National Fraud Reporting Centre ( NFRC)
A centre for receiving information from government, business and the public, undertaking analysis, and providing intelligence and alerts. Information may be submitted either to a call centre or via the internet.

National Fraud Intelligence Bureau ( NFIB)
This will be a part of the NFRC and will analyse reports and build a UK intelligence picture of the threat.

National Lead Force for Fraud
A designated centre of excellence for England and Wales will be established, hosted by the City of London Police Economic Crime Unit, It will disseminate best practice, give advice on complex inquiries in other regions and assist with or direct the most complex of these investigations. Additional funding has been allocated for development of this capability. An increase in investigators from 120 to 160 was announced in March 2008.

Financial Court
A jurisdiction will be established so that the different proceedings arising from fraud cases can be brought to one court and the sentencing options can be extended.

Plea Bargaining Guidelines
To allow an alternative to a full criminal trial where an acceptable punishment can be agreed, subject to the court approval.

15. Scottish stakeholders had little involvement in the Fraud Review prior to its publication. It was only during the course of this inspection that further engagement, at government and practitioner level, began to take place. Some of the Review's proposals, specifically that a Financial Court be established and that Plea Bargaining Guidelines be drawn up, are not relevant to Scotland. However, this lack of participation may have left Scotland more vulnerable in this respect. We believe that even now, unless Scottish stakeholders make conscious and committed efforts to implement relevant parts of the proposals, that risk will become a reality.

16. We are aware of the differences in criminal law north and south of the Border. And we accept that for most types of volume crime, because they entail local victims, perpetrators and locations, these differences do not present serious problems. However, this inspection has confirmed that with fraud increasingly being committed across internal borders, corporate and individual victims are understandably perplexed and frustrated by the differences in recording and investigative practices between Scotland and the rest of the UK.

17. Key finding:

While Scotland has a well developed strategic approach to drug issues, linked to interventions (the SCDEA model), the same cannot be said of fraud. Consequently, we are in danger of failing to keep pace with developments in the rest of the UK.

Recommendation 1: That the Scottish Government consults with stakeholders, including the Crown Office & Procurator Fiscal Service ( COPFS) and the Association of Chief Police Officers in Scotland ( ACPOS), to make certain that legislation, process and interventions relating to fraud in Scotland are no less comprehensive or robust than they are elsewhere in the UK.

The police role in fraud in Scotland

18. In the UK the National Intelligence Model ( NIM) is applied as a means of identifying, prioritising and addressing areas of concern to policing. From the resulting strategic assessment a control strategy is derived, which identifies priority areas and remedial action to be taken under the areas of prevention, intelligence and enforcement. In Scotland this model is applied at all levels of each force and the SCDEA, as well as nationally through ACPOS.

19. Our inspection identified several stakeholders, in both the commercial and public sectors, who also used the NIM. These bodies had management and intelligence staff trained to use intelligence to identify emerging criminal trends, prepare appropriate strategies and develop relevant action plans.

20. The ACPOS Strategic Assessment 2006 (restricted) included fraud on the national control strategy for the same year. A view that we frequently encountered was that this had made no difference to the approach, or priority attached, to fraud in Scotland. Awareness of the matter had, though, improved.

21. The ACPOS Strategic Assessment 2007 (restricted), published in October 2007, recommended the following approach for fraud:

Prevention

  • provide best practice advice to financial organisations, call centres and businesses on security policies;
  • educate the public to the vulnerabilities of identity fraud and how best to protect themselves;
  • work with the financial sector to raise awareness of mortgage fraud activities.

Intelligence

  • focus intelligence gathering on the providers of false identity documents and perpetrators of identity fraud;
  • increase intelligence on fraudsters at a local level who use stolen credit cards.

Enforcement

  • develop disruption techniques for 'long firm frauds' 6 at a national level, to avoid geographic displacement and provide standardisation for analysis and performance evaluation;
  • maximise the services of the Scottish Business Crime Centre to target those involved in complex fraud offences; and
  • target fraudsters by using Proceeds of Crime Act 2002 legislation.

22. From what we saw during the inspection, forces' responses to the above appeared limited, with only one showing positive action.

23. At the time of the inspection, there were around 50 police officer posts and eight police staff posts allocated to full-time work solely on fraud in Scotland. These figures are estimates only, as some forces combined fraud with financial investigation duties. Also unrecorded is the amount of time that other, non-specialist members of staff spend dealing with incidents of fraud as part of their duties. This compares to approximately 100 investigators at HMRC who are regularly involved with fraud enquiries.

