annual review 2017 - financial fraud action uk · annual review 2017 financial fraud action uk 05....

ANNUAL REVIEW 2017FINANCIAL FRAUD ACTION UK

2017

Contents

04Chair’s introduction

06Foreword

08About FFA UK

102016 review

12Fraud snapshot

14Leading for the industry

18Raising awareness

20Protecting customers

24Providing expert advice

26Industry data

30DCPCU

34Public affairs and media

36FFA UK members

Message from the ChairAlex GrantChair, Financial Fraud Action UK

04

Protecting customers from fraud is the top priority for the payments industry, and Financial Fraud Action UK (FFA UK)is at the forefront of the effort.

Last year was the first full 12 months of FFA UK as a standalonebody and we have certainly hit the ground running. The threatfrom fraud is ever-changing, but so too is the way industryadapts its response.

In recent times we have seen criminals increasingly attempt totarget consumers and business directly through deception andimpersonation scams. By tricking customers into giving awaytheir personal and financial details, or moving money to ‘safe’accounts, fraudsters have tried to circumvent the advanced security systems used by financial institutions.

This change in criminals’ methods means that empoweringcustomers with the knowledge they need to protect themselvesis central to the fight against fraud. Last year we launched TakeFive to Stop Fraud, FFA UK’s largest ever behaviour changecampaign. Its core message asks everyone to pause and thinkbefore they respond to any financial requests or share any personal or financial details – to take five.

Since its launch in September, Take Five has featured widely inthe national media, inside member branches, at ATMs, on socialmedia and has been supported by many partners. Changing behaviour does not happen overnight, but so far 65% of thosewho have seen the campaign say they would behave differentlythe next time they face a potentially risky scenario.

FFA UK has been advancing the way which industry responds tofraud. The Banking Protocol, a collaboration between banks andlocal police services managed by FFA UK, is one such innovation.

The protocol stops frauds in which victims are tricked into goinginto their local branch to withdraw or transfer funds to pass onto fraudsters. It brings criminals to justice, by creating a systemwhereby branch staff can contact police and be guaranteed a

speedy response. Piloted in London, in the first 12 weeks of the initiative the Banking Protocol prevented £1.1 million in financial crime, with 14 people arrested and one criminal convicted already.

Last February I represented FFA UK at the launch of the JointFraud Taskforce by the Home Secretary. The Taskforce has subsequently made substantial progress in focusing the combined efforts of banks, government and law enforcement in tackling fraud, with FFA UK leading work on behalf of thepayments industry.

Following the Which? super-complaint on scams, FFA UK provided evidence to the Payment Systems Regulator clearlydemonstrating the need to address the legal and other barriersthat prevent banks from openly sharing information on pushpayments. We also agreed that FFA UK would work with ourmembers to collect better data on authorised fraud and ensurecustomers who are reporting these scams receive a more consistent response in the future.

The powerful, collective voice FFA UK provides for the industryhas led to our membership expanding in 2016, and I am pleasedJ.P Morgan, Triodos Bank and Valitor all joined the organisationlast year.

Over 2016, our vision of creating the most hostile environmentin the world for fraudsters has been at the core of our work. By building on last year’s achievements and through our collaborative work, FFA UK is well placed to be at the centre of the fight against fraud in the future.

Alex GrantChair, Financial Fraud Action UKAlex Grant stood down as Chair of the FFA UK Board at its meetingin March 2017, but remains a board member.

05ANNUAL REVIEW 2017 FINANCIAL FRAUD ACTION UK

ForewordKaty WorobecDirector, Financial Fraud Action UK

06

Last year cemented FFA UK’s position as the leader of the payment industry’s fight against fraud. Now in 2017 we arestepping up a gear.

Managing intelligence-sharing systems on behalf of the industry will always be a vital part of our work, and FFA UK isalso leading efforts to improve how financial institutions, andothers, respond to the changing fraud landscape.

With fraudsters routinely using information stolen through databreaches to commit their crimes, being able to put protectionsin place on affected customer accounts quickly is crucial. Together with government and law enforcement, we have developed a new protocol for organisations who have suffered a data breach. The protocol gives advice on communicationsand identifying the stolen data, and sets out how banks shouldbe informed of a breach effectively and efficiently.

