CYBER ECONOMIC CRIMES: CHALLENGES AND COUNTERMEASURES OF THE CHINESE POLICE
Wang Quan
TABLE OF CONTENTS
I. DEFINITION AND CLASSIFICATION OF CYBER ECONOMIC CRIMES
A. Definition of Cyber Economic Crimes in the Study
B. Classification of Cyber Economic Crimes
II. THE CURRENT SITUATION OF CYBER ECONOMIC CRIMES IN CHINA
A. Relevant Descriptions of Research Data
B. Main Types and Current Status of Cyber Economic Crimes
III. THE ROLE OF THE POLICE IN THE GOVERNANCE OF CYBER ECONOMIC CRIMES
A. 4Ps Model of Cyber Economic Crime Governance
B. The Role of the Police in the 4Ps Model of Cyber Economic Crime Governance
IV. THE CONCEPT OF INTELLIGENCE-ORIENTED INNOVATIVE POLICE SYSTEM
A. National Cyber Economic Crime Reporting Center
B. National Cyber Economic Crime Intelligence Center
C. National Cyber Economic Crime Prevention and Control and Counseling Center
D. Coordination and Linkages of the State and Local Public Security Organs
V. CONCLUSION
Against the Internet Plus background, economic crimes grow in the cyber space on a large scale, producing a brand-new crime, cyber economic crime. Compared with the traditional economic crimes, a qualitative change has made in its organization, operation, quantity, and effects, turning our cognitive understanding of the traditional economic crime upside down and provoking a great challenge to countermeasures and prevention mode against traditional crimes. Based on the classification of the crimes into cyber-dependent economic crimes, cyber-enabled economic crimes, and cyber-assisted economic crimes, this paper makes a clear definition of cyber economic crimes. Combined with the basic situation of cyber economic crimes in China, the police’s role and duty are made clear within the 4Ps framework of cyber economic crimes governance. This paper further analyses the necessity and feasibility of an innovative police model of information-oriented, integration of online and offline activities and participation of the whole society.
I. DEFINITION AND CLASSIFICATION OF CYBER ECONOMIC CRIMES
A. Definition of Cyber Economic Crimes in the Study
There is no doubt to say, cyber economic crime is the product of mutual superposition and integration of multiple dimensions, which are internet and traditional crimes, economic crimes and cyber crimes, ordinary crimes against property and economic crimes under the jurisdiction of the criminal investigation department, and cross-border should be one of the most prominent characteristics. In view of this, it should be the logical starting point for knowing and understanding the cyber economic crime to define its inherent attributes and essential characteristics from multiple perspectives and dimensions. We believe that to clarify the connotation and extension of the cyber economic crime entails consideration from the following four aspects:
Firstly, as the name implies, getting economic benefits as the goal is not only the regularity of the nature of cyber economic crime, but also the iconic characteristics that distinguish it from other cyber crimes that are not committed for the purpose of getting economic benefits, such as the use of cyber technology or taking network as medium to pose a threat to the state and society by committing various anti-government, extreme nationalism, terrorism and violent extremism crimes, and those computer abuse crimes committed merely to prove their capability or to defend the dignity (such as illegal invasion of computer systems of government or financial institutions).
Secondly, although some cyber crimes are also for the purpose of getting economic benefits, the legal benefits being infringed on (i.e., the objects of the crime) are not the orders of national economic management or the economic benefits of others, thus they are not part of the cyber economic crimes that we study in this research. Cyber crimes, for example, use online platforms to attract prostitution and sell drugs. Although the purpose of the crime is to obtain economic benefits, the legal benefits of the violations are not economic benefits, but such violations harm public order and customs (the former two types of crime) and the state’s control over drugs and the right of citizens to the health.
Thirdly, according to the degree of network involvement, cyber economic crime can be classified into three types: cyber-dependent economic crimes, cyber-enabled economic crimes, and cyber-assisted economic crimes. Different from the former two types, cyber-assisted economic crimes mainly occur offline, and network technology only plays an auxiliary role. Although the use of the internet can bring a lot of convenience to offline activities, and even significantly improve the efficiency of offline activities, its criminal nature and scale have not changed substantially, hence it is still essentially an offline crime. In cyber-assisted economic crimes, online activities depend on offline relationship or offline activities. They are not independent in themselves, that is, offline activities come first then online activities; the scope and scale of the former determine that of the latter. The former disappears, and the latter ceases to exist; the latter disappears, the former can still exist. For example, in the case of a shopping mall selling counterfeit products, even if the buyer used the method of WeChat scanning code to pay, it cannot be classified as a cyber economic crime. Similarly, we cannot regard it as cyber economic crime if the internal members of a criminal organization use WeChat (group) to communicate, or if the members of a pyramid selling organization encourage and induce their relatives, friends or classmates to join through WeChat, QQ or online call. In essence, cyber-assisted economic crimes do not exceed the scope of traditional economic crimes. In other words, traditional strategies and means of combating and preventing cyber-assisted economic crimes do not fail. Therefore, cyber economic crimes in the sense of this study only refers to cyber-dependent and cyber-enabled crimes.
Finally, the cyber economic crime in this study is a broad concept, which is not limited to economic crime cases under the jurisdiction of the economic investigation department (including the food and medicine investigation departments), but also under the jurisdiction of other investigation departments (criminal investigation, cyber security, etc) on the ordinary fraud, extortion and illegal access to computer information data, illegal control computer information system, and other criminal cases in order to get the economic benefits of the purpose of other crimes.
This is mainly because: first, the internet further blurs the boundaries between economic crimes and the above-mentioned common criminal crimes (for example, contract fraud and common fraud), and infiltrates and integrates with each other; second, deliberate differentiation in the borderless cyberspace is not only difficult to grasp, but also not conducive to the development of unified prevention and control and countermeasures, and thus difficult to form a joint force; third, this research idea is also in line with the current direction of public security reform of big investigation and big departments.
To sum up, cyber economic crime for the purpose of this study refers to the general term for various crimes with the purpose of obtaining economic benefits, state economic management order or the economic interests of others (or both) being as single or primary criminal objects, and entirely relying on the internet, or breaking through the traditional division of labor and the ways of interaction on the internet.
B. Classification of Cyber Economic Crimes
According to the degree of cyber-involvement, we divide cyber economic crimes into two types: cyber-dependent economic crimes and cyber-enabled economic crimes.
