Last month the National Crime Agency (‘NCA’) published its annual strategic assessment of Serious and Organised Crime (‘SOC’) in the UK. The data has come from a variety of law enforcement agencies and other sources including the National Cyber Security Centre (‘NCSC’).
The report covers an assessment of the current threats to the UK poised by SOC, key judgments from the last 12 months and includes an overview of trends that the NCA predict will continue to drive patterns of criminal behaviour and influence law enforcement policy for the next five years.
The report has found serious and organised crime affects UK citizens more often than any other national security risk – and warned the threat is increasing in volume and complexity, driven predominantly by global movement of people and new technologies.
Global movement of people
Vulnerabilities at the UK border
The report states that individuals and organised criminal groups (‘OCGs’) are continuing to exploit vulnerabilities at the UK border with increasing levels of sophistication. This section of the report covers the exploitation of both general maritime and general aviation for organised immigration crime as well as commodity smuggling.
Corruption was also cited as a key vulnerability, with corrupt workers at ports, airports and in the logistics sector facilitating breaches of border control. The fight against corruption is one of the government’s law enforcement priorities across the board.
Modern Slavery and Human Trafficking
The scale of modern slavery and human trafficking in the UK is continually and gradually increasing, and is likely to do so over the next three to five years. The report also noted a growing proportion of potential victims are claiming they have been exploited before arriving in the UK.
This is likely to reflect the developing risks in transit countries, principally in North Africa. The report notes that ‘the promise for a better life underpins the majority of recruitment methods used by offenders.’ Upon arrival in the UK, these individuals face the risk of sexual exploitation and forced labour: protecting victims and seeking justice on their behalf has proven to be extremely problematic.
The threat afforded by cybercrime gets extensive coverage in the report and it warns that ‘UK cybercrime continues to rise in scale and complexity but under-reporting of data breaches continues to erode our ability to make robust assessments of the scale and cost of network intrusions. ‘
The effect of General Data Protection Regulation (‘GDPR’ ), which applies from 25 May 2018, should help give a more realistic estimate of the scale and regularity of data breaches in the UK as data controllers and processors are now subject to a general personal data breach regime. Under the new regime, organisations will be required to report certain data breaches to the regulator if it is likely to result in a “risk to the rights and freedoms of data subjects”. These stats should help build a picture of just how often certain kinds of cybercrime are occurring in the UK. Phishing, distributed denial of service (DDoS) attacks, ransomware and other malware, botnets and social engineering: “new” technologies are cited as a key risk area. Anonymisation techniques on the “Dark Web” and encryption are highlighted as ‘substantial challenges to law enforcement’s collection of intelligence and evidence’.
The headline grabbing conclusion was undoubtedly that the UK’s withdrawal from the UK could lead to a rise in money laundering, bribery and other corporate offences.
The report finds that ‘criminals are not constrained by geographical or jurisdictional boundaries and are inherently opportunistic. We expect that many will strive to take advantage of the opportunities that Brexit might present.’
Where there could be greater trade with countries outside the EU there is an increased risk that UK companies will come into contact with corrupt markets, particularly in the developing world. They also anticipate that criminals are bound to find loopholes in the redesigned customs set up and exploit them to their advantage.
Brexit was cited as a key driver of uncertainty over the next five years. However, the report added that some of the effects of Brexit have the potential to work in favour of law enforcement, including greater discretion over the movement of goods and people.
What is the NCA’s solution?
In her foreword of the report, Lynne Owens, the Director General of the NCA, states that it is the NCA’s ambition to ‘build a new National Data Exploitation Capability (NDEC) to deliver a central, sophisticated data exploitation response; develop a world-class response to economic crime through a multi-agency National Economic Crime Centre (NECC) - hosted by the NCA - bringing together the public and private sectors more closely than ever before; and to create an expanded multi-agency National Assessments Centre (NAC) to articulate a deep and comprehensive understanding of the SOC threat.’
The creation of the NECC was announced by the Home Secretary in December 2017 as part of her revised anti-corruption strategy and subsequently included in the Home Office departmental plan for 2018-19.
There appears to be a holistic approach to the breadth of challenges which SOC now presents and the NCA report and actions cited do represent a welcome recognition of the scale and complexity of the task faced. This new multi-agency approach could signal the dawn of a new era in the fight against serious and organised crime. That said questions could be asked about whether the creation of a new organisation is what is needed or whether sufficient funding and enhanced co-operation between existing agencies would have the same impact. With the appointment of a new Director of Public Prosecutions pending and the recent appointment of the new Director of the Serious Fraud Office, it remains to be seen how this multi-agency approach will work in practice.