An inspection of the north-east regional response to serious and organised crime

Published on: 7 December 2022

Introduction

About our inspection

As part of our police effectiveness, efficiency and legitimacy (PEEL) inspections, we inspected how well police forces tackle serious and organised crime (SOC). In 2022, we changed how we inspect this aspect of policing, to incorporate inspections of the ten regions, as well as the nine regional organised crime units (ROCUs) throughout England and Wales and the 43 police forces. This improves our understanding of how well forces and ROCUs work together to tackle SOC.

About us

His Majesty’s Inspectorate of Constabulary and Fire & Rescue Services (HMICFRS) independently assesses the effectiveness and efficiency of police forces and fire and rescue services, in the public interest. In preparing our reports, we ask the questions that the public would ask, and publish the answers in an accessible form. We use our expertise to interpret the evidence and make recommendations for improvement.

About our report

This report includes sections on the following:

  • Regional findings – a summary of inspection evidence that identifies good or poor performance within the region; in other words, involving or relating to the ROCU and its constituent forces. The performance of the region is not given a graded judgment. Instead, we highlight areas for improvement, causes of concern, and innovative and promising practice in this section, where applicable.
  • The ROCU and individual forces – the ROCU and each individual force are given a graded judgment, with a summary of the findings from our inspection and highlighted sections for areas for improvement, causes of concern, and innovative and promising practice.

About ROCUs

Each ROCU serves between three and seven constituent forces (see map in Appendix 1).

The Strategic Policing Requirement defines ROCUs as:

“The primary interface between the NCA (National Crime Agency) and policing, supporting the co-ordination and tasking of the collective effort against the serious and organised crime threat.”

The Government’s 2018 SOC strategy states that ROCUs should:

“Lead the operational response to serious and organised crime on behalf of forces within their regions, taking tasking from the NCA on national priorities, and working together in a more networked way, allowing capacity and capability to be shared where appropriate.”

Police forces should work closely with ROCUs, following the objective set out in the national Serious and Organised Crime Strategy to achieve a ‘whole system’ approach to tackling SOC. ROCUs provide a range of specialist capabilities to forces. These include the regional organised crime threat assessment units (ROCTAs), surveillance, undercover policing, sensitive intelligence units, regional asset recovery teams, cybercrime teams, the Government Agency Intelligence Network (GAIN), prison intelligence units and others.

ROCUs are set up under collaboration agreements (made under section 22A of the Police Act 1996) between the chief constables and police and crime commissioners (PCCs) in each region. ROCUs are not statutory bodies. They rely on forces to supply the administrative and support functions they need, including human resources, finance and IT. As a result, each ROCU is set up differently, under different terms of collaboration.

Each ROCU’s financing is largely given by chief constables and PCCs, with additional financing from the Home Office. In each region, forces negotiate their financial contribution to the ROCU.

Changes to how SOC threats are managed nationally

Our previous PEEL inspection reports have referred to how well forces have managed and mapped or assessed organised crime groups (OCGs).

In this report, we refer to SOC threats, which encompasses OCGs, SOC priority individuals and SOC vulnerabilities.

This reflects changes introduced nationally in response to the SOC strategy’s goal to provide a “single picture of demand”. This has been achieved by establishing a national database of SOC threats, which holds information from the NCA, ROCUs, police forces and government agencies that tackle SOC. This database is referred to as the SOC master list and is used to assess which SOC threat is a priority for each agency or force.

Regional findings

The north-east region consists of three forces (Cleveland Police, Durham Constabulary and Northumbria Police) and their ROCU: the North East Specialist Operations Unit (NERSOU). As of 7 July 2022, NERSOU has been renamed the North East ROCU (NEROCU).

There are good relationships between the ROCU and forces, but NERSOU needs more consistent support from forces to improve regional collaboration

ROCUs need forces to support some of their specialist capabilities, such as investigating organised criminals in prison and aiding undercover operations.

The north-east region works well together as a whole. There was evidence of good relationships between its forces and the ROCU, as well as other organisations such as the NCA and His Majesty’s Revenue and Customs.

However, it was clear that the forces in the north-east region work more closely with the ROCU for some aspects of regional policing than others. Often, this closer collaboration related to the capacity and capability of specialist departments within the forces. For example, Northumbria Police often works with the regional GAIN co‑ordinator, whereas Durham Constabulary works closely with local organisations to tackle SOC. This means that there are inconsistencies within the collaboration.

We found evidence that the forces throughout the region give differing levels of support to NERSOU. Each force has a different arrangement for providing intelligence and administrative support to undercover investigations. The number of different officers, drawn from forces, who are involved in supporting undercover investigations could result in an overexposure of operatives and covert methodology. This creates an unacceptable risk where undercover officers could be recognised by someone who knows they are a police officer. This should be reviewed to make sure there is enough and consistent capacity and capability in forces to support the region and minimise risk.