1. Cyber-dependent Economic Crimes. — As the name suggests, a cyber-dependent crime is a companion to the internet, a new type of crime that emerges with the advent of the internet and evolves with the development of the internet. A cyber-dependent crime is inseparable from network communication technology; they are pure and real cyber crimes, relying on the internet. In short, they would not exist at all without the internet. It needs to be pointed out that some cyber-dependent crimes have no obvious corresponding offline crime types, such as malware that causes the website crash and degrades its own function and distributed denial of service network attack (DDoS). For the other part we can find the corresponding offline crime type, such as ransomware, which is in fact a form of blackmail. For example, in May 2017, the global CTB-Locker virus ransomed users by remotely encrypting users’ computer files. More than 40 hospitals across the UK were once attacked by a wide range of cyber hackers, and the National Health Service (NHS) was in chaos. The campus network of many colleges and universities in China collapsed. At that time, it was the graduation season of colleges and universities. Many students’ elaborate theses were locked and the impact was extremely serious. According to the data released by the Action Fraud in the UK, computer abuse crimes account for only about 4 percent of all fraud and other related crimes. Although it is quite a serious crime, the average loss per victim is lower than that caused by cases such as dating scams or online shopping fraud.
2. Cyber-enabled Economic Crimes. — Distinguished from a cyber-dependent economic crime, a cyber-enabled economic crime is not new in the exclusive network era, but a traditional type of economic crime that has been recognized before. However, its scale or impact has been magnified unprecedentedly with the participation of the internet. The so-called cyber-enabled economic crime refers to the online realization or completion of all or the main links of economic crimes. Even if there are offline activities, it is also an auxiliary and supplement of the online behavior. The cyber-enabled economic crime transfers the criminal scene from the offline to the online, and mainly uses the network technology, and then breaks through the restriction and limit of the traditional economic crime on time, region as well as the social contact. A cyber-enabled economic crime is obviously independent of offline, which is reflected in two modes: first, the crime is committed independently online, without offline assistance. For example, criminals use credit card accounts and passwords that are stolen or purchased online to pass themselves off as cardholders in online banks to transfer funds or make payments. Second, the crime is mainly online, supplemented by offline activities. Specifically, it can be divided into the following three situations: Firstly, it starts offline and gains its independence once it moves online. For example, the illegal fund-raising case of Ezubao is to use the so-called branches all over the country to lure and assist the victims (or investors) to register and log in their online platforms for investment by distributing offline methods such as leaflets, store consultation and street publicity. Secondly, the implementation of the crime is online and the final transformation of criminal achievements is completed offline. For example, online fraud criminals often employ or recruit so-called lackey to withdraw money which is defrauded and distributed via bank cards across the country. Thirdly, the combination of the former two methods, namely from offline (foreshadowing) to online and then to offline (supplement).
II. THE CURRENT SITUATION OF CYBER ECONOMIC CRIMES IN CHINA
A. Relevant Descriptions of Research Data
The data that this article is based on and use mainly comes from: the Internet Crime Reporting Centre, the New Internet Crime Research Report of 2017 published by the People’s Public Security University of China, China’s Internet Safety Report for the First Half of 2018 and the Analysis of Modern Network Fraud Industry Chain Report issued by the 360 Internet Security Center. Beijing Rising Network Security Technology Co., Ltd. released the China Cyber Security Report for the First Half of 2018, the 42nd Statistical Report on China’s Internet Development Status and the Network Economic Crime Questionnaire completed by the research group (including two versions: general edition and police edition) published by the China Internet Network Information Center (CNNIC). To analyze the data, we need to make the following points clear:
First, except for the relevant data in the Cyber Economic Crime Questionnaire, the rest of the data sources do not include economic crime cases under the investigation by the economic investigation department of the public security organ, and the food and drug investigation departments, such as pyramid schemes, illegal fund-raising, sales of counterfeit and shoddy products, invoice crimes and money laundering crimes, etc. Taking the acceptance scope from the Ministry of Public Security’s network crime report as an example, only ‘using the internet for fraud’ is a cyber economic crime in the sense of this study. Similarly, the relevant reports issued by the 360 Internet Security Center and Rising company only concern network security, information security and cyber fraud. Although the Ministry of Public Security’s new crime prevention and control center for combating telecommunications networks was established in Beijing in May 2018, it does not have the function of accepting reporting of cases, collecting statistics, making analysis and releasing all kinds of new crime related data of telecommunication network, but ‘deal with account query, monitor, nonpayment and freezing of accounts involved in the national telecommunication network fraud cases and the query, closure and clues to expand of communication tools, providing the support of inspection and control capital flow and telecom network flow for the fight against the telecommunication network fraud cases’.
Second, the notes for the Cyber Economic Crime Questionnaire (general version) made a clear and popular definition for cyber economic crime, that is, any crime for the purpose of obtaining economic benefits, through the internet and using illegal network methods to invade, deceive, false statements or other scams to obtain data, goods or money illegally from others, and the criminal act of illegal trading through the network. They are cyber economic crimes for the purpose of this research. At the same time, the Cyber Economic Crime Questionnaire (police version) also clarifies in the Questionnaire notes that cyber economic crime is not limited to cases under the jurisdiction of the economic criminal investigation departments, including, but not limited to pyramid selling (jurisdiction of the economic criminal investigation departments), internet illegal fund-raising (jurisdiction of the economic criminal investigation departments), network or telecom fraud (jurisdiction of the criminal investigation departments), alleged extortion (jurisdiction of the criminal investigation departments), online sales of counterfeit and shoddy products (jurisdiction of the food and medicine investigation departments), network identity theft (jurisdiction of the network security departments), etc. Nevertheless, we cannot ensure that all interviewee (including the police officers) can fully and accurately understand our definition of cyber economic crime, hence, it is inevitable that some misunderstanding or cognitive deviation will occur in the process of answering the questionnaire. For example, we do not rule out that some interviewee may limit cyber economic crimes to economic crimes under the jurisdiction of the economic investigation departments of the public security organs, or only narrowly interpret them as network or telecom fraud. This will have a certain impact on our findings.
Third, among the data we rely on, the main problem is that most of the data are related to network or telecom fraud, alleged extortion or network information theft under the jurisdiction of the criminal investigation department of public security organ or network security department. There is almost no official data of the cases such as network pyramid schemes and network money laundering under the jurisdiction of the economic criminal investigation departments of public security organs. It only mentioned in some specific cases that some network methods are used by criminals. This has also become the biggest problem and obstacle to the work in this research.
