“Actual situation of computer crime in the credit and financial sphere of Ukraine (modern aspects)”

The purpose of the article is to study computer crimes in the credit and financial sphere based on elements of forensic characteristics of crimes and analysis of the ways of their commission. The relevance of the study is due to the rapid increase in the number of computer crimes in the credit and financial sphere and the low level of their disclosure. The research was conducted using the method of system analysis and synthesis of in- formation obtained from criminal proceedings, as well as reports from the Ministry of Internal Affairs of Ukraine and the National Police of Ukraine, from 2014 to 2018. The most actual motives and methods of committing computer crimes in the financial sphere have been analyzed and it has been established that during the period of Ukraine’s independence, the level of economic crimes has increased by almost 300%. The increase in the number of crimes contributes to the distrust of the injured party to the law enforcement agencies, savings of funds of financial institutions on cyber security, low level of information security of the financial sphere of Ukraine, lack of clear coordination between the relevant departments, which are responsible for the investigation of these crimes. The necessity of conducting separate investigative actions at the initial stage of the investigation has been justified in order to facilitate the rapid identification of the suspect, causing material damage and, in general, the investigation process.

Actual situation of computer crime in the credit and financial sphere of Ukraine (modern aspects)

INTRODUCTION
In the present context of socio-economic development of Ukraine, computer crime has become a reality of social life.
Understanding the causes of its occurrence and development requires an analysis of emerging crises and has begun to in uence the social, economic and legal development of society.
Information has become the living base of modern society, the subject and product of its activities. In other words, information becomes a product of public (informational) relations related to the production, transmission, accumulation and use of information in its various forms: scienti c and technical documentation, so ware, databases, database management systems, and others.
In this regard, the new information technologies gave impetus not only to the progress of society, but also stimulated the emergence and development of information crimes. Since 1991, according to the Interpol classi cation, information crimes are divided into: QA -Unauthorized

THEORETICAL BASIS
e new Criminal Code of Ukraine (2001) includes a separate section (section XVI -"Crimes in the area of the use of electronic maсhines (computers, systems and computer networks"), entirely devoted to the classi cation and establishment of liability for the commission of computer crimes, which contains three direct rules -Articles 361-363. ere are four rules in other sections that have an indirect relation to computer crimes. In the following articles, an electronic computer, its system and a computer network are de ned as the object of a crime. In addition, there is another fundamentally new crime subject to Articles 361 to 363, computer information.
Computer crimes (Sergeev, 2005;Skakun, 2018) or cybercrime (Chekotovskaya, 2013;Ramadani, et al., 2018) include a set of crimes provided by the criminal law that encroach on information infrastructure, information, as well as in relation to other objects in cyberspace or using its capabilities. Among all spheres of public life, the most vulnerable is the nancial and credit sphere, especially in the sphere of international economic relations.
Forensic characteristics of computer crimes differ from the already known forensic science of criminal encroachment with a certain specificity. There is the view that in the first place, it must include forensic evidence of the offender's identity (Bilenchuk & Kotlyarevsky, 1997), the motives and purpose of his criminal behavior, typical means, the objects and place of the offense, as well as the victim and the traces of the crime. e fact of the emergence of computer crime in society (Bilenchuk & Kotlyarevsky, 1997;Andreev, Pak, & Horst, 2001) is associated with the emergence of so-called "hackers" (from the English "hacker") -IT specialists who are engaged in the search for illegal means of obtaining unauthorized access to computer facilities and data along with their unauthorized use with a mercenary purpose.
In the process of analyzing the materials of criminal proceedings about computer crimes, it was established that the age of the o ender is determined within the limits of 24-45 years: the age of 33% of o enders did not exceed 20 years, 13% were older than 40 years and 54% were 20-40 years old. Men form the majority in this category (83%), but the number of women is rapidly increasing due to the professional orientation of some specialties and professions ( Figure 1).
In the professional-classi cation plan, the circle of "computer" criminals is very broad. All of them can be divided into two main groups, based on the classi cation mark of the category of access to computer facilities:  is the subject who refers to the information system or the intermediary to obtain the information he needs and uses.
ere are two types of users: registered (sanctioned) and unregistered (unauthorized, illegal). According to many experts, the main danger in terms of committing computer crimes comes from internal users (Donaldson, 2016): they commit 94% of crimes, while external users only 6%, 34% account for customers -users of computer systems, and 60% -bank employees ( Figure 2). Such crimes can be divided into three groups based on the functional category of access to computer facilities. e rst group includes o enders who committed computer-based crimes using so ware. In part, they include computer operators, accountants, cashiers, database administrators and data banks, programmer operators (system and application), so ware engineers, and others. e second group includes those who committed computer crimes based on the use of computer hardware: communication operators, terminal equipment engineers, computer auditing specialists and others. e third group includes persons who have committed computer crimes based on indirect access to computer facilities. ere are those who handle organizational issues: computer system management, operator management, database manage-ment or data banks, management work on soware, managers, and others.
Criminals from outside users, as practice shows, are individuals who are well informed about the activities of the victim. eir circle is very wide, so they can be systematized and classi ed: it can be any person, even an ordinary person. For example, a representative of an organization engaged in service, repair, so ware development of computer facilities on a contractual basis, representatives of various supervisory and governing bodies or organizations, clients or hackers.
Consider the motive and purpose of committing computer crimes, which are very important in formulating the forensic nature of the crimes of this case category. e motive and purpose of the committed crimes are directly related to the socio-psychological and forensic characteristics of the o ender's personality. Summarizing the information about the most common motive and purpose of committing computer crimes, it should be noted that they belong to the most important components of the forensic characteristics of the crime. Consequently, the motive and purpose of the crimes included in the group of subjective factors that in uence the choice of means and methods for achieving purpose, determine the nature of the main actions of the o ender, and, accordingly, the content of the method of committing a crime, which represents a complex of voluntary actions of a person and the basic forensic description of any criminal o ense. e motive and purpose in some cases are necessary signs of the subjective side of intentional crimes (for example, a motivated motive for Actors of computer crimes, (%) abuse of power or o ce, the purpose of the of funds in the unauthorized access to data, etc.). For most intentional crimes, the motive and purpose are not necessary elements of the subjective side and, accordingly, not part of the criminal and legal characteristics. Incidentally, in all cases, when investigating a particular crime, the motive and purpose must be clari ed. It is important not only for the court to establish a just punishment for the committed but also to facilitate the full disclosure of the crime. Information on the most common grounds and purpose of committing computer crimes is used when introducing versions in relation to the subject and the subjective side, as well as when organizing a criminal prosecution. For example, investigative practice shows that the purpose of damage and destruction of physical carriers of machine information in some cases conceals the the of material assets or money, when physical carriers of machine information have been damaged or destroyed. Veri cation of versions about their total or partial destruction in order to conceal the could lead to the criminals.

