Latest news for Fraud Watch subscribers
City stockbroker charged with fraud
Nicholas Levene, the former deputy chairman of Leyton Orient Football Club and city stockbroker, has been charged with 16 offences of fraud, forgery, money laundering and false accounting, according to a statement from the UK Serious Fraud Office.
Forty-six-year-old Levene was charged with:
* 11 offences of fraud by misrepresentation (s1 (2)
Fraud Act 2006)
* two offences of possession of an article for use in a Fraud (s.6 Fraud Act 2006)
* two offences of money laundering (s.327 (1) (d) Proceeds of Crime Act 2002)
* one offence of False accounting (s.17a Theft Act 1968).
Problems first came to light in 2009 when he was reported missing by clients who had invested £200m with him as a broker.
The financier's clients included high profilers such
as Ann Gloag and Brian Souter, the founders of Stagecoach, and Richard
Caring, the owner of Annabel's nightclub and The Ivy restaurant.
In court documents filed in the summer of 2009, Gloag and Souter alleged that Mr Levene had taken money from them to buy shares on their behalf but failed to invest any of it and then failed to return the capital. Despite a court order, Levene is alleged to have failed to reimburse them.
Levene was charged last Friday at Snow Hill Police station in London following a 15-month investigation and was released on conditional police bail
The investigation was conducted by the Serious Fraud office with assistance from the City of London Police Economic Crime Unit and also involved close multi-jurisdictional co-operation with a number of overseas authorities.
The UK Treasury is causing widespread confusion with an ongoing changing of names.
Usually circumspect personnel have been effusive to Fraud Watch about the uncertainty, difficulty of doing business and the general chaos it is all causing. Not least as it comes so soon after the changing of APACS to the UK Payments Association, and with it the Financial Fraud Action UK, the UK Cards Association and other bodies.
As part of the coalition’s reshaping of financial services regulation, the Treasury has scrapped the Financial Services Authority’s (FSA) successor and created the Financial Conduct Authority (FCA).
It more recently scrapped the newly created Consumer Protection & Markets Authority (CPMA) name in favour of the FCA and has recently revealed more detail about the shape of financial services regulation under the proposed regime.
In its second consultation on the measures, published late February, it outlined its plans for a regulator with a ‘lower risk appetite’ than the FSA and a range of extra powers that would allow it to ban products and be more interventionist.
The UK's new financial watchdogs are to get powers to ban retail products and warn investors about pending enforcement actions.
Financial secretary to the Treasury Mark Hoban said a planned consumer champion and two other regulators would be strengthened when the Financial Services Authority was broken up next year.
The Consumer Protection and Markets Authority - now renamed the Financial Conduct Authority (FCA) - will be able to ban products or limit their distribution for up to 12 months.
The FCA will also be able to reveal its intention to penalise banks, brokers and individuals pre-emptively - before the target can present its case to an internal appeal body.
The body will also be tasked to foster competition to improve market efficiency and consumer confidence.
Internal competition inquiries have traditionally been the exclusive realm of the Office of Fair Trading but the Treasury is said to be considering giving the FCA joint jurisdiction.
The coalition is also unveiling its plans for the Prudential Regulatory Authority (PRA) and the Financial Policy Committee, both housed in the Bank of England.
The PRA will regulate individual banks and insurers.
Made up of regulators, central bankers and external experts, the FPC will try to head off credit bubbles and systemic risks. It will be led by Bank governor Mervyn King and four external members.
As well as risk, the FPC will be mandated to consider the effect of its regulatory policies on long-term economic growth.
The Treasury paper reveals more details about the relationship between the members of the regime: the Bank of England, the Prudential Regulatory Authority (PRA) and the FCA. It proposes reinforcing the power of the Bank of England, which will hold responsibility for monetary policy, financial stability and oversight of financial institutions. The FCA will oversee financial conduct, but the PRA will have the power to override FCA decisions if they threaten the stability of a business or the financial system.
The most controversial power proposed for the FCA is the ability to publish information on firms under investigation before it has completed the process. Solicitor Steven Francis, partner at City-based Reynolds Porter Chamberlain, questioned whether the change would be contrary to natural justice. ‘By pre-emptively informing a firm’s clients of its investigation, the new regulator could do serious damage to the firm’s reputation and business. The FSA regularly commences investigations that lead to no disciplinary outcome,’ said Francis.
FOUR members of a family accused of money laundering following a raid at a Suffolk scrapyard have been ordered to pay back more than £2m.
The settlement is the largest ever Proceeds of Crime confiscation order for Suffolk Constabulary and follows a massive police investigation at the Ponderosa scrapyard at Bridge End Road, Red Lodge, in 2008.
The two-acre site, which included a scrapyard, house and outbuildings, took two days to search and resulted in £735,000 being found, including £475,000 cash hidden behind a bath. Items of plant and several stolen vehicles being seized.
Following the investigation, which involved dozens of Suffolk police officers as well as other agencies including HM Customs and Revenue, Trading Standards, the DVLA, the UK Border Agency and the Department of Work and Pensions, charges were brought against Robert McGivern, 41, his mother Bernadette McGivern, 71, her 79-year-old partner Noel Healy and McGivern’s father Harold McGivern, 68, all of Bridge End Road, Red Lodge.
Robert McGivern was convicted at Ipswich Crown Court in 2009 of money laundering, fraud and handling stolen goods and was jailed for five and a half years.
In September last year a confiscation hearing ordered him to pay back criminal assets of £851,000.
In November 2009 Bernadette and Harold McGivern and Healy all admitted money laundering and were given suspended prison sentences.
Yesterday they returned to Ipswich Crown Court for a confiscation hearing during which Bernadette McGivern was ordered to repay £705,825, Healy was ordered to repay £375,900 and Harold McGivern was ordered to repay £118,273 making a total of £1.2m.
This, together with the order made against Robert McGivern, made a total of £2.051m for the whole operation. Suffolk Constabulary will receive some of the money to re-invest in similar investigations in the future.
After yesterday’s hearing Det Supt Chris Mayhew said: “Bernadette McGivern, Harold McGivern and Noel Healy have cheated the tax system in respect of properties in London and benefited from this in here in Suffolk.”
Police detective spared jail over card fraud
A fraud detective from Berkshire has been given a suspended jail sentence for defrauding his credit card company.
Lloyd Strang, 36, said £6,800 had been stolen from him using the card - but later admitted he had disclosed his PIN to a friend.
Strang, of Penyston Road, Maidenhead, Berkshire, pleaded guilty at the Old Bailey to the fraud in November last year.
The £42,000-a-year detective constable was based at the Payback financial investigations unit in Acton, west London, but is now due to lose his job.
He had been a police officer for 12 years and had been commended by the courts and senior officers, the court heard.
