Featured Article

Europol is uniting EU against fraud

An interview with Rob Wainwright, Director of Europol

Why do we have so much trouble preventing and deterring fraud across borders? You know the answer: lack of cooperation. However, most European law enforcement organizations don’t want to compete with each other. They want to help each other deter and prevent crime. But they need some overarching force to help them work together. That’s where Rob Wainwright and Europol come in.

In 2009, the EU appointed Rob Wainwright the director of this relatively new group and gave him a clear mandate: “To reinvigorate the purpose and direction of Europol, and make it a more relevant and powerful agency,” he recently told Fraud Magazine. “In helping partners and national authorities to respond more effectively to aggressive and widespread security threats we have found success in the enterprising use of technology and big data to interconnect and mobilize a very large community of partners,” he says.

“Europol, the EU’s law enforcement agency, is assisting national authorities by acting as a platform for intelligence sharing and operational coordination,” Wainwright says. “We are the EU’s information hub in the fight against terrorism and serious organized crime such as cybercrime, fraud, drug smuggling and people trafficking.” Europol, with headquarters in The Hague, is connected to 47 countries, all 28 EU member states and 1,100 authorities from law enforcement and intelligence. “In 2017, Europol supported EU member states in more than 66,000 new cases, which is an increase of 42 percent compared to 2016,” Wainwright says.

The Council of the European Union and the European Parliament decide Europol’s budget, based on proposals from the European Commission and the Europol management board, he says.

“Europol’s main goal is to achieve a safer Europe for the benefit of all the EU citizens. We also work with many non-EU partner states, such as Australia, Colombia, the Ukraine and the United States, as well as with international organizations such as the European Border and Coast Guard Agency, the European Central Bank, the European Anti-Fraud Office and many more,” Wainwright says.

Wainwright will receive the ACFE’s most prestigious honor, the Cressey Award, for a lifetime of achievement in the detection and deterrence of fraud at the 29th Annual ACFE Global Fraud Conference June 17-22 in Las Vegas and will also be a keynote speaker.

FM: You’re a graduate of the London School of Economics and the first Europol director without a police background. How did you come to a law enforcement career? Does your background give you unique perspectives on global crime? 
I began my career in the national security community of the U.K., learning the tradecraft of intelligence and counterterrorism. I brought some of the learning and expertise into the national and now international police domain, helping to transform strategy and operations against high-end criminal threats.

FM: Your first job was with the U.K.’s Security Service, MI5, as an intelligence analyst. How does your background in cyber investigations inform your efforts? 
I was fortunate to experience deep engagement in the world of counterterrorism and a range of other national security areas. It gave me a powerful insight into how major security threats function and evoke. It also taught me how intelligence-led strategies offer significant opportunities to combat the threats involved.

FM: You’re a young agency. Europol formed in 1998 and became a full EU agency Jan. 1, 2010. On May 1, 2017, Europol officially became the European Union Agency for Law Enforcement Cooperation after the EU passed a regulation to redefine the agency. In 2011, you moved into your new headquarters in The Hague. What do you see as the Europol’s new mandate? 
Indeed, in May 2017, Europol’s new regulation entered into force and the updated powers enabled us to step up our efforts. In addition, with the new regulation, Europol was established as the European Union Agency for Law Enforcement Cooperation to support cooperation among law enforcement authorities in the Union.

Personally, I welcome the new regulation, which came at a time when Europe faced many challenging security threats. For example: The new regulation makes it easier for Europol to set up specialized units to respond immediately to emerging terrorist threats and other forms of serious and organized crime. It also includes clear rules for existing units or centers such as the European Counter Terrorism Centre (ECTC) and the European Union Internet Referral Unit (EU IRU), both hosted at Europol. And the new regulation enhances Europol’s mandate to ensure that it is fully equipped to counter the increase in cross-border crimes and terrorist threats.