We found two further aspects where better collaborative working would improve the regional approach to tackling SOC:

  • NERSOU and the constituent forces have adopted the term Operation Sentinel as a ‘brand’ for tackling SOC. Individually, they are using this brand in different ways to publicise their work. For example, Northumbria Police is using local press and social media to communicate what it is doing to tackle SOC. Cleveland Police and Durham Constabulary are mainly using local press but aren’t making the best use of social media platforms or the Operational Sentinel brand to communicate with the public. There is no regional communications plan to support Operation Sentinel, nor is there a regional working group to share good practice and learning. Regional governance and a single strategy would help to promote the work being done to tackle SOC using the Operation Sentinel brand and exchange information that can help protect the public.
  • We found that some personnel in NERSOU and constituent forces were unable to adequately describe what opportunities were available to divert people away from criminality. The region would benefit from an exercise to map existing diversionary activities, evaluate whether these are sufficient and promote their use throughout the north-east. An exercise of this kind is underway in Cleveland Police. But the other forces would benefit from carrying out a similar exercise.

The ROCU should improve communications to promote what it has to offer the forces in the region

Most people we interviewed within the ROCU felt there was often a lack of awareness in forces of the specialist support that NERSOU could offer. This was because some force personnel weren’t fully informed of how the ROCU had developed over time and the various specialisms that it could provide. This may have several adverse effects on regional working.

Firstly, it may make it less likely that forces consult with NERSOU to explore specialist tactical options. This means some opportunities to tackle SOC threats may be missed. As an example, interviewees told us that it was often the case that the regional prison intelligence unit (RPIU) was only made aware of offenders entering prison at the point of conviction. If the RPIU was made aware earlier, they could have put steps in place to manage these offenders more effectively.

Secondly, the ROCU should be considered as a place where personnel can enhance their professional development. Interviewees told us that recruitment into NERSOU tends to come from the same specialist teams within the forces. If force personnel are unclear on opportunities for career development at the ROCU, then forces are missing a chance to develop their workforce in specialist and complex investigations. Additionally, widening recruitment across forces would encourage more diversity within NERSOU’s teams.

NERSOU is aware that some staff feel they could work better with forces. Since our inspection, NERSOU has developed an engagement and communications strategy. To support this, NERSOU completed analysis of work with interested parties to assess the extent to which NERSOU works with forces and wider services. Within the strategy is also the desire to increase the consistency of engagement using the Operation Sentinel brand. It is too early to assess whether this plan has had the desired effect, but this is a positive step.

ROCUs have been awarded more police officer posts through the Police Uplift Programme (PUP) until 2023/24. According to unpublished National Police Chiefs’ Council data, at the time of our inspection, NERSOU was on track to meet its PUP target for 2021/22. Because of a shortage of suitably qualified investigators, NERSOU is having to recruit officers who have little specialist knowledge of complex SOC investigations and have to undergo a period of training. NERSOU told us of concerns about the difficulty of recruitment in the next few years, particularly into senior management roles. These concerns aren’t unique to NERSOU and will affect other ROCUs throughout the country.

North East Regional Specialist Operations Unit (NERSOU)

NERSOU is adequate at tackling serious and organised crime.

NERSOU: Understanding SOC and setting priorities to tackle it

NERSOU collects and uses intelligence from a range of sources to understand and prioritise its actions to tackle SOC

NERSOU has named eight regional SOC priorities:

  • drug trafficking;
  • economic crime and money laundering;
  • county lines;
  • child sexual exploitation and abuse;
  • modern slavery and human trafficking;
  • cybercrime;
  • organised acquisitive crime (such as theft or burglary); and
  • firearms.

It has set up intelligence ‘threat desks’ for each priority, with a dedicated co-ordinator and analyst. The threat desks regularly review information and intelligence and make sure that plans to tackle each priority are up to date. There is a governance group, supported by threat reduction groups, that check progress against these plans. Representatives from the regional forces attend these meetings. The ranks and roles of these force personnel vary, and they may not be senior enough to progress the regional priorities at force level.

NERSOU introduced a new tasking process in December 2021, in line with the national SOC system tasking model. At the time of our inspection (early 2022), senior managers in NERSOU were still developing this process with regional SOC partners.

In 2017, the ROCU network introduced the ROCTA teams, to bring consistency to the mapping of SOC threats. The ROCTA teams, and similar force‑level teams, review intelligence and information to inform SOC threat assessments.

The NERSOU ROCTA team maps SOC threats on a national database, using a national assessment model called management of risk in law enforcement (MoRiLE). NERSOU uses these assessments to make decisions on the deployment of specialist capabilities against the highest threats. Data extracted from the national SOC master list on 10 January 2022 showed that there were 142 SOC threats found in the region: 29 by Cleveland Police, 32 by Durham Police, 39 by NERSOU and 42 by Northumbria Police.

NERSOU and force personnel told us that some of the assessments done by Durham Constabulary were based on historical information, which meant that threat scores were exaggerated. The senior leadership team in NERSOU should make sure that the ROCTA is empowered to moderate the assessments to ensure accuracy and consistency.

NERSOU has an established gateway function, allowing units in NERSOU, forces and other regional partner organisations to request specialist support. This helps NERSOU to measure the demand from both internal and external units and track where specialist support has been given. This management information helps NERSOU to understand the demand for each of its capabilities and where more resource is needed, as well as satisfying the joint committee (described in the Resources and skills section) that it is getting value for money from its ROCU.

