In October last year, Jonathan Fisher KC was appointed by the UK Home Secretary to review the Criminal Procedure and Investigations Act 1996 (CPIA) rules that govern disclosure in criminal prosecutions.

Disclosure entails providing the defence with copies or access to all material that is capable of undermining the prosecution case and/or assisting the defence in a criminal trial. Thankfully Fisher appears to be undertaking much of his review in the context of how those rules relate to fraud cases.

The ongoing Post Office IT scandal, currently being looked at by a major public inquiry, is a classic example of what can go wrong with criminal prosecutions when the rules applying to disclosure are ignored or implemented poorly. For example, a draft 2016 report produced by Deloitte and commissioned by the Post Office, showed that the Post Office allegedly spent £100m ($126m) fighting sub-postmasters in court despite knowing its defence was flawed.

Fraud often differs from other crimes in that it is likely to generate masses of documentary material.

As someone who has spent decades investigating and prosecuting fraud, in both criminal and civil spheres, I am more aware than most about the impact that CPIA has on fraud investigations. Although the rules apply to all criminal prosecutions, from simple theft all the way to homicide, fraud often differs from other crimes in that it is likely to generate masses of documentary material.

To apply some context, most mainstream crimes (including homicides) have comparatively limited exhibits and material: rarely anything that would cause disclosure officers any issues. Conversely, frauds can generate a minefield of problems and data for those responsible for disclosing material.

Add to this the prosecution’s responsibility under the CIPA to follow all reasonable lines of inquiry, whether those lead towards or away from the suspect, and the waters can be muddied further. To intensify this confusion, defining a “reasonable line of inquiry” is also a subjective consideration, one which inevitably leads to arguments between both sides at court.

In modern fraud cases, the prosecution often acquires gigabytes, even terabytes, of data. To review this amount of material and record it accurately in a manner that satisfies the needs of the defence and the court is a huge undertaking.

The CPIA was conceived and enacted at a time when computerized data was not a huge issue. The speed at which technology has advanced since the mid-1990s is self-evident. The Serious Fraud Office (SFO) estimates that its average case holds around five million documents, with its largest case running to 48 million documents (6.5TB of data). The preliminary findings by Jonathan Fisher KC illustrate the issue perfectly when they state that if printed into hard copy, these papers would surpass the height of the London Shard building.

The onus has shifted so much against the prosecution, due to digitisation, that law enforcement is now fighting with both hands tied behind its back with regards to disclosure.

It has been clear to all of us who operate in the fraud arena and who work under the requirements of the CPIA, that the Act is no longer viable where fraud is concerned. I am a little biased due to my policing background, but the onus has shifted so much against the prosecution, due to digitisation, that law enforcement is now fighting with both hands tied behind its back with regards to disclosure in fraud cases.

Currently, UK taxpayers are often paying for the legal aid that supports the defendant and their team, as well as paying for the prosecution and their team too. The public purse is stretched past breaking point and CPIA disclosure costs are increasing because of the obligations that the CPIA is placing on those prosecuting fraud cases in this digital age.

I feel that CPIA remains fit for purpose where mainstream cases are concerned. But fraud (and resultant money laundering) cases need to be governed by disclosure guidelines befitting the digital era.

The CPIA as it stands has morphed into a draconian constraint.

I will leave the actual solution to the lawyers and law makers, but a new Act governing disclosure in fraud cases would be my preference. Could this Act be drafted to dovetail with the current economic crime related Acts, such as the Fraud Act 2006, the Proceeds of Crime Act 2000 (money laundering and confiscation elements), the Economic Crime Transparency Enforcement Act 2022, and Bribery Act 2010, etc, all of which can generate masses of data?

Perhaps such an Act could also be drafted with an eye to private criminal prosecutions, where non-taxpayers foot the bill. It is easy to see how defendants could use disclosure to drag out and “bankrupt” those paying the invoices in such circumstances. Private prosecutions are already on the increase, brought about by the funding squeeze on law enforcement agencies, so what is the answer to this predicament?

All I would ask is that common sense prevails so that those fraud investigators at the coalface, who are confronted with the issue of disclosure, can navigate the situation to the satisfaction of the court. The CPIA as it stands has morphed into a draconian constraint. As short-term solution, I would encourage investigators to engage early with their defence counterparts, even pre-charge where appropriate.

What we can all see is that there is a mess brought about by an Act that is no longer fit for purpose. I welcome the current review, and Fisher’s expertise will be invaluable in reaching a solution.