- 22 Dec 2020
Attendees and apologies
- Jamie Hepburn MSP, Minister for Business Fair Work and Skills
- Neil Ritchie (Chair), Scottish Government (SG), Head of Consumer, Competition and Energy Company Services Unit
- Saskia Kearns, Scottish Governmen, Consumer Policy and Interventions
- Pauline Scott, Scottish Government, Consumer Policy and Interventions
- Tanya Friel, Scottish Government, Consumer Policy and Interventions
- Clare El Azebbi, Scottish Government, Head of Cyber Resilience Unit
- Conor McKay, Scottish Government, Cyber Resilience
- Hollie Gibson, Scottish Government, Building Safer Communities
- Pam Stewart, Advice Direct Scotland
- Myles Fitt, Citizens Advice Scotland
- Ruth Mendel, Citizens Advice Scotland
- Cara Connachan, Improvement Service
- Amy Hemmings, Ofcom
- Madhu Bedhan, Ofcom
- Jane Donaldson, Police Scotland
- Kim Riddoc, Royal Mail
- Ian Stephen, Scottish Business Resilience Centre
- Ken Daly, Society of Chief Officers of Trading Standards in Scotland (SCOTSS)
- Alison Stone, Scottish Council for Voluntary Organisations (SCVO)
- Julie McCarron, Trading Standards Scotland/COSLA
- Thomas Docherty, Which?
- Katherine Hart, Chartered Institute of Trading Standards
- Rebecca Evans, Financial Conduct Authority
- Willie Clark, Neighbourhood Watch Scotland
- Paul Holland, SCOTSS
- Cat Livesey, NatWest
- George Dickson, Scottish Government, Organised Crime: Detect and Disrupt
- Alan Nicholson, Scottish Government, Organised Crime: Detect and Disrupt
Items and actions
Welcome and introductions
The Chair welcomed everyone to the meeting and gave a quick introduction before handing over to the Minister.
The Minister for Business Fair Work and Skills gave a short address to the group and afterwards held an open floor discussion. Some discussion points listed below:
- scams is a cross cutting issue that requires coordination and partnership working as much within the Scottish Government, as between wider stakeholder organisations. It was suggested that the strategy should seek to also support and improve cross-policy team engagement within government, as part of the broader approach to tackling scams effectively in Scotland
- the Nuisance Calls Commission was cited as a potential good practice model for the new Advisory Group to emulate in the way in which agendas, papers and progress by the partnership can be effectively demonstrated over a short timeframe. In particular, the value of partners leading the drafting and submission of papers for discussion and agreement, with clear actions being assigned in follow up, was discussed. It was recognised that we want people to feel ownership collectively and this is the manner in which the group should move forward. As we do so - we don’t want the group to become a talking shop
- the question was asked regarding whether we are developing a strategy or an action plan – it was commented that a clear strategic vision and context under which a set of strategic actions are delivered may be appropriate. The Minister emphasised that what was most important was to focus on actions that deliver real outcomes for people in Scotland
The Minister ended the discussion and advised that he is happy to continue to engage with the group going forward.
Building on work to date
The Chair emphasised that efforts of the new Advisory Group will build on previous work delivered to date by its predecessor, the Scams Partnership Group (October 2019-January 2020). The Scottish Government provided a short summary of outputs of the previous partnership group, highlighting that a key focus was agreeing a definition of a scam (see Annex A) and the three themes to emerge included awareness, education and access to advice, prevention and enforcement. The main considerations from the previous group included:
- a single point of contact for consumers to report scams and get feedback
- data – including sharing between partners, and monitoring scams and their impact
- stakeholder coordination, including e.g. a calendar of events to streamline different campaigns and avoid information overload and overlaps throughout the year
Partnership and Advisory Group –terms of reference (paper 1)
General comments and suggestions
*Advisory Group membership – in direct follow up to Meeting (1), regulators commented that they will participate as observers to the main group and any associated working group, due to their regulatory remit and the need to retain integrity of independence.
The title of the second sub-working group was discussed as the ‘Consumer Journey’ may not be the correct name, although some partners were keen to emphasise that focus is retained on the individual. The Chair clarified that ‘people’ underpinned the work of all three sub-groups; and it was further confirmed by the Secretariat that an alternative name proposed as ‘Accessing support and enabling people’ would be reflected in the Terms of Reference, clarifying the frontline focus of the group.