RESULTS
According to the research results of multiple studies on this issue, one can note the following (Figures 1-4).
e structure of forensic characteristics of computer crimes is equally in uenced by the generalization of information on the victim's side. Forensically meaningful information allows for a broader characterization of the perpetrator's identity, motives for committing a crime, and thus helps to to identify more accurately the circle of people who need to look for the perpetrator and search for the most important evidence (Svoboda, Kofanov, & Mihalchuk, 2018).
In particular, the identi cation and analysis of forensic evidence of the victim's side and its behavior (before, during and a er the crime) provides an opportunity to understand deeply many circumstances of the crime, especially pointing the motives of the o ender's conduct, his general (typical)  and individual characteristics. is is due to the fact that it is common that there is a certain relationship between the o ender and the victim, that makes the criminals not to choose objects of their criminal encroachment accidentally ( Figure 5). Especially it is di cult to identify and explore this connection at the beginning of the investigation.
Notable is the fact that the victim of the rst group is the owner of the system, reports (if at all) to the law enforcement authorities about an event of a computer crime. And they make up the bulk and, accordingly, the greater number and the very factors of committing such crimes, because this can explain the high level of computer crime latency. In this case, registered computer crimes are as in Figure 6.
Allocate factors in uencing the decision by the injured party (Muzyka-Stefanchuk, Huberska, & Yamnenko, 2017) to ask the police for the fact of a computer crime committed against them: • incompetence of law enforcement in de ning the fact of committing a computer crime, of its disclosure and investigation; • the risk of undermining its own authority in business circles and, as a result, the loss of a signi cant number of customers. is circumstance characterizes especially banks engaged in a wide automatization of production processes; • inevitable disclosure of the organization's security system in the course of a judicial investigation; • identifying the reasons for committing a crime in the course of investigating a computer crime may call into question the professional competence of certain o cials, which eventually will lead to negative consequences; • legal and legislative illiteracy of o cials in the issues of this category. Detected as a result of the regulation of access control checks on commercial security services -31% Establishment with the help of clerical work, as well as carrying out operational measures to verify citizens' applications -28%

Randomly -19%
In the course of accounting audits -13% In the course of investigating other types of crimes -10%

Ways of committing computer crimes in the credit and financial sphere
Economic crime is an unlawful activity that covers various abuses of economic power that violates the order of economic management, causes signi cant economic damage to the interests of the state, private entrepreneurial activity or groups of citizens, is committed continuously and under the cover of the manager's legal economic activity in order to obtain a pro t for both physical and legal persons (Skakun, 2018).
e most acceptable classi cation of economic crimes is made by the German criminologist Kaiser (1979).
1. O enses against the banking and shareholder exchange system; credit system; insurance systems and free competition, including abuse of trust and apparent bankruptcy, as well as copyright and labeling rights.

Bribes.
4. Violation of the legislation on labor protection; crimes against consumers, the environment.