Promising practice

North East Regional Specialist Operations Unit (NERSOU) has excelled in developing and maintaining good relationships with regional partners

NERSOU has personnel from serious and organised crime partner agencies co‑located on its site. This is particularly successful within the sensitive intelligence unit, which hosts staff from the National Crime Agency and counterterrorism policing.

The regional organised crime threat assessment unit team is also co-located in the sensitive intelligent unit. This helps the regional organised crime unit to incorporate all the intelligence it can access into its threat assessments. Through a national review process, the National Police Chiefs’ Council identified this as good practice.

NERSOU has direct access to its constituent forces’ intelligence on the management of covert human intelligence sources. Furthermore, it has indirect access to corruption-related intelligence.

NERSOU: Resources and skills

NERSOU is governed by a joint committee consisting of the chief constables and PCCs of the constituent forces.

Areas for improvement

Regional chief constables should appoint a single dedicated chief officer to lead the regional response to serious and organised crime (SOC)

In our recent inspection of regional organised crime units (ROCUs), we recommended that:

“By February 2022, the chief constable with the lead for SOC in each region should make sure that a chief officer is appointed with responsibility for each ROCU, working autonomously of force responsibilities.”

This recommendation hasn’t been adopted in the north-east region.

Two regional assistant chief constables oversee the operational management of the North East Regional Specialist Operations Unit. These assistant chief constables carry out this work in addition to their force duties. This adversely affects the region’s ability to implement important measures to improve:

  • an inconsistency in how the ROCU and forces police SOC regionally (see the previous section on regional findings);
  • a lack of connectivity throughout the region, with staff having to access multiple IT platforms, which is burdensome and demanding of staff time;
  • the absence of a cohesive regional performance framework that shows the region’s effect on SOC and helps it to determine and develop good ways of working;
  • some inconsistencies in SOC system tasking and threat assessment; and
  • establish leadership at the correct level in respect of national governance and strategic decision-making.

At the time of our inspection, the head of NERSOU, a detective chief superintendent, wasn’t supported by a deputy. This, and the dual leadership arrangement, placed the head under considerable pressure. Recruitment of a deputy was underway.

Over 70 percent of NERSOU funding comes from forces; the rest comes from national grants. These grants offer short-term funding to projects. This adversely affects police staff recruitment and retention, as some staff may prioritise job security and longevity, prompting them to seek alternative employment (both inside and outside the police service).

NERSOU receives a small but critical amount of funding through the Home Office Asset Recovery Incentivisation Scheme. This funding is used, for example, to supply some of NERSOU’s essential surveillance equipment. During fieldwork, interviewees told us there is a risk to this funding as the regional chief constables and PCCs were considering its reallocation to other aspects of policing. In the absence of any obvious alternative sources of funding, and because of the need for the ROCUs to invest in specialist capabilities, such as technical surveillance, we would discourage the reallocation of Asset Recovery Incentivisation Scheme funding.

NERSOU IT systems aren’t integrated well enough

NERSOU personnel must access and piece together information from several IT systems. There are three separate force crime and intelligence IT systems, as well as other systems to manage investigations. These systems hold silos of intelligence, data and crime information. This creates inefficiencies.

Some NERSOU teams don’t have enough staff to support investigations

We found that some specialist teams don’t have enough investigative support. Some of these teams investigate cases that involve high levels of harm and vulnerability, such as online child sexual exploitation. NERSOU has recognised this and, at the time of our inspection, was planning a restructure to create additional investigative support.

NERSOU has one specialist team that is trained to carry out surveillance work. We found that the demand on this team exceeded its capacity. NERSOU has recorded 11 lead disruptions and 3 support disruptions made by this team in the 12 months to 31 May 2022. The specialist officers in this team carry out other non‑specialist roles, such as disclosure officer. This means that much of their time is diverted to tasks that could be fulfilled by other support staff.

We were left with the impression that NERSOU doesn’t make enough use of police staff, who may perform certain functions more economically than police officers. Pressures on staff recruitment nationally are worsened by the conditions of the PUP, which stipulates that funding can only be used to employ police officers.

The approach to digital forensics is inefficient

NERSOU has an inefficient approach to digital forensics. The prompt extraction of data from phones and other devices, and its availability to analysts and investigators, are important features in most successful complex SOC investigations.

NERSOU doesn’t have its own digital forensic capability. Instead, it relies on support from constituent forces for its examinations. This is problematic.

NERSOU personnel told us that, in each of the three constituent forces, waiting times for device examination ran into months. In a separate inspection in January 2022 (awaiting publication), we learnt that Northumbria Police has a target of 9 months to start the examination of devices assessed as standard risk.

NERSOU: Tackling SOC and safeguarding people and communities

NERSOU uses specialist tactics effectively to disrupt organised criminals

In the 12 months leading to 31 May 2022, NERSOU recorded that it led 494 SOC disruptions. Of these, 216 disruptions have been carried out by the Cyber Protect team, highlighting NERSOU’s commitment to protecting the public and business community from cybercrime.

Compared to other ROCUs across England and Wales, NERSOU has recorded the highest number of disruptions involving its multi-agency response to SOC (MARSOC) team (33 lead disruptions and 76 supported disruptions).