The theft of payment card data is a key driver behind remotepurchase (card not present) fraud, which makes up the majorityof card fraud losses. During 2017, FFA UK will be leading for ourmembers on work under the Joint Fraud Taskforce in pursuing astrategic action plan to tackle remote purchase fraud, bringingtogether retailers and the international card schemes, as wellas law enforcement and government.

Through the Taskforce we are also developing a scheme to givethe legal framework for banks to investigate, trace and establishthe ownership of stolen funds. It is an important developmentthat would mean banks can retrieve and repatriate money toscam victims with impunity.

We are also continuing to help customers to spot scams andstay safe. The launch of Take Five last year was a major stepand, working with government and other sectors, we want thiscampaign to grow in 2017.

We have already seen great examples of other organisationsusing the Take Five brand for their fraud prevention work, suchas Cifas, Trading Standards and BT, with organisations like the Financial Conduct Authority now taking it forward too. Withpartners using Take Five as the umbrella brand for fraudawareness, customers will have confidence that the advicecomes from a trusted source.

Last year the FFA UK board voted to integrate with a new tradeassociation, UK Finance, bringing together other key trade associations including the BBA and The UK Cards Association.This will help to bring the industry work on fraud and moneylaundering into one place, strengthening the work we do at theheart of the finance industry. While the work to create this neworganisation is underway, it will be business as usual at FFA UKwhere we remain focused on our core aim of creating the mosthostile environment in the world for fraudsters.

Katy WorobecDirector, Financial Fraud Action UK


About Financial FraudAction UK

08

We provide a forum for our members to work together on non-competitive issues relating to financial fraud. Our primaryfunction is to facilitate collaborative activity between industryparticipants and with other partners committed to fighting fraud.

Our key aims are to:

Provide a single cohesive industry voice on financial fraud

Lead collaborative industry-wide activity to prevent and control financial fraud

Uphold the reputation of the industry by demonstrating its record on fraud prevention.

We do this by:

Managing the Industry Strategic Threat Management Process, which provides an up-to-the-minute picture of the threat landscape

Sponsoring the Dedicated Card and Payment Crime Unit, a unique proactive operational police unit, with a national remit, formed as a partnership between FFA UK, the City of London Police and the Metropolitan Police

Managing intelligence-sharing through the industry fraud intelligence hub (Financial Fraud Bureau) and the Fraud Intelligence Sharing System (FISS) which feed intelligence to police and other agencies in support of law enforcement activity

Providing a single point of contact for companies suffering data breaches to ensure compromised account information can be speedily, safely and securely repatriated to the banks

Delivering UK-wide awareness campaigns to inform customers about threats and how to stay safe

Informing commentators and policy-makers through our press office and public affairs functions

Providing expert security assessments of new technology, as well as the impact of new legislation and regulation

Publishing the official fraud losses for the UK payments industry, as well as acting as the definitive source of industry fraud statistics and data.

Key partner

FFA UK works in partnership with The UK Cards Associationin developing and delivering fraud strategy on credit, debit andcharge cards. UK Cards is the trade body of the card paymentsindustry, representing financial institutions which act as card issues and acquirers. FFA UK works with the Cheque & CreditClearing Company on credit clearing and cheque fraud.

Financial Fraud Action UK is responsible for leading the collectivefight against financial fraud on behalf of the UK payments industry.Our membership includes banks, credit, debit and charge card issuers, and card payment acquirers in the UK.


2016

FFA UK sponsored and supported Save Gelly, Get SafeOnline’s social engineeringcampaign.

JAN

FFA UK joined the Home Secretary, and representativesfrom law enforcement and thebanking industry, in launchingthe Joint Fraud Taskforce.

FEB

FFA UK called on all candidates in the Police andCrime Commissioner electionsto commit to four pledges toprotect local people fromfraud. The pledges includedmaking tackling financialfraud and cybercrime a priority for their Police andCrime Plan.

APR

The value of prevented fraudwas published for the first timeas part of the 2015 annualfraud figures. The data showedbanks stopped £7 in every £10of attempted fraud.