24. Because the true extent of the threat and risk of fraud is unknown, we are unable to assess whether levels of dedicated resources are appropriate. From stakeholders and forces we learned that the police service in Scotland generally regarded fraud as a low priority and therefore allowed high levels of staff abstraction from fraud squads. For example, the lead officers of the two largest fraud squads in Scotland were abstracted (but not replaced) for other duties for most of 2007. The ACPOS lead chief officer for financial crime similarly had extensive conflicting priorities during the same period. Such abstractions, we believe, have contributed to the absence of strategic momentum in fraud, despite the priority assigned to it in the national control strategy.

25. Fraud squad members felt that fraud is not seen by others as "sexy", that working in the fraud squad does not advance careers, and that compared with other colleagues, they have fewer opportunities for overtime. Similar views explained the reluctance of other staff to apply for fraud-related roles.

26. We believe that Scotland needs to focus its response to fraud by establishing a strategic resource that can do the following:

  • gather information and intelligence to create and sustain an up-to-date best possible picture of fraud affecting Scotland;
  • become the body to drive and co-ordinate Scotland's strategic approach to fraud;
  • own and drive Scotland's approach to and liaison with the Fraud Review initiative ( NFSA, MACG, NFRC & NFIB);
  • lead a review and rationalisation of the roles of the organisations in Scotland currently addressing fraud (see Appendix A);
  • encourage agencies, fora, financial institutions and COPFS to work together to disrupt and prevent fraud;
  • review and control the data-sharing and -matching approach in Scotland (see para 56);
  • establish a programme of media relations, business and commercial education and training to ensure that fraud methods are publicised; and
  • promote Scottish policing interests in UK and international consideration of fraud.

27. To avoid any conflicts of priority and potential abstractions, the body should not be aligned to a single force. Instead, we believe that it should sit within the SCDEA structure, given the Agency's functions 7 as follows:

  • preventing and detecting serious organised crime;
  • contributing to the reduction of such crime in other ways and to the mitigation of its consequences; and
  • gathering, storing and analysing information relevant to:
    • the prevention, detection, investigation or prosecution of offences
    • reducing crime in other ways or mitigating its consequences.

28. The Cabinet Secretary for Justice, Mr Kenny MacAskill, has stated that: "... tackling serious crime is a priority for this government. The SCDEA plays a vital role in the fight against the threat to our communities posed by criminal gangs" 8. This reinforces our view that the SCDEA is the correct place to locate a national fraud post and its supporting infrastructure.

29. We further suggest that it would be sensible to locate such a body in the east of Scotland. This would reflect Edinburgh's status as Scotland's financial and governmental centre, and help to promote close working relations with specialist staff of the Crown Office who are also based in the city.

30. A potential organisational model for this body is shown in the accompanying diagram.

diagram

31. Key findings:

  • Although we know that fraud has a huge economic impact on Scotland, the true extent and nature of this crime remains unknown.
  • Strategic direction is hampered by the abstraction or distraction of personnel identified to drive this area of work, even when it is considered to be a 'priority'.
  • Fraud strategies must recognise and be linked to prevention and disruption if efficient use is to be made of resources in tackling this crime.

Recommendation 2: That the Scottish Government creates a national fraud capability within the Scottish Crime & Drug Enforcement Agency ( SCDEA) structure to co-ordinate intelligence gathering, enhance knowledge of fraud, and initiate and promote prevention and disruption.

32. We have given much thought to whether establishing a centrally controlled Scottish fraud investigative resource is justified. There is absolutely no doubt that, as ACPOS found in its work on capability and capacity for other functions across Scotland, smaller forces can neither sustain nor afford sufficient expertise in serious fraud. However, we feel that it may be sensible to allow the national capability recommended above to analyse the risk and threat posed by fraud in Scotland, before developing any further national, dedicated investigative capacity. For this reason, therefore, we suggest that in 2009 the SPSA consult with ACPOS and COPFS and report to the Scottish Government on the need for such a capacity.

33. We anticipate that such a future development could undertake certain investigative and support functions for all of Scotland, similar to those carried by the lead force for fraud in England and Wales. There would still be merit in such a capacity being aligned to the SCDEA, for the reasons already given. The expected benefits would include:

  • having a body of expertise to handle the most complex cases and advise forces;
  • a central liaison point with industry and the public sector for fraud;
  • central tasking and co-ordination to manage resources and link to bodies such as the Financial Services Authority ( FSA);
  • development opportunities for fraud detectives from forces; and
  • less strain on individual forces faced with unusually serious fraud.

34. A potential organisational model for the combined intelligence/prevention/investigation capability is outlined in the accompanying diagram.

diagram

Making it better for victims

35. There is considerable inconsistency in the experiences of individuals and companies seeking to report a fraud to the police. In many cases of card fraud, for instance, victims report the matter solely to the card issuer without involving the police. This is the method agreed by ACPO for England and Wales.