NERSOU has a problem-solving forum where investigators from the ROCU and forces can request specialist help. Investigators submit their requests using a ‘gateway’ process. Personnel from different specialist disciplines meet to understand the problems and come up with ways of dealing with them. We found that this forum was effective.

NERSOU has put in place regular meetings between intelligence and investigative personnel. This is to make sure that intelligence generated during each investigation is acted upon promptly and made available to other investigators.

Effective SOC policing, involving a 4P approach, relies on a good relationship with lead responsible officers (LROs) at a local level and ROCU investigators. We found that NERSOU personnel consistently work closely with LROs in forces.

NERSOU effectively tackles economic crime with a small but capable team. There is a bi-regional economic crime unit that is shared between NERSOU and the Yorkshire & Humber ROCU. The unit’s function is to find and seize criminal assets. NERSOU has introduced a regional economic crime co-ordination centre to support its commitment to tackling economic crime. This centre incorporates the regional fraud manager, as well as the threat desk analyst and personnel to analyse suspicious activity reports.

NERSOU has two investigation teams dedicated to investigating specific threat areas. One targets a certain type of fraud and the other targets Western Balkan criminality. These teams are achieving some good results against these threats.

For example, the work done by the fraud team has resulted in the threat of courier fraud declining throughout the north-east since 2014. The national lead for fraud in City of London Police has recognised the work done by this team as national best practice. NERSOU has a plan to detect and respond accordingly to the re‑emergence of this type of fraud in the region. As part of this work, NERSOU has reported to us that, between 1 April 2019 and 30 April 2022, the team arrested 236 suspects and safeguarded 200 victims.

The Western Balkan team was formed in November 2020. This team told us that it has achieved 57 arrests, seized over £300,000 in criminal assets and put in place two Proceeds of Crime Act 2002 restraint orders, as well as seizing many counterfeit identification documents. The team also told us about an operation to tackle cannabis farms being run by a Western Balkan OCG throughout the north-east. At the time of our inspection, NERSOU was working with national partner organisations such as the NCA and Home Office Immigration Enforcement, to establish opportunities to disrupt the OCGs’ activities, such as deportation of its members and confiscation of their criminal assets held abroad.

Innovative practice

The North East Regional Cyber Crime Unit has several notable work programmes

  • The unit runs Exercise Athena, a project designed to raise awareness and prevent children from committing offences under the Computer Misuse Act 1990.
  • The unit uses a search engine to scan the internet for devices susceptible to being compromised that geolocate within the north-east. The unit has worked with internet service providers to notify north-east-based businesses of vulnerabilities within their computer networks, so they can protect themselves from cyberattacks.
  • The unit ran a ransomware training exercise with Durham Police on behalf of the North East Cyber Protect Network. It attracted a lot of positive feedback from senior leaders on the value of conducting business continuity exercises where systems were compromised by cyberattack. The unit is offering the exercise to other forces in the region, as well as across the national Cyber Protect Network.
  • The unit has developed a dedicated website designed to help people and businesses “stay safe and secure online”. This includes, for example, material that can be used by teachers, guardians and carers to keep children safe online and discourage them from getting involved in cybercrime. There is also practical advice for all computer users, including how to create strong passwords and how to gather evidence should they be a victim of cybercrime. This site is a standalone site. It would be preferable for the North East Specialist Operations Unit to link or signpost this to the main regional organised crime unit website.

We found that most personnel we interviewed in NERSOU had good knowledge of local safeguarding processes. They use public protection notices effectively to refer individuals with safeguarding concerns to multi-agency force safeguarding teams. However, when we spoke to senior investigating officers, they showed a lack of understanding about the type of wider activities available in the region to prevent individuals engaging in SOC or to protect people and communities becoming victims of SOC.

Cleveland Police

Cleveland Police is adequate at tackling serious and organised crime.

Cleveland Police: Understanding SOC and setting priorities to tackle it

Cleveland Police uses intelligence to inform its strategy and prioritise work

Cleveland Police has a joint counterterrorism and SOC board, which oversees the management of these two priority areas. The SOC local partnership board reports into this. Strategic partners, such as local authority executives, attend these meetings and work with the force to decide priorities and create plans to deal with them.

The force has a strategic assessment and a control strategy, which helps it to prioritise effectively. These documents were produced by the force in 2020 and were soon to be updated.

The force was also revising the SOC local profile at the time of inspection. The current SOC local profile was written in 2019 but SOC threats are regularly reviewed and presented to SOC leaders and partners.

The force produces other profiles about priority crime areas. For example, we were shown profiles on drugs markets, serious violence and child exploitation (sexual and criminal). Profiles for domestic abuse and violence against women and girls are due for publication later in the year. Multi-agency arrangements are in place to address the recommendations that have been proposed in these profiles.

The force SOC partnership meetings are well attended; 23 partner organisations were represented in the meeting we observed. This included the local licensing department, His Majesty’s Prison and Probation Service, and Trading Standards. The regional GAIN co-ordinator also attends the meetings.

We saw that intelligence was shared, and joint activity agreed between Cleveland Police and its partner organisations during the meeting. The force produces OCG ‘plans on a page’. These are given to other organisations prior to meetings to give specific information about the people involved in the OCG and their criminal activity. During the meeting, the plans on a page were presented in more detail. This included police and partner updates on activity carried out and approving new activities to disrupt OCGs. This meant that police and partners were clear on what needed to be done.