FM: Europol’s job is to connect more than 1,100 authorities from law enforcement agencies and support more than 66,000 cross-border investigations each year. What are the basic structures you’ve constructed to tackle crime? 
Our position at the heart of the European security architecture allows us to offer a unique range of services and to serve as a support center for law enforcement operations, a hub for information on criminal activities and a center for law enforcement expertise. Analysis is at the core of our activities. Our criminal analysts are among the best trained in Europe. They use state-of-the-art tools to daily support investigations by law enforcement in member states.

Cryptocurrencies have the potential to revolutionize smuggling, money laundering and hiding of assets.

To give our partners deeper insights into the crimes they are tackling, we produce regular assessments that offer comprehensive, forward-looking analyses of crime and terrorism in the EU, including the EU Serious and Organised Crime Threat Assessment [SOCTA], which updates Europe’s law enforcement community and decision-makers on developments in serious and organized crime and the threats it poses.

FM: With thousands of incoming investigations, how does Europol handle case triage? 
Over the course of 2017, more than one million SIENA messages were exchanged among Europol, EU member states and third parties. SIENA is the Secure Information Exchange Network Application, managed by Europol, which enables a swift and secure communication and exchange of operational and strategic crime-related information and intelligence.

SIENA, as an operative instrument, allows law enforcement authorities to collaborate effectively daily. More than 20,000 SIENA messages were exchanged per week in 2017 on thousands of investigations within the European Union and beyond. Europol’s Front Office is the primary triaging interface for Europol’s partners in relation to the operational information exchange. It manages the constant flow of data between Europol and its partners and provides instant response 24/7. Our Front Office makes preliminary assessments of all operational information sent via SIENA and decides on acceptance into Europol’s databases. The Front Office cross-checks data and replies to Europol’s partners, processes and handles operational information including biometric data, and manages the Europol Information System, including hit management and data insertion.

FM: Can you talk about some fraud cases that demonstrate how Europol can successfully link agencies within the EU for good results? 
Yes, I can. Take the Joint Investigative Team [JIT] Vertico case, for example. In 2011, Germany referred this MTIC fraud about trade in electronic goods to our specialist team, which identified links with similar cases across the EU. [MTIC fraud is “missing trader intra community.” — ed.]

Also, at a meeting in 2013, the Czech Republic, Germany, Poland and the Netherlands agreed to form a JIT to investigate the Vertico case under the coordination of Europol and the EU’s Judicial Cooperation Unit [Eurojust]. The value-added tax losses in these countries alone were estimated at 320 million euros, which makes this the biggest MTIC case throughout Europe.

To date, five coordinated pan-European “action days,” as well as several bilateral actions, have seen more than 400 arrests, convictions totaling 130 years — the highest is 10 years — in trials finalized in the JIT member states, and over 17 million euros cash seized in bank accounts worldwide, in addition to the millions of euros worth of electronic goods seized.

In a more general sense, Europol’s wholehearted support of the EMPACT program [European multidisciplinary platform against criminal threats] has extended our reach beyond law enforcement agencies. EMPACT’s multi-disciplinary ethos requires the involvement of all parties engaged in activities related to the defined EU crime priorities to undertake mutually agreed actions to tackle criminality. In the VAT field, this has brought together actors from customs and border guards, as well as police and the judiciary, to work with counterparts in tax administrations to combat fraud threats. Relevant meetings, hosted and coordinated by Europol, have therefore gone a long way to improve the working relationships among these diverse entities.

FM: What are some of the other more notable fraud cases you’ve seen since your Europol tenure? 
There are several that are notable in their own way, which makes this unfair to answer. However, the most recent MTIC action day, in which Europol was involved, demonstrates the sheer complexity and resource intensiveness required to effectively tackle MTIC organized crime groups. A 15 million euros Hungarian fraud case commenced in September 2016. Following intensive analytical support, we assisted the Hungary National Tax and Customs Administration in an action in November 2017 against an organized crime group running one of the largest online retailers in Hungary. On that day, Hungary deployed 600 financial officers and 400 police officers to undertake searches in over 230 locations. Fifty-three arrests were made with cash seized and bank accounts frozen exceeding 5 million euros.

