How we are tackling identity theft

In the last months, two of our prosecutions cases have highlighted how we have tackled the fraudulent behaviour of some licence holders and the challenges we face.

This month, our Director of Partnerships and Interventions, Dave Humphries, discusses our counter fraud initiatives and the steps we took in these cases.

Our blog aims to discuss developments in the private security industry and to provide further insight and opinion about our work. We look forward to having an on-going discussion with you; please share your comments and opinions.

__________

Most licensing systems are based on a set of standards and for us at the SIA our system is designed to ensure only appropriate people are given the licence to operate. This involves a number of checks to prove identity that people have the relevant qualifications, checks on criminality and verifying that a person has the right to work in the United Kingdom. Most applicants provide the information we need to make a considered decision.

But what happens when someone knows they will not qualify for a licence, but is determined to get one?  They may test the robustness of our checks and they may submit false documents to do so. We are constantly alert and we do all we can do to address specific threats.

One particular type of fraud that we face is identity theft.  It is not the only category of fraud we have come across, but it was a feature in two recent cases.

These two recent investigations have involved fraudsters stealing the identities of others, but being prosecuted by the SIA for their actions. In both cases, the fraud involved not only an attempt to bypass our online licensing system, but the two individuals also tried to get around the requirement of proving their identity by taking on the full identity of another, to get an SIA licence.

The first fraudster was Moses Oshunkoya who knew the person whose identity he targeted.  He used their personal information to the point that he was able to gain a passport under this new identity.  Using this false identity Oshunkoya got as far as fraudulently gaining an SIA licence.  Nonetheless, our investigation of him resulted in a criminal prosecution.

The second case was Kazeem Oladimeji who was more contrived in his approach. He sought out a former SIA licence holder no longer working within the industry.  He adopted that identity by purchasing a fraudulent passport in the victim’s name. He changed the licence holder’s address, enabling Oladimeji to replace an SIA licence.  Again, the outcome was a successful criminal prosecution.

Both examples show the real threat posed by identity theft.  In both cases, the victims who had their identity stolen contacted us. Once we were aware, we investigated and prosecuted the offenders to ensure their fraudulent activity was brought to an end.

What are we doing to combat such activity?

Thankfully, processing changes in recent years have and will make future cases like this less likely.  For example, we introduced personal online accounts which are password protected. This reduces the ability for fraudsters to engage with us without having access to the online accounts.

We have also made improvements to the way we verify documents. We have improved technology to better identify fraudulent identity documents.  When we do find instances of fraud, we take robust action with our enforcement partners to ensure such documents are taken out of circulation.  Finally, as these two cases highlight, we prosecute the fraudsters.

As the regulator of the private security industry, we play an important role in dealing with identify fraud and together with our partners, we take robust action to tackle such criminality.

Those working in the private security industry can support this by being our eyes and ears and reporting any fraud that they come across.  As with other types of criminality within the security industry; if you suspect fraud please report online or contact Crimestoppers.  Specific information and how the fraud was identified will enable us to take positive action.

Advertisements

Play a proactive part in regulation through our Licence Management service

Approved contractors currently using our Licence Assist service for more than six months now have the chance to move on to our Licence Management service.

This month Tony Holyland our Head of Quality & Standards talks about the ins and outs of our refreshed Licence Management service.

Our blog aims to discuss developments in the private security industry and to provide further insight and opinion on our work. We look forward to having an on-going discussion with you; please share your comments and opinions.

 __________

I am pleased to share that our Licence Management service is now available to approved contractors who have been using the Licence Assist service for six months. Licence Management allows a business to manage the licence application process for its staff – just as people have been asking for.

In 2013, I joined the team that manages our Approved Contractor Scheme. Since then I’ve met a large number of people running businesses that are part of the scheme.

Many of you have told me that you would like to help your staff when they are applying for a licence, by being more involved in the licence application process. After all, it seems inefficient for a business to carry out the same checks that we do.

This new service gives security businesses the chance to be proactive and share responsibility in the licensing process. In essence, Licence Management allows us to work closely with approved contractors and make the process of getting a licence easier.

We have listened to the valuable feedback from our pilot exercise with nine approved contractors to inform and improve our service. For us, Licence Management has a strategic value that fits with how we drive business improvement via the ACS and how we seek to engage businesses using our licensing system.

We hope that the service will give us closer relationships with businesses and that this will help raise industry involvement in regulation.

 What are the benefits of the Licence Management service?

If you don’t already know about our Licence Management service, it gives an approved contractor greater control over the licensing of its staff.

Similar to the Licence Assist service, Licence Management provides an approved contractor with the tools to enable them to manage employees’ licence applications online. To do this you will have had to have met certain criteria that are beyond the scope of the usual ACS requirements.

A significant benefit is that it enables an approved contractor to check and verify the identity documents of an applicant. This removes the need for a licence applicant to visit a post office and reduces the duplication of checks.