The analytical support given to LROs is effective

There is analytical capacity to scan crime and intelligence systems daily to identify new information and opportunities to tackle SOC threats. Findings from the analytical team are described in documents that are often shared with LROs and other SOC specialists. Additionally, the relationship between analysts and LROs is generally good. There is regular communication between the two parties. This means that LROs are given information and can respond quickly to changing threats and risks.

Information systems should be better connected to improve efficiency in how SOC information is accessed and analysed

The force holds information relating to SOC threats in several IT systems. For example, SOC threats are flagged on the force intelligence systems, but supporting documents are saved elsewhere. SOC investigations are managed on other IT systems. Additionally, the information that needs to be reported to the ROCU and NCA is held in multiple systems. Analytical staff must gather information from these different systems.

Cleveland Police: Resources and skills

LROs need more training and support to effectively manage threats using a 4P approach

The LRO role in Cleveland Police is carried out by local police chief inspectors. LROs were focused on tackling SOC threats and work well with local partners, such as community safety teams. However, we have some concerns with the current model, as described within the area for improvement in the Tackling SOC and safeguarding people and communities section below.

LROs have had some training internally and from NERSOU officers. However, some LROs reported to us that they don’t feel the training is consistent or sufficient, especially for those who are new to post. One LRO stated that they had been given a handover from their predecessor, but no other training. However, we heard from others that LROs were given inputs from specialists in the force and at NERSOU. The force needs to make sure that LROs understand their role and should promote the use of the Home Office LRO guidance document circulated in early 2022.

Areas for improvement

The force doesn’t have enough financial investigation capacity to meet demand

Tackling organised crime should fundamentally involve the identification and confiscation of criminal assets. Doing this effectively requires specially trained financial investigators and analysts.

Cleveland Police doesn’t have enough skilled personnel to meet all of the demand in this area. Financial investigators are dealing with large caseloads. They have little time to review suspicious activity reports (SARs), develop financial intelligence or proactively investigate money laundering. The force reported that it has a backlog of over 20,000 SARS that have built up over several years. They do investigate some SARs, such as defence against money laundering SARs, in accordance with national guidelines. But there is no capacity to analyse these reports to establish other types of criminal activity.

Cleveland Police: Tackling SOC and safeguarding people and communities

Areas for improvement

The force should adopt a more consistent approach to tackling serious and organised crime (SOC) at neighbourhood level

The force should make sure there is more scrutiny from chief officers to monitor how SOC operations are progressing at neighbourhood level. It should be more robust in holding lead responsible officers (LROs) to account and establish where support from specialists can improve how it disrupts organised criminals.

While LROs have good relationships with partners through MARSOC meetings, there is a clear need for LROs to work more closely with specialist teams to be more effective at reducing the threat in some SOC investigations.

The neighbourhood response to SOC is inconsistent throughout the force. The LRO role in Cleveland Police is carried out by local police chief inspectors in charge of neighbourhood policing teams (NPT). In some areas, we found that NPTs were unable to tackle organised crime groups (OCGs) due to the demands placed on them. NPTs lacked the capacity and specialist skills to be fully effective and often didn’t have sufficient access to suitably qualified detectives to investigate SOC. This means that investigative opportunities are being missed.

The force doesn’t have dedicated teams to proactively disrupt SOC at a local level. The newly formed drugs team will provide some proactive capability, but this needs to be supported by more activity at NPT level to tackle wider OCG threats. The force should look to free up capacity within neighbourhood teams or create more capacity to allow for disruptive activity to take place.

In one neighbourhood area, the LRO had dedicated two police constables and one police community support officer to tackling SOC. The LRO told us this arrangement was particularly effective in tackling the OCG managed in this neighbourhood area.

In our 2018 PEEL inspection of Cleveland Police, we established an area for improvement:

“The force needs to develop a better understanding of the effect of its activity on serious and organised crime across the 4Ps, and make sure it learns from experience to maximise its disruptive effect.”

During this inspection, we found evidence that the force has developed processes to understand whether it is having a positive effect on tackling organised crime. This includes the analysis of threat levels over time and how well disruption activity has reduced the threat level. The force also prepares status reports that check whether the force is achieving the goals set out in the SOC strategy. We were impressed by this aspect of Cleveland Police’s SOC management.

The force should improve work with the private and voluntary sector to prevent people from becoming involved in SOC

We reviewed a selection of SOC management plans. Plans were well structured and showed that 4P activity is carefully considered by LROs. The force acts to prevent people from being drawn into SOC, through its relationships with statutory partners, such as those in children and adult safeguarding. However, there are a limited number of tailored prevent interventions that may be available through non-statutory partners, for example in the voluntary sector. The force should establish non-statutory partners that they can work with to prevent people from becoming involved in SOC.

The force has improved how it identifies and protects victims of SOC, but the approach needs to be more consistent throughout the force

Partners we interviewed commented on the positive change in attitudes of force personnel to dealing with vulnerable people linked to SOC.

To support this, data extracted on 10 January 2022 from the national SOC master list showed that all five SOC assessments in the north-east region with a SOC vulnerability tag were owned by Cleveland Police.