Detective Inspector Carolyn Davies said in one incident he had chased after a robber who fired a number of shots at him.
But Judge Paul Worsley told Strang: "You were a financial investigator and you must have known to be honest and diligent in all your dealings."
He gave Strang a three-month jail sentence suspended for 12 months with a condition of 240 hours of unpaid work.
The emails indicate that the attack comes from the group that also successfully hacked Google, Adobe Systems and Yahoo, amongst other companies under an attack probably called Operation Aurora.
Although China has denied being involved in the attack, US Secetary of State Hilary Clinton has sent a formal complaint and has asked for an explanation.
The leaked emails are from security company HBGary, which was hired by Morgan Stanley last year to help prevent hacking attempts.
In the emails, made public earlier this month by the activist hacker group Anonymous following a vengeful hack, an HBGary researcher said Morgan Stanley provided him details of the attack but asked that the information be kept secret.
“They were hit hard by the real Aurora attacks (not the crap in the news),” Phil Wallisch, senior security engineer at HBGary, wrote in a June 4 email to HBGary President Penny Leavy-Hoglund.
The attacks leveraged a previously unknown vulnerability in Internet Explorer to compromise systems at Google, Adobe and dozens of other companies. Morgan Stanley is the first financial institution to be identified as a victim.
given me access to a very sensitive report on their Aurora experience,”
Wallisch wrote in a May 10 email to Leavy-Hoglund.
In the same email, Wallisch said Morgan Stanley requested that he not share the information with anyone.
In a statement sent out on Tuesday, Morgan Stanley said the incident occurred more than a year ago and the bank has notified regulators, law enforcement and a “handful” of clients who may have been affected.
“Morgan Stanley invests significantly in IT security and manages a robust program to deal with malware and attempted computer compromises,” the statement said. “Like any other company in our industry, we deal with these matters in the normal course of conducting business.”
According to Dmitri
Alperovitch, vice president of threat research at McAfee, Operation
Aurora-style attacks are happening on a daily basis targeting a range
of industries but most are never disclosed publicly.
“Most major global companies have come under these persistent and targeted attacks over the last few years and many have been successfully compromised,” Alperovitch said.
Operation Aurora is unique, he said, because of all the details that have emerged about the attacks.
Last January, Google disclosed that its systems were compromised to steal intellectual property on behalf of Chinese hackers. Adobe, Juniper Networks and Rackspace have also confirmed that their systems were targeted in the attacks. According to reports, Yahoo, Symantec, Northrop Grumman and Dow Chemical also were among the victims.
Sachs director indicted
30 people now facing trial in Galleon insider trading case
The US markets regulator this week charged former Goldman Sachs and Procter & Gamble director Rajat Gupta with insider trading in the high-profile Galleon Management hedge fund case.
The Securities and Exchange Commission announced the charges for "illegally tipping Galleon Management founder and hedge fund manager Raj Rajaratnam with inside information about the quarterly earnings at both firms, as well as an impending US$5bn investment by Berkshire Hathaway in Goldman."
The SEC has previously charged Rajaratnam and others in the widespread insider-trading scheme involving the Galleon hedge funds.
Billionaire Rajaratnam and co-defendant Danielle Chiesi were indicted in December 2009 by a federal grand jury in New York on charges of using non-public information from company executives to earn about $20m in illegal profits.
Sri Lankan-born Raj Rajaratnam has pleaded not guilty and is expected to stand trial next week.
Chiesi, a former
consultant with New Castle Funds, pleaded guilty in January to three
counts of conspiracy to commit securities fraud.
About 30 people have pleaded guilty in the affair.
Rajat Gupta, the latest to be charged is accused of providing Rajaratnam with confidential information he learned as a board member of Goldman and P&G according to the SEC.
Rajaratnam allegedly used the inside information to trade on behalf of some of Galleon's hedge funds, or shared the information with others at his firm who then traded on it ahead of public announcements by the companies.
The insider trading
by Rajaratnam and others produced more than $18m in illicit profits
and loss avoidance, the regulator said.
Gupta, a Connecticut-based business consultant and former managing director of global consulting firm McKinsey & Company, was at the time of the insider trading a direct or indirect investor in at least some of these Galleon hedge funds, according to the markets watchdog.
He also "had other potentially lucrative business interests with Rajaratnam."
honored with the highest trust of leading public companies, and he betrayed
that trust by disclosing their most sensitive and valuable secrets,"
SEC enforcement division chief Robert Khuzami said in a statement.
"Directors who violate the sanctity of board room confidences for private gain will be held to account for their illegal actions."
Procter & Gamble announced that Gupta, who joined the board of directors in 2007, had "voluntarily" resigned Tuesday, effective immediately.
He "vigorously denied" the SEC's accusations but stepped down "to prevent any distraction to the P&G board and our business," Paul Fox, spokesman for the global pharmaceuticals and consumer products giant, told AFP.
P&G is "cooperating
fully" with the investigation, he added.
According to the SEC, Gupta had tipped off Galleon that P&G would have lower-than-expected sales growth in the 2008 final quarter, allowing the hedge fund to pocket illicit profits of more than $570,000.
Gupta joined the Goldman board in November 2006 and served as a member of the Wall Street giant's audit, compensation and corporate governance and nominating committees.
The bank's announcement
in March 2010 that Gupta, a senior partner emeritus at McKinsey, would
not stand for re-election came amid speculation that he was a suspect
in the insider-trading probe.
The Indian-born naturalized US citizen became chairman of the International Chamber of Commerce last July.
The Harvard Business School graduate has been affiliated with a number of organizations, including the United Nations, where former secretary-general Kofi Annan tapped him in 2005 as his special adviser for management reform.
‘Crimebook’ stolen data website jailed
Teenager gets five year term
The teenage head of a major stolen data website – tagged by prosecutors as ‘Crimebook’ – has been jailed for five years.
Nicholas Webber, founder of the Ghostmarket website, was sentenced after admitting to conspiracy to commit fraud and assisting offenders. Two others, Ryan Thomas and Gary Kelly, were given four and five-year terms respectively for their parts in the criminal scheme, which enabled criminals all over the world to swap stolen personal data.
The website had around 8,000 members worldwide, and is estimated to have defrauded £16.2m from stolen bank and card details.
A court in London heard how public-school-educated Webber, the son of a former politician in Guernsey, used an offshore bank account in Costa Rica to process profits made from the frauds.
The website operated as a hub bringing together online criminals and stolen personal data including bank account data and credit card details. It also specialised in passing on expertise in how to steal data.
Two other people involved with the website were also sentenced. Shakira Ricardo got 18 months for admitting conspiracy to commit fraud and acquiring criminal property, and Samantha Worley, who laundered money for the site, was sentenced to 200 hours of unpaid work for admitting to acquiring criminal property.