FM: In what ways does Europol work with other non-EU law enforcement agencies? 
Europol works closely with a number of EU institutions and agencies in cooperative agreements. We especially cooperate with Eurojust and the European Border and Coast Guard Agency [Frontex]. In 2015, Europol and Frontex signed an agreement to expand their cooperation in combating cross-border criminal activities by exchanging information, including personal data of suspected criminals and jointly planning operational activities. Both agencies also cooperate in the planning and implementation of operational activities toward the common objective of preventing and combating cross-border criminal activities. Also, Europol and Frontex, along with two other European Agencies — EASO and Eurojust — have jointly developed the concept of the European Regional Task Force [EURTF] — a shared office where the representatives of these agencies work together to coordinate the EU assistance to the national authorities facing massive migratory pressure.

FM: In 2013, you and European Commissioner for Home Affairs Cecilia Malmström launched the European Cybercrime Centre. How do you tackle cybercrime differently than other agencies? What have been the results? 
The role of Europol’s European Cybercrime Centre [EC3] is by its very nature a unique one. Because EC3 functions as a coordinating and supporting platform, it brings both people and intelligence together — combined with the expertise and tool support needed — to enable its partners to carry out critical and complex operations, and ensuring confliction reduction among them.

Many of the EC3 operations demonstrate how our public and private partnerships allow for exchange of intelligence as well as identification and subsequent investigation of perpetrators. The cross-border nature of cybercrime requires an overarching entity that can connect all the dots to investigate and arrest individuals as well as take down their infrastructure.

Simultaneously, EC3 also looks ahead and identifies threats that loom on the horizon and facilitates the setting of common priorities and supports a more proactive response. This is evident through our yearly Internet Organised Crime Threat Assessment [IOCTA], which provides a unique law enforcement perspective with input from the member states and complements it with contributions and reflections from our public and private partners.

The results therefore are both on an operational as well as a strategic level. Last year, we were able to coordinate and support a number of high-profile operations. For example, the takedown of Hansa and AlphaBay — two of the largest criminal Dark Web markets — illustrates one of these successes. With the help of Bitdefender, an internet security company collaborating closely with EC3, Europol provided Dutch authorities with an investigation lead into Hansa in 2016.

Subsequently, Europol and partner agencies in various countries — including Germany and Lithuania — supported the Dutch National Police to take over the Hansa marketplace on June 20, 2017, under Dutch judicial authorization, facilitating the covert monitoring of criminal activities on the platform until it was shut down a month later. Meanwhile, partners in the U.S. — namely the FBI and the Drug Enforcement Agency — performed a takedown of the AlphaBay market place, enhancing the impact of both operations across the globe. This demonstrates how crucial the role of EC3 is as a linking pin between its different partners.

FM: What are some of the ways Europol cooperates with agencies around the globe? 
Europol is designed to operate in partnership with law enforcement agencies, government departments and the private sector. Our partnerships and external agreements take various forms, depending on the relationship the agency has with the country in question. Our closest partners are the law enforcement agencies in the member states of the European Union, each of which has a designated Europol national unit that serves as the liaison between the authorities in that country and Europol.

The system of liaison officers at Europol ensures that the interests of law enforcement agencies in the EU member states and non-EU partners are represented in Europol’s headquarters. Each Europol national unit seconds at least one representative to Europol headquarters where every member state is provided with its own office. The liaison officers are not under the command of Europol and its director. In addition, they act in accordance with the law in their own member state. In addition, other states with which Europol has concluded cooperation agreements are represented by at least one liaison officer, as are Interpol and Eurojust. As a result, officers from 41 countries as well as Interpol and Eurojust are located in one place, thus facilitating communication among them, and between them their respective national authorities.

We [Europol] are not an aloof entity. We are here for you. Use us!

FM: Europol’s 2017 SOCTA reported that the three engines of organized crime are document fraud, online trade in illicit goods and services, and money laundering. How do evolving payment methods such as cryptocurrencies, online payments and internet vouchers change the money-laundering game? 
Evolving payment methods certainly introduce challenges in the area of money laundering. It is not surprising that cryptocurrencies are abused by criminals due to the key attributes the technology offers — particularly no central party that could control or freeze transactions, irreversible transactions, fast global payments and a high degree of anonymity.