It was regarded as a sensible approach to have three sub-working groups, but important to ensure that they do not work in silos, which will be important in how success of each sub working group is assessed. It was agreed that appropriate measures to mitigate any such risk would be considered by the Secretariat.
Gaps in issues/membership
General working group membership: feedback:
- there appeared a lack of local authority representation in the sub-working groups – SCOTSS have members who can add value to both the prevention and enforcement work.
- bringing in the wider view and expertise of online platforms was considered – organisations such as Tech UK were cited
- community safety organisations, such as Neighbourhood Watch Scotland and Crimestoppers, were recommended as being potentially good contributors, in particular for Working Group (3) Sharing Good Practice. It was considered important that doorstep crime is not overlooked
- SCVO volunteered to join one or more of the sub-working groups as appropriate
Working group (1) data:
Specific recommendations included having SG analytical services involved, as well as the Improvement Service given the large quantity of data the latter collates from across all local authorities. The National Cyber Security Centre may also have a role to play as they provide regular intelligence on scams at a national level – SG Cyber Resilience were happy to engage in this working group to act as a conduit to feed in anything specific from the NCSC moving forwards.
The Secretariat committed to following up on relevant suggestions, and revising the terms of reference as appropriate to reflect all membership comments. The Chair invited members to get in touch with the Secretariat if they wished to nominate themselves, or any further organisations to input to a specific workstream.
SG are keen to move forward at pace and are looking to finalise the strategy early in the new year.
SG asked partners if they were happy to co-lead on the drafting of papers for the sub-working groups to ensure that what was most important to discuss was teased out – members agreed.
Building the strategic narrative (paper 2)
The aim of paper 2 is to get clarity on why a strategy is needed, what outcomes are being sought and scope of the work. It is important to set out a clear framework, detailing what the strategy should cover. Part of this will include agreeing any parameters, such as which types of scams the strategy seeks to tackle. An example of what types of considerations this might involve would be identifying the range of scams perpetrated in terms of underlying motivations, from the opportunistic to the more organised, and the modus operandi used to target people. Being able to draw on good practice is also important and will help us to understand how we support people and make a difference.
A strong, top vision is needed followed by clear outcomes, which is how we will begin to draft the strategy. While we cannot eradicate scams it will set out what we are trying to do as well as looking at what wider impacts the strategy will have.
The Secretariat committed to providing partners an initial draft statement to seek input on – a vision statement will be developed in light of comments received.
Views on key risks/emerging issues
Some examples of potential risks discussed included:
- EU Exit, where there could be issues around enforcement and intelligence due to a change in Scotland’s access to things such as European arrest warrants
- the current pandemic economic recovery and increasing energy efficiency agenda may be exploited as a means to knock on doors
In general, partners agreed that any instance of uncertainty presented an opportunity for scammers to exploit – any change in public messaging provides a hook for crime.
The current pandemic has also made apparent that there is a real need to have Scottish signposting as there are differences in approach between Scotland and the rest of the UK. This is something we need to deal with and work together on to ensure people are directed to the right places for support and advice. Partners agreed that people do not necessarily know the difference between scams that are a consumer protection issue, and those that are just common fraud, but that this shouldn’t matter. What is most important is that the operational partners, such as TSS and Police Scotland, are able to share data effectively and efficiently to ensure the right action is taken in response.
An example of how partners are currently working together to ensure robust signposting and access to relevant support is work being undertaken by the SBRC and SG Cyber Resilience, to put in place an incident management response system. This will enable businesses to contact SBRC if they fall victim to a scam, and to receive support; as well as have their case referred on to Police Scotland, and where appropriate, IT companies that can offer scams security software installation.
SCVO also highlighted the on-going collaborative effort of partners, including Police Scotland, Scottish Government, SBRC, and others to regularly and quickly share Covid-10 scams bulletin information across a wide readership. SBRC don’t have an enforcement role but their reach into preventative messaging is also very wide.
Opportunities within communications and public engagement can help to raise profile of scams and empower people. This is something the sub-working groups can pick up on.