MAR

10

2016 Review

Eleven people were arrested ina joint DCPCU and Visa Europe operation proactively targeting remote purchase fraud, whichsaw the banking industry andretailers share live data for thefirst time.

JUN

Start of the funds in flight proofof concept to identify networksof money mule accounts.

AUG

FFA UK presented on the needfor collaboration in educating consumers to prevent fraud atthe Labour and Conservativeparty conferences.

Officers from the DCPCU andPolice Scotland carried out operations related to 1,985 fraudulent transactions, withlosses of more than £680,000,as part of the second RetailWeek of Action.

OCT

FFA UK agreed to take forwardwork on authorised fraud, following a super-complaintfrom Which? to the PaymentsSystems Regulator about howthese scams are handled.

DEC

FFA UK hosted its first government and bankingfraud alignment day bringing together FFA UK Board members and government departments and regulators(HM Treasury, Cabinet Office,Home Office and the PSR) inrelation to fraud prevention.

The DCPCU was awarded theEuropean Law EnforcementUnit of the year 2016 by theEMEA Chapter of the International Association of Financial Crime Investigatorsfor Project Sandpiper*, whichachieved an estimated savingof £23 million to the UK banking industry.

MAY

Security Minister John Hayesvisited FFA UK and DCPCU tolearn about how the paymentindustry and police work together to tackle fraud.

JUL

Launch of the Take Five campaign, the first time FFAUK and all major banks andkey financial services providersacross the UK came togetherto launch a national behaviourchange campaign to combat financial fraud.

SEP

The Payment Strategy Forumpublished its Payments Strategy. FFA UK provided expert advice to the forum onthe fraud requirements.

NOV

11ANNUAL REVIEW 2017 FINANCIAL FRAUD ACTION UK*Project Sandpiper, the DCPCU led project targeting Romanian Organised Crime Groups (OCG's) impacting on the UK.

Fraud Snapshot

12


Secured

on fraud related matters580 convictionsprevented the loss of

from reduced fraud£486m

Since 2002, DCPCU has:

In 2016

were secured78 convictions people were

arrested140

2016

In 2016 those convicted of crimes following work conducted by the DCPCU received a total of more than124 years imprisonment

In 2016, there was an incident of fraud every 17 seconds

2016

2004

71%

fall in card fraud since the introduction of Chip & PIN in 2004

The amount of fraudas a proportion of the amount spent on cards during 2016 compared with 2008 was:

in every£100

£13.6m

down 6%in 2016 to the lowest everannual total with losses of

Cheque fraud losses

Remote banking fraud lossesin 2016

£6.40

the bankingindustry prevents

in every £10 of attempted fraud

2008 2016

8.3p

12.4p

down19%

Leading for the industry

14


Through industry collaboration, FFA UK is the authoritative leaderin defending consumers and businesses from fraud. During 2016,we worked on behalf of our members and with government, regulators, law enforcement and other industries to improve how the UK tackles fraud.

The Joint Fraud Taskforce

In February 2016, the then Home Secretary Theresa May launchedthe Joint Fraud Taskforce (JFT).

Collaboration is fundamental to effectively tackling fraud and this is the basis under which the JFT operates. It brings together industry, including FFA UK, along with governmentand law enforcement, to use their collective forces to removevulnerabilities, promote fraud prevention and target fraudstersand so reduce the number of victims of fraud.

The initial focus of the JFT was to understand the risk, withwork to identify and agree the key threats, vulnerabilities anddrivers of fraud. A ‘Wanted Fraudsters’ campaign resulted inthe arrests of a number of the individuals featured. The TakeFive campaign was launched and the JFT helped to deliver theBanking Protocol in London (see page 21).

In September the new Home Secretary, Amber Rudd, chairedthe first Joint Fraud Taskforce Oversight Board attended byministers, law enforcement and senior industry representatives.

