April 2015
Alerting business to the threat from fraud
and corporate crime, and its prevention
Forum to tackle tricky corruption compliance issues
Banks and their clients face a growing dilemma as the effects of recent
bribery and corruption regulation/
legislation begins to bite. Smith &
Ouzman (UK), SNC-Lavalin Group
(Canada), Globe Pharmaceuticals
Ltd (Bangladesh), and Seng Enterprise Co Ltd (Cambodia) are a few
of the names reported in the press
in the past few months. All have
been already sanctioned or face
charges for historical acts of corruption. Many more look set to join
them as regulators around the world
toughen their stance in a bid to get
organisations to adopt and abide
by stronger anti-corruption controls.
Companies know they must do this,
and many are trying their best, but
the issues they face in doing so
can be complex and bewildering.
Adherence is all very well, but they
do not want to turn away potential
business. The different regulatory
standards in jurisdictions also
complicates the problem; what is
OK in one country may be illegal in
another. A timely conference on the
subject will hopefully help to better
explain the issues and put them
into a more practical perspective.
As part of its brief to help business
stay in business, ICC Commercial
Crime Services is examining
corruption and money laundering
during a two-day Forum being
held in Cyprus later this month.
Hosted by its Financial Investigation
Bureau (FIB) and ICC Cyprus, the
Forum draws together a number of
international speakers to address
the various issues. The crime of
money laundering will be outlined,
with a concise explanation of why it
needs to be addressed. Corruption
will be discussed, along with issues
of compliance and transparency,
and technological advances that
can help banking services provide
workable models.The growing role
of whistleblowing and its relevance
in the process will also be acknowledged. (see also article on page 4)
Of particular interest to attendees
will be a presentation by Max
Burger-Scheidlin, the Executive
Director of ICC Austria, on the
dynamics of corruption and
some alternative responses for
businesses needing to tackle
the problem. It will offer practical
advice to companies being asked
to pay bribes, who don’t know how
to deal with such requests, and
should provide a valuable insight
for those approaching new markets
for the first time.
Database
Another initiative expected to be
proposed by CCS during the Forum
is the creation of a Corruption
Database. With many years
experience constructing and
running databases for fraud and
maritime crime, CCS believes
a similar model dedicated to
corruption could be invaluable at
forewarning and forearming companies and their banks as they prepare to secure overseas contracts.
“The problem is that currently there
is little information available to
companies about the parties they
will be dealing with, particularly the
likelihood or not that a bribe may
be requested or implied during
negotiations with them,” said CCS.
“This is largely due to the fact that
any company being asked for a
bribe is reluctant to admit or report
it to the relevant authorities, fearing
that to do so may preclude their
participation in future contracts,
delay the award of any contract
or inflict reputation damage that
will negatively impact on the
business if made public.
“As this is clearly a sensitive issue,
we suggest a system whereby they
could report any such approach to
a trusted third party in confidence,
who would hold the details on
a database. Other companies
could then check with the database
whether an organisation or
company they may be proposing
to deal with has any history of
Continued on page 2/
In This Issue of CCI
CCS EVENTS in 2015!
2
FRAUD
Key signs and non-traditional costs! 3
WHISTLEBLOWING
Is legislation the key to international
whistleblowing regimes?!
4
KIDNAP & RANSOM
Preparation is the best defence!
6
CORPORATE FRAUD
Lying CEO jailed!
8
Wine company reloading scam!
8
INVESTMENT FRAUD
‘Ethical’ companies investigated!
9
CYBERCRIME
Why Boards need to up their game
before hackers claim checkmate!
10
Spam and malware top SME risk list! 12
Commercial Crime International
Diary
Forthcoming Events for CCS Members
April 2015
Last Call: Internet Intelligence (II) Course:
How to find, manage, and use online
information more effectively.
Date: 12th-15th April 2015
Venue: Queens’ College, Cambridge University, UK.
Online Details: www.icc-ccs.org/courses-training
Enquiries: Peter Lowe (PLowe@icc-ccs.org)
Enquiries: Annette Galloway (AGalloway@icc-ccs.org)
Tel: +44(0)207 423 6960
Notes: In the Panel Discussion that follows the
Lecture, David Hughes from Dechert LLP will outline
the proposed ‘Senior Managers’ Regime (SMR) set
to be launched by the Financial Conduct Authority
(FCA)/ Bank of England Prudential Regulation Authority (PRA) later this year. SMR is
You may also be interested in:
seen as one of the key responses
April 2015
The 2nd Annual OSIRA Summit.
to the financial crisis, and has
International Financial Crime
London 7th-8th May 2015
profound implications for the senior
Forum: Money Laundering
The Summit is designed to examine
managers of financial institutions
and Corruption
the best practices of cyber intelligence
that those attending the lecture
Date: 28-29 April 2015
gathering using OSINT process model,
will want to hear about.
Venue: Hilton Park Hotel, Nicosia.
Legal and Ethics issues and
Cost €600; includes tuition,
technologies that are available in
October 2015
documentation, lunch, coffee
the OSINT world. Speakers include
Pitfalls & Remedies in Internabreaks and Forum dinner.
II course leader Dave Toddington.
tional Trade: The 30th Annual
Cost €300; for organisations
Details: +852 68019775 or
Practical Course on International
regulated by the Cyprus FSA,
Jeffrey.teh@innoxcell.net
Trading Problems
members of Cyprus Chamber of
Date: 4th-9th October 2015
Commerce, and Cypriot businesses.
Venue: Old Thorns Manor Hotel, Liphook, Hampshire,
See the Brochure and Programme online at
UK.
www.icc-ccs.org/courses-training
Cost: £2,850; includes tuition, documentation,
Register online at: icc-ccs.org/cyprus2015
accommodation, all meals and coffee breaks,
More information from Cyrus Mody
and transport from/to London Heathrow Airport.