Webber was caught in 2009 when he and Thomas tried to pay a hotel bill with a stolen credit card.
Police found 100,000 stolen credit card details on Webber’s laptop. He later jumped bail and was rearrested upon his return to Gatwick airport in January last year.
AML bill passed by Senate
The Nigerian Senate has passed the nation’s Money Laundering Prohibition Bill.
The Chairman of the Economic and Financial Crimes Commission, Farida Waziri said with the move meant the country is on the verge of totally fulfilling the requirements of international anti-money laundering group the Financial Action Task Force (FATF).
She added that the bill, when assented to by President Goodluck Jonathan, will help the Economic and Financial Crimes Commission to improve its anti-money laundering operational strategy.
The new bill raises the bars for cash transactions that can be made outside a financial institution from N500,000 and N2m to N5m and N10m for individuals and corporate bodies respectively.
The Senate also raised the amount of international transfers that ought to be reported to government agencies from $2,000 to $10,000 for individuals. It places a duty on bankers and other financial institutions to report international transfers of funds exceeding $10,000 to the Central Bank of Nigeria, from where the records can be accessed by security operatives.
Transportation of cash or negotiable instruments in excess of $10,000 or its equivalent by individuals in or out of the country shall be declared to the Nigerian Custom Service, section 3 of the act prescribed.
Waziri said: "Lack of that law was almost getting Nigeria blacklisted, so we are very happy about that.”
She sais that, when the bill gets assent, the commission will go “back to the drawing board” together with banks and other relevant agencies, to map out new strategies.
Waziri denied rumours that she intended to reveal the names of corrupt politicians ahead of the 2011 elections.
Las Vegas Sands, one of Asia's biggest casino operators, is being investigated by regulators after an ex-employee accused it of making improper payments.
The company said it was being probed by the Securities and Exchange Commission (SEC), and the US Department of Justice after former Sands China chief executive Steve Jacobs made allegations in a lawsuit he has filed against Las Vegas Sands.
Jacobs, who was fired by the company, is claiming breach of contract and has accused the firm of using improper leverage against government officials.
The company is controlled by billionaire Sheldon Adelson.
Las Vegas Sands said it will co-operate with the probe, and denied the allegations.
Las Vegas Sands said that the US watchdog and Department of Justice were looking into its compliance with the Foreign Corrupt Practices Act.
The act makes it illegal for companies to give foreign officials improper payments.
The company said that the Securities and Exchange Commission had asked it to produce documents related to its Macau operations.
The Department of Justice was carrying out a separate probe, the company disclosed in its annual report.
Las Vegas Sands' growth is being driven by the success of its operations in Macau where it runs three casinos.
The Chinese territory has become the world's largest gambling market. Revenue totalled $23.5bn (£15.2bn), up 57% on the previous year, reinforcing the territory's position as the world's most lucrative gambling market.
Earnings have been driven by an influx of gamblers from mainland China.
Macau - a former Portuguese colony returned to China in 1999 - is the only Chinese city where gambling is legal.
On Tuesday, the company reported that net profit at Sands China Ltd, more than tripled in 2010 to $666.5 million.
However, it warned that the ongoing investigation could have a further impact.
"Any violation of the Foreign Corrupt Practices Act or applicable anti-money laundering regulation could have a negative impact on us," it said.
Gambling revenue in Macau increased by 57% in 2010
Knighted head teacher among three arrested for fraud
A knighted ‘superhead’ and two colleagues have been arrested after a two year investigation by the UK Serious Fraud Office. They are accused of siphoning off close to £1.6million in bonuses while classrooms crumbled.
Sir Alan Davies, 64, decorated for his services to education, was held yesterday with his deputy, Dr Richard Evans MBE, and Dr Evans’ wife Lesley.
Both Sir Alan and Dr Evans have been lauded for their work in the state education system with Tony Blair, Gordon Brown and David Cameron all visiting their former school.
Dr Evans, 53, is a former education adviser to Mr Cameron and a former Westminster councillor who twice stood as a Tory candidate.
All three are accused of defrauding Copland community school in Wembley, North West London, following allegations that payments totalling at least £1.56million were made to Sir Alan and three of his managers over a period of seven years.
Mrs Evans, 50, has also been accused of selling at Sotheby’s around 15 paintings, worth many thousands, that had been given to the school by British artist Mary Fedden, who taught David Hockney.
Yesterday’s arrests follow a Fraud Squad investigation into alleged ‘serious financial irregularities’ at the 2,000-pupil school after Hank Roberts, a geography teacher there, brought the claims to light in 2009.
It is claimed that Sir Alan received £410,278 in one year alone. He allegedly employed his sister, his son and his son-in-law, and Dr Evans allegedly employed his wife and his mother.
Yesterday Hank Roberts, who now works for the Association of Teachers and Lecturers union, said: ‘All the parents, staff and pupils are very, very pleased that a criminal investigation has been launched.
Former Apple exec pleads guilty to wire fraud
Apple manager Paul Devine has pleaded guilty to charges of wire fraud and money laundering after he was accused of taking as much as $1,000,000 in kickbacks from Apple partners.
Devine was said to have used his position as a midlevel executive at Apple to gain access to confidential information, which he would then sell on to Apple suppliers.
Between 2005 and 2010 Mr. Devine gave pricing targets, details on specifications and other information to suppliers of Apple accessories in exchange for payments. These payments were deposited into a number of different accounts, both in the U.S. and abroad.
When he was arrested in August of last year, the authorities found over $150,000 stashed in shoeboxes around his home as well as about $20,000 in foreign currency.
All told the former Apple staff member was charged with 15 counts of wire fraud, one count of wire fraud conspiracy, six counts of money laundering, and one count of engaging in transactions with criminally-derived proceeds. He pleaded guilty to one count of each statutory violation.Bloomberg reports that as a result, the former Apple employee will forfeit $2.28 million; he’ll also be subject to further fines and up to 20 years in prison when he is sentenced on June 6. A separate civil suit filed by Apple is still pending. It was put on hold for the duration of the criminal case.
Swiss regulator slams HSBC over data theft
HSBC has received heavy criticism from Swiss regulator Finma for the poor IT controls that allowed an employee to steal data on thousands of customers. It is this data that is veing used by authorities in France, Italy and Spain to identify tax evaders.
Between 2006 and 2007, Herve Falciani, an IT employee at the HSBC Geneva-based private bank, stole details of around 24,000 customers.
As the investigation began, Falciani fled to France and in 2009 authorities acting on a Swiss warrant, seized the data from his home. The information is now being used by France, Italy and Spain to identify tax evaders.
Following an investigation launched last March, Finma has reprimanded the bank for "deficiencies in its internal organisation and IT controls" and has demanded it "continue to rigorously implement measures to establish the necessary level of IT security".