36. Not only did we find differences between forces in terms of how they recorded fraud, there were also anomalies within forces where stipulated processes were not always followed. Examples included force fraud systems being used to record and manage reports of frauds separately from main crime recording systems; cases on such systems may only be transferred to the main crime systems when they have been reported to the Procurator Fiscal. Such practices lead not only to the under-recording of crime, but also to inaccuracies when calculating solved crime as a percentage of reported crime.

37.UK-based financial institutions are used to dealing with identified single points of contact ( SPOC) when reporting incidents of fraud to forces in England and Wales. Several forces in Scotland had identified a similar need, and at the time of our inspection the matter was being discussed by the Scottish Working Group on Fraud. We believe that by adopting this practice as soon as possible, Scottish forces could achieve both a better quality of service to users and a degree of consistency in recording that is clearly needed.

38. Key findings:

  • There are inconsistencies between and within forces in what is and is not deemed to be a fraud or the locus of a fraud.
  • There are inaccuracies in how the number of frauds and solved frauds are determined.
  • Single points of contact are used throughout most of the rest of the UK. Not only do they promote consistent recording of fraud, but business users expect to be able to interact with such dedicated individuals.

Recommendation 3: That forces each identify a single point of contact ( SPOC) for financial institutions reporting incidents of fraud, in order to promote consistency, accuracy and quality of service.

39. Our recent thematic inspection of the Scottish Crime Recording Standard highlighted a need to improve its application when recording crime in general and fraud in particular. Indeed this inspection of fraud has been significantly hampered by the poor availability of data. More importantly, a lack of accurate and comprehensive data also impedes any efforts to address fraud in a systematic and informed way.

40. The rest of the UK has recognised the need to improve both fraud recording and the use of such data, as the steps taken to establish the National Fraud Reporting Centre and the Fraud Intelligence Bureau show. Scotland must do the same if it is to be able to apply the NIM to this area and realise the full benefits of these new structures.

41. In several high-volume crime areas of policing it is normal to consider which crimes merit investigation and for which, even if full investigation is not warranted, details should be examined on an aggregated basis to identify and address underlying trends. It was clear during the inspection that, without accurate data of the number and types of frauds, forces found it hard to make these kinds of informed decision and take systematic action as a result. Though we came across a number of 'case selection' tools elsewhere in the UK (see Appendix B) we found few, and less formal, processes being used in Scotland.

42. What most Scottish forces did do was prepare and circulate to all staff a document detailing the most commonly encountered types of frauds. By doing so, non-specialist staff too were able to contribute to efforts to tackle these kinds of crime. We suggest that this advantage might be enhanced further by creating a single national document for all Scottish forces, rather than eight individual ones.

43. It was evident to us that there was some frustration between the various partner organisations involved in investigating fraud. Forces, businesses and procurators fiscal have finite resources and are therefore unable to pursue all cases to the same standard. This is true and inevitable with all but the most serious of all types of crime. However, tensions can occur when discontinuation decisions are taken by one stakeholder after one or more of the others have already committed resources to a case.

44. For instance, when financial institutions agreed in the past to handle all reports of card fraud directly and with no police involvement, they expected that cases of significance (either by volume of victims or loss) would nevertheless be reported to the police for further action. However, in the absence of visible case selection criteria in forces, institutions were carrying out extensive enquires on such cases, only to find that when they were reported to the police, no action was taken. Conversely, in cases of mortgage fraud that the police consider worthy of further enquiry, mortgage providers who have incurred no losses may be less willing to commit resources to any follow-up.

45. The ultimate authority for the prosecution of crime lies with the procurator fiscal. It is he or she who must determine from available information whether it is viable, and in the public interest, for a prosecution to take place. This can be particularly challenging in fraud cases where the complexity is often not known until much work has been carried out.

46. Where it had happened before, we found early liaison between police forces and procurators fiscal when assessing fraud cases to be a positive and constructive exercise. We strongly encourage this good practice where the early signs are that a case will be particularly long or complex, as this should improve how valuable resources in both organisations are managed.

47. Key findings:

  • Some victims find it hard to report a fraud and, when they do, are treated in an inconsistent manner.
  • The above exacerbates the problem of an already incomplete picture of the extent and nature of this crime, on which police activity is then based.
  • There is no common, recorded case selection method.

Recommendation 4: That forces adopt consistent and transparent common processes for managing fraud in Scotland. This would specifically include clear recording guidelines to ensure that fraud is recorded in accordance with the Scottish Crime Recording Standard, and common criteria to be used in deciding whether or not to investigate a fraud.