(cmody@icc-ccs.org) Tel: +44(0)207 423 6960
More information and brochure from: Michael Howlett
(MHowlett@icc-ccs.org) Tel: +44(0)207 423 6960
June 2015
15th Annual CCS Economic Crime Lecture:
Returning to the UK for the first time in several years,
Triggering the Financial Crisis - The Lehman
this highly successful course is widely known for
Experience and Lessons for the Future
its unique and practical approach to identifying
Speaker: Russell Downs, Partner at PwC and Joint
and tackling the potential pitfalls faced by anyone
Administrator of Lehman Brothers International
involved in international trade, especially those
(Europe) Ltd.
tasked with managing and avoiding risk.
Date: Thursday 18th June 2015
Venue: The Old Library, Lloyds of London, UK.
Brought right up to date to reflect current issues, and
Cost: Free. CCS members will receive an invitation.
with frequent reference to the latest
continued from page 1
cases uncovered by the Internademanding bribes BEFORE they are put in a difficult position. Such a sys- tional Maritime Bureau, the course
tem enables them to prepare for and be ready for any such approach, and looks at recent developments and
reduces the risk of embarrassment. It also enables that company to show analyses the manipulation of the
to regulators should there be a problem later that they have done due dili- documentary credits systems,
together with frauds, charter party
gence and taken appropriate steps to comply with anti-corruption measures. The information in the database can be used to identify patterns and failures and the problems of cargo
abandoned at intermediate ports,
high risk organisations or individuals involved in soliciting bribes so that
pressure will build upon the local authorities to investigate and prosecute.” among many others.
Corruption Forum -
Whether a Corruption Database is feasible is still up for debate, said CCS.
But it may be a solution worth looking into in more detail if it can help
companies understand the corruption risks they may face, BEFORE they
find themselves in the position where they have committed considerable
costs to the project and cannot easily extricate themselves or, if they
continue, face the prospect of breaking the law.
The FIB Forum takes place in Cyprus on the 28th/29th April. See above.
2
Attendees get the chance to put
what they have learned to the test
on the final day during the ‘Trading
Game’, a simulated international
trading situation with more than
its share of problems and disputes
for the participants to resolve.
April 2015
Commercial Crime International
Fraud
Key signs of fraud and its unforeseen costs to victims
FRAUD is often difficult to spot but in its 2014 Global
Fraud Study ACFE, the Association of Certified Fraud
Examiners, found behavioural red flags that showed
up in 92% of fraud cases, and in 64% of cases more
than one was present. As you can see from the chart
left, living beyond their means and financial difficulties
were the two most common warning signs. The third
most common warning sign is a conflict of interests –
when someone has an unusually close relationship
with a customer or vendor there is a higher chance
of finding corruption.
Interestingly, while cut throat corporate culture is often
assumed to be behind fraud, it’s surprising how low
‘excessive pressure from within organisation’ actually
shows up. The study also revealed that fraudulent
managers are more likely to be living beyond their
means, while employees are more likely to be in
financial dire straits. Also, according to the ACFE
study, men who commit fraud are much more likely
to form close associations with clients or vendors,
to have a wheeler-dealer attitude, while women
who commit fraud are more likely to be in financial
difficulties or having family problems.
Victims
Another study - “Non-Traditional Costs of Financial
Fraud Research Report” - by FINRA and ARC, has
meanwhile looked at the impact of fraud on its victims.
It found that victims of financial fraud place a good
deal of responsibility on themselves for the incident.
Just under half (47%) blame themselves for being
defrauded, and 61% feel that they were defrauded
because they were too trusting.
According to the ARC report, non-financial costs
(such as stress, health problems) are more common
than indirect financial costs (such as late fees, legal
fees). As can be seen from the following table (left),
stress was the most frequently cited non-financial
cost, with half the respondents reported that they
had experienced a serious degree of stress due
to being defrauded. Nearly 38% reported difficulty
sleeping, and over 35% reported experiencing
depression due to the fraudulent incident.
The report also points out (see lower table) that the
most commonly cited indirect financial costs were
late fees/interest and fees for bounced cheques.
This indicates that the loss of money from the fraud
interfered with the victim’s ability to pay bills and make
ends meet. In addition, financial fraud victims report
a variety of negative emotional reactions to the
fraudulent incident, with anger being the most
common, followed by regret and feeling victimised.
Close behind are betrayed and embarrassed.
April 2015
3
Commercial Crime International
Whistleblowing
Is legislation the key to effective international whistleblowing regimes?
Whistleblowing remains a confusing and contentious subject. Whilst news reports of massive payouts to
whistleblowers in America have become commonplace, research has now found that offering monetary
incentives does not necessarily influence whistleblowing behaviour and might even discourage internal
reporting. It also suggested that protection from retaliation made people significantly more likely to
report possible wrongdoing. In this article, ICC FraudNet member Douglas Milne and colleagues
offer their perspective on the issues and explain how, when employees are acknowledged as the
most effective source of identifying fraud, they may be better supported.
The UK has been described as
leading the way in whistleblower
protection in Europe. In fact, only
six European countries have
specific whistleblower legislation,
with Norway and the UK being the
only two with statutory requirements
that cover both public and private
sector workers.
Conversely, protection has been
afforded to whistleblowers in the US
for the past twenty years through
a raft of legislative provisions, most
notably the Sarbanes-Oxley Act of
2002 (SOX), which established new
protections in the US for employees
of publicly traded companies and
was designed to both protect employees from retaliation and actively
encourage whistleblowing as a result of a number of major corporate
accounting scandals, including
Enron. However, it’s interesting
to note that a 2010 study of fraud
cases in large US companies
revealed that the number of
employee whistleblowers reduced
substantially following SOX being
passed through Congress.
