Some internet crimes go investigated and unnoticed. Police fraud investigators are struggling to cope with vast quantities of data sent to them by financial institutions, experts at Fraud World 2007 said today.
The issue is prompting banks and other financial institutions to ask law enforcement and regulators to share with them more of the data they have about suspicious transactions, in order to better combat fraud.
Banks and transfer agencies are required by regulators in the US and the UK to file reports when they detect a potentially illegal transaction, said Olga Maitland, head of the International Association of Money Transfer Networks, at the Fraud World 2007 conference in London.
Up to 300,000 SARs (Suspicious Activity Reports) are filed per month in the US and up to 200,000 a year in the UK, but most of those reports "disappear into a black hole" because law enforcement agencies don't have the resources to investigate each one, she said.
If another financial institution is mentioned in a report, it may not even know about the suspicious activity if the report is filed by a different institution.
"If there is indeed a crime taking place, then that is carrying on undetected," Maitland said.
Colin Woodcock, head of the fraud section for Scotland Yard's SOCA (Serious Organised Crime Agency), said the SARs program has resulted in "huge amounts of information... which it was difficult to do anything with."
"Let's not forget they are suspicious activity reports," Woodcock said during a panel discussion.
"Now, if the police or anybody really were expected to act on everything that is suspicious, we would be bogged down in the first five seconds of operation."
The quantity of reports has also created a need for greater computing power, he said.
The UK has made some progress, according to Woodcock, and opened up access to the SARs database to other law-enforcement forces such as HM Revenue and Customs, the UK's tax authority, which can use it for their own investigations, he said.
But sharing the SARs data with financial institutions raises huge concerns around confidentiality and privacy, Woodcock said. It could mean the disclosure of "very embarrassing" information about banks, he said.
SARs were "given to us by industry to make the best use law enforcement can make of it, not to go and share it with everybody and say 'Look at what NatWest just told us", he said. "There are huge problems there." (NatWest is a major UK bank.)
SOCA has started issuing alerts about problem trends, Woodcock said, but Maitland countered that the information is not in-depth.
Money-transfer networks have blossomed into a trillian-dollar industry. If SOCA can share its information more, by being "less restrictive, less confidential", it would lead to a greater reduction in fraud, Maitland said.