B. Main Types and Current Status of Cyber Economic Crimes
1. Cyber Fraud. — According to the data released by the Internet Crime Reporting Centre, in 2017, a total number of 9,016 effective cyber fraud reports were received, while 15,181 from January to October of 2018, with a normal growth rate of 100 percent. In the first half of 2018, 360 hunting net platform received a total of 12,052 reports of online fraud from all over the country, involving a total amount of 194,193 million yuan, with an average loss of 16,000 yuan per capita, an increase of 11.8 percent compared with the average loss of 14,000 yuan in 2017.
From the perspective of the types of fraud, virtual part-time job fraud accounts for the highest proportion of 13.5 percent; followed with gambling fraud 12.8 percent; online game fraud 10.3 percent; financial fraud 10.2 percent. In terms of the gender of whistleblowers, 70 percent of them are male and the rest of them are female. Men and women also have distinct odds of being cheated in different types of online fraud, among which almost 80 percent of the victims of gambling, online gaming transactions, dating and credit card fraud are men, while women have the highest proportion of being cheated in online shopping refund fraud and part-time job scams.
Network fraud tends to be organized on a large scale, with even the simplest and most traditional network fraud generally carried out by groups of career criminal gangs composed of ten or more persons. In extreme cases, there will be dozens, hundreds of people and even the whole village to participate in a criminal gang. These criminal groups have a clear division of responsibilities. They cooperate with each other, and have formed a large and very rigorous crime industry. According to the 360 Internet Security Center’s modern network fraud industry analysis report, from January to September, 2015, 360 mobile guards had identified and blocked 4.37 billion fraud calls, 16.01 million calls a day on average, and if each fraud calls manager can make 100 calls a day on average, 16.01 million times fraud calls a day require at least 160,000 fraud call managers. As mentioned earlier, each fraud caller must be supported by an industry of a certain scale. According to the calculation that each fraud call manager manages 10 industry practitioners, there are 1.6 million practitioners of network fraud behind 160,000 fraudulent phone managers, which is undoubtedly a huge number. There is no doubt that network fraud belongs to the high-income industry. If we only calculate according to the per capita monthly income of 6,000 yuan, then the annual income of 1.6 million practitioners or annual output value is at least 115.2 billion yuan. This data is estimated according to the fraud call interception data of a 360 security company. If the total amount from the industry, coupled with those who do not use any mobile phone security software, the amount can at least be amplified by more than 30 percent, and these are only the estimation of fraud call industry scale, without SMS fraud, webpage fraud, QQ fraud, and other types of network fraud being taken into account, therefore USD 115.2 billion is only the most conservative estimation of the scale of network fraud output.
2. Technical Blackmail. — The combination of technical skills and extortion scams, especially those using ransomware, has been an eruptive trend in recent years. At present, the National Computer Virus Emergency Response Center has detected more than 170 kinds of ransomware. According to the research report on new cyber crimes of the People’s Public Security University of China, the number of victims of ransomware on the personal computer (PC) in China has reached 303,480 since 2016, and the number of users infected by ransomware among the top 10 crimes accounts for 91.4 percent of the total number of victims. In 2016, the 360 Internet Security Center intercepted 113 new types of racketeering viruses on computer terminals, involving 167,000 samples. At least 4.97 million computers nationwide were attacked by a racketeer virus. On mobile terminals, an estimated 40 percent of Chinese users of Kaspersky Lab’s Security Solutions have experienced at least one mobile ransomware threat. China was hit hard by the global Wannacry ransomware attack on May 12, 2017. Although all parties have taken various emergency measures, they still failed to prevent the wide spread of the virus, especially the education network and other industry network users, and part of the government agencies work shut down, causing serious social harm. According to the China Network Security Report in the First Half of 2018 issued by the Ruixing company, the cloud security system of Ruixing intercepted 314,400 samples of ransomware, with a total of 4.56 million infections. In terms of geographical distribution, Guangdong province had 1.16 million infections, ranking first in China. It was followed by Shanghai (620,000), Beijing (340,000) and Jiangsu (220,000). In terms of platform, 56 percent of Windows platforms were hit by ransomware between January and June, compared with 43 percent for Android and 1 percent for other platforms.
The 16th National Computer and Mobile Terminal Virus Epidemic Investigation Analysis Report of the National Computer Virus Emergency Response Center shows that many end users, including enterprise users, lack safety awareness, prevention awareness and prevention ability. In the case of extortion, they rarely choose to call the police. According to the survey, 71 percent of the users choose three main ways to deal with the ransomware incident, including calling the police, finding technicians and solving the problem by themselves. Among them, the first solution accounted for only 19 percent, indicating that users are weakly conscious of calling the police after extortion. Although the survey results show that people willing to pay ransom only accounts for 10 percent, because the potential victim group is extremely large, the attacker is still likely to obtain a large profit, and the user’s choice to not call the police will form an incentive for the attacker’s subsequent attack.
3. Online Multi-level Marketing. — In recent years, Shanxinhui and Yunlianhui are two well-known cases of new online multi-level marketing (MLM). Through the internet, and with the help of e-commerce, online games and other appearance to open a website or smart phone APP, criminals use commission rewards or rebates as inducements to attract netizens to introduce each other to become registered members, forming an online MLM structure. Compared with the traditional MLM, the online MLM criminal organization structure develops faster, the organization scale is larger, the influence scope is wider, and the harm is more profound. The management and operation of online MLM are characterized by remoteness, and its target is extended to all users on the internet, therefore the scope and depth of MLM are not limited by national boundaries and geography. Online MLM organizations use the internet to build the online MLM office automation platform and set up accounts and passwords to carry out personnel training, capital flow control, and thus build a pyramid management mode. By charging a hefty fee, buying virtual goods, renting out ad space, the organization achieves continuously expansion and high-speed reproduction.
Taking the Yunlianhui Online MLM case as an example. Public information shows that Yunlianhui was registered and established by Guangdong Cloud Lianhui Network Technology Co., Ltd. in January 2014. According to the company’s promotional materials, Yunlianhui is an Internet plus third-party business service platforms supported by information technology, which is committed to building a systematic service platform for consumers and online and offline businesses. Yunlianhui requires participants to register as ordinary members through Yunlian mall or promotional quick response (QR) code, and the system will automatically identify and lock the relationship between superior and subordinate according to the recommendation relationship. There are ordinary members, gold diamond members and platinum diamond members from low level to high level. Ordinary members can pay 99.9 yuan to upgrade to gold diamond members, or pay 999 yuan to upgrade to platinum diamond members. Members can enjoy the consumption rebate, gold diamond members or above can also get unlimited level of offline bonus points. Up to December 4, 2018, 11 people have been sentenced in Guangxi, Shandong, Hebei, Hubei and other places in the Yunlianhui grand online MLM case.