We found evidence that LROs are focused on identifying the children of organised criminals, to respond to any welfare concerns and to safeguard them. We were also pleased to find that officers dedicated to identifying vulnerable people were assigned to all SOC investigations.

The force has piloted a new multi-agency child exploitation (MACE) team in its North division. Personnel we spoke to in the team reported a 25 percent increase over a 6-month period in the number of children being identified as at risk of exploitation. They told us that this arrangement works well because personnel from partner organisations and police work in the same office. This has helped the flow of information between organisations. We were informed of an example where the MACE team had worked with an LRO to safeguard several young females being exploited by an OCG.

The MACE team isn’t replicated in the South division. If and when the pilot is formally evaluated, it may become appropriate to extend the arrangement to the South division.

In addition, the force told us about examples of other work in place to protect the public. Examples included the following:

  • Police gave virtual training to over 5,000 school children, to warn of the consequences of child criminal exploitation and knife crime.
  • The force uses Crimestoppers campaigns throughout the whole force area and in some of its higher-risk geographical areas. Year-on-year comparison of Crimestoppers data shows this has contributed to an increase in public reporting on topics such as county lines, child criminal exploitation and drug trafficking.
  • The force uses notices (such as closure notices to restrict the use of domestic and commercial premises associated with criminal activity) to disrupt offenders and show the community the force will protect them by proactively pursuing organised criminals.
  • Operation Eastwood is designed to deter children from reoffending. This involves police and children and family services working together to give children (and their carers) advice to make better life choices. At the time of our inspection, over 50 children had been referred into this programme over the course of 12 months. The force told us that, of this cohort, only two children had reoffended.

Durham Constabulary

Durham Constabulary is outstanding at tackling serious and organised crime.

This force was inspected under the previous PEEL SOC inspection programme. The findings from this can be found in the force PEEL 2021/22 inspection report. The highlighted section below is taken from this report.

Innovative practice

The force has the right systems, processes, people and skills to tackle serious and organised crime (SOC)

The force uses many specialist skills to determine and counter the threat from SOC. In particular, its investment in digital intelligence and forensics, and its use of financial investigators. The force proactively pursues illicit finances. It has been recognised nationally for its analytical exploitation of suspicious activity reports to establish links to organised crime groups (OCGs). It works hard to recover money from OCGs through confiscation orders. A financial investigator is appointed at the earliest opportunity in all OCG investigations. This allows the force to determine and pursue financial opportunities to disrupt OCGs.

Innovative practice

The OCG disruption team, and extremely effective relationships with partner organisations, reduce the threat from serious and organised crime

The force has a well-structured and accepted approach to disrupting the threat posed by SOC. It has a dedicated OCG disruption team, with tactical advisers establishing good ways of working and giving guidance to local responsible officers. The OCG team also reviews tactical plans and advises on good existing and emerging ways of working. There is a very effective OCG disruption panel, involving a wide range of organisations. This panel helps intelligence to be exchanged easily. This broadens and deepens everyone’s understanding of SOC. It also helps decide which agency is best placed to lead or support disruption activity. The value of working together has been recognised as a good way of working.

Northumbria Police

Northumbria Police is good at tackling serious and organised crime.

Northumbria Police: Understanding SOC and setting priorities to tackle it

Innovative practice

The force is taking a creative approach to understanding serious and organised crime data

The force is developing a data and analytical tool to comprehensively map place‑based harm. This allows the force to determine and prioritise the areas most affected by organised crime, and to decide where to focus its Clear, Hold, Build activity.

This is being completed in three phases. At the time of our inspection, the first phase was in an advanced state. The force was analysing trends using an application for visualising and analysing data with information presented in dashboards. A variety of partnership data was being fed into the application to support the analysis.

The tool is intended to make the force more effective and efficient in developing profiles of place-based harm (such as the serious and organised crime local profile and informing Clear, Hold, Build work) and in targeting and understanding the effect of its activity against serious and organised crime threats. It may require more analytical resources to make best use of this tool.

There is good leadership and management of SOC

Northumbria Police has a comprehensive SOC strategy, which aligns to national priorities (set by the NCA). It was evident during our inspection that the workforce regards tackling SOC as everyday policing and that the links between SOC, vulnerability and safeguarding are well recognised.

Each SOC priority identified in the SOC strategy has a 4P action plan. The action plans contained details of progress against the 4Ps and identified any risks or problems that the force was facing. The priorities were clustered under the force’s three strategic pillars of commodity, vulnerability and prosperity. Each priority was given a strategic lead officer. The force SOC governance board holds the strategic lead officers to account for achieving their plans.

Analysts and researchers are organised into threat desks so that each priority is reviewed and assessed on a regular basis. The force didn’t have a cohesive performance framework to measure success against the strategy but was working to develop one.

