| |

HM Treasury apes USA, triggers on-line scam alert

FCRO Subsection: 
Editorial Staff

HM would not be amused. The UK Treasury, which is increasingly given to adopting American terminology, recently issued an "advisory" relating to jurisdictions with deficiencies in their counter-money laundering and anti-terrorist financing regimes. Hilariously, it was identified as a possible scam by the Thunderbird e-mail client.

FREE CONTENT

The Treasury has recently changed its e-mail notifications from that which has been used for a number of years (gsi.gov.uk) to a new mailserver with the domain name "govdelivery.com" which really doesn't look like a real government domain.

Worse, it sends out its mails in the risky "rich text" or html format. And, because it does that, it includes the phrase that many properly set up spam filters attribute a score to "view in browser." Why? Because spam-scammers like to embed links and logos in files to improve the changes of success.

The mail is issued by "The Office of Financial Sanctions Implementation" - another US-style approach, at least in relation to the style of naming.

There is, therefore, sufficient inconsistency in the mail to raise suspicion that it might not be genuine. That suspicion is reinforced when it becomes obvious (in both html and plain text) that there is a link to the relevant website at gov.uk.

Worse, the notice says that the "advisory" "responds to a Financial Action Task Force statement." No, it doesn't respond at all. It explains, it notifies, it warns but what it does not do is "respond."

It's bad enough that the Treasury (and through it regulators) decided some years ago to refer to financial corporations as "firms," a term that had been in use, until then, precisely to differentiate between incorporated and unincorporated businesses.

The Office of Financial Sanctions Implementation has an acronym: OFSI. The UK Government is enamoured with short acronyms, many of which are badly formed or presented in a grammatically incorrect form, with a capital letter first and the remainder in lower case or, even, no capitals at all.

Worse still, the text contains the following error "OFSIs consolidated list...." HM Treasury really needs to recruit better educated people rather then those who are driven by image.

There is a "preferences" service but it does not allow the selection of the more secure plain-text version - a hilarious oversight (which means "failure," not "supervision") on the part of a government that continually bangs on about "cyber-security."

It's bad enough that HM Treasury, in the late 1990s, switched from the correct English term of "counter-money laundering" to adopt the flawed American-driven term "anti-money laundering" and, therefore followed the equally mistaken "counter-terrorist financing" when it actually means "anti."

So, was there anything useful in the notice?

Actually, yes. Which is a shame because by the time one actually gets to read it, there is so much annoyance that it's credibility is undermined.

Don't let that happen to you.. read the notice, without HMT's trendy nonsense and badly written e-mail here: https://www.gov.uk/government/... (sorry - we couldn't protect you from the "advisory" nonsense).

And here's the really sad thing: OFSI has quite a decent blog. Obviously, it's written from a government perspective but that's not a bad thing: in this way we can be guided towards the approaches taken with a view to implementation and, especially, enforcement. For example "We opened 133 breach cases in 2017 and are updating our reporting forms to assist compliance. We report the most serious cases to the National Crime Agency (NCA) for further investigation."

One should always know how regulators (which OFSI isn't, really, but it's on that track) are thinking. See it at https://ofsi.blog.gov.uk/.

hahagotcha