Home Affairs CommitteeWritten evidence submitted by the British Retail Consortium [EC 02]

1. Introduction

1.1 The British Retail Consortium (BRC) is the lead trade association for the retail sector representing the whole range of retailers, from small independent stores through to the large multiples and department stores, selling a wide selection of products through centre of town, out of town, rural and online stores.

2. Summary

2.1 Retail is at the heart of local communities, employing close to three million people across the country and providing important local goods and services to consumers. The sector is an essential contributor to economic growth and to the regeneration of areas affected by crime and disorder.

2.2 Online retailing is a significant element of the future strategy for many businesses and increasingly important to the economy. The value of UK internet retailing in 2011 was £25 billion (up from £21 billion in 2010). Internet sales growth averaged 15% in 2011 and the sector represented 10% of total retail spending over the 2010–11 period. The growth of e-commerce and corresponding opportunities for increasing fraudulent behaviour should not be underestimated. Retailers need to be sure that as they seek to expand their businesses via e-commerce the customers they attract will be well protected. Retailers invest significant resources in protecting their customers. But, too often, the current law enforcement response to e-crime and fraud is inadequate. The BRC is calling for a dedicated national unit tasked to investigate and respond to the increasing levels of e-crime.

2.3 Engagement between the private sector and law enforcement agencies should be focused on finding the most effective way to achieve a better response to e-crime and fraud. The focus must be on finding ways in which the public and private sectors can work more effectively together to reduce the level of offending and to raise consumer confidence.

3. What e-crime is understood to be

3.1 The BRC uses the following ACPO definition of e-crime:

3.2 The use of networked computers or internet technology to commit or facilitate the commission of crime.

4. The effectiveness of current law enforcement and the potential impacts of proposed organisational change

4.1 Retailers are concerned that the law enforcement community has failed to keep pace with the rapidly expanding threat of e-crime. This situation may be exacerbated in the future by diminishing police resources and the introduction of locally elected police commissioners who may, in some cases consider business crime a low priority.

4.2 A number of BRC members have reported dissatisfaction with the level and quality of communications they receive from the police regarding e-crime. Retailers want far more clarity about what they can expect in terms of support and engagement throughout the process of prevention, detection and punishment of e-crime and fraud.

4.3 Retailers are generally dissatisfied with current police responses to e-crime and often do not report incidents. The reason for this is that e-crime is not considered to be a priority for many police forces. There are also concerns that national units such as the National Fraud Intelligence Bureau of Police Central e-Crime Unit (PCeU) do not have the resources or capacity to carry out further investigations.

4.4 Currently, there is no mechanism for retailers to report offences directly to Government/the law enforcement community via a centralised model for reporting. BRC members believe that this would be a valuable innovation which would permit more effective analysis of combined data from all sectors. It would also ensure greater awareness of the threat of e-crime to the UK and better inform the public, private and SME sector about potential threats to their businesses.

5. Gaps in the response to e-crime and how they should be addressed

5.1 The central concern of BRC members relates to the case acceptance criteria for each of the national agencies who deal with e-crime and fraud. Too often, retailers find themselves preparing detailed reports with the expectation that the relevant agency will accept the case. However, because of the opaque and diverse range of case acceptance criteria, retailers frequently find their case falls just short of the requirements for acceptance. When offences do not reach the acceptance criteria they need to be reported locally. Retailers therefore need clarity around where, in the first instance, offences should be reported and, if they must be reported locally, then it is vital that local operational capacity is available to progress an investigation adequately.

6. Options for addressing key emerging issues

6.1 The BRC has identified two distinct areas where challenges are likely to arise in the future. These are the increase in the use of mobile technology and the introduction of locally elected Police and Crime Commissioners.

6.2 The shift towards m-commerce will undoubtedly bring a number of challenges for the retail sector. The balance between providing flexibility for consumers versus protecting consumers and brands will become increasingly complex.

6.3 Some industry observers predict that mobile payments are likely to be an important trend for the future and fraudsters will certainly be looking to exploit this new channel. However, until adoption increases it is too early to tell exactly where the risk lies for merchants. What is clear, however, is that retailers will have to become increasingly aware of the end-to-end process involved in m-commerce and understand exactly where the risks and liability lie for any fraud that is carried out.

6.4 However, developments in electronic crime are fast paced and highly unpredictable. BRC members would like to see the Government and law enforcement community issuing alerts on key and emerging threats to UK retail businesses and working with these businesses to ensure that the threats against them are clearly understood.

6.5 The British Retail Consortium is supportive of the introduction of elected PCCs. Retailers across the UK are keen to work with the police to build and support safer communities. We believe it is important that newly elected PCCs are supported in reconciling demands from the community and the needs of business when setting local policing priorities. It is also vitally important that candidates have opportunities to engage with a wide range of stakeholders before the elections and that, if necessary, Government should facilitate this.

6.6 It is also vital that new PCCs are encouraged to share best practice to ensure that crime is tackled consistently across England and Wales. This is especially true for retailers who operate national businesses and expect a standard response from the authorities no matter where a crime takes place. A consistent approach is vital when tackling e-crime and fraud.

7. The effectiveness of current initiatives to promote awareness of using the internet safely

7.1 Retailers invest heavily in anti-fraud systems and are continually seeking ways to safeguard themselves and their customers. However, more needs to be done to encourage consumers to keep their details safe. As e-commerce grows, the burden of educating customers must be spread further than the retail sector. There is a real role for the Government and the third sector to provide such support. BRC members would welcome a Government campaign aimed at helping consumers stay safe online.

7.2 Emphasis also needs to be placed on the public keeping their details safe offline as well—information collected in the real world is often used as the basis upon which virtual crimes are perpetrated. Though these precautions alone will not eliminate e-crime and fraud, they are part of a package of steps that can be taken to reduce the risk of crime.

8. BRC recommendations

8.1 In in our 2011 report The Futures of E-crime, the BRC made six key recommendations around how to make the future of online sales more secure:

8.1.1Improve Law Enforcement Communication

8.1.1.1Communication between law enforcement agencies and retailers should be improved so that each is clear about the evidence that is needed to support a successful investigation. Frequently law enforcement agencies waste time and resources by unnecessarily conducting investigative work which has already been undertaken by the retailer.

8.1.2Clearly Define Law Enforcement Responsibilities

8.1.2.1There needs to be more comprehensive information about which law enforcement agencies have responsibility for e-crime and online fraud, and the extent of those responsibilities. Such information should identify overlaps and intelligence gaps. There should also be greater transparency about the case acceptance criteria for each of these agencies.

8.1.3Make Effective use of Intelligence

8.1.3.1The National Fraud Intelligence Bureau should work with third party screening companies to enable more effective use of intelligence. There is a wealth of intelligence held by third party screening companies which could prevent offences occurring by enabling action before an offence is committed. This would reduce the number of victims and help provide reassurance to the public that they are being fully protected.

8.1.4Undertake a National Threat Assessment

8.1.4.1There should be a National Threat Assessment on Online Shopping. This will help to identify the extent of the need for an economic crime capability as part of the new National Crime Agency.

8.1.5Communicate with Banks/Card Issuers

8.1.5.1There needs to be better communication and information exchanged between the bank and card issuers, and retailers to facilitate greater detection and prevention of e-crime and fraud.

8.1.6Identify Effective Practice

8.1.6.1Good practice guidance should be developed to enable retailers to reduce incidents of internal fraud and to increase the understanding of how to best protect consumers. Police forces should be encouraged to share best practice on how to engage with retailers and each other on detection and prevention of e-crime and fraud.

August 2012