It was acknowledged that the JFT had had initial success and onthe basis of these the time had come to consider the big strategicissues that would have greatest impact on the levels of fraud in theUK. A number of workstreams were established to support theJFT in delivering that shift:

Improving the law enforcement response – a dedicated programme to improve the national, regional and local law enforcement response on fraud

Awareness raising and campaigns – creating a highly visible and impactful fraud prevention campaign, building on Take Five

Funds repatriation – introducing a new scheme to allow banks to freeze and repatriate fraudulent payments

Remote purchase (card not present) fraud – delivering a strategic action plan with key stakeholders to tackle card not present fraud

Victims & Susceptibility – Delivering a strategic action plan to improve our response for victims and vulnerable individuals.

FFA UK has supported the JFT from inception and has providedit with a dedicated resource. We are pleased to be playing aleading role in the awareness raising, funds repatriation and remote purchase workstreams and are also supporting the law enforcement and victims and susceptibility work.

The Financial Crime stream in the Payments Strategy Forum sees financial crime interms of the challenges it creates for society as a whole, and not just as a narrowercompetitive issue for payments providers. The evidence is clear that fraud and financialcrime have serious impacts on a wide range of customers. The Forum gives us agreat opportunity to build new services and capabilities that are possible only by theindustry working closely together, and I strongly appreciate the role FFA UK hasplayed in supporting the Forum’s work on both strategy and implementation.

Andrew Ducker Programme LeadFinancial Crime, Security and Data Working Group Payment Strategy Forum

Responding to the Payment Systems Regulator

In September the consumer group Which? made a super-complaint to the Payment Systems Regulator (PSR) on scamsinvolving bank transfers.

FFA UK took the lead role for the payments industry, workingwith our members in responding to the super-complaint. Our detailed submission highlighted the significant number ofinitiatives already undertaken, or underway, to combat scams in the push-payment environment.

The response emphasised the challenges and the legal barrierswhich currently prevent banks from recovering fraudulent fundsand refunding victims of scams. It also explained the difficultiesin building additional security layers into a system without increasing friction in the customer payment experience.

To address these issues and to enable the establishment of afunds repatriation scheme, FFA UK requested that the regulatorwork with industry to define the criteria needed for the standardsto underpin the scheme.

In its response to Which?, the PSR highlighted that FFA UK willwork with its members to improve the collection of statistics onauthorised fraud, so as to ensure it is able to provide greaterclarity on the scale of these types of fraud. We also committedto ensuring customers who report these scams receive a moreconsistent approach in the future.


18

Raising awareness


As fraudsters increasingly focus on targeting consumers andbusinesses directly with deception and impersonation scams,raising awareness of fraud and how people can better protectthemselves is vital.

Take Five

Take Five, a national fraud awareness and behaviour changecampaign spearheaded by FFA UK, launched in September2016 with events held at London Waterloo, Manchester Piccadilly and Glasgow Central rail stations.

Take Five is the first time FFA UK and all major banks and keyfinancial services providers across the UK have come togetherto launch a national behaviour change campaign to combat financial fraud. It has been financially supported with additionalcontributions from campaign partners Cifas and the City ofLondon Police. The campaign aims to put consumers and businesses back in control with straightforward advice to helpprevent financial fraud.

It focuses on those financial frauds directly targeting customers,such as email deception (known as phishing) and phone andtext-based scams (sometimes known as vishing and smishing),and is designed to remind people that it pays to stop and think.

FFA UK members supported the campaign with in-branch activities and promotion through their communications networks.Support from key stakeholders including government, law enforcement, Cifas and others also contributed to the successof the campaign launch which saw widespread coverage acrossTV, radio, national print, online, and social media. Take Fivespokespeople carried out 39 broadcast interviews and werequoted more than 150 times in print media.

Each month since launch there has been Take Five campaignactivity focused on raising awareness and changing behavioursof priority audiences. Activities included a partnership with the

British Chambers of Commerce aimed at 5,000 businesses withmessages around invoice fraud and CEO impersonation, as wellas reaching some five million employees with more generalTake Five advice.

With customers shopping online in large numbers for Black Friday and Cyber Monday, the Take Five campaign alsohighlighted how millions of consumers put themselves at riskof financial fraud in order to secure an online bargain. The storycreated a platform to issue advice to consumers and generatedover 140 pieces of coverage including 16 national print and national online articles.