Problems
Despite the more developed laws
in this area in both the UK and US,
it is clear that serious problems
remain with the whistleblowing
regimes in both countries. In the
US, there remain major issues with
guaranteeing anonymity and properly investigating anonymous calls,
a lack of knowledge of how the
regimes work, and of allegations
being investigated by other
employees who are not seen as
independent of the company. In
the UK, a 2013 survey of employers
carried out by global law firm Ever-
4
sheds revealed that 40% of respondents believed the current
law was not working and 58% did
not anticipate having to change
their current whistleblowing policy
to accommodate these changes.
However, the same survey suggested that just under a third of
respondents have encountered
bullying or some other form of
detrimental treatment in their workplace as a result of whistleblowing.
The results in both countries
suggest that employers may
not be interpreting or implementing
the law correctly.
Legislative update
In the UK, changes to the whistleblowing laws were introduced in
June 2013 under the Enterprise
and Regulatory Reform Act 2013,
which mean that employers now
have a legal responsibility to
actively protect against the
detrimental treatment or bullying
of whistleblowers. The June 2013
changes include the addition of a
"public interest" test for qualifying
disclosures, removal of the "good
faith" requirement for protected
disclosures and introduction of
liability for employers in situations
where whistleblowers are subjected
to detrimental treatment by their
colleagues. Following this, as
a result of the UK Government
Response to a call for evidence
by the Department of Business,
Innovation and Skills in July 2014,
further changes to UK law were
announced, which are expected
to be brought into legislation this
month (April 2015) through the
Small Business, Enterprise and
Employment Bill. The new measures include a new best practice
guide to whistleblowing policies for
employers with a model policy
employers can adopt, a new duty
on regulators to report annually on
cases referred to them, extending
the legislative protections to groups
currently excluded, such as student
nurses, and exploring options
to reward employers who adopt
effective and proactive approaches
to whistleblowing in their organisations.
Despite the legislative changes
in the UK, Sir Robert Francis QC,
chairman of the inquiry into poor
care and high mortality rates
amongst patients at Stafford
Hospital, England, has warned that
poor treatment of whistleblowers is
acting as a deterrent to employees
from speaking up. His report found
that there were five overarching
issues with the UK whistleblowing
regime - cultural change, improved
handling of cases, measures to
support good practice, particular
measures for vulnerable groups
and extending the legal protection.
The report went on to make 20
recommendations for change, all
of which have been accepted by
the UK Government. Accordingly,
UK legislation in this area looks set
to evolve even further in the next
few years.
Beyond legislation
However, the current statistics
show that something more than
just legislative change is required
to create an effective international
whistleblowing regime, especially
at a time when estimates of fraud
and malpractice clearly represent
a significant threat to businesses
across the globe.
April 2015
Commercial Crime International
Money Laundering
The Association of Certified Fraud
Examiners (ACFE), in their 2014
Global Fraud Study (reported in
CCI), estimated that a typical organisation loses 5% of its revenues
each year to fraud. If these figures
were applied to the 2013 estimated
Gross World Product, this would
translate to a projected global loss
of nearly $3.7 trillion. The same
study demonstrated that the most
effective method of identifying
fraud in an organisation is through
disclosures by employees. Over
40% of all cases were detected
by an employee disclosure, which
is more than twice the rate of any
other detection method. Employers
with whistleblowing hotlines are
much more likely to catch fraud
by an employee disclosure. These
employers also experienced frauds
that were 41% less costly, and they
detected frauds 50% more quickly.
US Bid to audit bank AML systems
NEW York bank regulators are reportedly considering massive programs
to audit large banks’ cybersecurity and anti-money-laundering (AML)
systems. NY superintendent of Financial Services, Benjamin Lawsky, has
proposed the AML and security audits, and also raised the prospect of
demanding that bank executives personally attest that their AML systems
work effectively, insisting on third-party certification of banks’ network
security, and requiring multi-factor authentication for bank customers.
The proposed audits of AML systems would follow the pattern of Lawsky’s
investigation of Standard Chartered Bank where, as part of a 2012 moneylaundering settlement, a monitor was installed at the bank to make sure
new AML controls worked properly. They didn’t - the upgraded system still
failed to catch millions of suspicious transactions that the monitor found.
Doing that for every large bank in New York isn’t practical, Lawsky has
said, but it could be done on a spot-check basis even for banks that aren’t
under a cloud, as Standard Chartered was. And for all banks, executives
should be required to personally attest to the effectiveness of the systems,
the way they attest to the accuracy of financial statements, he suggested.
Lawsky also floated a possible requirement for replacing conventional
static passwords with more effective authentication, such as one-time
passwords that would be sent to a customer’s or employee’s phone as
the individual was attempting to log in to bank systems. Regulators may
also beef up bank examinations by adding assessments of each bank’s
cybersecurity preparedness, Lawsky said.
Encouraging reporting
A healthy and open culture is one
where people are encouraged to
see, hear and speak up, confident
that they can do so without adverse
repercussions, convinced that they
will be heard and that appropriate
action will be taken. One of the
main UK Government objectives
when introducing the whistleblowing framework was to encourage
employees to report wrongdoing
to their employer internally without
the need to go out with their organisation. As a result of the call for
evidence, the UK Government
accepted that employees feel that
it is more difficult to blow the whistle
internally, usually due to lack of
knowledge and fear of reprisals.
cation of international multi-million
pound procurement frauds reported through their whistleblowing
hotlines. Global whistleblowing
service providers such as SeeHearSpeakUp are also able to
provide a tailored approach to
whistleblowing in order to effectively manage and deal with the
sharp contrasts in cultures and
legislation between jurisdictions.
These common problems, coupled
with evidence that the most effective source of identifying fraud is
employees themselves, has already
seen many employers increasingly
seeking the services of specialised
global external whistleblowing service providers. One such provider,
SeeHearSpeakUp, regularly deals
with a variety of employee disclosures across the globe. These can
range from simple reports of bullying in the workplace to the identifi-
Taking this, and the recent statistics, into account, it is clear that
a cultural change in the attitude
of employers - to view the regime
as requiring a proactive approach
to communicating and supporting
employees by investing in training
and other support mechanisms
such as the effective use of external
whistleblowing providers - will pay
dividends within their organisation.