48. In addition to involving procurators fiscal earlier in the assessment process several, predominantly English, forces and agencies also used the services of forensic accountants. Although Strathclyde Police was making efforts to recruit a forensic accountant, at the time of the inspection this practice in Scotland was restricted to the SCDEA and HMRC. No formal analysis of the costs and benefits of this approach was apparent. However, anecdotal evidence indicated that forensic accountants were able to inform individual investigative strategies in ways that increased the chances of successful prosecution while also reducing time spent on less relevant lines of enquiry. Their professional expertise was also useful in identifying criminality in accounts notified to police as suspicious. In agencies where they were used, the common view was that it was not necessary for forensic accountants to be a dedicated resource on each case but that they could in fact be involved in more cases than is the norm for an investigator.

49. Some UK forces contracted-in the services of commercial forensic accountants, either on an ongoing or case-by-case basis. While this can be expensive, some large companies were keen for their staff to gain exposure to the fraud investigation elements of law enforcement and now provide more cost effective models.

50. Key finding:

Forensic accounting can help in managing resources effectively and focusing on productive lines of enquiry. Ideally this would be augmented by early consultation with procurators fiscal.

Recommendation 5: That forces increase their use of forensic accountancy to advise on lines of enquiry most likely to prove productive and timely.

51. When inspecting the police approach to fraud, we also considered the training available to officers who specialised in this area. It became evident that the training provided in Scotland was less comprehensive than that available in the rest of the UK where, in addition to longer fraud courses, there were also fraud management courses for relevant line managers.

52. The Working Group for Fraud Training considers course content for Scotland. While the Police College's fraud course was routinely evaluated, as is the case with all its courses, it had yet to be benchmarked. Such an exercise, together with a formal training needs analysis, would help to determine optimum course content.

53. The fraud course at the Scottish Police College also had the lowest rate of attendance, as a percentage of available places, of any course in its Crime Management Division. There could have been a number of explanations for this, including force selection of personnel, a subject on which the College had begun to liaise with forces. The course length had also recently been reduced from two weeks to one.

54. Key finding:

The training provided by the College is short, becoming shorter, and has a low take-up rate.

Recommendation 6: That forces review their collective needs for fraud training and discuss with the Scottish Police Services Authority ( SPSA) how it might meet these, ensuring that course availability and content are consistent with emerging fraud types, legislation and enquiry techniques.

Partnership solutions to shared problems

55. As mentioned at para 19, many bodies outside the police service were already implementing the NIM. A strategic assessment, whether by police or other agency, is based on intelligence from a variety of sources. These sources vary significantly amongst the stakeholders, each possessing valuable data but none having a complete picture.

56. The benefits of sharing data have already been quantified in the case of the National Fraud Initiative, which itself only uses certain data sets. We have also seen effective data-sharing and -matching in the commercial sector, particularly by the Insurance Fraud Bureau, APACS and CIFAS where, despite commercial sensitivity, clear business benefits have motivated companies to co-operate to fight fraud. (In each of these three cases, the relevant body represents more than 90% of its respective industry sector.)

57. What is less evident is any systematic co-operation between law enforcement and public sector bodies, either to share data or work jointly with available data. This situation may change in England and Wales, with the advent of the Serious Crime Act 2007 and the National Fraud Intelligence Bureau.

58. Where limited data-sharing between forces and commerce did go on, such as that for the Suspicious Activity Reporting ( SAR) process, considerable benefits had accrued, both in identifying criminal conduct and the additional intelligence gained. This had in turn encouraged cross-agency working and initiatives designed to target specific problems. Recent enhancements to the feedback arrangements within the SAR process were welcomed by the financial institutions, but there is still scope for further improvement.

59. The Scottish Government has indicated that legislation is being prepared to assist the National Fraud Initiative. As part of this, we would welcome broad data-sharing powers that clearly set out the scope and manner of data-sharing to prevent and detect crime.

60. We are conscious that during the period of this inspection there was significant public concern surrounding insecure data handling both by commercial and state sectors. Such errors do not detract from the need to share data, but do reinforce the need to ensure that adequate controls are in place at all stages of the process.

61. Key findings:

  • Data-sharing and -matching has been found to be an efficient and effective way to tackle fraud.
  • However, generally, data are poorly shared and organisations need to apply what demonstrable good practice there is in order to improve this.

Recommendation 7: That forces' use of data-sharing and -matching be extended to drive intervention strategies, and that consideration be given to extending access to the Scottish Intelligence Database ( SID) to those agencies and organisations dealing with fraud and who are compliant with the Community Security Policy.