The importance of mapping out what goes out to people was also discussed. This will allow us to see what is happening; for example Which? Newsletter, NWS Alerts and their reach. It will also help to make clear relationships between organisations where we can see overlaps and gaps, and package communications as one holistic piece. The language used and it’s consistency was also raised. It was discussed that the language needs to be more powerful, but that it doesn’t always need to be consistent as long as the underlying intent and information being shared is the same. There may be differences in access channels and preferences of different groups of people.
Mapping the scams prevention landscape
A discussion took place around the best level of communications needed, for example local or national or a combination of both. SG proposed it would be useful to develop a visual representation of the Scams Prevention and Enforcement landscape as part of setting out the context within which the strategy will be delivered. This will also help sub-working groups by allowing partners to see where value can best be added.
The diagram could attempt to capture, for example: who is doing what, where relationships exist between organisations (data sharing, communications, joint delivery), any duplication or gaps in approach, and the interface between people and frontline advice services.
Any framework also needs to be flexible to allow for a difference between national and local delivery. A visual diagram depicting the current stakeholder landscape may help to highlight the way in which local and community organisations currently, or could also play an active role in scams prevention.
In terms of prevention action across the landscape:
- partners considered the extent to which effective scams prevention supported through data sharing needs to take into account the wider UK stakeholder landscape. Which? commented that scams are increasingly being perpetrated online, meaning that there is often little variation in the types or frequency of scams that different nations experience
In terms of enforcement action across the landscape:
- Which? further commented that while there was coordination between relevant bodies what seemed absent was victim testing – there is value in understanding how people feel due to the impacts of scams when they report to the relevant organisation. In this context, the important of redress was also raised, although it was recognised that consumer protection is reserved
- Police Scotland commented that now they no longer have any role in Action Fraud, this should allow them to be able to directly provide better data on scams to partners in Scotland. As part of coordinating prevention and enforcement action, Police Scotland further emphasised the importance of knowing who the victims of scams are in order to tailor messaging effectively
- it was recognised that local authorities also play a significant role, not only through local trading standards departments but also through victim support services and redress activities. Local authorities work closely with both Police Scotland and Trading Standards Scotland – the Banking Protocol was given as a good example of this. However, it was recognised that a key constraint to local authorities’ input is resources – for example, at present local trading standards officers are fully engaged in supporting business closures and re-openings related to the impact of the pandemic. This, and the need to have enforcement cooperation in different countries means it is more difficult to identify and take enforcement action on the perpetrators of scams who are located overseas. Trading Standards Scotland tends to focus its enforcement activity on scams perpetrated by Scottish traders, with a key role in dealing with cross council boundary consumer detriment. The majority of scams will be cross border in nature
The chair summarised key discussions, indicating in conclusion that:
- partners should send through any outstanding questions or comments concerning the terms of reference to the Secretariat
- partners would receive an email in follow up to the meeting inviting any further comments against the questions posed in the discussion papers – all feedback was welcomed to help inform drafting of the strategy
- the Scottish Government recognised more work needed to be done to collaborate with other UK wide organisations and response efforts to tackle scams – initial links were being made through on-going engagement with the Department for Business, Energy and Industrial Strategy
- scammers can exploit peoples’ trust in public sector organisations, which further emphasises the need for a coherent government response to effectively prevent scams across different policy and /or operational areas
The Secretariat would be in touch with relevant partners to arrange next steps in taking forwards the agreed sub-working groups.
Summary of actions
- all partners - to get in touch with the Secretariat if they wish to nominate themselves, or any further organisations to input to any of the three sub-working groups
- SG - follow up on relevant suggestions concerning membership of working groups – including engaging SG Analytical Services re Working Group (1) – and revise the terms of reference as appropriate to reflect member’s comments
- SG - to invite all partners to submit additional/more detailed comments on each of the meeting’s discussion papers
- all partners - to co-lead on the drafting of papers for the sub-working groups and submit these to SG prior to sub-working group meetings
- SG - provide partners an initial draft vison statement for comment
- SG - to set up the first of the sub working groups (Data) by late September, early October
Definition of a scam
The first agreed output of the previous Scams Partnership Group was a common definition of the term ‘scam’. The purpose of this was to ensure a consistent approach was adopted by stakeholders when considering fraudulent activity in this context, and to provide clarity to consumers by using a definition that could be easily understood by everyone.
The definition agreed is:
- “a scam is a fraud or attempted fraud performed by a deceptive individual, group or company in an attempt to obtain data, money or something else of value”