The state deploys numerous technologies to regulate and oversee the behaviours of individuals, populations, and professions, some of which are direct and transparent while others are concealed (McKinlay & Starkey,1998; Rose and Miller, 1992). The concealed technologies include the gathering of information by individuals such as auditors and solicitors, institutions such as health authorities and welfare agencies, and its reporting to the state in fulfilment of legal obligations. The provider of the information may not know the precise purpose for which it will be used; this may be for statistical analysis, the allocation of tax resources (Miller & O’Leary, 1987), or, when criminality is suspected, to trigger further covert surveillance by other state actors. Neu and Heincke (2004, p.181) observe that: ‘Technologies such as accounting, administration, and law serve to structure the conditions of possibility within a particular institutional field. These techniques not only frame potential problems within the field, but also construct possible solutions (Neu, 2000; Preston, Chua, & Neu, 1997). By mobilizing distant knowledges and by transmitting this knowledge to centers of calculation, technologies of government facilitate the efficient exercise of government from a distance’. Neu and Hencke suggested that historically, as the state became more remote from those it governed because of the increased complexity of economic affairs, its reliance upon constant flows of information increased. The direct punishment of offenders no longer sufficed, as those who facilitated criminality, directly or indirectly, also had to be sanctioned. The traditional ‘touchstone’ in the auditor-client relationship, the duty of confidentiality, also became subject to statutory incursion as the state extended its reporting obligations regarding known or suspected criminal behaviour. The difference between these two states of mind – knowledge and suspicion – challenges auditors when interacting with the on-line reporting system. The main applicable legislation, the Proceeds of Crime Act 2002 (POCA 2002 hereafter), imposes a reporting obligation when there is ‘reasonable suspicion’ of criminality, but without providing a statutory definition of what that means.