4. Illegal Online Fund Raising. — Criminals usually open an online e-commerce company website or set up an investment company, using high returns or consumer rebates, shopping rebates and other ways as the bait to seduce netizen investment, in the early stage, they will pay victims interests or rebates as promised and in time, however, they will eventually close the webpage and run away. Criminals illegally possess netizens’ investment, in order to illegally raise funds or absorb public deposits. This kind of crime lasts for a long time, involves a wide range of areas, and does great harm. The methods of committing this crime are varied and highly deceptive, directly damaging the vital interests of the people, undermining the order of the socialist market economy and affecting social harmony and stability. For example, the Ezubao illegal fund raising group organized and operated by Yucheng Group has spread all over the country, forming a complex criminal organization form of online and offline interaction and close coordination between the operating subject and the joining institutions. Operating entity refers to a company or other entity that is directly or indirectly controlled by the core members of an illegal fund-raising organization through equity or other means, and is responsible for the design, organization, management and operation of the entire fund-raising project, and serves as the carrier of capital flow or collection. Franchisee institutions are those companies or entities that do not have equity or other investment relations with the operating subject, and do not participate in the core operation, and only serve as peripheral enterprises to provide auxiliary work such as publicity, soliciting customers, consulting and so on for the operating subject in the way of franchising, and collect fees such as rebates or commissions from them. The public security organs detected more than 400 franchising organizations registered in the name of Yucheng Group all over the country. It can be said that these more than 400 branches directly act as the physical stores and vanguard of Ezubao across the country, playing the role of agents and propagandists, and confusing and inducing a large number of investors. As a new form of criminal organization in the era of Internet Plus, how to identify and deal with these over 400 branches has become a practical problem faced by local public security organs in the process of investigating Ezubao, which is suspected of illegal fund raising. Another example, in 2018, the police in Futian District of Shenzhen cracked down on Fortune China, an online platform for illegal fund raising in the name of P2P. Six suspects were detained by the police for allegedly illegally absorbing public deposits. The victims of the case are from all over the country, and the amount involved amounted to 1.19 billion yuan.
5. Illegal Network Operation. — The so-called illegal network operation means that criminals violate state regulations and engage in illegal business activities by relying on network platforms without operating licenses. At present, the main forms of illegal online business activities are as follows: using the internet to illegally trade in special drugs, cigarettes, vaccines, fireworks and other exclusive or restricted sales items; private network trading platform, illegal gold, silver, securities and other futures trading, securities or fund investment consulting business and telecommunications value-added services; illegal operation of online lottery business. For example, in 2015, in order to obtain illegal interests, suspect Li registered and established a company and successively recruited 20 people, such as Zhang and Guo, to engage in international futures trading. Since March 2016, 20 people including suspect Li rented servers under the name of the company to development agents and customers in all parts of the country by telephone, internet and so on, and traded futures on its independently developed international futures trading platform. The trading of gold, silver, crude oil, copper, natural gas and other futures at a leverage ratio ranges around 1:20, and the illegal profits obtained by collecting platform commission fees amount to 12.6665 million yuan. In December 2018, the People’s Court of Chongzhou City convicted more than 20 suspects including Li.
6. Network Credit Card Fraud. — The main modes of online credit card fraud include: first, destroying the bank’s computer network information system through the internet, or obtaining others’ credit card information by stealing, and cheating and other illegal means, creating fake cards or operating through the computer network to get credit card funds without the card; second, stealing, cheating or doing by other illegal means through the internet to obtain other people’s identity information, and with the fake identity obtain credit cards for malicious overdraft use; third, buying and selling others’ credit card information and credit card stealing tools through the internet. From March to April 2017, a criminal gang headed by suspects Xu and Duan illegally purchased a large amount of citizen information through the suspect Zhang and others, and got acquainted with professional programmer Xu to write hacker software through internet chat software. Criminal gangs use the above illegally obtained citizen information and scanning hacker software to attack the mobile payment platform database, and illegally obtain the platform user’s account, login password and even payment password and other information. After obtaining these key information, the criminal gang headed by Xu used the above information to log in the mobile payment channel’s mobile phone APP, and frantically bought all kinds of goods easy to convert to cash through online stores, such as electronic and digital products, prepaid cards, tickets to scenic spots and so on. In contrast, criminal groups headed by suspect Duan operates offline, they generated a large number of QR codes according to citizens register information they stole, and then used fake IDs to buy a large number of POS machines. Through POS machine scanning code, they successfully transferred credit card funds to their debit cards, and then the suspect Zhang and others around the country withdraw the money through the ATM. In November 2017, Shanghai police carried out a net collection operation in six provinces including Jiangxi, Hu’nan, Sichuan, He’nan, Jiangsu and Zhejiang, catching more than 10 suspects including suspects Xu (徐), Xu (许) and Duan, and capturing more than 50 mobile phones and computers, more than 100 credit cards and more than 70 POS machines.
7. Manufacturing and Selling Fake Products through the Internet. — Generally, criminal gangs of manufacturing and selling fake products send information of manufacturing and selling through encrypted emails, BBS, chat rooms, websites and other online transfer platforms, and then use logistics and online bank transfer to complete the transaction. The crime of manufacturing and selling fake products through the internet focuses on the fields of fake cigarettes, fake alcohol, fake drugs, fake health care products, fake pesticides and fake chemical fertilizers. Virtual network transaction mode provides more convenience for many customers who illegally buy infringing products, and also promotes the rampant development of such crimes. In 2017, the police of Wenzhou, together with the Tobacco Bureau and the Postal Administration, under the supervision of the Ministry of Public Security, cracked the March 25 Case of selling fake cigarettes through the internet. Six people were arrested, among whom four were placed under criminal detention. The gang took advantage of the rapid development of the internet to upgrade their sales model of fake cigarettes and the online orders, logistics delivery and electronic transactions. The integration of internet and logistics makes the distribution of fake cigarettes gradually turn to the logistics delivery channel, resulting in serious consequences.