With additional funding secured, including government support,for a second phase of Take Five, FFA UK will continue to work in partnership with members and other key stakeholders to deliver campaign activities ultimately resulting in measurable behaviour change.

Supporting other campaigns

FFA UK also works closely with a range of other organisationsthat regularly deliver financial fraud and scams awarenesscampaigns to consumers and businesses, supporting their activities through our communications channels.

In 2016 FFA UK partnered with organisations including HM Government (Cyber Aware campaign), Trading Standards(Friends Against Scams), law enforcement (Little Book of BigCyber Scams), Citizens Advice Bureau (Scams Awareness month),Get Safe Online (Think Twice Before You Act campaign) and theFinancial Conduct Authority (ScamSmart campaign) to deliverawareness messages on a range of fraud related themes.

Protecting customers

20

We have been extremely pleased to be engaged with FFA UK in helping to deliver thenational roll out of the banking protocol. This is a key initiative which has been shownto support victims of fraud and prevent further victimisation through bank interventionand an immediate police support. Certainly in trading standards we are confident thiscontributes to tackling rogue traders, which is a key objective for us.

Richard StrawsonProject Lead, Partnerships & Doorstep CrimeNational Trading Standards Scams Team


Preventing customers from being victims of fraud is the highestof priorities for the payments industry. Every bank, card issuer andpayment acquirer uses a range of robust security systems to protect their customers from fraud.

Together, the industry also continuously works to enhance itscollective response to fraud. FFA UK leads this industry-levelwork, with the aim of creating the most hostile environment inthe world for fraudsters.

The Banking Protocol

During 2016 FFA UK worked with the Metropolitan Police Service and National Trading Standards to create and deliverthe Banking Protocol. Initially piloted across all bank branchesand post offices in the London and Greater London area, theBanking Protocol is a crime prevention partnership aimed at:

Identifying individuals who are tricked into going into their local branch to withdraw or transfer funds to pass on to fraudsters

Preventing the fraud from taking place

Providing support for victims to reduce their susceptibility to fraud in the future

Where possible, the arrest of the fraudster.

The success of this initiative stems from the commitment made by senior police officers to ensure a swift police responseto all 999 calls received from participating banks quoting theterm ‘Banking Protocol’. In the first 12 weeks of this initiative £1.1 million in financial crime was prevented, 14 arrests weremade and one criminal conviction was achieved.

Frauds identified and prevented by this initiative included roguetraders, courier fraud, investment scams, romance scams, advance fee fraud and even a money mule.

Throughout 2017 FFA UK will be working with police forces tocomplete a national roll-out of the initiative, ensuring a consistentapproach to these crimes across the whole of the UK.

The data breach protocol

Data breaches are currently the single largest enabler of fraud,providing criminals with the financial details they need to makepurchases or access customers' accounts.

Throughout 2016 we worked with government and law enforcement agencies, providing input to a new protocol to prevent data breaches or mitigate their effects. The data breachprotocol highlights the importance of knowing what data is held andwhere it is located and how to manage external communication.

Most importantly the protocol also details how an affected organisation should inform banks in the most effective and efficient manner in order to safeguard customers' accounts.

FFA UK is working with the Joint Fraud Taskforce to unite cyberand fraud interests under this single protocol to deliver astreamlined and effective response.

Payment Accounts Directive

The Payment Accounts Directive allows non UK domiciled individuals from EU states access to banking services in the UK.

FFA UK led the industry response to the directive by engagingdirectly with HM Treasury and the Financial Conduct Authority.We highlighted concerns from members, and provided expertinsight, on the challenges banks would face in verifying accountapplications from non-UK domiciled individuals and the riskthis could make opening mule accounts easier.

The Industry Strategic Threat Management process has beenused to assess the impact of the directive and allows industry toadopt mitigating activity if required.

Card not present action plan

Card not present (CNP) fraud, also called remote purchasefraud, happens when stolen payment card details are used tomake a purchase on the internet, over the telephone or via mail order.

The details are fraudulently obtained through methods such as scam phone calls and emails, or digital attacks such as malware and data hacks. CNP fraud losses on UK issued cardshave increased year on year, from £220.9m in 2011 to £432.3min 2016.