The most recent changes proposed
to UK law clearly have this ap-
April 2015
However, AML efforts currently catch only a small fraction of 1% of moneylaundering transactions, which means even catching 10 or 100 times as
many laundering transactions would hardly make a dent in the problem.
proach in mind. However their success will ultimately come down to
the extent to which employers are
willing to foster cultural change
within their organisations in order to
comply with their underlying intent.
Douglas Milne and Fiona Grant are
members of leading Scottish law
firm, Morton Fraser LLP's fraud
and asset recovery team. Douglas
Milne is the Scottish member of
ICC Fraudnet. He is lecturing on
whistleblowing at the FIB’s Annual
Financial Crime Forum which is
to be held in Nicosia, Cyprus on
28-29 April 2015. Fiona Grant is
a Certified Fraud Examiner.
Sean MacAuley is Senior Manager
within Anderson Anderson & Brown
LLP, Chartered Accountants,
Aberdeen, Fraud Prevention &
Investigation service line, SeeHearSpeakUp.
5
Commercial Crime International
Kidnap & Ransom
Preparation is executives’ best defence against kidnap risks
The risk of being kidnapped is a significant concern for those travelling for business to unstable and
dangerous regions of the world. Travellers can reduce these risks by following preventative measures
and making smart plans, say business security experts. Elizabeth Machuca reports from Mexico City.
Kidnapping is one of foreign
business travellers’ main concerns,
especially amongst US citizens,
when operating in Latin American
nations with high criminal rates.
According to the US Department of
State, more than 130 kidnappings
of US nationals were reported to
the United States embassy and
consulates in Mexico between
January and November of 2014.
“The countries with the highest
kidnapping rates in Latin America
would be Honduras, Venezuela,
and El Salvador, but Mexico has
the same issue with 10,000 cases
reported last year,” said Miguel
Martínez, vice president for the US
west coast and Mexico for Pinkerton Consulting & Investigations Inc.
Mexico warning
John Rendeiro, vice president for
global security and intelligence
at International SOS, a UK-based
business travel service provider,
told CCI that when executives visit
a country where kidnapping is
particularly prevalent, careful trip
preparation is critically important.
According to advice provided by
his company and its partner Control
Risks, this is especially the case for
Mexico: “It is one of those countries
where you really have to do some
in-depth research before travelling.
For instance, cities are low risk but
the countryside does not enjoy the
same situation, therefore it is advisable to prepare your travels with
information on transportation
and lodges,” said Mr Rendeiro.
US-based Lewis R Cohen, partner
of the multinational law firm Hogan
Lovells, agreed: “When doing business in the city of Monterrey [in the
north of Mexico], I have to be more
careful than in Mexico City, but I
would never advise anyone to go
off the road on their own in any of
6
those places. Just be careful,” he
said. As regards accommodation,
Mr Rendeiro said that multinational
branch hotels such as Hilton and
Marriott “have the best security
systems in place and have a good
relationship with local authorities,
in case something happens.”
Taimur Ahmad, chief executive
officer of the financial intelligence
publication LatinFinance, and a
frequent traveller to Latin America,
recommends staying only for “short
periods and in well-known areas.”
This strategy would prevent travellers from attracting the attention of
kidnappers or organised criminals.
Likewise, “short business stays are
usually safe,” said Mr Rendeiro.
Seek assistance
Mr Ahmad also recommends
travelling around the country with
local contacts: “If our company
has people over there, then we
ask them to assist us. This resource
has been useful to travel around
the capital of Honduras, Tegucigalpa…one of the most dangerous
places in the world.”
If a company lacks contacts in
a certain area, companies such
as International SOS have provider
networks that can assist business
travellers. “We check them out on
a regular basis to be sure that they
meet our standards so they can
provide help or guidance to the
travellers,” said Mr Rendeiro.
Mr Martinez added that travelling
executives should monitor their
destination country closely, and
not only as regards crime. They
should also study, for instance,
the currency, language and
culture that could make them
more knowledgeable, and
therefore less vulnerable,
travellers.
Plan for problems
Travellers should also plan
contingencies for if they are
kidnapped and be aware that some
countries restrict certain options.
For instance, business travellers,
particularly from the US, often hire
specialists such as Control Risks
Group Holdings Ltd or red24 to
deal with these felonies, should
they occur. However, several governments in the region including
Mexico, Honduras, Venezuela and
Brazil have banned such services
from conducting negotiations with
the perpetrators of those crimes.
In the case of Mexico, article 366
of the country’s criminal code was
reformed nearly seven years ago
to penalise people who act as
intermediaries between a kidnap
victim’s family and the criminals,
and charge for this operation.
“Those companies were accused of
being unprofessional and handling
the cases in an inconvenient way,
so now kidnapping cases are taken
care of by the Mexican federal
government and private instances
are limited to collaborate with
them,” said Sergio Díaz, the senior
managing director of FTI Consulting
Mexico. However, sources within
the security industry have expressed concerns amid reports
of collusion among local authorities
and organised crime, and said this
situation has made things difficult
for the family members.
Mexico-based private negotiator
and lawyer Max Morales noted in
an interview with Mexican Spanish
language newspaper Excélsior
that bringing in third party private
negotiators can be more effective
because some members of law
enforcement may be protecting the
perpetrators. Likewise, the United
Kingdom government’s Foreign and
Commonwealth Office has warned
April 2015
Commercial Crime International
Corruption
its citizens about their exposure to
short or long-term kidnapping that
occurs in Mexico for financial gain.
“There have been allegations of
police officers being involved,”
it warned through its travel advice.
People planning to visit Mexico
should certainly consider such
risks prior to travelling.