Other benefits include:

  • Online access to submit and manage licence applications for your workforce.
  • The ability for your business to update information e.g. Individual’s details directly onto the system.
  • The ability to assist licence applicants through the licensing process making your business more attractive to applicants.
  • Saving time, cost and reducing the risk of document loss as the need to send valuable documents to us is removed in most cases.
  • Receiving real-time alerts of revoked or suspended licences, when a licence is due for renewal and other relevant updates.
  • The ability to pay for a single – and multiple applications – online and by direct debit.

It is important to mention that all approved contractors using the Licence Management service are required to have Cyber Essentials Plus certification (or equivalent standard). This is a government scheme designed to verify implementation of a set of basic technical controls to help organisations protect themselves against common, online security threats and is in line with data protection legislation.

We have also developed a comprehensive library of resources available on our website here. This will provide additional information and guidance which includes:

  • The approved contractor scheme application form
  • Licence Management service customer journey
  • Code of Connection
  • Code of Connection guidance
  • Licence Management Partnership Agreement
  • Licence Management Operating Manual

The entire process from application to decision should take between three and six months.

I think that Licence Management is a significant step forward for both the industry and the SIA.

This initiative will strengthen our overall approach to driving up the quality and operational efficiency of businesses.

If you would like to know more, please send us a message through your SIA online business account using the phrase: “Tell me about Licence Management” and include a contact number.

The Review of the SIA Published by the Home Office – What is to Come

This month our chief executive talks about the Home Office’s review of the SIA. He discusses the important role the private security industry plays in public safety.

This blog exists to discuss developments in the private security industry and to provide further insight and opinion on our work. Please share your comments and opinions and engage in an on-going discussion with us.

 __________

On the 7th June the Home Office published the tailored review (formerly known as a triennial review) for the SIA. You can find it here.

For a number of reasons the review has been a long time coming. But now it is here, we welcome its publication and the important contribution the private security industry has made to its recommendations.

The private security industry is a thriving sector covering a range of services, many of which have a direct bearing on public safety. We are all used to seeing private security operatives in our everyday lives in shopping centres, pubs, leisure facilities, industrial settings and at events.

The review recognises the vital role the private security industry plays in public protection and national security. It also affirms that there is a clear need for regulation in the industry. The review acknowledges the role of the SIA in raising standards and our contribution to safeguarding, public protection and national security.

Many of the recommendations of this review reflect the SIA’s published priorities, some of which we are already delivering successfully. For example, we continue to focus on further reducing violence and criminality. As part our drive to improve standards and strengthen the Approved Contractor Scheme (ACS) we have recently completed a comprehensive review of the ACS. The outcomes of this review will be implemented in the spring of 2019.

Going forward we will be reviewing the qualifications and training of those working in the industry to further improve knowledge and skills to facilitate even more effective protection of the public.

The heightened security threats from terrorism in recent years have served to bring a sharper focus on the role that private security can play and whether its capabilities are being used by the state to the fullest potential.

We have been facilitating greater collaboration between the counter terrorism (CT) law enforcement community and the large numbers of security operatives in areas such as door supervision, guarding and CCTV. We are also exploring with the CT community how the private security industry can be better equipped with knowledge and skills to reduce the threat to the public from a terrorist attack.

A key part of our plan remains the delivery of excellent services at the lowest possible cost. We strive to keep fees for those we regulate as low as possible and have reduced our costs by 27% since 2010. Further efficiencies have enabled us to keep the licence fee at £220 over the last six years, despite costs rising with inflation. We have recently moved to a joint Government Hub and will continue to seek efficiencies. We are currently working with the Home Office to review fee levels.

We are aligned with the review in continuing to take an even more risk-based approach to regulation with a sharper focus on non-compliant individuals and businesses, placing less of a regulatory burden where standards have been met or exceeded.

We will work with the Home Office and Devolved Administrations to implement all parts of this review that the Government wishes to take forward. We also stand ready to take on any additional areas of regulation, should the Government ask us to do so.

Ultimately our work is dependent on partnership not just with the police and other public bodies, but with the industry itself. We seek, and continue to benefit from, the support and cooperation of those working in the private security industry and our many partners to provide effective regulation. We are grateful for that support and cooperation.

As we look to the future we look forward to continuing to work with the private security industry and our partners to deliver high quality regulation and public protection.

An opportunity to take stock of your data

This month we are relaunching our corporate blog. We have launched our corporate blog to discuss developments in the private security industry and to provide further insight and opinion on our work.

To kick-start our blog again, our Chair, Elizabeth France, is talking about the upcoming changes to data protection law and opportunity this gives the private security industry.

We hope you will engage in an on-going discussion with us; provide comments and share your opinions.