The industry is committed to tackling CNP fraud. Through the Joint Fraud Taskforce, FFA UK and its members are working closely with government, law enforcement, merchants, international card schemes and other key stakeholders that playa key role in the CNP payment process to develop a strategicaction plan to impact on rising fraud levels.


Providing expert advice

24


Fraud is a complex issue. FFA UK provides expert advice to members, regulators, government and law enforcement on allaspects of fraud and fraud prevention. This includes security assessments of new technology and on the impacts of new legislation and regulation.

Payment Strategy Forum

The Payments Strategy Forum (PSF) was created by the Payment Systems Regulator to identify, prioritise and help deliver initiatives where it is necessary for the payments industryto work together to promote collaborative innovation. FFA UKworked closely with the PSF in the development of its ‘PaymentsStrategy for the 21st Century’, published in November 2016.

We reflected the needs of our members to the PSF and provided subject matter expertise to ensure the financial crimeprevention solutions outlined in the strategy were in line withthe types of financial crime which most impacted banks andtheir consumers. The strategy established a Financial CrimeWorking Group Workstream and FFA UK is closely involved in anumber of the worksteams established to deliver the strategy.

Dynamic CVV on payment cards

Every payment card has a card verification value (CVV), also referred to as a card verification code (CVC), a three or four digitsecurity number usually printed on the reverse of the card.

In recent times cards have been developed with a small, digitaldisplay built into the reverse. On these cards the CVV is time-based,meaning the number changes after a certain period, with thenew code shown on the display. Some cards also have a smallkeypad which can be used to generate one time passwords.

During 2016 FFA UK undertook comprehensive research, onbehalf of our members, into dynamic CVV payment cards andtheir potential effectiveness in combating remote purchase(card not present) fraud. We also investigated the possibility ofusing the technology to enable mutual authentication over thetelephone between a bank and its customer.

The research looked at the various different aspects of the technology including the latest variety of cards now available inthe market, the cost to adopt and implement them, additionaluses and an assessment of the strengths and limitations ofthese cards.

This research was undertaken to better inform our members of the options available to them when considering new fraudprevention solutions for their customers, and was well received.

The funds-in-flight proof of concept

A money mule is someone who knowingly or unknowingly allows their bank account to be used to transfer or move stolenor illicitly gained funds. Criminals use money mules to launderand transfer money obtained through frauds through a networkof accounts in an attempt to hide their tracks.

Working with VocaLink, FFA UK initiated and ran a funds-in-flightnetwork proof of concept, which followed the flow of funds acrossthe payment platform to identify networks of money mule accounts.

Originally planned to involve three or four banks, member interestlevels were such that eventually 12 banks participated. The results have been highly positive and have provided the industrywith a platform to analyse and follow funds across networks ofmoney mule accounts.

The findings will now assist in developing a methodology to investigate money mule networks and a scheme to repatriatefunds back to victims who have been scammed into makingpayments themselves.

Industry data

26


FFA UK is the hub for fraud data and intelligence, providing a central information resource for the industry and police. We alsopublish the official fraud statistics for the UK payments industry.

Data sharing

A key strand of FFA UK’s work is to act as a channel for dataand intelligence sharing across the payments industry, and witha wide variety of partners.

This coordination is supported by our intelligence hub, the Financial Fraud Bureau, together with our Fraud IntelligenceSharing System (FISS) that allows FFA UK to share insights withother agencies, including the Police, National Crime Agency,National Fraud Intelligence Bureau (NFIB) and the Cabinet Office’s Counter Fraud Data Alliance.

Financial Fraud Bureau (FFB)

Established in 2010, the Financial Fraud Bureau leads the payments industry’s collective initiatives on fraud intelligenceand data sharing. Its key roles are:

Disseminating intelligence directly from, and to, banks, card schemes, card issuers and acquirers, and a wide number of stakeholders including police forces and other law enforcement organisations

Gathering, collating and analysing the intelligence that informs the Industry Strategic Threat Management Process

Being the single point of contact for companies suffering data breaches to ensure compromised account information can be speedily, safely and securely repatriated to the banks

Coordinating intelligence alerts from the payments industry and other key players ensuring that alerts are issued.