Cryptocurrencies have the potential to revolutionize smuggling, money laundering and hiding of assets. Because cryptocurrencies are a digital store of value, anyone can use them to hide and move funds around the world for both legitimate and criminal purposes. A private key is all that is needed to move funds around the world and this private key can be generated from a custom phrase only known to the owner of the asset.

The real extent of this behavior is difficult to assess due to the very nature of these payment methods. It is, for example, impossible to estimate the amount of funds that were not discovered or seized when the key only exists in the mind of the person hiding the asset. A worrying fact remains that there is little authorities can do about the issue because traditional asset control procedures do not work with this new asset class.

Apart from the work that is underway with EC3’s partners to address some of these issues, Europol and EC3 are working closely with the European Commission to inform action at the EU level. The experience, expertise and knowledge centralized at Europol’s EC3 has positioned it as an important stakeholder for the EU.

FM: In an article you published on LinkedIn, you write that Europol estimates that barely 1 percent of criminal proceeds generated in the EU are confiscated by authorities. What are the problems here in fighting global money laundering, and what is Europol doing about them? 
The problem is not that we have no adequate legislation or regulation; this is among the most regulated areas of the security world. Neither is it really a problem of the financial services sector failing to act. Global banks spend an estimated amount of US$8.2 billion a year implementing anti-money laundering regulations. Unfortunately, the system is stymied by gross inefficiencies that prevent adequate data-sharing between banks, with law enforcement and across national borders. This has led to a regime that is compliance-led and based primarily on high-volume transactions monitoring. It should be done in a better way, in which target-setting by law enforcement actions influence the actions taken by banks, to monitor and control these actors identified as known suspects. I am helping to lead work with CEOs of global banks and regulators to improve this regime.

FM: You’ve said that document fraud (which is defined as organized crime groups’ production, trading and distribution of high-quality fake identity documents) has become a major criminal problem in Europe. Can you describe why this is so? And how are you tackling the problem? 
Document fraud is linked to almost all types of crime, as well as terrorism-related threats. As highlighted in the SOCTA, there is a trend in the continued increase in the level of quality of fraudulent documents. Document fraud is to be considered as a global challenge affecting the public and private sector of member states and third parties, encompassing the abuse of various types of travel, breeder, identification and other documents.

Combating document fraud and targeting the organized crime groups involved in producing and providing fraudulent and false documents, is one of 10 priorities for fighting organized and serious international crime between 2018 and 2021, as set by the EU council. This is the first time an EU crime priority had been implemented as a common strategic goal in all relevant operational plans covering other criminal areas. This should make it possible to tackle the phenomenon in a comprehensive way by police, border and coast guard, and customs experts.

FM: What’s your personal philosophy on fighting crime? 
Commitment to the cause of making the world a safer place, and a focus on being smarter and quicker, and with a bigger network of partners and friends, than those criminals fighting against us.

FM: How do you unwind outside the office? 
Family time first, then friends, then health and fitness. I am a runner in my spare time, with a few marathons under my belt, including New York City in 2015 and 2016, which were fabulous experiences.

FM: What encouragement can you give our members — fraud fighters “in the trenches” around the globe? Our membership is diverse, but what are some overarching fraud examination tips you can give them? 
Don’t despair! Transnational crime cannot be tackled by one crime unit or even one country alone. Organizations such as Europol have purposely been created to provide analytical as well as expert and financial support to bring investigators together, to pool knowledge and to work together to achieve common objectives. We are not an aloof entity. We are here for you. Use us!

FM: What are your thoughts on receiving the ACFE’s highest honor, the Dr. Donald R. Cressey Award? 
It is a tremendous privilege.

FM: Without giving too much away, what are a few things you’ll be saying during your keynote at the 29th Annual ACFE Global Fraud Conference
How success in combating fraud and other major security threats depends on our ability to build and sustain a networked and diverse community of global experts. I will talk about my experience in the enterprising use of data to bring partners together and to find better ways of fighting crime and terrorism.

Dick Carozza, CFE, is the editor-in-chief of Fraud Magazine. His email address is: dcarozza@ACFE.com.