8. Network Money Laundering. — Network money laundering refers to the crime of using computer network systems to conceal the proceeds of crime, and make it legitimate on the surface of all criminal activities and processes. Compared with traditional money laundering modes, the internet money laundering is more covert, more globalized and costs less. Criminals usually use the internet to commit the crime of money laundering by: first, using the third-party payment platform to commit money laundering crimes. On the one hand, criminals may register shell companies to conduct money laundering and transfer money through third-party payment platforms. On the other hand, by taking advantage of the rapidity of online transactions, a series of complex transactions and money transfers are carried out through multiple channels to confuse the sources of funds and avoid anti-money laundering supervision. Second, using P2P online lending platforms to commit money laundering crimes. As P2P online lending platforms can neither conduct in-depth verification on the source of lenders’ funds, nor can they audit the relationship between borrowers and lenders, criminals or criminal gangs may transfer the proceeds by acting as borrowers and lenders respectively. Moreover, since the platform does not need to submit loan data to financial institutions, it is easy for criminals to get out of the sight of anti-money laundering authorities. Third, using internet currency to commit money laundering crimes. Criminals may transfer the proceeds into virtual currency, and then convert the virtual currency into cash through a special website, to achieve the purpose of money laundering.
III. THE ROLE OF THE POLICE IN THE GOVERNANCE OF CYBER ECONOMIC CRIMES
A. 4Ps Model of Cyber Economic Crime Governance
In 2014, drawing on the United Kingdom’s Strategy for Countering Terrorism (CONTEST), the Serious and Organized Crime Strategy developed a 4Ps governance model for organized crime and cybercrime. In 2015, the City of London Police and the University of Cardiff in the UK completed a research report called the Implications of Economic Cybercrime for Policing (hereinafter referred to as the British Research Report). The governance model has been adjusted to some extent and they have proposed the 4Ps model for cyber economic crime governance. The National Policing Fraud Strategy of 2015 also adopted this governance model.
Pursue: To destroy and prosecute organizations or individuals in cyber economic crimes, targeting those organizations and individuals that have committed or are committing cyber economic crimes; Prevent: To prevent people from implementing or supporting various cyber economic crimes to control the scale of crimes, targeting organizations and individuals who may commit cyber economic crimes, that is, high-risk groups of cyber economic crimes; Protect: To protect enterprises and the public from attacks or violations of cyber economic crimes, targeting organizations and individuals that may be attacked or infringed by cyber economic crimes; Prepare: To prepare for all types of cyber economic crimes to quickly resolve and minimize the damage and impact of crime, including providing support for victims, targeting those organizations and individuals that have suffered or are suffering from cyber economic crimes.
B. The Role of the Police in the 4Ps Model of Cyber Economic Crime Governance
1. The Embarrassing Reality Faced by Police. — In the Pursue work, the police are always faced with a very embarrassing reality, that is, the police are not able to detect all reported or found cyber economic crimes, nor can they guarantee that all cases can be successfully prosecuted and convicted. As Michael Levi, a professor of Criminology at Cardiff University in the UK, put it, ‘Even if we upgrade our investigation capacity in cyber economic crimes to the level of the counterparts in the US, many of these frauds will not be investigated or prosecuted even if they are investigated.’ In contrast, although the US federal law enforcement agencies are well known for actively combating and prosecuting transnational crime (including cyber economic crimes) and playing an active role in joint enforcement with other countries and international organizations (especially Europol), a recent study by the US Congress shows that in 2012, the number of identity theft cases in the US is between 12.6 million and 16.6 million. Only about 450 cases were convicted of serious identity theft, compared with no more than 800 in 2013. Although some cases may be charged with other charges (e.g. telecommunication fraud and extortion), it also shows that the conviction rate of identity theft and other cyber fraud cases in the US is very low. The situation in China is similar, according to the Survey on Cyber Economic Crimes (police edition), 66.51 percent of the respondents believe that ‘public security organs can only invest very limited police resources and resources in a few hot cases of social concern and leadership concern, while they have no time to take other general cases into account.’ Obviously, this is also one of the important reasons that lead to the tension between the police and the people, though the local public security organs have made great efforts in investigating and dealing with cyber economic crime cases, and even they have been exhausted, but they have not been recognized and understood by the masses.
In addition to the severe challenges that the network economic crime itself poses to the traditional crime prevention and control model due to speed, scale, mass and globalization attributes, the reason for this situation is more than the lack of police resources and the inefficient configuration. First of all, the police resources invested in the governance of cyber economic crimes are inherently inadequate. Compared with those crimes which usually have a huge impact on the personal and property security of vulnerable groups in society, such as underworld organizations, terrorism and drug trafficking, the consequences of most cyber-economic crimes are relatively mild, which will not cause huge panic and arouse the widespread concern of leaders or society at once. For this reason, the police’s accessible resources are often used to combat criminal activities that pose the biggest threat to vulnerable groups. Economic crimes (especially cyber-implemented economic crimes) are often marginalized in police work. Moreover, a widespread risk-averse mentality can lead to the end of many cases that have not yet been investigated in depth. While doing so may face challenges in media criticism, case review, and victim complaints, it can not be considered reasonable if you spend time on dead-end cases. According to the Survey on Cyber Economic Crimes (police version), 97.03 percent of the police interviewed believe that, in the face of the raging and versatile cyber economic crimes, the public security organs do not have sufficient ability and resources to deal with them. 58.16 percent of the police interviewed think that they are seriously inadequate, and 38.87 percent think that it is relatively insufficient.
The traditional police pattern of passive response and decentralized response further reduces the efficiency of police resource allocation and creates a superposition effect with insufficient resources. In general, the traditional police pattern is to decide the acceptance and handling of the case according to the actual conditions of the available resources, and the case will be abandoned when the key evidence is not available or the criminal suspect cannot be captured. If forensic technology or investigative resources are exhausted, other cases will be put on hold until resources are regained. Although under certain conditions, police officers from several places can carry out joint operations under unified command (for example, the national cluster campaign against false VAT invoices under the unified command of the Economic Investigation Bureau of the Ministry of Public Security), but this is the non-routine mechanism based on special actions or specific cases, which belongs to the stormy campaign-style law enforcement, and the division and individual warfare are still the normalcy under the traditional police pattern. According to the Survey on Cyber Economic Crime (police version), 90.91 percent of the police interviewed believe that ‘the cyber economic crimes have almost no geographical boundaries, and local public security organs or single police are divided and ruled, and it is difficult to deal with it alone’. ’93.32 percent of the people’s police interviewed believe that ‘it is necessary to break the traditional divided police system and build an intelligence-based online and offline integrated police system.’