Mr Diaz noted kidnapping rates
were on the rise in the country,
particularly in the states of
Aguascalientes and San Luis
Potosí, and the Bajío region, which
includes Guanajuato and Querétaro
states – all areas north of Mexico
City. “In the first month of January,
these states have experienced an
increase of 25% in extortion and
kidnapping cases compared to the
previous year because of the drug
cartels’ restructuring,” he said.
According to United Nations data,
one third of global homicides,
including those related to kidnapping, occur in Latin America.
Because of this situation, many
private security companies operate
in the region, serving foreign
clients. “We have restrictions, but
we still provide some advice for
our clients. Kidnapping remains
a major issue in Latin America, especially in countries like Honduras
and Mexico. The crime figures are
not always accurate and there
might be more cases than those
reported,” said Mr Martinez.
Use available resources
Travellers should also consult
resources that update users on
kidnapping threats around the
world. For instance, Control Risks
offers online subscription monitoring services that include current
information on kidnap for ransom
trends in every country where the
company operates. Subscribers
also have access to a kidnap
and extortion incidents database.
Companies such as Control Risks,
red24 and Pinkerton also offer incident management courses
that train participants on the best
ways in which to respond quickly
and effectively to kidnapping. April 2015
Companies rigged bids and paid bribes
THE World Bank Group recently barred four companies involved in
misconduct relating to projects in Bolivia, Bangladesh and Cambodia.
The debarments followed investigations by the World Bank’s Integrity
Vice Presidency (INT).
In Bolivia, Empresa Constructora y Consultora LAPTUS S.R.L. and Ingenieria en Construcciónes Orleans (ICOR) were each debarred for a minimum
of two years. INT’s evidence revealed that each company had submitted
fraudulent performance securities during the bid process intended to
provide financial security to the project in case of non-performance.
Globe Pharmaceuticals Ltd (Globe) was debarred for three years
following evidence of fraud under the Bangladesh Health Sector
Development Program. The company submitted false “prior experience”
certificates in its bid to qualify for a World Bank-financed contract.
Finally, in Cambodia, Seng Enterprise Co Ltd was debarred for a period
of three years for engaging in corrupt practices. The company paid bribes
to officials, on behalf of a consortium, in order to be awarded a World
Bank-financed contract under the Rural Electrification and Transmission
Project. Evidence also revealed the company had solicited funds from
another consortium member firm to help pay for the bribes.
SNC-Lavalin fraud and bribery charges
The RCMP is reported to have laid rare corporate fraud and bribery
charges against SNC-Lavalin Group Inc, the first charges that target
the company as a whole. The Canadian firm builds infrastructure.
SNC is accused of using at least $47.7million to bribe Libyan officials.
A second count is for fraud of about $130 million related to construction
projects in Libya. SNC responded saying the alleged activities took place
between 2001 and 2011 and the people involved have been fired. The
company says it has cooperated with authorities for the past three years
and intends to plead not guilty.
Payroll manager bribed bank officials
Fortune.com recently carried a story about a man in Kentucky, described
by prosecutors as a vortex of fraud, who was able to pull multiple bank
executives into his $53 million tax fraud scheme through bribery.
The Kentucky businessman, who for two years controlled a payroll
management company, allegedly stole money from clients who paid the
company to cover their federal taxes and workers’ compensation, and
used it to pay for personal expenses. He also conspired with the senior
vice president and president of a now closed bank to create false transactions that made it look like the failed bank had received $6.5 million in
cash. He continued to suck these two bank executives into his tax fraud
scheme by bribing the men to provide fraudulent letters of credit so his
companies could receive millions of dollars in loans.
The fraudster, the two bank executives and yet another executive from
a different bank then conspired to defraud a second bank by causing
the issuance of a $30 million loan that was used to finance the fraudster’s
purchase of an Oklahoma insurance company.
7
Commercial Crime International
Corporate Fraud
CEO who lied is jailed for five years
THE CEO of an energy firm that
had its headquarters in the US,
but operated its business in China,
was recently jailed for five years
after fabricating key facts about
his company.
Dickson Lee, 66, was the CEO of
L & L Energy, Inc, until his arrest
last year. L&L, formerly a NASDAQ
listed company, purported to be
engaged in various aspects of
the coal business including mining,
washing, and wholesale distribution
of coal within China.
Lee falsified reports to the US
Securities and Exchange Commission (SEC) regarding the existence
of a Chief Financial Officer and,
in a separate scheme, issued
under false pretences hundreds
of thousands of shares of L&L
stock to individuals controlled
by Lee in a scheme to raise
cash for the company.
According to records in the case,
in 2008 and 2009, while trying to
get L&L stock listed on a national
exchange, Lee falsely reported
the identity of the company’s Chief
Financial Officer (CFO) and lied
about the existence of adequate
internal controls in public SEC
filings.
In fact, the person Lee claimed was
the CFO had refused to accept the
position, and L&L had no CFO to
ensure accurate financial reporting.
In 2009, when the purported CFO
discovered the fraud, Lee paid the
individual tens of thousands of dollars in cash and stock in exchange
for her silence, and never disclosed
the arrangement to shareholders.
Finally, in 2013, during a subsequent SEC investigation, Lee
falsely testified under oath about
the CFO’s role in the company.
In the second count of Securities
Fraud, Lee admitted that in 2011
and 2012, he issued 730,000
shares of company stock to thirdparties in China who, at his direction, sold the shares on the market
to generate revenue for cashstrapped L&L. At the time, Lee
knew that the SEC had initiated
an investigation into L&L’s affairs
and that raising cash through
established investment banks was
no longer a viable option. Lee also
knew that L&L’s Board had been
specifically advised that it could
not authorise the direct issuance
and sale of stock without public
disclosure of the investigation.
Lee, therefore, secretly issued L&L
stock to China-based individuals
under false pretences and then
directed their sale without ever
disclosing the truth about the
company. In order to further conceal his actions, Lee directed that
the shares be falsely recorded in
L&L’s accounting records as having been issued for compensation
for services, although none of these
individuals provided any benefit
to L&L in return for the shares.
