A widely-held suspicion that UK banks are covering up the true scale of cybercrime has been confirmed by the City of London Police chief Adrian Leppard, who says that up to 80% of online crime goes unreported to the authorities.
Speaking at a Tech UK conference, Leppard says that the vast gap between what is reported and the actual threat level arises “primarily because banks are happy to write off incidents as costs, thereby costing the consumer collectively and funding ongoing cyber-criminality”.The Commissioner told the audience that the scale of the threat is much greater than the public think, so much so that it may have even surpassed what drugs have delivered to the criminal economy.He argues that the banks’ unwillingness to report the true extent of cybercrime, makes it harder to gain an accurate picture of the threat to the national economy and the resources required by police to counter the criminals.In November last year, a Treasury Select Committee hearing into cybercrime and fraud heard evidence from Dr Richard Clayton, a senior researcher in security economics at the University of Cambridge, who said that “insider” accounts of fraud losses at banks are double the numbers generally reported publicly.This followed a July Home Affairs Committee report on e-crime that accused British banks of letting cyber-crooks carry out crime in a ‘black hole’ of impunity by failing to report or investigate fraud.
Comments by Bill Trueman over this News:
We need to be very careful about articles like this, and comments like this too.
The issue here is about REPORTING not dealing with (investigating, prosecuting and deterring) the crime.
The real question here is, of the crimes that are reported to the authorities (i.e. the police), how many are investigated and how many are prosecuted and how many organised gangs identified and stopped and how many opportunists deterred. We can assume that the answer to these will be “almost ZERO %” on all counts.
I have sat with senior COL police people over many years (mainly in the 1990s) – who have refused to accept reports of fraud from banks, because they have no resources to investigate and prosecute. Accordingly £100 millions’s of card fraud ARE reported and not progressed, and £100 million’s of insurance fraud go the same way without even being reported – except for the MAJOR, MAJOR cases that are accepted by the police from the Insurance fraud bureau.
Try and get Leppard to accet such cases is nigh on impossible as only the top – fraction of 1% are progressed. And do not even start talking about or reporting to the police the Inland Revenue, Local Authority, NHS, Benefits etc. fraud because they won’t look there either.
In the UK, we are held up globally (mainly the banks) for the exceptional fraud collation and reporting on card and banking fraud and insurance fraud – and we were leading with the statistical collation of fraud as UKPLC. This was all done 20 years ago as a fall-out from the Levi Home Office reporting – and ‘wrapped up nicely’ except for the police investigation, and prosecution bit, which is still absent.
So it is easy, but also abhorrent that a police officer shoudl stand up and throw stones at an industry that has been doing its bit for a long time. The industry also funds the fraud reporting centre that HE RUNS as part of the COL police force – so it is actually a) Under his control and b) HIS issue too!
BUT…. lets look at what we are talking about here….. We are asked to believe that banks are “covering up Cybercrime”. What is this cybercrime? As far as the banks are involved, the banks lose money from criminals who are attacking the banks to obtain money through the abuse of the systems and processes. This is always how it has happenned and the banks are good at losing money in this way. Just because a new term started to be used 3-4 years ago – does not change the fraud position:
– Banks are attacked and lose money
– Some of it will always get misrecorded as bad-debt when the crooks have managed to con the banks that it was thus. The agreement with all parties has always been that this will not be considrered as fraud (Cybercrime) and will not get reported. The police adamantly refuse to accept such reports too – believeing that the banks have brought this upon themselves by lending money in the first place to these cybercriminals (Ironic eh?).
– Cybercrime / fraud losses are experienced, reported and not investigated.
It is OK to moan at the banks these days – for everything, and often they are to blame for a lot of their mistakes, but in this case we must be careful to spot that here we have a big policeman throwing stones from a very big greenhouse.
Perhaps we should start asking him a few big questions and stop this outrageous reporting. It is probably too that he was taken out of context in this reporting, as I am afraif that I cannot believe that a responsible policeman would be so stupid as to criticise his partner banks, his funding bodies and people who are patiently waiting for him to do his job rather than trying to do theirs.
Bill Trueman is Director of Riskskill(http://www.riskskill.com/)
Source News: http://www.finextra.com/news/fullstory.aspx?newsitemid=27226