Judging from historical experience, police resources rarely increase unless certain cases have special political significance or newsworthiness. Since the police resources for managing cyber economic crimes are unlikely to increase substantially over a long period of time, it is difficult for the traditional police pattern to make breakthroughs and to make a difference in the face of the ever-changing cyber economic crimes. According to the Survey on Network Economic Crimes (police version), 71.71 percent of the police interviewed believe that ‘in the case of limited resources, the passive response mode can no longer cope with the challenges brought by cyber economic crimes’; Moreover, 65.12 percent of the police interviewed even believe that ‘in the face of the new type cyber economic crimes, the public security organs still follow the traditional and passive mode and methods of crime prevention and control, which are often too tired to deal with. In this dilemma, the police can only helplessly tell the victims that their accusations can only be used as intelligence but cannot solve the case; or they have to work hard to investigate the case, but they also face the risk that some of them cannot be prosecuted or convicted. This is also the case, as shown in the Survey on Cyber Economic Crimes (general version), 56.95 percent of respondents believe that if they suffer from cyber economic crimes, they choose not to report the case because ‘the report is meaningless and it is a waste of time and energy. They can only pay attention next time.’ 65.88 percent of the respondents believe that it is impossible for the public security organs to recover the losses caused by cyber economic crimes, of which 19.18 percent think it is almost impossible and 46.7 percent think it all by luck. The investigation on the citizens and civil police seems to prove this. According to the Survey on Cyber Economic Crimes (police version), 60.48 percent of the police interviewed clearly believe that ‘the masses are not satisfied with the efforts and results of the public security organs in preventing and combating cyber-economic crimes’, and only 19.76 percent are satisfied.
2. Good Steel Should Be Used on the Blade. — How to get out of this dilemma has become a difficult problem in front of the police. Compared with demand, police resources always seem to be insufficient. This is especially true for cyber economic crimes. Therefore, there must be some sort of police resource allocation standard. The key to the problem is whether the allocation criteria are well thought out and clear, or whether the priorities of various items are vague and not taken into account? According to the Survey on Cyber Economic Crimes (police version), 62.34 percent of the police interviewed believe that: in the case of limited police resources, ‘we should not attend to big and small matters all at once. We should make overall arrangements and rationally allocate the direction of investment in police resources within a certain scope according to the nature of the case, the difficulty and the possibility of recovering losses.’ But the question is what criteria the police should use to guide the investment and allocation of police resources, and which specific types of cyber economic crimes are the focus of police resources. In this situation, the police may have to study and develop a set of response measures with different priorities. It should not only take into account the impact and economic losses suffered by the victims, but also the broader social impact of those symbolic crimes. As for the criteria for determining priorities or whether the decision should be made public is another issue, depending on whether the authorities are willing to contact the people closely as well as their attitude and willingness to enhance the legitimacy of decision-making through an open approach.
Regarding how to determine priorities of cases, China still lacks a scientific and clear standard system. This article proposes the following macroscopic suggestions on how to scientifically configure cyber economic crime police resources: first, achieving scientific decision-making and intelligent command on the basis of comprehensive intelligence information, focusing on identifying some major social concerns and then supporting and strengthening police choices and countermeasures; second, implementing the visible and sensible pursue, and enhance the public’s sense of gaining in the governance of cyber economic crimes, that is, providing the public with a variety of visible evidence that their appeals and concerns are very important to the police. And it is being processed in some way to rebuild public trust; third, implementing the police pattern under the guidance of intelligence, and focus on limited police resources on different levels of criminal threats based on scientific intelligence analysis; fourth, the police cannot be limited to the work of Pursue. They should allocate appropriate resources and partners to carry out joint operations in the other three areas of the 4Ps model; fifth, under the conditions that are practicable, showing the public the input of police resources through various channels.
In addition, we must clearly recognize the mission and value of those important and symbolic prosecution actions. Even if the assessment shows that the prosecution, interruption and damage recovery will not have a great impact on cyber-economy criminals, and whether these actions can have a medium-term and long-term impact on curbing cyber economic crimes, the police need to attach great importance to and seriously treat them. It is necessary to show those criminals and their organizational networks that participation in crime must pay a price. At the same time, the response measure through the media to publicize the police to society is not only to warn and deter those who break the law, but also to warn and educate others, including victims and potential victims, who need not only comfort, but also to understand the lessons learned from the prevention of cyber economic crimes.
3. Strengthening Cooperation and Partnership. — Strengthening cooperation with relevant industries is also an important measure to alleviate the shortage of police resources. In this regard, the British practices and experience are worth learning from. The City of London Police Department has been implementing a proactive cyber economic crime governance strategy and has set up a special agency dealing with organized fraud in three areas with the support of external industry. Although the members of the organization include police and industry personnel, a strict no-involvement system is implemented, that is, the industry can only influence the overall strategy, and it is strictly prohibited to interfere with the case. These areas are all areas where the police and related industries agree that there is a major threat of organized fraud and that institutional arrangements need to be made in terms of resources and information sharing. The level and extent of cooperation usually depend on the objective needs of such cooperation in the relevant field. For example, in the area of payment cards and cyber fraud, the Dedicated Card and Payment Crime Unit (DCPCU) works closely with the Financial Fraud Action UK (FFA UK) and the Cifas, with outstanding results, but the corresponding responsibilities in the cooperation still need to be refined and clarified. In the field of intellectual property crime, very close cooperation is also taking place between the British police, the Intellectual Property Office (IPO) and the Trading Standards. As far as China is concerned, for example, the Shenzhen Municipal Public Security Bureau’s Anti-Telecom Network Fraud Center (hereinafter referred to as the Anti-Telecom Fraud Center) can be said to have been at the forefront of the country in cooperation with industry organizations. At present, it has established Police-Bank Interaction and Police-Communication Interaction and Police-Enterprise Interaction mechanisms. Eight banks including Industrial and Commercial Bank of China, Agricultural Bank of China, China Construction Bank, Bank of China, and Bank of Communications of China have entered the Anti-Telecom Fraud Center with resources and authority, and jointly carried out emergency work on the capital chain of telecommunications network fraud cases with the public security organs, which is called mini bank. This kind of cooperation between the police and related industries has been widely praised and welcomed. It can not only offset the dissatisfaction and anxiety of the various organizations in the police’s Pursue work, but also give full play to the Prevent and Protect work in cyber economic crime governance.
