Company data at the mercy of crooks

Companies House must improve security, say MPs

Fraudsters are stealing details of company directors

The abuse of publicly accessible electronic data at Companies House is
facilitating e-crime costing £50m a year, according to a House of Commons committee.

MPs have urged Companies House administrators to investigate ways of improving security while maintaining efficient access to records, in a study which revealed that each successful crime using the register can net more than £100,000.

The British Bankers' Association gave evidence warning that fraudsters can "hijack" firms by changing their registered office address, copying information on the register and ordering goods to be delivered to the new address at the victim's expense.

Criminals are also able to access the personal details of directors and use them to commit identity fraud.

The report from the Commons Business and Enterprise Committee expressed concern that a Metropolitan Police officer who disrupted 490 attempts at fraud during an 18-month secondment to Companies House has since been withdrawn.

The MPs said that consideration had been given to removing directors' personal details, but this would hamper the operation of money laundering regulations because some details on the register help to identify fraudsters.

The report said that the potential for abuse could be reduced by a requirement to use Companies House's Protected Online Filing (Proof) security system, but noted that so far few users have signed up for it. Online filing using authentication codes is also available, and users can sign up to the Monitor system notifying them of changes to their records for just 50p per company per year.

The committee said that more urgency should be given to campaigns to promote e-filing of returns.

MPs demanded a review to assess whether more could be done to prevent crime without compromising core functions, including risk assessments on the types of company most vulnerable and investigation of cost-effective targeted interventions to reduce risks.

The report followed the completion of the Companies House Information Processing System computerisation programme, delayed from 2005 to February this year.

MPs were told that the relationship with a private-sector supplier had broken down and that the work consequently had to be brought in-house, resulting in the need to write off £12.1m.