The FFB in 2016

261intelligence alerts issued

180,000at risk accounts

identified more than 29law enforcement investigations through collaborative work with the National Fraud Intelligence Bureau

Supported

28

ONS has welcomed collaboration from FFA UK as they have helped us improve the official statistics oncrime by providing a more complete picture of the scaleof fraud. In turn, this has informed action being taken by government, industry and individuals to seek to prevent it happening.

John FlatleyHead of Crime Statistics & AnalysisOffice for National Statistics

Official crime stats

In October 2015 the quarterly crime statistics publication produced by the Office for National Statistics (ONS) included, for the first time, the number of fraud crimes reported by financial institutions and other organisations via FFA UK to theNational Fraud Intelligence Bureau (NFIB) hosted by City ofLondon Police.

The data shared with the NFIB relates to only those crimeswhere there is sufficient intelligence for law enforcement to actupon, and therefore does not cover every case of fraud.

FFA UK worked closely with the ONS and the Home Office during 2016 to ensure the current fraud landscape was being accurately portrayed, with all crimes being reported regardlessof whether law enforcement had been notified or not. These figures are now included as an appendix within the ONS’s quarterly publication.

Working with telecommunication companies

Fraudsters will often use the phone to target their victim,whether with a call or by text message.

Throughout 2016, FFA UK continued its work with thetelecommunications industry as part of collaborative efforts towards reducing opportunities for fraudsters to misuse legitimate phone services such as SMS, sim swap, numberredirection and caller ID to defraud bank customers.

This includes:

Regular intelligence sharing between telecommunications companies and financial institutions. Some cases led to formal investigations, resulting in arrests and prosecutions

Enhancing processes within both telecommunications companies and financial institutions to help mitigate against different fraud types such as sim swap enabled fraud

Ensuring telecommunications companies and financial institutions are aware of potential mitigating activity both industries could introduce, to assist in reducing increasing mutual fraud levels

Engaging with Ofcom to raise awareness of new fraud types and trends

Horizon scanning for future threats that could have an impact on both industries’ ability to monitor and react to new fraud methods.

FFA UK is also closely involved with telecommunications companies so as to support and influence their education andawareness campaigns.


Dedicated Card and PaymentCrime Unit

30


The Dedicated Card and Payment Crime Unit is a unique proactivepolice unit, with a national remit, formed as a partnership betweenFinancial Fraud Action UK, the City of London Police and theMetropolitan Police Service together with the Home Office.

It is fully sponsored by the cards and banking industries, with an on-going brief to investigate, target and, where appropriate,arrest and seek successful prosecution of offenders responsiblefor card, cheque and payment fraud crimes.

It is headed up by a Detective Chief Inspector and comprises officers from the City of London Police and the Metropolitan Police Service, who work alongside banking industry fraud investigators and support staff. Established in 2002, the payments industry invests nearly £3.3 million per year inits operation.

Skynet

In 2014, the DCPCU launched a two year project, Project Skynet,aimed at targeting new and emerging threats to the paymentsindustry, in particular cybercrime.

Funded by the EU, the project began with an independent academic study conducted by the University of Bristol into cardfraud and how the DCPCU can best investigate cyber-enabledpayment fraud.

Officers from the DCPCU subsequently received specialisttraining in e-crime. They also worked with law enforcementagencies overseas in Hungary, Finland, Romania, Austria andIceland, increasing collaboration and developing intelligencesharing partnerships across Europe.

As a result of the project, the DCPCU is now the leading European law enforcement agency tackling remote purchasefraud through ongoing collaboration with industry, includingbanks, card issuers and retailers.

The DCPCU, working closely with industry and other partnersthrough Project Skynet, has made significant progress in understanding and tackling remote purchase fraud. In totalthere have been over 70 arrests as a result of project activity.

While the two-year project finished at the end of 2016, remotepurchase fraud remains a key focus of the DCPCU using theskills, expertise and international partnerships that have beendeveloped as part of the initiative.

