Service and target operating model
Using the Intelligence Operating Model (IOM), forces and Regional Organised Crime Units (ROCU) can request support from TOEX for complex investigations into organised exploitation.
In the first instance, a request needs to be made to the TOEX team by the relevant forces using a tasking request form asking for assistance. Once a terms of reference has been established, the request is triaged and allocated to the appropriate team before work will begin by the Intelligence Analyst, Intelligence Development Officer, Finance Intelligence Analyst and Data Insight Analyst to gather information and data on offenders and victims associated with that particular investigation. Using the TOEX Data Platform, the teams are able to conflate a number of different datasets, ensuring all available intelligence is recorded on the Police National Database, and use the data capability tools to build a picture of the offending and the people involved.
Upon completion of this intelligence and analytical work, the threat will be reassessed by TOEX alongside the requesting force or ROCU, which will inform recommendations regarding ownership. Depending on the scale of the threat, it will either remain with the force/ROCU or be escalated to a national capability.
Because TOEX is recorded as a capability on the NCA’s Agency and Partner Management Information System (APMIS), the team is able to document and measure the value it is adding to the operational activity.
It is important to note that TOEX cannot own risk. There should always be an identified owner of the threat, which is typically the customer (forces and/or ROCUs) for the request into TOEX. This is why it is important that taskings follow the route outlined below.
Threat escalated at force level tasking
- At this point, an SIO should already be assigned to the threat.
Bid comes into ROCU Gateway team for TOEX support via the force-region SPOC
- The customer may or may not be the SIO but regardless the SIO holds the risk.
Allocation to TOEX
- The force SIO continues to be at the risk holder whilst TOEX as a capability supports the customer.
- On the SOC master list, the owning agency will always be shown as the force/region that own the threat.
- Where risk transfer is required (following intel development), this is to be done via regional TTCG and if necessary through escalation to the Federated Tasking Team.