Wine investment
victims caught in
reloading scam
IN an apparent reloading fraud, it
has been alleged that thousands
of creditors who put money into
collapsed wine investment scams
are being sold a bogus “rescue
service” in return for an upfront fee.
The creditors have apparently been
receiving letters allegedly from UK
insolvency practitioners Abbott
Fielding saying they are in possession of their wine but need legal
fees or insurance costs before they
can release it. The fraudsters ask
for up to £15,000, which was the
supposed commission on the supposed sale of the wine. The firm
has since written warning letters to
5,000 fraud victims explaining that
a genuine insolvency practitioner
will never ask creditors for money.
One creditor of liquidated European Fine Wines Ltd reportedly
paid £1,000 by bank transfer after
being assured that Abbott Fielding
could secure a case of his wine
and sell it for £13,000. He was
told the money was to pay to use
its solicitor.
Lists of creditors of collapsed
investment companies are traded
for anything from £1 to £20 a name,
and those being targeted now
include victims of carbon credit,
diamond and platinum investment
scams, as well as wine.
Philippines SEC warns investors off fraudulent company
THE Philippines Securities and
Exchange Commission (SEC)
has recently asked the public
not to deal with One Lightning
Corp, a company whose transactions – the regulator claimed – fall
within the parameters of fraudulent
transactions.
The regulator also said that people
joining the activities of One Light-
8
ning "run the risk of being prosecuted for criminal violation of the
Securities Regulation Code."
As part of its modus operandi, One
Lightning invites people to invest
in its cosmetics and healthcare
products with the promise of huge
returns on investments through
what it claims is a revolutionary
compensation plan for distributors
under a 70% profit-sharing scheme
in favour of investors. The company
also undertakes to give referral
awards for sponsoring new investors and maturity awards when
those investors in turn are able to
recruit new investors or when their
accounts mature, the SEC noted.
It also undertakes to give bonuses
at every level for three levels of
referrals made, it added.
April 2015
Commercial Crime International
Investment Fraud
UK investigates ‘ethical’ companies
THE UK’s Serious Fraud Office (SFO) said recently it has begun investigating ‘ethical’ companies Global Forestry Investments and Global Forex
Investments. The two companies are led by the same two business partners, Andrew Skeene and Omari Bowers. They are based in the UK but
promoted the investments worldwide. The two registered the company
GFI Consultants Ltd on April 13, 2010 and had offices in London, Brazil
and Dubai. They allegedly promised investors around 10%-20% returns
per annum from their Teak projects in Brazil. One solicitor representing
victims estimated they may have lost up to £20 million in the two schemes
after investing a minimum of £5,000 (with no upper limit).
SEC suspends companies to thwart fraud
THE Securities and Exchange Commission said last month it had
suspended trading in 128 inactive penny stock companies to ensure
they don’t become a source for pump-and-dump schemes.
The trading suspensions were the latest in a microcap fraud-fighting
initiative known as Operation Shell-Expel in which the SEC Enforcement
Division’s Office of Market Intelligence utilises technology to scour the
over-the-counter (OTC) marketplace and identify dormant companies
ripe for abuse. The proactive efforts have prevented fraudsters having
the opportunity to manipulate these thinly-traded stocks by pumping
the companies’ stock value through false and misleading promotional
campaigns and then dumping the stocks after investors buy in.
Since it began in 2012, Operation Shell-Expel has resulted in trading
suspensions of more than 800 microcap stocks, which comprises more
than 8% of the OTC market. Once a stock has been suspended from
trading, it cannot be re-listed unless the company provides updated
financial information to prove it’s actually operational. It’s extremely rare
for a company to fulfil this requirement, and the trading suspensions
essentially render the shells worthless and useless to scam artists.
Boiler room fraudsters jailed
TWO men have recently been jailed for conning £1.2m from "innocent and
vulnerable" people as part of a boiler-room fraud that took place between
2007 and 2010.
Mark Sisson, along with fellow fraudster Alexander Pratt, who was also
sentenced to two years in prison, ran a fraudulent investment firm in Madrid,
with Sisson managing the boiler room and Pratt selling shares in fictitious
energy firms at hugely inflated prices. The duo, using false identities, sold
S-Reg shares – restricted stocks which often do not allow the buyer to sell
the stock for a certain period of time – to about 30 "unsuspecting victims",
often the elderly and vulnerable.
"The fraudsters led the victims to believe the shares were worth much more
and sent out glossy brochures and share certificates in the post to try to
authenticate and reassure the victims that they had invested in a worthwhile
business," City of London Police said. "However, the shares were effectively
worthless and often valued at less than one per cent of the purchased
value. In addition, the victims were not informed about the high legal fees
they would incur if they chose to sell the shares on, which often cost more
than the initial investment.”
April 2015
UK reported fraud
falls by one third
THE value of reported fraud in the
UK has fallen by a third despite
an increase in the number of
cases, according to analysis by
accountants BDO. The total value
of cases over £50,000 fell to £720
million in 2014. Financial services
fraud is down to the lowest value
since 2008, dropping 56% in 2014,
compared with the previous year.
Many of the 546 cases (up from
525) reviewed in BDO’s report were
unsophisticated, with an average
value of £1.3 million, including lowtech schemes such as submitting
false invoices.
BDO attributes the decline in value
to a growing trend for companies
to handle complex cases outside
the criminal courts, for example
through civil actions or privately
in-house. Fraud victims may also
be more aware of how civil action
can help them recover their assets,
especially at a time of dwindling
resources in law enforcement.
