CPA Bulletin

www.cpa.uk.net CPA Bulletin > February 2024 13 CPA CONFERENCE: 4 Given the long procurement lead times for equipment and the length of time that large plant typically remained in fleets, companies faced making decisions about future investment against an uncertain backdrop while trying to satisfy the concerns of shareholders, lenders and other stakeholders. Special Interest Groups represent members’ concerns and urge change. Steve also suggested that the cancellation of the Birmingham to Manchester leg of HS2 could be viewed positively, since the allocated funding had always been long-term and the government’s stated intention is to redirect this towards upgrading and improving existing infrastructure instead of greenfield activity. That represented challenges and opportunities, especially as rail passenger business was now back to pre-Covid levels as more people are using trains for leisure journeys. The final session topic was ‘Combatting Plant Theft and Fraud’ , with panellists including Superintendent Andy Huddleston, head of the National Rural Crime Unit; Ian Elliott, Group Head of Security with Clancy Group who previously had 30 years’ service with the Metropolitan Police; Joel Babb, Cyber Security Evaluator with Falanx Cyber; and Kevin Howells, CEO/MD of the CESAR Scheme from Datatag ID Ltd. Indicating the scale of the plant theft problem, Andy Huddleston said that prior to Covid, between 40-70 high value machines would typically be reported stolen each month but now the figure averaged 100-150, sometimes exceeding 200. Amongst other factors, disruption caused by the Russia-Ukraine conflict and the ban on equipment sales to Russia has led to a thriving black market. Plant theft is highly organised crime with machines often stolen to order by brazen, experienced gangs. Hirers and contractors needed to ensure their premises and sites are adequately protected. Andy also stressed the importance of sharing information - another example of the industry collaboration that was mentioned frequently throughout the Conference. If someone heard of or fell victim to theft or fraudulent hire, they should circulate details to others. Companies should protect themselves by adopting measures like forensically marking machines, which cost a fraction of the amount needed to replace equipment, he said. And the industry should urge more manufacturers to fit security systems as standard and do away with using single keys to fit all machines. Clancy’s Ian Elliott agreed that thieves were “super-efficient criminals” rather than random opportunists. Perpetrators, he quipped, probably knewmore about starting a machine than some plant operators. Through initiatives from bodies like CITS (Combined Industries Theft Solutions), more police officers were being trained in recognising suspicious behaviour and in tracing stolen equipment. However, it was essential that owners and site managers kept records of machine serial numbers and identification markings so that details could be provided quickly to the police, giving better chances of recovery. Ian added that not just plant was at risk. Items like metal track mats were very attractive to thieves, so hirers should ask manufacturers to incorporate their company names on them. Streets works signs, fencing and barriers were also common targets. Datatag’s Kevin Howells said that hirers and equipment owners should adopt as many layers of protection as possible to guard against theft. Equipment should be registered on the national police database and fitted with visible and covert markings, as in the CESAR scheme, and devices like tracking devices and immobilisers could be added. However, he and other panellists agreed that prevention was far better than having to trace a stolen machine. Falanx Cyber’s Joel Babb said that cybercrime was one of the fastest growing areas of risk and all companies should check the security of their systems and information storage. “If you lost all your data tomorrow and were faced with a ransomware demand to unencrypt it, how quickly could you recover and what would be the cost to your business?” he asked. Firms should backup data regularly and consider cybercrime insurance. Indeed, Ian Elliott says that cybercrime was currently regarded as Clancy’s biggest risk and the company has established a specialist unit to manage it. All companies, including SMEs (small to medium enterprises) should be vigilant and suspicious of unusual emails or unexpected invoices suggesting their systems had been compromised. Joel Babb urged caution at all times and especially if requests for equipment or payment stressed the urgent or melodramatic ‘sob story’ nature of the surrounding circumstances. Companies should operate due diligence, conduct background checks if suspicious and, above all, devise a policy and stick to it.