Fraud and speculation.
Signi cant increase in the e ectiveness of combating economic crime can only be achieved through a deep economic reform, improvement of legislation that ensures the functioning of a healthy market environment, and the creation of an appropriate legislative framework for law enforcement agencies.
Issues relating to the analysis of crime in general, and economic crime, in particular, are complex and multifaceted. ey have not only a great theoretical but also above all practical signi cance, since it is status of the state's economy that de nes all other aspects of society's life, where the future destiny of Ukraine is solved, the foundation of its real sovereignty and international authority is laid. So, when determining the role of the economy in society, one can con dently say that it always "rules the ball".
However, the criminological situation in Ukraine (especially in the sphere of economy) has considerably deteriorated in recent years, which complicates the implementation of fundamental economic reforms of market type, increases social tension in society, creates additional di culties in the process of developing an independent and sovereign rule of law state. In the priority areas of the economy (in the credit and nancial sector, foreign economic activity, fuel and energy complex, etc.) during 2014-2018, 140 thousand crimes were revealed. In 2018, 2.3 times more than in 2014, criminal proceedings for crimes, losses of which amount to more than USD 3 million. In just ve years, such proceedings have been violated by almost 3,000 (Reports from the National Police of Ukraine, 2014-2018).
During the 2014-2018 period, about 17 thousand crimes were revealed in the nancial and credit sphere, of which about 5,5 thousand -in banks. On average, the share of crimes committed directly in banks in Ukraine was one-third. In 2018, 30% more than in 2014, criminal proceedings for crimes, losses of which amount to more than 300 thousand UAH was violated. Altogether, over a total of ve years, such proceedings have been e analysis of international experience of law enforcement units in ghting against economic crime, the substantiated analytical forecast of possible o enses in banking give an opportunity to examine in detail the criminological processes which take place in the main link of the nancial and credit system.
In accordance with the technology, structure, circle of participants and methods of committing, such crimes can be divided into those, which are committing directly in the banks, and which are committing in the eld of the enterprise, using the institutions of the banking system. Fraud with the use of payment cards and their requisites and fraud with the use of remote banking services (the system "client-bank") are the most widespread crimes in the banking sector. e average value of such crimes in the European Union countries is 0.06-0.08%, in Ukraine, the number of such crimes reached 0.045% of all transactions with payment cards (Chekotovskaya, 2013).
According to the technology of committing such crimes, as well as the structure and the circle of participants of these unlawful acts, their methods can be divided into those carried out directly in the banks, and those that are carried out in the sphere of the enterprise, using the institutions of the banking system. e range of methods for the the carried out directly in the banks is quite wide -from the appropriation of monetary deposits from accounts of polar depositors who have not made a testamentary order or have no successors to simple appropriation, which is o en considered as "temporary borrowing" by cashiers and other materially responsible and the o cials of the money entrusted to them and the withdrawal of money from collector's bags by their disguised misappropriation of collectors. However, the list-ed methods are easy to execute, and the amount of damages is not dangerous. ey were known earlier and therefore do not need any detail. e most widespread and socially dangerous is the category of abuses associated with the formation, "laundering" and the illegal use of false money. e method of committing these abuses is divided into those that are carried out by using: • payment orders accompanied by false credit memos; • unsecured limited checkbooks; • unsecured check books in combination with a credit or debit note; • letter of credit; • bills of exchange.
It should be noted that experts in the eld of computer systems and some bank managers attribute the reliability of electronic banking networks with the means of their external protection, that is, with the encryption of input into the computer system itself and its levels of information, depending on the admission of a group users. e range of operating personnel who will have access to a wide range of information on banking technology will be large. And this, rst and foremost, is a wide circle of people who have various disadvantages. erefore, the system for protecting electronic networks, which is based only on the management of inputs to various types of information, is ine ective. In order to make a relatively reliable system for protecting banking electronic networks, along with the old, we need fundamentally new approaches. Such a program should be based on the technology of bank document circulation and peculiarities of committing a crime using one form of settlement and credit operations ( ompson, 2018).

DISCUSSION AND CONCLUSION
e research of the whole complex of theoretical and practical problems connected with the peculiarities of investigating crimes committed in the credit and nancial sphere of Ukraine using modern information technologies makes it possible to formulate the following conclusions, suggestions and recommendations: 1. As practice shows, computer crime, as a rule, is based on the territories where the state has not created appropriate conditions for ensuring counteraction to crime, that is, in states with limited capabilities to counter new threats. us, the openness of global information networks enables criminals to choose a jurisdiction that is consistent with their criminal ends. International experts believe that most transnational criminal gangs and organizations are in transition and transition economies. So, states with a su cient level of information technology development and a low ability to deal with crimes in this area become shelters for transnational crime.

2.
ere is currently a fundamental need to develop expert knowledge of computer crime, to e ectively distribute information between relevant departments, to create special units at the national level, to create interagency and international target groups.

3.
e results of the analysis of investigative practices conducted show that such investigative actions (such as investigation of the place of the event, search and extraction, interrogation, appointment of examinations) are the most speci c, typical and signi cant for the investigation of computer crimes in the banking system, especially on the initial stage of pre-trial investigation. e urgency of conducting these investigative actions and organizational measures is due to the fact that they are aimed at establishing the crime, its method of execution, the identi cation of typical traces, the establishment of eyewitnesses, the establishment of o enders and other circumstances that ultimately contribute to the successful investigation of the criminal o enses, fair punishment of guilty and compensation of damages caused to the injured party.