Speech by Andrea Bowe, director of the specialist directorate, at the Westminster Legal Policy Forum Keynote Seminar.
Image of Andrea Bowe
Speaker: Andrea Bowe, director of the specialist directorate
Event: Westminster Legal Policy Forum Keynote Seminar: Next Steps for Tackling Fraud and Financial Crime
Delivered: 5 September 2024
Note: This is a drafted speech and may differ from the delivered version
Highlights
- Collaboration and a collective effort are key to tackling fraud.
- Partnerships, where we share ideas, lessons learnt, exchange data and intelligence are essential in reinforcing our defences and staying ahead of evolving threats.
- Addressing mule activity is an area where our collective efforts can have a substantial impact on disrupting and greatly reducing the flow of fraudulent funds.
Introduction
Stephen Bush, a columnist for the Financial Times, recently wrote about the reason we have a visceral reaction to being defrauded. It also doubled as a review for a film out now called ‘Thelma’, which follows a 93-year-old granny’s quest for revenge against phone scammers.
That desire for payback from those who have stolen from us is understandable from a pure monetary point of view. £1.17bn was taken from people in payment scams in the UK last year. That astonishing figure hides, in its sheer scale, the individual human stories of financial loss – of money hard earnt, of housing deposits lost, or life savings/life dreams disappearing into the ether.
But it isn’t just the money that is lost, it’s our sense of security, our pride at being impervious to trickery, that is gone. And in its place, fraud victims are so often left with a feeling of helplessness. A feeling that is so understandable, given the scale of the problem, its complexity and ever evolving nature.
I am Andrea Bowe, director of the specialist directorate at the FCA. Among other things, my teams lead the FCA’s approach on tackling financial crime.
I will set out why I believe we can, indeed that we are, starting to shift the dial in the global fight against fraud.
But it is only through partnership, renewed effort and ingenuity that we can address a problem that has no respect for borders.
Role of the FCA
The FCA plays a significant role in helping reduce financial crime[1]. We lead or support on 20 of the 43 actions identified in the Government’s Economic Crime Plan, and are a key delivery partner within the Fraud Strategy - both aimed at driving improvements in the UK’s system-wide response to financial crime.
Our role is to set the standards for the financial firms we regulate – those whose services would be readily abused and exploited by criminals.
Our role is also to allow those with the right standards to be authorised, and prevent entry to the regulated system to those who are unlikely or unwilling to meet the minimum standards we expect. We know that in so doing we will often face criticism. Some 86% of the initial crypto registrations we received were rejected, withdrawn or refused. This was because they often failed to meet the appropriate standards to satisfy the anti-money laundering control framework.
But whether it is during authorisation or after, our role is not simply to set out the standards, but to explain them and provide support, so firms understand and can navigate the regulatory system. That has helped over 40 crypto firms meet the bar to be registered by us.
We uphold standards by taking regulatory action, ranging from words of advice to formal skilled persons reviews, so we’re assured firms’ anti-crime systems are what they should be, and we impose requirements when they’re not.
And we use enforcement when we believe there is evidence of serious harm, taking public action when this is proven, both to punish but also to deter others.
And we can exercise a range of criminal and civil powers to tackle those who undertake activity that should be regulated but for which they are not approved, for example, our recent charges against a number of ‘finfluencers’ for allegedly promoting high-risk investments[2] without authorisation. These individuals had a combined following of circa 4.5 million people across Instagram, giving them access to a substantial audience.
The FCA also houses the Office for Professional Body Anti-Money Laundering Supervision (OBPAS)[3], which supervises the 25 professional body supervisors (PBSs) in the legal and accountancy sectors. OPBAS, together with our financial sector, enables us to look across 3 core sectors of the financial crime landscape, taking a joined-up, end-to-end approach in our work.
Finally, we are a partner. We support other agencies, in the UK and abroad, in their work to tackle financial crime.
Stock take, dial shifting
When I began, I suggested the dial was beginning to shift. And while I believe that to be the case, we should be under no illusion about the scale of the problem to fix.
Fraud makes up 36% of all the crime reported in England and Wales, with 3.2m incidents in the year to March 2024.
But that represented a 16% fall on the year before. And there were half a million fewer victims last year compared with 2022.
And UK Finance reported total losses from payment fraud were down 4%.
Saying that, while some fraud figures may have fallen, we know from recently released Financial Ombudsman Service figures, that scam related complaints have reached their highest level since early 2018.
It is too early to be definitive that this is part of a longer-term pattern, but these statistics show, perhaps, that losses are stabilising. If that is true, it is no mean feat given the fast-evolving nature of fraud typologies and the development of emerging technologies. And, whilst visions of a fraud-free financial services landscape are still very distant, if sustained, it would show us moving in the right direction.
Partnership
The challenge is how to continue to move that dial further and move it faster. We know we can’t do it alone. Collaboration and a collective effort are key to tackling fraud.
Moreover, partnerships, where we share ideas, lessons learnt and exchange data and intelligence, are essential in reinforcing our defences and staying ahead of evolving threats.
We recognise the importance of a coordinated national response, bringing together multiple public and private organisations to tackle the significant issue of fraud.
One way in which we are seeking to do this is through working closely with industry to develop practical answers.
