Fraud investigators are struggling to cope with vast quantities of data sent to them by financial institutions, meaning some crimes may go uninvestigated or even unnoticed, experts said at the 2007 Fraud World Conference.
The issue is prompting banks and other financial institutions to ask law enforcement and regulators to share with them more of the data they have about suspicious transactions, in order to better combat fraud.
Banks and transfer agencies are required by regulators in the U.S. and the U.K. to file reports when they detect a potentially illegal transaction, said Olga Maitland, head of the International Association of Money Transfer Networks, at the Fraud World 2007 conference in London.
Up to 300,000 Suspicious Activity Reports (SARs) are filed per month in the U.S., and up to 200,000 a year in the U.K., but most of those reports "disappear into a black hole" because law enforcement agencies don't have the resources to investigate each one, she said.
If another financial institution is mentioned in a report, it may not even know about the suspicious activity if the report is filed by a different institution. "If there is indeed a crime taking place, then that is carrying on undetected," Maitland said.
Colin Woodcock, head of the fraud section for the U.K.'s Serious Organized Crime Agency (SOCA), said the SARs program has resulted in "huge amounts of information ... which it was difficult to do anything with."
"Let's not forget they are suspicious activity reports," Woodcock said during a panel discussion. "Now, if the police or anybody really were expected to act on everything that is suspicious, we would be bogged down in the first five seconds of operation."
The quantity of reports has also created a need for greater computing power, he said.
The U.K. has made some progress, according to Woodcock, and opened up access to the SARs database to other police forces such as HM Revenue and Customs, the U.K.'s tax authority, which can use it for their own investigations, he said.
But sharing the SARs data with financial institutions raises huge concerns around confidentiality and privacy, Woodcock said. It could mean the disclosure of "very embarrassing" information about banks, he said.
SARs were "given to us by industry to make the best use law enforcement can make of it, not to go and share it with everybody and say 'Look at what NatWest just told us," he said. "There are huge problems there." (NatWest is a major U.K. bank.)
SOCA has started issuing alerts about problem trends, Woodcock said, but Maitland countered that the information is not in-depth.
Money transfer networks have blossomed into a trillian-dollar industry. If SOCA can share its information more, by being "less restrictive, less confidential," it would lead to a greater reduction in fraud, Maitland said.