United Nations Sanctions Breaker Jailed
Riad El-Taher has been jailed for 10 months for making illegal payments to the Iraqi Government of Saddam Hussein in contravention of United Nations sanctions and UK law.
Riad El-Taher, a British citizen aged 71 from Esher, Surrey, has admitted that in 2001 he made four illegal payments totalling over $500,000 to the Iraqi Government in order to secure lucrative oil contracts. During this period payments to Iraq could legally only be made after a licence had been granted by HM Treasury. El-Taher had neither obtained nor sought any such licence.
The contracts obtained by the illegal payments were for two million barrels of oil valued at over $50 million. This oil was sold for a profit of over $600,000, most of which was deposited in an offshore bank account controlled by El-Taher.
Economic sanctions were imposed by the United Nations in 1990 following Iraq's invasion of Kuwait. They barred all imports and exports from Iraq with some exceptions such as medicines. After Iraq's withdrawal from Kuwait, the UN resolved in 1991 that sanctions would only be lifted following destruction of Iraq's chemical and biological weapons, inspection of its nuclear capabilities and payment of compensation to the victims of its invasion of Kuwait.
In 1995 the UN relaxed the sanctions regime to allow the export of oil to fund the purchase of food, medicine and other humanitarian goods provided that all monies created by the sale of Iraqi crude oil went into a UN controlled escrow account; with all purchases of humanitarian goods being paid out of the same account. At no stage were monies to be paid to Iraq. This relaxation of the sanctions regime was known as the Oil For Food Programme and lasted until 2003 when all sanctions were lifted following the coalition invasion of Iraq and the end of the Saddam Hussein regime.
The illegal payments made by El-Taher related to contracts entered into under the Oil For Food Programme.
After the fall of the government of Saddam Hussein, the UN set up a committee to investigate sanctions breaches. This committee published its findings in October 2005, identifying El-Taher as one of the individuals involved in breaking sanctions
The SFO investigation led to El Taher being arrested in August 2008 and charged in August 2009. He pleaded guilty to all charges on 13 January 2011 and was sentenced today, 25 February 2011.
Italian police to play central role in protecting banking IT assets
Italian payments processor SIA-SSB is partnering with the national police to develop a collaborative plan to prevent and combat criminal and terrorist attacks on critically important banking and finance IT systems.
The agreement, with an initial duration of three years, was entered into in compliance with an Interior Ministry Decree, which identified SIA-SSB's role in providing payment card processing, payments systems, capital markets and network services for the nation's banks.
From the operational perspective, a direct link will be activated between SIA-SSB and the Postal and Communications Police's CNAIPIC - National Computer Crime Centre for the Protection of Critical Infrastructures.
The agreement provides a central role for the state police in the protection of IT services within the domestic financial sector.
fraud trial resumes
Italian prime minister Sylvio Berlusconi goes back on trial today in the first of four upcoming court cases that will train an intense spotlight on his private life and business practices.
Berlusconi is not expected to be present at the resumption of the trial in which he is accused of tax fraud. Among his fellow defendants, who also include several executives of his Mediaset television group, is the British lawyer David Mills, estranged husband of the former UK Labour minister Tessa Jowell.
The accused deny any wrongdoing.
The trial, and another in which Berlusconi is a defendant, was suspended last year because of a law passed by the government providing the prime minister and others with immunity from prosecution while in office.
Key aspects of the law were overturned on 13 January, opening the way for the resumption of both cases.
In the second, which is due to resume on 11 March, he is accused of paying Mills a £373,000 bribe to withhold testimony. On Saturday, a judge will open committal proceedings in a third case in which Berlusconi and others, including his son, Pier Silvio, deputy chairman of Mediaset, are charged with fraud and embezzlement.
Earlier this month, the prime minister was sent for trial in a fourth case involving his alleged payment of an underage sex worker and claims that he tried to cover up what he had done by abusing his position. That trial is due to start on 6 April, contributing the final element to a "perfect storm" of legal woe for the 74-year-old who denies all the accusations of wrongdoing levelled at him.
If the arguments of the prosecutor in the case that resumes this week are accepted, Berlusconi will have until 2014 to wrap up the trial and the two appeals allowed defendants under Italian law. But, according to some experts, the alleged offences could become subject to a statute of limitations as early as next year.
The Mills case is expected to be timed out 11 months from now. The British lawyer has already been convicted of taking the alleged bribe.
Last year Italy's highest appeals court quashed his conviction on the grounds that it was subject to a statute of limitations.
But two months later, giving the reasons for the ruling, the judges made it clear they believed a bribe had been paid.
Nations around the world have moved with impressive common purpose to freeze the assets of Muammar Gaddafi in an attempt to pressure the Libyan leader to stand down.
Britain on Sunday became the latest country to freeze billions of dollars worth of investments including those of Gaddafi's children, and lifted his diplomatic immunity.
The British government has also barred the export of uncirculated Libyan banknotes from Britain without a licence, amid reports that there have been attempts to move around $1.5bn in uncirculated Libyan banknotes out of the UK.
said on Monday (today) it was proposing a 60-day freeze on all financial
payments to Libya in a bid to stop funds from reaching Gaddafi.??"We
are therefore working to ensure that all financial flows are cut off,"
Guido Westerwelle, the German finance minister said.
Canada also made moves on Sunday to freeze the assets of Gaddafi and his family, and to halt financial transactions between Ottawa and the government in Tripoli.
"Far from protecting the Libyan people against peril, he [Gaddafi] is the root cause of the dangers they face," Stephen Harper, the Canadian prime minister, said in a televised statement.
The moves by Britain and Canada came after the US announced it was placing sanctions on Libya. Barack Obama, the president, signed an executive order on Friday freezing any financial assets tied to Gaddafi's government that were held by US banks and institutions throughout the world.
Switzerland has also frozen the assets of Gaddafi and his family, condemning the use of violence by Libyan forces against civilians.
Australia has said it is investigating claims that the Libyan leader has stashed millions of dollars in the country. Kevin Rudd, the country's foreign minister, said it was time for Gaddafi to step down.
"One of the reasons the Australian government acted early with unilateral autonomous sanctions against the [Gaddafi] regime was to ensure we can now begin legal processes for establishing whether any financial assets are held in Australia," Rudd told public broadcaster ABC.
"I'm not advised as to whether there are such assets or not, but such an examination is now under way," Rudd said.
It is not unprecedented for the assets of a ruling family to be frozen by UK authorities while they are still in power. The ruling junta in Burma, Saddam Hussein and President Milosevic of Serbia all had their assets frozen. What has been impressive in the case of Gadafi and Libya is the speed and the lack of dissent among governments.
The measures followed a UN Security Council agreement to impose sanctions, were designed to show "just how isolated" Gadifi’s regime is and are a clear example of the power of common purpose.
