Feeds

Study reveals gaps in UK system to track criminal and terror finance

Lots of data, but police can't or won't use it fully

  • alert
  • submit to reddit

High performance access to file storage

As you prove your identity ("I'm sorry sir, but it's a legal requirement") to your bank for the umpteenth time, no doubt you wonder whether the mountain of data that money laundering rules produce is of the slightest use to the people with access to it. Well, wonder no more - the second critical study on the use of Suspicious Activity Reports (SARs) in two years concludes that SARs are under-utilised by most Law Enforcement Agencies (LEAs), and also reveals that pending the implementation of (uh oh...) a new database system, many of them aren't being used at all.

The study was commissioned by The Association of Chief Police Officers and funded by the Home Office, and although author Matthew Fleming, Research Fellow at the UCL Jill Dando Institute of Crime Science, appears to have completed it in June, for some strange reason it seems not to have been published until the other week. It reveals a system that LEAs are ill-equipped (and frequently disinclined) to use, and a growing mountain of data that really is not being dealt with systematically. And although Fleming is guardedly hopeful about the new database 'fix', there are enough caveats attached for one to doubt that use of SARs will improve dramatically in the near future.

Suspicious Activity Reports are sent initially to the National Criminal Intelligence Service, under anti money-laundering legislation, by companies in the financial sector. They're intended to provide LEAs, Customs and the Inland Revenue with signs of suspicious activity that might indicate laundering and/or terrorist financing operations. A lot of what comes through will of course be guff, but there will be good data in there as well which could flag up people and operations you didn't know about. If, that is, you're capable of sifting out the good data.

Government claims to be cracking down on, say, terrorist finance tend not to mention that the crackdown can be a little bit random and not particularly extensive. But that's about the size of it - the Government's thirst for data is running well ahead of Government technology's ability to deal with it (and one could reasonably speculate that this will apply equally to numerous other ongoing data grabs).

The handling of SARs has been through a couple of different regimes in recent years. Prior to the publication of the previous study on their use (by KPMG, in July 2003), they were given a preliminary sift by NCIS so that those likely to be of interest were sent to the interested LEA, and the rest sent out to the relevant LEA by postcode. The Inland Revenue, Customs & Excise and the Terrorist Finance had staff at NCIS combing the database, but the bulk of SARs were sent out by email in "LEA Packs" in .CSV form. So the system identified transactions by individuals it was already suspicious of, while transactions by people who hadn't already tripped a wire would be likely to go out in the big, general pile.

For the year after the publication of the KPMG study NCIS assessed all SARs on a qualitative basis and sent out those it deemed to be of interest to the relevant LEA. The raw data sent out should therefore have become more attractive to LEAs because a higher proportion of it was likely to be useful, and the volume of data received was smaller. SARs not thought to be of interest were not thrown away, but held in the database, Elmer, which could be searched by request.

Elmer seems likely to have influenced what happened next. In June 2004 NCIS, without consultation with LEAs, significantly reduced the volume of SARs sent out, and encouraged LEAs to submit Elmer search requests. NCIS said that "the reactive, one by one allocation process risked not revealing the most capable and most prolific of money-laundering suspects and not highlighting patterns and typologies."

But the move could also have been a reaction to the continuing failure of LEAs to use SARs effectively, and may have been made in anticipation of the rollout of the next version of Elmer. This had originally been planned for autumn 2004, a few months after the change in NCIS practice, but slipped into 2005. The system did go into pilot in February, and was scheduled to be rolled out in May 2005. It's not clear if this has actually happened, and if so to what extent, but at best this will mean that a year's supply of non-prioritised SARs will be of largely historical interest.

High performance access to file storage

More from The Register

next story
Android engineer: We DIDN'T copy Apple OR follow Samsung's orders
Veep testifies for Samsung during Apple patent trial
MtGox chief Karpelès refuses to come to US for g-men's grilling
Bitcoin baron says he needs another lawyer for FinCEN chat
Did a date calculation bug just cost hard-up Co-op Bank £110m?
And just when Brit banking org needs £400m to stay afloat
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Don't let no-hire pact suit witnesses call Steve Jobs a bullyboy, plead Apple and Google
'Irrelevant' character evidence should be excluded – lawyers
EFF: Feds plan to put 52 MILLION FACES into recognition database
System would identify faces as part of biometrics collection
Big Content goes after Kim Dotcom
Six studios sling sueballs at dead download destination
Ex-Tony Blair adviser is new top boss at UK spy-hive GCHQ
Robert Hannigan to replace Sir Iain Lobban in the autumn
Alphadex fires back at British Gas with overcharging allegation
Brit colo outfit says it paid for 347KVA, has been charged for 1940KVA
Jack the RIPA: Blighty cops ignore law, retain innocents' comms data
Prime minister: Nothing to see here, go about your business
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
HP ArcSight ESM solution helps Finansbank
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Mobile application security study
Download this report to see the alarming realities regarding the sheer number of applications vulnerable to attack, as well as the most common and easily addressable vulnerability errors.