Fraud – including scams, online theft, insurance cheats and tax fraud – costs the UK £30bn a year, according to an official estimate.

The National Fraud Authority (NFA) has calculated the figure for the first time and said it equated to £621 per adult in the UK. Some 58% of fraud was in the public sector, at a cost of £17bn, it added.

It said the losses were paid for through taxes and rising prices of products and services.  The highest sector was losses from tax fraud – estimated at £15.2bn – although this was only 3% of tax liabilities, the NFA said.
  
According to the NFA, which is part of the UK Attorney General’s Office, some 31% of losses came in the private sector, with the financial services sector suffering the biggest hit.

It lost an estimated £3.8bn, including £1bn in mortgage fraud. This has prompted the City watchdog, the Financial Services Authority, to take a tougher stance against the crime, with a number of brokers having been fined and banned from the industry.

Another £2bn was lost to insurance fraud, and the remainder came from fraudsters targeting online banking, cheques, and plastic cards.

The consumer goods industry lost an estimated £1.3bn a year. Manufacturing suffered losses of £1bn a year, and technology, media and telecommunications lost £948m.

Consumers have also been tricked out of an estimated £3.5bn a year in share, lottery and loan scams. Some 12% of all fraud was suffered by individual consumers.

“Although the figure appears on the face of it far greater than the previous estimate, we know this is because we have included many additional figures that other studies have not,” said NFA chief executive Bernard Herdan.

“With this vital information we can develop clearer priorities to prevent, detect and deter fraudsters. We will use the data to help identify those areas of fraud that cause the most harm to the UK economy”.

Visit the BTC website for compliance help and support for firms in the regulated sector

The forums organised by HMRC’s ‘Money Laundering Regulations Team’ meet regularly to facilitate discussions where information is shared, presentations given. These forums are to share best practice tips and ideas and to support the supervisory regime through open dialogue and engagement so that HMRC supervisory and compliance teams and the businesses they supervise can improve their compliance efforts.

The first meeting of the TCSP’s forum is to be held in London on 5th October 2009. Steve O’Neill will report back on this blog of matters arising and of supervisory ideas and best practice generated at these meetings.

Visit the BTC website for compliance help and support for firms in the regulated sector.

HMRC has published its Code of Practice for supervisory purposes for visits to businesses under Money Laundering Regulations (COP28). This Code of Practice tells you what you can expect from HMRC Supervisory staff and what they expect of you when they visit your business under the Money Laundering Regulations 2007.

This is a simple but very helpful document for preparing for a supervisory visit under the Regulations, however one item contained within the documents raised concern for Steve O’Neill of BTC, namely;

 Examples of business records the officer is likely to want to see include:

“Records/copies of suspicious transactions, action taken, copies of any Suspicious Activity Reports (SAR’s) submitted to the Serious Organised Crime Agency and any correspondence from them concerning consent.  We will look at Suspicious Activity Reports for anti-money laundering legislation purposes only and not for tax purposes”.

It is Steve O’Neill’s (Business Tax Centre’s BTC) understanding that SAR’s are an individual’s obligations covered under the Proceeds of Crime Act and not covered under the Money Laundering Regulations which covers a ‘Firms’ obligations to put into place appropriate policies and procedures for the prevention, detection and reporting of suspicious activity, and not the actual SAR itself which has a subjective test  and offences which are covered in PoCA.

When HMRC regulatory team was asked about their powers to view a SAR, they responded by way of reference to two sections of the Regulations. One of these references was to CDD only and the other to refers to the ‘Policy and Procedures’ for reporting.

These correspondences have been passed on to other supervisory authorities who can confirm that their opinion also states that the ML Regulations do not give authority for a supervisor to view a SAR, which should only be done by an accredited and trained financial investigator.   

We understand from a response received from these bodies that this subject will be raised with HMRC at the next ‘affinity group’ meeting of accountancy and taxation supervisors.

If HMRC point of view is upheld, then the Treasury approved CCAB guidance and the notes of each professional boy will need to be updated accordingly. We will post updates as we receive them.

Visit the BTC website for compliance help and support for firms in the regulated sector.

Identity fraud surged by nearly three quarters in the first half of the year, driven by continued malicious online activity, and the economic slowdown, according to new figures from UK fraud prevention service Cifas.