 __________

Tomorrow (Friday 25 May), the General Data Protection Regulation (GDPR) comes into force; it is the first time in 20 years that this legislation has been updated. The principles will be familiar to those of you who were complying with the 1998 Act but it recognises the increased damage which can be done, with the changes in technology, when personal information is not processed as it should be.

You all have your personal data processed by others. If we are processing information about you then I want you to have confidence that we are doing so in accordance with the law. We have been working hard to make the changes necessary to ensure you know what we do with your information. We are ready to deal with any requests for that information (the time scales for meeting individual subject access requests are tighter under the new law), we have provided training for all our staff and we have appointed a Data Protection Officer, whose details are on our website.

If you process information about individuals, perhaps as a security industry employer, what have you done? If you are a small business the changes you have to make may not be huge If you were complying fully with the 1998 Act. What should you do? My suggestion would be that you go to the Information Commissioner’s website www.ico.org.uk) and start by looking at the helpful guidance: Preparing for the GDPR: 12 steps to take now.

Have you got a lawful basis for processing the personal data you hold? Who in your organisation is responsible for your compliance? Did you know that fines for breaches can now be up to 20,000,000 Euros or 4% of turnover?

Data protection rules can sometimes be used as an excuse for not thinking about how we manage information; it is easier to say we cannot share for example, than to consider how we might do so lawfully. This is an opportunity for us all to take stock. To think about what we hold and why we need to keep it, to make sure we have told those whose information we collect just what we are doing with it.

If you have queries or concerns about the way we are processing personal data, please let us know and our privacy notice is available here for your use. As a Regulator we are well aware that there are many of you who have to give us the information we ask for; you have no choice. That places a particular obligation on us to earn your confidence, and to show not just compliance with the letter of the law but a respect for the information you entrust to us.

Who do you think is responsible for raising industry standards?

We have launched our corporate blog to discuss developments in the private security industry and to provide further insight and opinion on our work.

We hope you will engage in an on-going discussion with us; provide comments and share your opinions.

Welcome to the first of our monthly blogs.

We have launched our corporate blog to discuss developments in the private security industry and to provide further insight and opinion on our work.

We hope you will engage in an on-going discussion with us; provide comments and share your opinions.

In this first blog our Chief Executive, Alan Clamp discusses the shared responsibility for ensuring quality and raising standards across the private security industry.

__________

Each morning, as I enter my local train station on my journey to work, I exchange greetings with the security officer on duty. He wears an SIA licence on his uniform, which I subconsciously note is on display, the correct licence for the role performed and has not expired – I have not told him about my job role and, you will be reassured to know, I do not count this interaction as a formal SIA compliance check. This regular encounter has prompted me to reflect on who exactly is responsible for the quality of security provision provided by this person?

First and foremost, it is the individual licence-holder who is responsible for quality. He is trained, approved by the SIA, and should be fully aware of the requirements of his role and his responsibilities to protect the public. The second partner in the quality assurance network is his employer. This is true regardless of whether or not the employer is an ACS company. Employers are responsible for recruitment, checking references, induction, professional development, deployment and the conduct of their employees – all key factors in the quality of security supplied. Of course the ACS provides additional safeguards that can reassure us further about quality.

Is the individual licence-holder responsible?

There are other partners who have a role to play in assuring quality and raising standards. In addition to being part of the ACS, the employer may also be a member of a trade association in the private security industry. Such associations often have membership criteria and encourage businesses to attain higher standards by sharing good practice and providing professional development opportunities. Similarly, assessment and accreditation bodies have a role to play in scrutinising and endorsing professional standards – including the awarding bodies that provide licence-linked qualifications – so they too have a responsibility for the quality of security in my local station.

But what about the buyer?

In this case I am not sure who is responsible for purchasing contracted security at my station – perhaps the rail company with the franchise to run this line? But regardless of who it is, buyers of security have a significant role to play in determining the quality of provision experienced by passengers. For example, the buyer might stipulate that ACS membership is compulsory, or it might define the working conditions of the individual operative, or the additional training requirements, or the expectations in terms of customer service – there might even be a direct relationship between the price paid and the quality provided?

Where does the SIA fit in?

Our role is to hold individuals and businesses to account for quality, and to take action if standards are not met. My purpose in pointing out that quality is a key role of a number of partners in the private security industry is not to abdicate the responsibility of the regulator, but simply to emphasise that everyone has a role to play and that, ultimately, quality will be better if we all maximise our contribution and work together in partnership. The goal is one of high standards and effective public protection – the key to achieving this is good teamwork.

Stakeholder conference

On 14 March we are having our stakeholder conference in London, I’m looking forward to it. This year following your feedback we have included interactive workshops. This will provide an opportunity for all our partners to talk about standards in the private security industry, how we can improve regulation and how we can best work together to play our part in protecting the public, safeguarding the vulnerable and contributing to national security. I hope you will join us, this is an ideal opportunity for the private security industry to come together to discuss how we can do things better together.