4. Pay Attention to the Destruction and Disruption of Crime. — In addition to doing their utmost to prosecute criminals, the police must pay more attention to the destruction and blockade in the cyber economic crime activities, making it impossible for criminals to obtain the various technologies and other criminal elements needed to commit crimes. Disruption not only allows the police to fight against potential criminals and their network of organizations in a more proactive manner, but also provides relevant intelligence information to establish the basis for reciprocal information sharing with other partners. This is also an important part of the work in the Protect and Prepare dimensions. Disruption can obtain relevant information through daily supervision, mass reporting, secret informants and other channels, and can also respond quickly to current crimes, thus reducing the illegal benefits of criminals from victims. If investigative work is difficult to carry out effectively, the police must cooperate with relevant industry partners to reject criminals using technology communications, the internet and e-commerce tools. For example, China’s three telecommunications operators China Telecom, China Unicom, China Mobile, as well as Tencent and Alibaba, have entered the Anti-Telecom Fraud Center to carry out emergency calls, shutdowns, blocking and interception of telephones, websites, domain names, and network communication accounts. As early as 2011, the National Fraud Intelligence Agency (NFIB) suspended some websites, phone numbers and email accounts and directed visitors to suspended websites to a caution page. In addition, for those who provide some help for cyber economic crimes, but cannot be criminalized, the police must master and archive their relevant information and conduct dynamic control. The police need to target professional criminal facilitators, such as malicious or misguided lawyers and accountants, or take pre-emptive actions to deny criminals access to workplaces or spaces that can help with their criminal activities. The sewage pond system established by the Anti-Telecom Fraud Center is a very good innovation. ‘This is a dynamic control system specially established for high-risk personnel of telecommunication network fraud and illegal crimes. Massive accounts and telephones involved are entered into the system, high-risk personnel will not be able to use bank cards normally, and telephone communication functions will be limited. In the past, anti-fraud work is following the criminals in the long term, but now uses the sewage pool, through the data comparison screening, to find people who may go to buy a bank card, and the card has been opened might be the suspect card. All these measures are to achieve precision prevention and control, early warning and being frozen.’
In summary, in the 4Ps Model of Cyber Economic Crime Governance, the duties and functions of the police are mainly reflected in the Pursue dimension, which is to punish and deter criminals through prosecution; and in Prepare, Protect and Prevent, the role it played is small. Given the limitations of resources and expertise, these functions may be better suited to other institutions, integrating them into a wider range of functions and initiatives to complement them. In view of the severe challenges of network economic crimes and limited police resources, it is imperative to carry out the innovation on police pattern.
IV. THE CONCEPT OF INTELLIGENCE-ORIENTED INNOVATIVE POLICE SYSTEM
A. National Cyber Economic Crime Reporting Center
Following the British Action Fraud and the American Internet Crime Complaint Center (IC3), Internet Crime Reporting Center was set up under the Ministry of Public Security Intelligence Center, which is responsible for nationwide network economic crime clues and reports. All network economic crime report except those that need to take urgent measures should be handled by Internet Crime Reporting Center. Clues and reports should be handled by internet crime reporting center and there is no longer distinction between criminal investigation department jurisdiction, economic investigation department jurisdiction and other departments’ jurisdiction. All are accepted by the report center, and will be transferred to the relevant departments after the analysis and evaluation. While accepting the report, the cyber economic crime report center should provide appropriate suggestions for the victims, if necessary, guide them to relevant national or local departments and timely inform them of the progress and results of the reported cases until the cases are transferred to a case-handling office. Besides, victims will be supported by the reporting center unless they opt out.
Proper supervision and scientific performance appraisal is an important guarantee to give full play to the effectiveness of police network economic crime management, but the existing supervision mechanism and performance appraisal are basically designed for traditional economic crime, which is difficult to reflect and adapt to the requirements of network economic crime governance. For example, in the Cyber Economic Crime Survey (police edition), 76.53 percent of the civilian police interviewed considered that the current performance appraisal model and assessment indicators were not conducive to the effective governance of network economic crime. 46.1 percent of the police interviewed believed that it is one of the reasons why victims of network economic crime are unwilling to report it that ‘in view of the difficulty and practical difficulties in the investigation of network economic crimes, public security organ will use various methods for various reasons to discourage vulnerable individual from reporting’. So, the establishment of national Cyber Economic Crime Reporting Center, not only can greatly facilitate people to report cases or provide clues so as to enhance the reporting rate of cyber economic crime, and the Report Center’s unified acceptance, macro-management transfer cloud mode has the following advantages: first, to form a real-time national situation map of network economic crime; second, to form effective supervision of local public security organs, follow up the acceptance and handling of cases, and timely feedback to reporters; third, to comprehensively, scientifically assess the performance of local public security organs’ comprehensive management of cyber economic crime and case investigation, that is, comprehensively evaluate the number and difficulty of cases dealt by local police which are received by the report center as well as the case results reported by local police. In the Cyber Economic Crime Investigation (general edition), 56.95 percent of the interviewees believe that ‘lack of effective supervision and restriction leads to insufficient motivation and responsibility of local public security organs’, which hinders the public security organs from combatting the cyber economic crime. At the same time, 89.87 percent of the interviewees were in favor of setting up a unified national cyber economic crime reporting platform to deal with cyber-economic crime and strengthen supervision of local public security organs. In the UK, although police performance management is charged by the local police and the crime commissioner, there is also a need to supervise the police’s performance in response to cyber economic crime at the national level, and a strategic oversight committee report to the relevant intelligence Minister.
B. National Cyber Economic Crime Intelligence Center
The Cyber Economic Crime Intelligence Center is responsible for organizing, analyzing and importing to databases the clues and reports received by the Cyber Economic Crime Reporting Center as well as other intelligence received via other channels. Then the Cyber Economic Crime Intelligence Center hands over relevant clues or reports to the relevant departments for processing and tracking, or provide the intelligence analysis of network economic crime in the corresponding areas for the local public security organs in order to instruct and assist their relevant law enforcement and governance. In addition, for a basic prerequisite for caring for and supporting victims, the Cyber Economic Crime Intelligence Centre forwards the possessed victims’ information to other relevant departments or agencies, regardless of whether the relevant report can eventually become a practical case. In the Cyber Economic Crime Survey (police edition), 92.12 percent of the civilian police interviewed considered that ‘it is very necessary to establish a unified national cyber economic crime reporting center and intelligence center to integrate the national economic crime intelligence information and reporting information’. Local police, with the support of the Cyber Economic Crime Intelligence Center, are able to carry out intelligence guidance work well. In addition to providing a variety of cyber economic crime intelligence, the Cyber Economic Crime Intelligence Center is responsible for intelligence analysis reports at the national, regional and local levels. Intelligence work will fully support the police work of 4Ps with Pursue as its core, such as the identification of a variety of new and circular threats, types of victims and victims of vulnerability to re-infringement. In order to ensure access to comprehensive criminal intelligence, efforts should be made to promote and achieve comprehensive reporting of cyber-crime. If necessary, a mandatory reporting system could be considered or set as a legal obligation. In the UK, there is also a state-level intelligence center for internet fraud, National Fraud Intelligence Bureau (NFIB), which is also charged by the British City Police Department. NFIB’s duty is to collect, collate, and analyze all Action Fraud reports to assess crime patterns and trends and send post-processing information to the most relevant police forces.