The organisation was set up to facilitate the sharing of information on identified fraud between its members – which include banks, card companies and insurance firms – in an attempt to prevent further rises in all types of fraud, including online.

It said identity fraud, which includes victims of impersonation as well as the creation of fictitious identities by fraudsters, rose 74 per cent in the first six months of 2009 to over 100,000 cases.

Facility take over fraud – where the fraudster gains access to a user’s account and siphons off funds – rose 40 per cent during the period with over 11,000 cases registered.

There was some good for fraud departments however, with Cifas reporting an 11 per cent year-on-year increase in the financial losses avoided through the fraud data sharing of its members.

“The rise in the numbers of victims, and these very specific types of fraud demonstrate that fraudsters have no regard for economic, social and personal fragility,” argued Cifas chief exeutive Peter Hurst.

“While we all look for solutions to the hardships imposed by the current climate, however, these figures focus attention sharply on what responsible businesses and public sector organisations can achieve through sharing data on proven frauds to reduce losses and ease the burden of the recession upon us all. ”

Although not broken out in the survey, it’s believed that much fraudulent activity committed today is card not present (CNP), including online, fraud.

Visit the BTC website for compliance help and support for firms in the regulated sector

AccountingWEB.co.uk 22-Apr-2009

Common sense approach
This post assumes that you are acting for your friends and relatives’ by the way of businesses and not in just a ‘family’ capacity which was never designed to be a part of the ML Regulations, for example a wife doing the books for her husband who may be a plumber

The Regulations actually state “identifying the client and verifying the client’s identity on the basis of documents, data or information obtained from a reliable and independent source;” Nowhere in the Regulations states that you must have documentary evidence on any client.

Information may be in any form, including word of mouth or personal experience etc, someone you know and trust may confirm a clients identity, your mother may confirm that the gentleman you are acting for really is your father (hopefully), and indeed you have probably visited your mothers house so you have information as to the home address.

We already know that it is not in the public interest to prosecute a regulated person who may commit a trivial or technical breach of the Regulations, this has been stated by SOCA and other law enforcement agencies, so you will should not receive any penalty for not having a copy of your mothers’ passport, so an element of common sense prevails. So document that it is your father and you been to his house, this would suffice for any Supervisory staff who may ask, if it does not then I would suggest that the supervisor gets retrained.

The problem with friends and relatives is not the knowing of who they are, but are you independent enough to effectively ‘police’ them. For example, you act for your farther and you discovered you father was involved in drugs dealing, could you file a SAR on him? If you could not, you stand a very good chance of being investigated along side your relative for those offences since you are ‘aiding and betting’ by turning a blind eye, especially if you continue to act. You can choose who you act for, who you want to be friends with, but in some respects you cannot choose your relatives.

Do not forget that a risk assessment is mandatory for all clients, including your relatives; here you would document your policy of what you would do to mitigate any potential risk of loosing your independence because of your association with the client relative. For example, your firm may be the agent, but an independent member of staff may complete most of the initial work.

Steve O’Neill
Business Tax Centre

Visit the BTC website for compliance help and support for firms in the regulated sector.

The FATF has called on its members to consider effective countermeasures to protect their financial sectors from risks emanating from Iran, and to protect against the use of correspondent banking relationships to bypass or evade counter-measures and risk mitigation practices.

All UK businesses regulated under the Money Laundering Regulations 2007, whether Money Service Businesses or other regulated persons should treat transactions associated with Iran as situations that by their nature can present a higher risk of money laundering or terrorist financing, and which therefore require increased scrutiny, enhanced due diligence, and ongoing monitoring. In the light of the call for countermeasures the UK is, in addition, considering what further action is required.

Visit the BTC website for compliance help and support for firms in the regulated sector.

The Money Laundering Regulations supervisory regime is run on a full cost recovery basis and the fees you pay cover the expense of running the operation. HMRC costs include registering new businesses, contacting and visiting businesses, running an effective risk system, maintaining the register and producing guidance and information for customers.

Introduced in 2002, the fee was initially set at £100, and was subsequently reduced to £60 from June 2003. There were no changes until 1 June 2007, when the fee was increased to £95; this level was maintained in 2008.