In the UK, for example, the Treasury, BIS and FCO directly liaised with Britain's largest banks as well as the FSA, BBA and Bank of England to ensure there were no cracks in the order.
As soon as all Britons had been extracted out of Libya and the legal permission had been given by the UN, the asset freezing order took effect.
While is it unclear exactly how much Libyan assets in the UK are worth, we can safely say it's in the "hundreds of millions" mostly in the form of paper assets, although son Saif owns a house in Hampstead.
freezing in Cairo
Egypt today (Monday, February 28,) put a freeze on the assets of ousted president Hosni Mubarak and his family and imposed a travel ban on him and his clan, two weeks after a mass uprising threw out his regime.
The general prosecutor Abdel Magid Mahmud ordered the financial assets inside the country of Mubarak and his family members be frozen, Al Jazeera reported.
The move comes close on the heels of an order seeking the freezing of the family's financial assets in foreign countries, following which the foreign ministry approached foreign governments and financial institutions.
The order also imposed a travel ban on the former president and his family pending further investigation.
The ban would apply to wife Suzanne, and his two sons Ala and Gamal, and their wives.
Mubarak was forced to step down on February 11 after being at the helm of the country for 32 years. He left the capital Cairo and headed to the Red Sea resort of Sharm el-Sheikh.
Mubarak is believed to have amassed a multi-billion-dollar fortune but his legal aides have termed the reports about his wealth as groundless rumours.
froze Mubarak's assets within hours of his resignation, France too accepted
Egyptian Foreign Ministry's request for an asset ban.
EU slaps fresh sanctions on Libya
European Union's diplomatic chief Catherine Ashton told a meeting of the UN Human Rights Council in Geneva that the bloc would impose further restrictions on Libya very soon, noting that violent repression in the north African country "shocks our conscience."
She said the EU sanctions might include "an embargo on equipment which might be used for internal repression."
Hillary Clinton, the US secretary of state, met with her counterparts from Europe and Russia on the sidelines of the UN meeting to discuss fresh measures to weaken Col Gaddafi's regime. She said she had been seeking a consensus so that "we can better coordinate and organise in meeting the expectations laid down by the Security Council."
Guido Westerwelle, the German Foreign Minister, though, called for a 60-day freeze on all payments into Libya in order to choke the regime of funds.
says it is investigating whether Colonel Gaddafi or any members of his
family hold assets in this country.
The Foreign Minister Kevin Rudd says the investigation has been made possible by the United Nations vote to impose of sanctions on Libya.??The sanctions were passed unanimously and by UN standards relatively swiftly, but it's not yet clear what impact they will have.
India is planning to reduce the powers of government ministers and fast-track cases against officials to crack down on corruption.
President Pratibha Patil, in her annual address to parliament, outlined the plans as the government scrambles to respond to the biggest graft scandal for years.
"A group of ministers is considering all measures, including legislative and administrative, to tackle corruption and improve transparency," said Patil.
Under pressure from opposition parties, the government has this month launched a special investigation into a telecoms scandal that the state auditor says may have cost US$39bn in lost government money.
The president said that India needed to encourage more foreign investment, which is falling, and that it needs to push ahead with the reform agenda of the Congress party-led coalition to sustain growth in Asia's third-biggest economy.
Prime Minister Manmohan Singh is under severe pressure over opposition claims that his government sold access to the world's fastest-growing mobile phone market at rock-bottom prices.
A former telecoms minister has been arrested over the affair and investigators have questioned business leaders.
Laxity in prosecuting government officials for corruption has opened up Singh's government to accusations it works in a culture of impunity, with even the Supreme Court chiming in with some rare criticism.
Europol & Eurojust tackle international payment fraud gang
French and Bulgarian law enforcement authorities have joined forces with Europol and Eurojust to disrupt the activities of an international organised crime group active worldwide.
EU anti-organised crime group Eurojust said the criminals have been responsible for an international payment card scam, producing counterfeit payment cards and performing illegal transactions in many EU Member States, as well as in Australia, Kenya, United States, and the Republic of South Africa.
Following the execution of arrest warrants, European police office Europol supported French and Bulgarian law enforcement authorities to carry out five house searches, resulting in the arrest of nine suspects in Bulgaria and France.
During the whole Operation ’Green Lips’, named after the peculiar type of card skimmers deployed by the group, police seized skimming devices, hard disks, equipment used to illegally copy card data and data on thousands of compromised cards. Police say the criminals had been responsible for ATM skimming, exchanging compromised credit card data via the internet and then using the counterfeit cards worldwide. The estimated losses caused by their purchases exceed Eur1m.
During the raids carried out in Bulgaria by the Inter-regional Directorate of Judicial Police of Lyon (DIPJ-Lyon), the National Investigative Service, the General Directorate for Combating Organised Crime, and Europol, the Europol mobile office was deployed to coordinate the international operation and provide access to Europol’s intelligence databases. Investigators from the Member States involved made use of Europol‘s analytical, tactical and technical support capabilities.
Eurojust facilitated cooperation and coordination between judicial and law enforcement authorities of the involved countries. One coordination meeting was held at Eurojust premises to enable the sharing of evidence and the planning and coordination of operations in Bulgaria to dismantle the criminal network.
In a joint statement, Europol and Eurojust said: “Payment card fraud has become a global problem. Criminals with access to compromised payment card data distributed via the internet, affect not only EU Member States but also non-EU countries. In such cases, crossborder cooperation and coordination of international investigations is crucial to effectively tackling this problem.”
Banks “had to have known” about his massive Ponzi scheme, according to jailed fraudster Bernard Madoff.
Giving his first interview since being jailed for 150 years for his investment fraud, Madoff said that banks and hedge funds had shown a “wilful blindness” to his activities.
He told The New York Times that “the attitude was sort of, ‘If you're doing something wrong, we don't want to know.' ”
Many may doubt anything that comes out of the mouth of the man convicted of the world’s biggest investment fraud, but Madoff claimed that the financial institutions failed to examine discrepancies between his regulatory filings and other information that was available to them.
His claims of financial industry complicity echo those of trustee Irving Picard, who has been charged with recovering investor losses from the scheme.
However Madoff did not offer any proof that his main bank, JPMorgan Chase, knew it was enabling a fraud, other than claiming it was purposefully shielding its eyes from the truth.
Madoff also declined to extend the blame to his close associates. He defended Fred Wilpon and Saul Katz, owners of the New York Mets baseball team who invested with him for years, claiming: “They knew nothing. They knew nothing.”
Irving Picard has this month filed a US$1bn lawsuit alleging that Wilpon and his partners knew, or should have known, about the fraudulent nature of Madoff's investments, and that they profited from them. Wilpon denies the allegations and says that he and Katz were duped by Madoff.