‘Worthless’ penny
stocks sold
A Cayman Islands-based bank and
four other companies is being sued
by America’s SEC, which alleges
they took more than $75 million
from unregistered sales of "virtually
worthless" penny stocks. The US
regulator claimed these businesses
filed bogus registration statements
with the SEC, purporting to register
securities to public shareholders,
though there were no such sales
and the securities stayed in the
control of the issuers and their
affiliates. In the sham offerings,
the issuers pretended to sell
securities to shareholders in such
places as Serbia, Mexico, Ireland,
Norway, Panama and Jamaica.
The restricted securities were then
"passed off" as free-trading stocks
in the United States and sold to
the public. 9
Commercial Crime International
Cybercrime
Boards must up their game before the hackers claim checkmate
In today’s climate, the cyber security paradigm is a reactive cycle. When a threat is uncovered, it is
examined and a counter-measure is created, with response times varying from weeks to years. The
problem, says Ian Pratt, co-founder of Bromium, is that attackers have the ability to easily reuse the
previous pieces of malware, modify them and then build a brand new threat, therefore bypassing
the new and updated security measures. Effectively, the connected world is under siege and current
security solutions and approaches are outdated and inadequate.
As humans, we love to point the
finger at a particular individual or
to a group of individuals; however,
security vendors, CISO’s and employees all play a role collectively.
Cybercriminals are still managing
to not only release unique malware,
but create malware that remains
undetected for weeks, months
and even years.
A lot of the pressure falls into the
lap of the board of directors. They
have the responsibility to ensure
that management is protecting
company assets effectively; and
this responsibility extends to cyber
security. Executive management
must be more proactive in making
sure their organisations deploy the
right defences to survive in this
new world of accountability.
The board must be competent in
risk control and should challenge
management when excessive risks
are taken. A key question for the
board is whether it is doing enough
to protect its organisation’s important assets.
With many assets in digital form:
business plans, source code, trade
secrets, financial projections, deal
margins and proposed mergers
and acquisitions (M&A) deals, these
assets are often under the personal
control of management executives
who must take appropriate steps
to safeguard them.
Public data breaches are a major
cause of concern; cyber security
breaches will generate a new wave
of litigation in the years ahead and,
as breaches are likely to have an
adverse impact on a company’s
10
financial performance, there is a
requirement to disclose these
breaches rapidly. As more executives are being targeted with highly
advanced attacks, boards must
require management to take
appropriate actions to safeguard
the assets of the company.
Why hackers are
winning the arms race
Implementing a cyber security
solution requires specialised
knowledge. Today’s sophisticated
threats are primarily caused by
financially motivated criminals
and nation states who use malware
to attack the organisation. This
malware is not generally detectable
by current anti-virus or any of the
other traditional security solutions
in common use.
There are two main classes of
attacker, defined by their motives,
which target companies: those
seeking financial gain and those
attempting espionage. Attackers
seeking financial gain have
adopted more aggressive tactics
in recent years. The techniques
have evolved from phishing to
online bank fraud, via threats like
Zeus, to aggressive intrusions seen
in the Heartland breach and the
2014 Target breach. Attackers
seeking financial gain are a major
threat for all companies that
collect payment information. These
attackers also resell confidential
information and trade secrets
from compromised enterprises.
To defend, many information security programs follow conventional
wisdom and implement a layered
approach to security, deploying
multiple security products at
different points in the network in an
attempt to detect malware. While
this is generally an improvement
over single-technology solutions,
many of the deployed technologies
are obsolete and no longer effective. When you have more than
70% of breaches beginning at
the endpoint and nearly 80% of
information security professionals
stating that users are their biggest
security headache (see Bromium
report: Endpoint Protection Attitudes and Trends 2015), it
becomes overwhelmingly apparent
that traditional endpoint protection
is a spectacular failure. Deployment of conventional, yet ineffective and expensive, countermeasures is common and a principal
reason for data theft.
Executives at the highest levels,
including the board, must be aware
of these developments and ensure
their organisation’s approach to
their cyber security program is
actually effective rather than just
being compliant with traditional
concepts of security.
Most of the tools we rely on use
detection as the primary function
but if someone comes up with a
new attack or changes an existing
one so that it looks just slightly
different from a previous attack,
they can get past these detectionbased approaches very easily.
That’s really where this arms race
has been lost over recent years;
the fact that these attackers have
learnt how to make these changes
very easily and cheaply to enable
them to bypass existing defences.
April 2015
Commercial Crime International
Cybercrime
The new approach: Network
Segmentation and Isolation
Today’s targeted malware seeks
to use compromised PCs as a way
into the enterprise network, attacking other systems to persist software that exfiltrates data. When
a single PC is compromised, the
Incident Response (IR) team has
to investigate every possible move
of the attacker, at enormous cost.
We need to be more like a biological system, where we have bodies
built of cells. If a particular cell is
compromised, the damage is generally contained within that cell and
killed off and removed. We need
to build our computer systems in
a similar kind of way with isolation
technology - a relatively new concept that is proving effective at
securing endpoints.
As the workforce becomes more
mobile, employers and employees
want to use those laptops and other
endpoint devices while they’re
working at Starbucks, at hotels and
airports, which all have unsecure
networks. However, you can’t
extend the boundary of the enterprise network to those places, so
those endpoints are going to have
to look after themselves. Therefore,
it is essential we adopt isolation
technology.
Micro-virtualization meets this need
by protecting computing devices
against the execution of malicious
code.
With endpoint systems today,
one of the challenges that we
have is that, if a user opens a bad
document, goes to a bad website,
or even just goes to a good website
and is served a bad advert, malware can easily end up running
as the user and then proceed to
compromise the whole machine.
Once this happens, there really is
a complete loss of control and then
anything that takes place on that
machine from then on is compromised too. Isolation technologies,
such as micro virtualization, can
April 2015
US offers $3m reward for Russian hacker
THE United States is offering a $3million reward - the highest ever in
connection with cybercrime - for information on a Russian hacker charged
with bank conspiracy and fraud.