C. National Cyber Economic Crime Prevention and Control and Counseling Center
The Cyber Economic Crime Prevention and Control and Consulting Center undertakes the dual functions of national think tanks in the field of cyber economic crime prevention and control, as well as providing advisory services to the society. The center will work extensively with industry partners and teaching and research institutions to use the results of the intelligence analysis of the Cyber Economic Crime Intelligence Center to draft a medium and long-term development strategy for the country at the macro level for the development of network economic crime prevention and control, and to study and popularize knowledge and means for the prevention and control of various (especially new) cyber economic crimes, to develop or create a variety of publicity and education resources or products with strong popularity, strong acceptance, strong appeal, persuasion and even deterrent strength so as to provide powerful information support and intellectual support for the cyber economic crimes prevention and control in the whole society. In addition, the center also undertakes to provide the whole society with cyber economic crime prevention and control, advisory services and training. In the Cyber Economic Crime Survey (police edition), 89.98 percent of the police interviewed considered that ‘it is necessary to set up a Cyber Economic Crime Counseling Center at the national level to receive and respond to the relevant consultations put forward by people, and to use it as an important channel for collecting information of network economic crime and discovering the signs of crime.’ In the same time, in the Cyber Economic Crime Survey (general edition), 88.67 percent of the interviewees ‘agreed to integrate multiple resources to form a unified national consulting platform so as to provide society with relevant authentic professional advice and analysis’ and think that ‘people particularly need such a consultation channel.’ The center could follow the example of Citizens Advice, make full use of online platforms to absorb and integrate volunteers with relevant expertise in different areas of society, and serve as a platform for maintaining close contact with other industries or institutions, thereby ensuring the authority of the advice provided, improving the efficiency of communication between people and relevant departments, expanding the right to know.
D. Coordination and Linkages of the State and Local Public Security Organs
The national level (Ministry of Public Security) should have and always maintain the ability to investigate national network economic crime cases, that is, to detect those network economic crime cases which are not suitable for local public security organs to handle because of their complexity, harmfulness, scope and sensitivity. It can be achieved either through the exclusive police force of the Ministry of Public Security or through coordinating and commanding the local police. In addition, for the more professional network economic crime cases, such as intellectual property crime, insurance fraud crime and network payment fraud crime, generally are not suitable for the local public security organs to handle, but need the cooperation of other industry partners (including related enterprises) with their relevant professional support. For example, Shanxinhui was a typical network economic crime which was under the cover of being committed to creating an internet economy combined real economic socialist economic model to conduct pyramid selling activities. In 2017, in accordance with the law under the unified arrangement of the Ministry of Public Security, the public security organs across the country investigated and punished Shanxinhui Culture Communication Co., Ltd. legal representative Zhang Tianming and others who were suspected of committing the crime of organizing and leading the MLM and other criminal issues. Zhang Tianming and other suspects have been under compulsory criminal measure by law.
As the specific implementation of the national strategy and the main action force of network economic crime governance, in the construction of ‘big intelligence as the leading, online and offline integration’ innovative police model, organs, part of the important offline, play an irreplaceable and important role. Although there are great differences and imbalances in the police’s coping ability and state of the network economic crime (for example, some are equipped with professional police, while others include it in other work), but with unified norms, guidance, support and deployment of such cloud platform as the Network Economic Crime Reporting Center, Network Economic Crime Intelligence Center, it can be greatly alleviated and bridged. Local public security organs can regularly receive the general situation of network economic crime in the whole country and even on the local level from the Network Economic Crime Intelligence Center, as well as the irregular special intelligence, so as to formulate the control and action strategy of network economic crime in the region, as well as to be used as an important reference for the allocation of police resources. Leaders of local public security organs and other procuratorate and judicial departments consider and use these intelligence when making a decision. If needed, they can also ask the Network Economic Crime Intelligence Centre to give the necessary explanations and suggestions. Local public security organs shall appoint a suitable contact person to the supervisor of the Economic Crime Intelligence Center for communication, consultation and collaboration on relevant issues. In addition, local public security organs should also play their main role in supporting and caring the victims, and further strengthen and enhance their functions and responsibilities in this regard. In this regard, we can follow the example of the UK, forming the so-called Special Constables by recruiting volunteers from all fields of society, to make full use of their professional knowledge in the relevant fields to undertake part of the work. Recruitment, training, and management (including a return mechanism) of Special Constables can also be supported by the country.
V. CONCLUSION
As an ancient saying goes, ‘the most skilled doctor cures the disease that has not yet appeared’, the proverb which means that the most skilled doctor is not the one who is the best at treating people, but the best at preventing disease. We believe that the governance of network economic crime should draw on this traditional Chinese medicine concept, from end governance to source governance, from crime-oriented to prevention and control-oriented. Of the four dimensions established by the 4Ps model, the duties and functions of the police should be mainly embodied in the dimension of Pursue, while the role played in Prepare, Protect and Prevent is relatively small. Given the limitations of the police’s resources and expertise, these functions may be more appropriate for other agencies. These institutions can integrate them into a wider range of functions and measures and play their full complementary role. With the menacing and endless types of network economic crime, the innovation of police model is imperative, which shall be intelligence-oriented, expand and enhance the source of intelligence, and use the sharing of common governance logic to stimulate the autonomy, autonomy and dynamic force of all parties in the society to take an active participation in the governance of network economic crime. To be specific, it is difficult for the fragmented and reactive police system to respond effectively to the increasingly rampant network economic crimes, so it is necessary to break the boundary between geographical boundaries and police departments, and set up the three cloud intelligence and think tank institutions: the Network Economic Crime Reporting Center, the Network Economic Crime Information Center and the Network Economic Crime Prevention and Control and Consulting Center, in this way an ‘intelligence-oriented, from the country to the local, from online to offline, the whole society take wide participate in’ innovative policing model can be constructed.