Whatever the veracity of Madoff's claims of bank involvement, he still appears to be unable to resist spinning lies. He told The New York Times that he is cooperating with Picard who is trying to recover over US$20bn in assets for the fraud victims, claiming he met directly with that Picard in the North Carolina prison where he is serving his sentence.
However, Picard’s chief counsel David Sheehan said in a statement that the claim is inaccurate, adding: “At no time did any meeting between the two take place and there has been no direct communication between them at any time.”
Fraud scandal hits
Chinese online giant
CEO and COO both resign
Chinese e-commerce giant Alibaba.com is at the centre of a selling fraud scandal that has led to the departures of both its CEO and COO.
The business-to-business e-commerce website's CEO David Wei and COO Elvis Lee both resigned on February 21, according to a statement filed with the Hong Kong stock exchange.
The statement said the pair were not linked directly to the fraud allegations, but had stepped down to take responsibility for “the systemic break-down in our company's culture of integrity.”
Sellers had created fraudulent storefronts on the website posing as legitimate online salespeople. The news is potentially damaging to the hugely popular website which stakes its reputation on the trustworthiness of its vendors.
An internal company investigation found that Alibaba.com noticed an increase in fraud claims beginning in late 2009 against sellers designated as gold suppliers (those that have been vetted by an independent party as legitimate merchants).
It was found that around 100 Alibaba.com salespeople had let fraudulent entities bypass regular verification measures and establish online storefronts.
The company said that it uncovered fraudulent transactions by 1,219 of the gold suppliers registered in 2009 and a further 1,107 last year, accounting for about 1% of the total number of those years' gold suppliers.
The company said that "the vast majority of these storefronts were set up to intentionally defraud global buyers," by advertising consumer electronics at cheap prices with low minimum order requirements. The average claim against fraudulent suppliers was under US$1,200.
In November last year Alibaba said it had more than 56 million members and had earned more than US$570m over the first three quarters of the year, a 30% increase compared to 2009.
Jonathan Lu, who heads the Taobao.com online retailing affiliate, has been named as the successor to Wei as CEO of Alibabacom’s parent company, whose biggest shareholder is Yahoo!
Record amount of illicit funds seized in Hong Kong
Hong Kong seized
a record amount of illicit funds in 2010, according to officials in
the Chinese territory.
The announcement comes in the wake of claims by the United States that Hong Kong was becoming a haven for money laundering due to its loosely regulated economy.
Police and customs officials said they seized HK$150m (US$24.6m) in cash linked to criminal activities last year, double their haul in 2009, amid a surge in suspicious banking transactions.
In 2010 the CIA warned that Hong Kong's banking system "provides a conduit for money laundering", including funds derived from heroin and methamphetamine trafficking.
There was also a 17% increase in the number of people convicted of money laundering in Hong Kong from 307 in 2009 to 360 last year, according to government figures.
Hong Kong has introduced new legislation to combat money laundering and terrorist financing, which will come into force by April 2012 if it is approved.
Anti-money laundering organisation the Financial Action Task Force, has also criticised Hong Kong over its lack of laundering controls.
US arrests Credit Suisse banker
A Credit Suisse banker has been arrested in the United States in connection with a longrunning tax fraud investigation.
The employee Christos Bagios, a Greek national, has been charged with conspiracy and fraud related to the Swiss bank’s offshore account activities.
The arrest is being seen as a signal that the US authorities are switching their attention from institutions to bankers and their wealthy clients. The US has been cracking down on tax evasion schemes and on Swiss bank secrecy laws, and further arrests are thought imminent in the tax investigation.
The US crackdown is being headed by Manhattan Attorney Preet Bharara. In 2009 Swiss-based UBS was fined US$780m for helping US citizens conceal around $20m from the tax authorities.
Bagios heads Credit Suisse's Relationship Management West Coast group, a private banking unit that is part of Credit Suisse Private Advisors.
Credit Suisse has so far not commented on his arrest.
The UK is under increasing international pressure to implement its much-delayed Bribery Act.
Justice Secretary Kenneth
said the government was committed to the anti-corruption laws despite
their introduction having been delayed twice. He told the House of Commons
that he reassured his US counterpart that the UK was going to implement
Government sources say that UK firms could face an international backlash if the Act – proposed by the previous Labour government and the first overhaul of the UK’s bribery laws in a century- is further delayed.
The delay has been criticised
in the US, where some officials and firms have claimed it means the
UK is a corrupt place to do business, and that it puts US companies
at a disadvantage when competing with British firms for foreign contracts.
The Organisation for Economic Co-operation and Development (OECD) has been pressing the UK to comply with its anti-bribery convention for several years. The OECD is now threatening sanctions should the Act not be brought into force.
Clarke said he hoped the Ministry of Justice would be able to publish guidelines to the new law within weeks rather than months, although he added this could not be guaranteed. He said the Act should become law 90 days after the guidance was published.
He claimed: “Along
with the United States and others, we are one of the leading countries
in pressing for a drive against corruption in the world, because corruption
is bad for all business, including British business when it tries to
export to other countries. Because of the debate that is taking place
about the Act, I have had to reassure my American colleagues that we
are not falling behind and that we will implement the Act.”
A compliance cash cow?
However, he added that it was important the legislation was not turned into a cash cow for compliance lawyers. He told the Financial Times that it “won’t matter if you take somebody off to a hospitality box at Twickenham.
“Anybody who tries to tell you that’s going to be a criminal offence in this country is pulling your leg, or trying to get money off you.”
He said he wanted to ensure the legislation would not but burdensome pressure and costs on UK businesses, particularly SMEs.
In response to questions about the cost of compliance for firms, he said: “I hope to put out very clear guidance for businesses of all sizes to make that clear and to save them from the fears that are sometimes aroused by the compliance industry-the consultants and lawyers who will, of course, try to persuade companies that millions of pounds must be spent on new systems that, in my opinion, no honest firm will require to comply with the Act.”
Clarke’s “Twickenham” statement and his additional comments that he believed there would not be “that many” prosecutions under the new law will add to suspicions among anti-corruption campaigners. Many suspect the UK is attempting to water down its commitment to tackling overseas graft in the wake of lobbying by employers group the Confederation of British Industry.
Businesses in other countries - especially in the US, France and Germany - have been critical of that they perceive to be attempts by UK companies to steal gain an advantage on them in doing business.
Transparency International (TI) says the Bribery Act only means that the UK is catching up with other OECD countries by updating its laws in line with the OECD Convention and that it is not doing more than its major OECD competitors.
The campaiging group says US anti-corruption legislation is equally strict and that, although the US Foreign & Corrupt Practices Act of 1977 (FCPA) does not cover all areas covered by the Bribery Act, these are covered in other areas of US company law. “In some areas the FCPA is stricter than the Bribery Act,” claims TI.