Russian citizen Evgeniy Bogachev is charged in the US with running a
computer attack network called Game over Zeus which stole more than
$100 million from online bank accounts. FBI investigations indicate that
the ‘Game over Zeus’ computer virus is responsible for one million computer infections. Other charges of wire fraud, money laundering and
computer fraud exist against Bogachev in many US courts.
Bogachev carried allegedly trapped individuals by collecting their financial information through malicious software (malware) that either logged
user’s keystrokes for passwords and bank PINs when the unsuspecting
victims entered their bank account information. It is also suspected that
the same hacker is the master brain behind Crypto Locker Ransom ware.
help by ensuring that every task
being performed on that machine
happens within its own little bubble
(Micro VM). So if, or when, something bad occurs, it is contained
within a Micro VM and it isn’t
going to impact or compromise
the underlying system.
Enforcing the ‘need to know’
Even if the system does get compromised, whether it's because
the user itself is malicious, or
perhaps a loss of control of the
infrastructure, organisations still
have the confidence of knowing
that the information we really care
about is running within one of
these protected environments.
That enables us to follow a good
security practice by identifying the
business critical aspects that you
care most about, and coming up
with some set of restrictions for
them and then treating them
differently from everything else.
If CISOs try and apply the same
restrictions to everything, and treat
all data in the same way, they
would never be able to get anything done. Having to relax those
restrictions would mean that they
just wouldn’t be enforceable.
Shifting to a model where we have
things more compartmentalised
and isolated using micro virtualization means that everything is
running within its own containerso that users don’t have to be
concerned about the security
of the application itself, or even
of the underlying operating
system, because it is going
to be contained.
CISOs and CEO’s face a multitude
of new and emerging challenges,
including risks generated by the
myriad of mobile devices, the
endless amount of information,
the difficulty to act in accordance
with new regulations and the threat
of state-sponsored attacks combined with global cyber criminals.
Ensuring that corporate assets
are secure is an important legal
responsibility for today’s boards
of directors. In this dynamic, everchanging threat landscape, oversight of cyber security becomes
especially detrimental to organisations. It is up to the board to review
security budgets, policies, and the
effectiveness of security controls.
Game-changing security technology, such as micro virtualization,
can be instrumental in helping
boards see to it that management
successfully carries out its mission
to secure corporate assets and
users.
11
Commercial Crime International
Cybercrime
Spam and malware top SME risk list
A recent email security survey of SMEs conducted by OPSWAT, a provider
of solutions to secure and manage IT infrastructure, and Red Earth Software, a developer of email security solutions, has revealed that over 50%
of the respondents experienced malware breaches in the past 18 months.
Also, half of the companies surveyed declared that phishing emails had
managed to get past filters and trick employees.
Spam and malware were identified as the two top weakest links
respondents had with their current email security solution.
• 51% of companies had malware get past their email filters in the last
18 months
• 50% of companies had employees that clicked on phishing links
in the last 18 months
• 55% of respondents are ‘not certain’ or ‘not certain at all’ that their
employees will not click on phishing links or malicious email attachments
• 39% of respondents use only one anti-malware engine
• 68% of companies do not use any form of email encryption
OPSWAT commented it is remarkable that even with the above mentioned
statistics; employees still hold a somewhat complacent attitude regarding
email security. This indicated that companies must change their culture
and ensure that training is an integral part of their infrastructure.
Email scam cost company $17m
A US-based commodities trading company founded 120 years ago has
lost $17.2 million in an international email swindle, according to court
documents. An executive with the 800-employee company wired the
money in instalments last summer to a bank in China after receiving
emails ordering him to do so. The gambit involved emails sent to one of
the company executives that was purported to be from its Chief Executive
Officer and the company’s outside auditing firm. The emails directed the
wire transfer of millions of dollars to a Chinese bank. But court documents
said the emails were really from impostors using email addresses set up
in Germany, France and Israel and computer servers in Moscow.
Wells Fargo
combats ID cybercriminals with new
tax fraud service
WELLS Fargo, Americas’s largest
bank, is doing more to help combat
cybercriminals who steal identities
and file fraudulent tax returns to
send refunds to their accounts.
The bank recently signed a deal
with a company called Early Warning, which provides a wide variety
of fraud detection and prevention
services, including a new service
specifically focused on tax fraud.
Called Account Owner Authentication for Government, it serves as
a middleman between the government entity issuing the cheque
and the bank receiving a request
for deposit.
The service can quickly validate
whether the payee's name,
address, Social Security number
and other identification match the
information on the account where
the deposit is being made. That
allows it to confirm that the payee
on the tax refund is the authorised
owner of that particular account,
before the cheque is issued.
Online ID fraud
NEW Zealand’s largest credit
bureau says the internet is creating
a smokescreen for fraudsters
applying for credit. Statistics
released by Veda show nearly
5% of New Zealanders have used
fake names when applying for
credit and have poor credit histories. The data analytics company
found 216,000 New Zealanders
fell into this category during 2014.
Technology has made it easier
for people to be fraudulent, as you
often don’t need to present proof
of identity when applying for credit
online, it added, noting the extent
people are going to, to create
aliases, is alarming.
Published monthly by Commercial Crime Services,
Cinnabar Wharf, 26 Wapping High Street, London E1W 1NG, UK
Tel: +44(0)20 7423 6960 Fax: +44(0) 20 7423 6961
Email: ccs@icc-ccs.org Website: www.icc-ccs.org
Editor: Andy Holder Email: andyholder2@gmail.com
ISSN 1012-2710
No part of this publication may be reproduced, stored in a retrieval system, or translated in any form or by
any means, electronic, mechanical, photocopying, recording, or otherwise without the prior permission of
the publishers.
While every effort has been made to check the information given in this publication, the authors, editors,
and publishers cannot accept any responsibility for any loss or damage whatsoever arising out of, or
caused by the use of, such information. Opinions expressed in Commercial Crime International are those
of the individual authors and not necessarily those of the publisher.
Copyright 2015. All rights reserved