Northumbria Police: Resources and skills

Areas for improvement

The force should make sure that there are sufficient resources in specialist areas to meet serious and organised crime demand

We were concerned to find that there were three teams struggling with workloads:

  • The paedophile online investigation team wasn’t able to cope with the volume of investigations being referred to it. This means there could be hidden vulnerability not being identified and opportunities to safeguard people being missed. Since our inspection, the force has prepared a detailed action plan to address this problem. However, it is too early to assess the effectiveness of the measures.
  • In line with national requirements, the force looks at defence against money laundering suspicious activity reports (SARs). To support its priority of protecting the vulnerable, the force also looks at vulnerability SARs. However, due to a lack of capacity, it doesn’t routinely screen other SARs to determine offenders and victims. Additionally, the force has limited capacity to effectively investigate criminal finances and identify and seize assets. This was a similar problem to what we saw in Cleveland Police, but it wasn’t as stark in Northumbria Police.
  • The covert authorities bureau was overwhelmed with the volume of work concerning the acquisition of communications data. This is a very small unit that carries out a vital function. We concluded that it is notably understaffed.

The force communicates with the public on how it tackles SOC

Northumbria Police uses the Operation Sentinel name to brand the work it does with local partners, such as local authorities. The force has an effective communications plan under Operation Sentinel. We found that the force has used multiple communications methods, such as the local press and social media, to inform the public about its activity to tackle SOC and give advice to help protect them from harm.

Northumbria Police: Tackling SOC and safeguarding people and communities

The force should improve how it records and monitors its activity across the 4Ps

We found abundant evidence that the force is tackling SOC using a 4P approach. In the year ending 31 May 2022, the force recorded 475 disruptions on the national database, 25 percent of the regional total. Of these, 81 were prevent disruptions, the second highest in the region when compared to the total number of prevent disruptions recorded for NERSOU and constituent forces.

However, the 4P plans we reviewed weren’t of sufficient quality to give leaders updates on the 4P activities. The 4P plans appeared to lack actions that were customised to each SOC threat. Plans weren’t being updated by plan owners on a regular basis. As such, the recording of progress against actions was inconsistent.

The force should seek good examples of 4P planning and management from other forces, such as Cleveland Police and West Yorkshire Police. The force is also planning to introduce a new crime and intelligence system in 2023 and could use this as an opportunity to manage these plans in one place.

The force is working to effectively tackle SOC over the long term

The force is adopting a Clear, Hold, Build methodology to tackle SOC at a local level. It is doing this as part of a Home Office pilot project. This means the force isn’t just concentrating on OCGs but also the reduction of place-based harm to tackle places where SOC crime is most concentrated. The force uses a computer application to determine the highest harm geographic areas (which we have recognised as innovative practice).

Operation Momentum is one part of the Clear, Hold, Build work that has focused on one geographical area of the force identified as being significantly affected by organised crime. The force created a team of detectives and neighbourhood officers, supported by intelligence personnel, to tackle the problems in this area arising from the activity of two OCGs.

The Operation Momentum team has reduced the threat from these groups through enforcement activity, including over 40 warrants and 500 arrests. The team is also implementing safeguards to protect the vulnerable. A Crimestoppers campaign was used to encourage the reporting of intelligence in this area of the force in February 2021. This led to more than a three-fold increase in intelligence submissions. This helped the force to obtain warrants and determine vehicles to conduct stops on.

The Operation Momentum team continues to work with partner organisations and the community to improve the local area. It works closely with a local regeneration project to secure funding to improve the environment for the community.

The force shared the plan for this operation, which was last updated in December 2021. Within the plan, the LRO has assessed the risks to the success of the work, including potential withdrawal of the task team and abstraction of neighbourhood officers. For this operation to succeed in the Hold and Build phases, the police, partners, such as the local authority and housing services, and the community must continue to work together.

We have reviewed the data contained within the national SOC master list and found that, as of 10 January 2022, Northumbria Police has no threats mapped as a SOC vulnerability. This doesn’t relate to the problems being tackled through Clear, Hold, Build. It would be pertinent for the force to map the Clear, Hold, Build projects as a SOC vulnerability, so that it can record the disruptive activity carried out and evaluate the long-term effect it is having.

In 2019, the force identified county lines activity, which had links to Merseyside. The county line was adversely affecting the local community. The force identified a substantial rise in the reporting of crime and incidents in the area, particularly in shop thefts. The force worked with several organisations, including the local council, drug recovery service and British Transport Police to tackle the problem. This included obtaining court orders to close the dealer line, restricting the use of addresses being used for criminal activity, and supporting and safeguarding local vulnerable drug users. The force worked with NERSOU and Merseyside Police to co‑ordinate warrants at addresses in the north-east and Merseyside. The work done by the force between May 2019 and March 2020 led to a reduction in crime and increase in drug users accessing the local drug recovery service. This work has been evaluated by the force and received recognition as the 2020/21 Tilley Award winner (a national award for preventative policing).

The force prioritised all the Operation Venetic packages it had been sent for investigation. This has had the positive effect of improving the force’s understanding of SOC threats. The force has reported good results, with over 22 kg of cocaine and around £1m in cash seized. The force expects that over 100 suspects will be brought to justice. However, the force’s approach to Operation Venetic has placed pressure on the SOC proactive team. At the time of inspection, the force told us that this was beginning to ease.

The force has a robust process to manage SOC offenders

We found evidence that the force focuses on managing SOC offenders. LROs routinely nominate cases for review and further action. The force regularly works with the RPIU to monitor SOC offenders in prison and disrupt ongoing criminal activity.