The Chair of the OECD working group on bribery, Mark Pieth stated that the UK Bribery Act “is by no means stricter than the laws of other OECD member states.”
TI says there is no evidence that UK companies are systematically losing out to bribe-paying competitors. It says the government should make an immediate public commitment to publishing the final Guidance so that the Act, in its entirety and without any dilution of its key provisions, comes into force no later than May 2011.
The UK has long been regarded internationally as being lax in its bribery controls and it came under heavy criticism in 2007 when Prime Minister Tony Blair forced the Serious Fraud Office to abandon its investigation into BAE Systems over defence contracts with Saudi Arabia.
Company directors could face financially crippling legal action if their firms are found to have contravened the Act, according to corporate lawyer Mark Rainsford QC.
He claimed that investors were likely to sue directors for their personal assets if a company was charged under the law and the firm's share price fell sharply as a result.
He added that the threat of such cases, which are already being brought in the US, was heightened by "strict liability" provisions in the legislation, which make businesses responsible for the activities of their agents and partners overseas.
It means that any firm that fails to take adequate precautions to prevent corruption could be charged with a criminal offence, even if it had no knowledge of the actions of their agent.
A 77-year-old Amish man is alleged to have conducted a US$33m that targeted 2,600 investors.
US Securities and Exchange Commission says that Monroe Beachy carried out the scheme over 25 years starting in 1986, with the majority of the victims of his investment fund also being Amish, including a school and church in the community.
Beachy, who lives in Amish village Sugarcreek in Ohio, went bankrupt in 2010. The SEC alleges that, by then, he had lost more than $15m in speculative investments.
The regulator said that Beachy told investors that their money would be put into safe, government backed securities but to have instead gambled on risky ventures like internet companies. The SEC said the scheme echoed financier Bernard Madoff's infamous Ponzi fraud.
Despite the losses, statements Beachy’s investors received statements showing fictional gains.
Beachy said he had used a broker and had not authorised investments in internet companies.
He told the Washington Post that what had happened was "not intentional."
Investors have applied for a bankruptcy case involving Beachy to be thrown out of court because the process runs counter to their religious beliefs. They say they want to handle it within their own community.
The bankruptcy court was told: "The Amish believe that participation, regardless of how minimal, in judicial and other litigation practices are strictly prohibited by Scripture."
Europol disrupts international card skimming network
Europol says its has co-operated with Romanian law enforcement authorities to disrupt an organized international card fraud group.
The European law enforcement agency says the criminal group was active in many EU countries including Poland, Romania, Sweden and the UK. The main focus of their criminal activities was the skimming and counterfeiting of payment cards, and illegal cash withdrawals all over the European Union. The criminal activities and illegal card transactions led to substantial financial losses for the cardholders and issuers in the EU.
Five members of the international criminal structure were arrested in Romania. Additionally, during 14 house searches conducted in several Romanian cities, including Pitesti, Galati and Vaslui, police officers seized large amounts of cash (Eur50,000, US$50,000 and £18,000), as well as goods illegally purchased by the suspects.
The operation, supported by Europol, was carried out by the Prosecutor's Office of the Romanian Counter Organised and Serious Crime Directorate (DIICOT) and the Romanian Cyber Crime Unit of the Brigade of Countering Organised Crime (BCCO). The Polish Police from the Regional Headquarters of Police in Lublin, also supported the operation by providing intelligence.
Europol says it has been involved in the case since March 2010, facilitating the exchange of information and providing technical expertise and operational analysis. It organised two operational meetings at its headquarters in The Hague between Polish, Romanian and Swedish investigators and prosecutors.
In a statement Europol said: “The coordination of investigative measures was necessary as several members of the same organised crime group were also arrested in Poland. The main aim of Europol in this case was to facilitate international cooperation which is key to the successful prosecution of all members of the criminal network.”
Europol added that its central role in coordinating crossborder cooperation and investigations is crucial to effectively tackle the problem.
Cosmetics retailer Lush has had to close its websites in Australia and New Zealand after they were hacked.
The closures come shortly after Lush had to close its UK website following similar attacks.
Fraudsters stole an unknown number of credit card details held on the Australian and New Zealand websites after they exploited vulnerabilities created by antiquated IT systems which had not been updated.
Lush Australia said customers who have bought items on its website should contact their banks immediately and possibly cancel their credit cards.
Lush was heavily criticized in the UK when it admitted its website had been hacked repeatedly by fraudsters for a three month period. Despite knowing of the attacks it only informed customers on January 20.
Lush claims that the attacks in the UK and Down Under are not related.
“Our website is not linked to the Lush UK website, which was recently compromised," Lush Australia said in a statement.
Lush has confirmed that card details were stolen, along with the company's entire customer database. It added that it did not know how long the breaches had been taking place for.
Lush Australasia director
Mark Lincoln said that forensic investigators are in the process of
working out how far back the breaches go.
He added that Lush first became aware of the problem on February 14, and sent emails out to customers the same day.
Sophos security expert Graham Cluley says Lush should state whether or not the customer credit card information had been encrypted. He adds: “If it had been strongly encrypted then although a hack might have been embarrassing, customers would not necessarily be at risk of fraud.”
gets eight year sentence
A British trader has been given an eight-year prison sentence for his role in a £14m Ponzi scheme.
Terry Freeman, 63, former head of GFX Capital Markets, was convicted at Southwark Crown Court of defrauding more than 300 investors.
The former trader pleaded guilty to a number of charges including fraudulent trading and acting as a director of a company while bankrupt.
He was found to have used the money of his investors to fund a lavish lifestyle which included cars, jewellery and an executive box at Tottenham Hotspur’s football ground.
Judge Christopher Hardy said the case was one of the “most serious ... of this type I've had to deal with in this court".
“You were not dealing with big institutions, but ordinary hard-working men and women and their families who trusted you to invest their hard-earned life savings, pensions and inheritance and the like, and for them in reality all is likely to have been lost," he added.
Three years ago, 27-year old Yevgeny Anikin was involved in an international cybercrime that hacked into the computer network of RBS WorldPay, which used to be the US payment division of the Royal Bank of Scotland.
The group found a way of hacking into the data encryption used by RBS WorldPay to protect payroll debit cards that employees used to withdraw salaries from ATMs.
After compromising the system, the hackers allegedly copied information, boosted the maximum withdrawal limit and raided cash machines in Europe, Asia and the US.
Although Anikin pleaded guility,
he received only a five-year suspended sentence.
The judge applied leniency even though he had bought two apartments and a car with the proceeds. Anikin says he is trying to pay the money back.
Other members of the gang
are expected to receive prison sentences.
If Anikin had been extradited to the US, his sentence would have been very different.