Last year, the FCA and the National Crime Agency (NCA) jointly hosted a 3-day investment fraud tech sprint. This saw regulatory, intelligence and law enforcement agencies get together to test tactical, cross-agency collaboration, and it led directly to the development of solutions that participants are continuing to explore.
With colleagues at the Payment Systems Regulator (PSR) and the Corporation of the City of London, we have run similar events with payment providers in our effort to tackle push payment fraud, including using synthetic data to better tackle scams.
So often, the relationship between regulated and regulator can be seen as adversarial. What the outside world sees are criticisms made, fines levied, formal action taken. What is often less obvious is that we have a mutual interest in tackling the scourge of financial crime, not least because it inhibits growth by diverting funds that could go to investment into criminal coffers instead.
That is why we want to work with industry, by providing more guidance on how we can jointly tackle financial crime, and greater transparency with it, on threats we see developing and how we, together, can tackle them.
Another crucial area for joint action is stopping the cash-out of the proceeds of fraud through money mule activity.
Firms must adopt a collaborative approach, prioritising not only the sharing of information on suspected mules, but also acting swiftly when such information is received, whether through internal or external channels.
Addressing mule activity is an area where our collective efforts can have a substantial impact on disrupting criminal operations and greatly reducing the flow of fraudulent funds.
We also work closely with our international partners, including the International Organization of Securities Commissions (IOSCO) and our global leadership position in the Global Financial Innovation Network (GFIN).[4] In March of this year, the FCA participated in the Home Office’s inaugural Global Fraud Summit, which resulted in the agreement by ministers of a communiqué setting out an agreed global framework to tackle fraud.
A renewed, collective effort
So, let’s look at what can happen with our collective effort.
We have worked with big tech platforms such as Google and Meta to highlight the risk of illegal financial promotions and scam adverts. As a result of the change in policy adopted by Google, the FCA identified in monitoring from August to December 2021 an almost 100% reduction in the number of illegal financial services ads on Google’s platforms. Paid-for adverts for UK financial services are now banned if they’re not approved by an FCA authorised firm.
We have raised consumer awareness of scams through our ScamSmart campaigns [5]- aimed at highlighting possible red flags and encouraging consumers to review our online Warning List[6] prior to investing. We are using data to tackle online fraud faster, by scanning approximately 100,000 websites created every day to identify suspected scams, with hundreds of websites taken down and over 2,200 alerts issued on our Warning List in 2023 – a 21% increase from the previous year.
We are engaging with app stores, such as Apple and Google Play, to request the removal of crypto apps that are in breach of our financial promotion rules. And we have issued guidance clarifying the obligations for firms and others, including finfluencers, when using social media to communicate financial promotions.
Banking protocol rapid response has prevented £312.9m in fraud, engaged with 56,908 emergency calls, and made 1,385 arrests since it launched in 2016. £54.7m of fraud was prevented in 2023 (PDF)[7].
Ingenuity
But renewed effort is required if we are to meet the ingenuity of the criminals whose efforts we seek to stymie.
Scammers are tech-savvy risk-takers, and continuously use new mechanisms, often playing on the elements of being human (wanting to take care of our family, finding the love of our lives, wanting to turn £100 into £1m, buying a home, saving for the future).
Therefore, we need to draw on all our collective ability to innovate.
We know technology is transforming cross-border fraud and money-laundering detection. Cyber and identity fraud are increasing in scale, sophistication and impact, as artificial intelligence (AI) becomes more widespread. We are likely to see more sophisticated social engineering using AI deepfake technology to clone voices and faces of trusted individuals, making it increasingly difficult for individuals to distinguish between genuine and fraudulent interactions. Whilst deepfake scams are still in their relative nascency, as an industry we cannot afford to be complacent to their potential threat.
But AI is not just a method used by criminals, its ability to crunch massive data sets means it is a tool for gamekeepers, not just poachers. And we have shown how it can work. Following Russia’s invasion of Ukraine, we developed an AI tool that helped us identify potential breaches of international sanctions.
But innovation isn’t just about technology. It is about policy and powers, continually ensuring both keep pace with developing financial crime risks.
We have shown, only recently, our willingness to do so.
Using new powers, we recently fined PwC[8], an audit firm, £15m for failing to report to us their suspicions that a firm they were auditing might be involved in fraudulent activity. This was the first time the FCA fined an audit firm and establishes a clear precedent that depriving us of potentially vital information can lead to enforcement action.
And just last week, we worked with Kent Police to charge the first person suspected of illegally operating a crypto-ATM[9].
But as the threat changes and criminals seek to exploit gaps in regulatory cover, we will need to maintain an open dialogue with Government about the powers we need to best protect consumers and market integrity.
A call to action
Charles Clarke wrote about the Too Difficult Box, into which policymakers throw the problems that are too complex, too multifaceted, requiring too much action, which would be too unpopular with too many people. As a former Home Secretary, he could very well have been referring to how to tackle fraud.
But we have seen, we are already seeing, what can be done when regulator, law enforcement, Government and industry work together, supported by consumer awareness.
Our job now is to renew those efforts, ensure our ingenuity meets and bests that of the fraudsters, and that we do so in partnership. This is indeed a task too difficult to do alone. Together we have the chance of protecting people from that loss of money, that loss of confidence, that feeling of helplessness that comes from being scammed, like Thelma.