Operation Antonio

A fraudster who ran a counterfeiting factory from his home was jailed for five years and four months in September. James Koma, aged 49, of Belvedere, Kent, was jailed by a judge at the Old Bailey.

When officers from the DCPCU raided Koma’s house in May 2016, they found significant items which could be used in thecounterfeiting and production of cheques and counterfeit identity documents.

Items included counterfeit and stolen cheques and blank documents for vehicle registrations and immigration certificates.Documents and pictures thought to be related were also found on a computer following analysis, while paraphernalia associated with counterfeiting was also found.


The total value of the fraud was estimated to be £1.7 million

with a further £450,000of declined attempts

Retail weeks of action

In June and October 2016, the DCPCU led two weeks of actionaimed at identifying suspects concerned in remote purchasefrauds as part of Project Skynet.

During the operations, officers from the DCPCU worked alongsidethose from Police Scotland, as well as with Visa, Europol,banks, card companies and a number of high profile retailers.

Information shared by the organisations involved was used to target individuals suspected of using stolen card details topurchase high value goods, with officers executing warrants ataddresses across the country.

In total, the operations related to losses of more than £900,000and led to 20 arrests. Officers also seized items including electronic goods, high value fragrances, designer clothes andhomeware, as well as false ID documents and cash.

34

Public affairs and media

307Responded to

mediaenquiries

22Issued

press releases

357Appeared in

broadcast interview clips

£4.8mAchieved more than

in positive news coverage*

Featured in more than

of TV andradio

1,624Secured

pieces of media coverage

155kcolumnCMS2

Secured more than

14 hours


FFA UK seeks, wherever possible, to work with partners includinggovernment and regulators on the common aspects of fraud affecting different sectors, and joining up activity to help deliverthe step change needed to protect customers.

Much of the action FFA UK took through 2016 demonstrates ourcentral role in ensuring our members’ interests are recognisedand reflected in ongoing discussion with government and regulators.

This has included the work of the Joint Fraud Taskforce, responding to the Which? super-complaint and with the PaymentStrategy Forum.

We have also continued our work alongside the BBA in supportingthe Joint Money Laundering Intelligence Taskforce, which isworking to improve intelligence-sharing arrangements to supportthe fight against money laundering and other criminal activity.

In July we were pleased to be able to welcome Home Office Security Minister Rt Hon John Hayes MP to a briefing at FFA UK.Topics covered included the role of FFA UK, how our data intelligence sharing worked, a briefing on Take Five and an introduction to the DCPCU and Project Skynet.

*The value of the media coverage is based on the cost of buying the equivalent amount of advertising space in that media outlet.

FFA UK Membersas at 1 January 2017

36

Allied Irish Bank (UK) plc

American Express Services Ltd

Bank of America

Bank of Ireland

Barclays Bank

Capital One (Europe) plc

C Hoare and Co

Citibank

The Co-operative Bank plc

Coventry Building Society

Danske Bank (trading name of Northern Bank Ltd)

Elavon Financial Services

First Data Europe Ltd

Global Payments

HSBC

Investec bank plc

JPMorgan Chase and Co.

Lloyds Banking Group Ltd

Metro Bank plc

Clydesdale Bank (including Yorkshire Bank)

Nationwide

NewDay Ltd

Royal Bank of Scotland Group Ltd

Sainsbury’s Bank plc

Santander UK plc

Tesco Bank plc

Triodos

TSB Bank plc

Valitor hf

Vanquis Bank

Virgin Money

Yorkshire Building Society


Financial Fraud Action UK 2 Thomas More Square, London E1W 1YN

www.financialfraudaction.org.uk

This document is provided for information purposes only. While every effort is made to ensure the accuracy of any information or other materials contained in this document, it is provided on the basis

that Financial Fraud Action UK Ltd (and its members, either individually or collectively) accept no responsibility for any loss, damage, cost or expense of whatsoever kind arising directly or

indirectly from, or in connection with, the use by any person of any information or other material contained therein. Any use of the information or other material contained in this document shall

signify agreement to this provision.

© Financial Fraud Action UK Ltd 2017. A company registered in England No. 9529683. Published by Financial Fraud Action UK Ltd.