The MARSOC team was created in NERSOU in April 2021. The force is working well with the regional MARSOC team to find and disrupt the highest harm SOC offenders. At the time of our inspection, the force was managing four offenders in this way. We heard many examples of LROs identifying organised criminals to refer into the MARSOC team. It is positive to see the force considers ongoing management of SOC offenders as important.

Northumbria has obtained several serious crime prevention orders, to prevent ongoing offending as SOC offenders are released from prison. The force proactively works to identify breaches of the conditions of these orders, including reviewing intelligence daily. For example, the force has used covert tactics to collect evidence of a breach of a serious crime prevention order that prohibited the offender from using a mobile telephone.

The force regularly examines the progress of SOC operations to understand how they can improve and establish good practice

The force told us that all SOC operations are debriefed. The learning from these debriefs is recorded on a central database and shared through the SOC governance board. Most operational debriefs are conducted with partners so feedback can be shared, and effective ways of working identified.

The force is preventing people from being drawn into SOC

The force has implemented several activities to involve and divert people from different risk groups away from criminal activity. Most of these focus on the early intervention work conducted by harm reduction and violence reduction units.

The force works with a cohort of vulnerable children aged 16–17 years, including looked after children and those persistently missing from home. Children who are identified by police and other organisations as at risk are referred into several initiatives depending on their circumstances and needs. The initiatives include:

  • Edge North East, which identifies young women and girls aged 14–15 years involved in gangs or with a gang member. The females are mentored to increase self-esteem and confidence, to help divert them away from gang activity.
  • The Sidestep programme, which is funded through a £4.6m grant from the National Lottery Community Fund. This diverts young people from organised crime. Candidates are given guidance, support and activities to dissuade them from becoming involved in criminal activity.
  • The You Only Live Once (YOLO) programme, which has achieved an 87 percent reduction in programme members coming to police notice and an increase in these children attending school. The programme provides children with a mentoring support service and access to community schemes run by local businesses, including local Premier League football clubs.
  • The force had taken a bold stance on tackling an increase in violence relating to two feuding OCGs. It worked with local children’s services to identify and safeguard the children related to OCG members. The force told us that this led to a decrease in the risk of violent crime and sent a clear message to the public on protecting vulnerable people.

Appendix 1: Map of regional organised crime units

There are ten regions in England and Wales containing nine ROCUs:

  1. The North East Regional Special Operations Unit covers Cleveland, Durham and Northumbria.
  2. The Yorkshire & Humber Regional Organised Crime Unit covers Humberside, North Yorkshire, South Yorkshire and West Yorkshire.
  3. The North West Regional Organised Crime Unit covers Cheshire, Cumbria, Greater Manchester, Lancashire, Merseyside and North Wales.
  4. Tarian covers Dyfed-Powys, Gwent and South Wales.
  5. The Regional Organised Crime Unit for the West Midlands Region covers Warwickshire, West Mercia, West Midlands and Staffordshire.
  6. The East Midlands Special Operations Unit covers Derbyshire, Leicestershire, Lincolnshire, Northamptonshire and Nottinghamshire.
  7. The Eastern Region Special Operations Unit covers Bedfordshire, Cambridgeshire, Essex, Hertfordshire, Kent, Norfolk and Suffolk.
  8. The South West Regional Organised Crime Unit covers Avon & Somerset, Devon & Cornwall, Dorset, Gloucestershire and Wiltshire.
  9. The London region – see the note below.
  10. The South East Regional Organised Crime Unit covers Hampshire, Surrey, Sussex and Thames Valley.

Note: There is a separate collaborative arrangement for the London region, incorporating the constituent forces of the Metropolitan Police Service, City of London Police and the British Transport Police. There isn’t a ROCU in this region, but forces share some ROCU capabilities. For the purposes of this inspection the London region has been inspected, but as it isn’t conventionally considered a ROCU, it hasn’t been awarded a ROCU grading.

Appendix 2: Data methodology and caveats

The data used in this report was extracted from the national database: the Agency and Partners Management Information System (APMIS).

APMIS contains data that is recorded by police forces throughout England and Wales, ROCUs, the NCA and other organisations (such as His Majesty’s Revenue and Customs and Home Office Immigration Enforcement).

This data includes:

  • The SOC master list, which contains all MoRiLE assessments for the SOC threats identified by forces and organisations.
  • Event-based disruption data (‘disruption data’) that is recorded following national minimum standards. At the time of our inspection, minimum standards stipulated that disruption data should only be recorded against OCGs and not priority individuals or SOC vulnerabilities.

MoRiLE assessment data was extracted from APMIS on 10 January 2022. Any changes made to assessments since that date will not be accounted for in the analysis. The following filters were used on columns to extract this data: Type is Tactical, Moderation status is Moderated, SOC is SOC, Tier Is not Tier 5 and Phase is Not contains Closed.

Disruption data was extracted from APMIS in June 2022 and includes all disruptions made after 1 June 2021 up until 31 May 2022. The following filters were used on columns to extract this data: Disruption type is Lead Disruption, Record data is greater than 1 June 2021, less than 1 July 2022 and Assessment Category is Major, Minor and Moderate.

Back to publication

An inspection of the north-east regional response to serious and organised crime