HMRC state that it is now necessary to increase the fee further in order to provide them with sufficient income to cover their costs over the next year. The cost of registration from 1 June 2009 will be £120 per premises.

If you are a registered Money Service Business, High Value Dealer, Trust or Company Service Provider or Accountancy Service Provider, you do not need to do anything now. Your next fee renewal notice (MLR 113) will be sent to you as normal and will be based on the new fee level.

Visit the BTC website for compliance help and support for firms in the regulated sector.

For many existing clients which date from 1 March 2004 you will have obtained verification of their identity under the 2003 regulations. For those clients you will need to consider whether the information you hold is sufficient, based on your risk assessment of the client , to demonstrate your have taken appropriate steps to verify the identity of your client and whether anything has changed in the period to render that information out of date. For clients whose situation, address, name and business has not changed since you last considered their identity we would suggest you need do no more than commit your risk assessment and review to the file.

For clients where the situation has changed or who predate 2004 you may well have obtained official verification of matters such as name and address through correspondence with government offices, bank statements and similar official channels. It is suggested that you undertake these checks during the planning for the next engagement for the client.

The key issues are:

• Have you undertaken a risk assessment of the client ?
• Do you have information which supports your verification of the client’s identity and which is consistent with your risk assessment?
• Can you demonstrate what you have done if asked to evidence your customer due diligence measures?

Visit the BTC website for compliance help and support for firms in the regulated sector.

It is important that you are aware of this new ID card, its significance as documentary evidence of ID, the information it contains and how you can recognise it as a genuine document.

The card will be issued to migrants from countries outside the European Economic Area (EEA) applying for leave to remain in the UK. Initially they will only be issued to migrants in the category of a student or on the basis of marriage or partnership from the 25 November 2008 though it will be rolled out to other categories of migrants in the future.

Over time, the card will replace vignettes (stickers) and stamps in passports and will act as a standalone grant of leave to stay in the UK, but is not a travel document and therefore holders who wish to travel abroad must still have a valid passport.

The card can be accepted as a form of identification though there is no requirement that holders of the card must carry their ID card on them at all times. The card will contain the following information relevant to the holder:
• digital image of the holder
• name
• valid until date
• place and date of issue
• type of permit – the immigration category of the holder
• immigration entitlements for the length of the holders stay
• unique card number
• signature
• microchip that contains the biometric features of the holder (a facial image and two fingerprints)
• gender
• date and place of birth
• nationality

Although the card can be used as a form of identification, it is important in these circumstances to be aware of the security features of the card.

Some of the features are that:
• the card number is unique and consists of two letters followed by seven numbers
• the back of the card has a raised design and has an image incorporating from left to right a shamrock, daffodil, thistle and rose which can be seen by shining a light across the card
• as you tilt the card, various designs can be seen showing distinctive colour changes and large amounts of fine detail

You can get further advice or assistance on verifying the cards security features by telephoning the UK Border Agency card verification helpline on 0300 123 4699 or you can view images of the card by visiting the UKBA website.

Visit the BTC website for compliance help and support for firms in the regulated sector.

A SAR should be made as soon as the knowledge or suspicion that criminal proceeds exist has arisen, especially if consent may be required, or at the earliest opportunity thereafter.

SOCA’s preferred method for reporters to submit their suspicion is the SOCA Suspicious Activity Report Form. SOCA prefers these forms to be submitted electronically but hardcopy versions of the forms (including Limited Intelligence Value Reports) can be found on the SOCA website or obtained directly from SOCA. These can then be posted to the address below. Hardcopy consent requests should be faxed to 0207 238 8286.

If you currently submit by post but would like to report electronically visit the SAR Online System or alternatively contact the Money.web support team

Acknowledgement Letters
SOCA will not acknowledge any SAR sent by fax, post, or by letter. Electronic submissions through money.web, bulk submission or through the SAR Online system, will receive an acknowledgment which will include an automatically generated ELMER reference number.

If you have submitted a consent request, the Consent Team will contact you directly with the decision by telephone within the seven day notice period, and then post the appropriate letter to you as confirmation.

If you have any queries relating to acknowledgments please write to the SAR Team at UKFIU, PO BOX 8000, London, SE11 5EN.

Visit the BTC website for compliance help and support for firms in the regulated sector.