ETF insider trading concerns
The US Securities and Exchange Commission (SEC) is investigating claims that traders on Wall Street are using exchange traded funds (ETFs) to mask insider trading.
ETFs can be used to maximise stock gains while masking trading patterns, it is alleged.
One practice can involve
shorting stocks within an ETF to target individual holdings, which is
known as ETF stripping, according to reports in the Financial Times.
No-one has yet been charged, but the investigation forms part of a wider enquiry by the FBI and SEC which has already resulted in 24 individuals pleading guilty to insider trading charges.
India’s largest corporate house set for major penalty for insider trading
Market regulator SEBI is all set to penalize India's largest corporate house Reliance Industries for its alleged involvement in a case of insider trading.
SEBI is expected to hold a hearing with RIL before finalising or quantifying the penalty amount.
The case relates to 2007, when RIL sold 4.1 per cent equity in its Reliance Petroleum Ltd in an open market transaction, earning huge profits. This raised the red flag, of whether this constituted an act of insider trading, since RIL would have insider knowledge of their own company, Reliance Petroleum Limited (RPL).
Reliance Petroleum since then has merged with its parent Reliance Industries in September 2009 and got delisted from the stock market. On its part, Reliance Industries in the past has tried to unsuccessfully settle this case with SEBI. RIL had filed a consent petition in November 2009 offering to pay Rs 2 crore and again in August 2010, to pay close to Rs10 crore, both of which have been rejected by SEBI.
But the market regulator is said to have assessed the illegal gains from the alleged insider trading at over Rs 500 crore and found the offered consent fee too less in comparison. The extent of the penalty is unclear but could be Rs 25 crore or three times the gain from the illegal transaction – whichever is higher.
Austrian watchdog examines more insider cases
Austria's markets watchdog
is pursuing more suspected insider trading cases despite a court setback.
"There are two or three current (insider) cases that we can't speak about now," Financial Market Authority Executive Director Kurt Pribil said, adding the goal was to bring Austrian case law in line with European Union jurisprudence.
Pribil and co-executive director Helmut Ettl told journalists they were not discouraged by a Vienna court ruling last month that cleared OMV Chief Executive Wolfgang Ruttenstorfer of insider trading for lack of evidence.
Prosecutors have filed an appeal in that case.
Only one person has ever been convicted of insider trading in Austria and got a suspended sentence. People convicted of the crime can get up to five years in jail.
An FMA spokesman said the watchdog takes a close look at around 15 to 20 suspected insider cases every year and typically refers one to five of them to prosecutors.
The UK’s Serious Fraud Office has launched an investigation to see if any assets of deposed Egyptian President Hosni Mubarak and his family are located in Britain.
Egypt has not yet made any requests regarding Mubarak’s assets in the UK or any other countries, but the Egyptian cabinet is likely to request a freeze on his assets, local media reported. The SFO says it wants to locate any funds so that it is in a position to react swiftly if a request is made.
Egyptian opposition groups allege that the Mubarak family have made huge amounts of money during his 30 years as president through kickbacks and private deals. They believe large amounts of Egypt's wealth are hidden in overseas bank accounts and property.
Switzerland froze funds belonging to Mubarak and his close associates on February 11 to prevent their “misappropriation,” the Bern-based Foreign Ministry said in a statement.
The SFO is investigating a Belgravia, London-based private equity firm with links to Mubarak’s sons Gamal and Alaa.
Mubarak’s family may have around US$2.4bn in British and Swiss bank accounts and in property in London, New York and Los Angeles, according to a report in The Sunday Times.
A wave of public protest forced Mubarak to resign on February 11.
for ATM skimming gang in Ireland
President’s husband among those targeted
Members of a Romanian ATM skimming gang based in Ireland have been jailed at Dublin Circuit Court.
One of those targeted by the fraudsters was Martin McAleese, husband of the Irish president Mary McAleese, who had his ATM card skimmed and a cloned card later used to withdraw €5,000 from his account.
Members of the skimming gang were found with advanced skimming equipment, including a laptop containing 1,900 credit card numbers and video of people entering their PIN numbers into ATMs.
George Cioara (27), Vasile Martin (36), Bogdan Scantei (27), Vlad Condriuc (25) and Adrian Morosan (19), all of no fixed abode, and Costel Asimioanei (28) of Celbridge, Kildare, received sentences of between 16 months to 10 years.
Judge Martin Nolan ordered all except Scantei to leave the country upon release and not return for 10 years. Another man has elected for trial on the charges, while an eighth accused is on the run.
Irish police found CCTV footage from a branch of Ulster Bank in Terenure, Dublin showing Vasile Martin installing a device on the door of the bank lobby in December 2009. Asimioanei was then seen putting a miniature camera on the ATM inside the lobby.
Detective Garda Alan Murphy told the court that customers had to swipe their card to get into the branch lobby. The device placed on it by Martin recorded Martin McAleese's details and his PIN was then recorded by the camera on the ATM.
The gang then made a counterfeit card which was used it to withdraw around €5,000 over two months.
In February 2010, police observed Asimioanei driving to the same bank and installing a camera on the ATM. A short time later Scantei was seen entering the bank and removing the device.
Both men were arrested nearby and the equipment was found hidden in a hedge. In interview they denied knowledge of the devices and knowing each other.
Nearly a third (29%) of consumers across eight major economies have been victims of card fraud in the past five years.
This is up by 60% from less than a fifth (18%) in summer 2009, according to a new survey by ACI Worldwide.
Results of the survey varies significantly by country – nearly half (43%) of people in China have been victims of card fraud, compared to only 11% in the Netherlands.
The UK has a higher instance of card fraud than most other countries surveyed, with a third (33%) of consumers falling victim in the past five years, up from 27% 18 months ago. This means an estimated 14.6 million UK consumers have been the victims of card fraud in the last five years.
The good news for financial
institutions is that 79% of all the card fraud victims surveyed were
satisfied with the response from their financial institution, up from
75% in 2009.
Quality of service
The survey questioned 4,200 consumers across 14 countries. Of these 41% would change or consider swapping their financial institution as a result of being a victim of card fraud or knowing someone who was. However, a further 45% said it would depend on the quality of service they received, highlighting the importance of customer service and response when fraud does happen. In the UK, 37% of consumers would change or consider swapping financial institutions following an incidence of card fraud, down from 41% in 2009.
Only 14% of UK consumers are unhappy with the treatment they received, in the US 12% and Australia 10%, compared to 41% in India, 38% in Dubai and 32% in Singapore.
In the UK, the speed at which money was refunded following fraud was the main reason for customer satisfaction (40%) closely followed by the ability of financial institutions to identify the fraud before account holders (34%). This is a picture reflected across the globe although remarkably American consumers say that the ability for their bank to identify the fraud before them (40%) is more important than actually getting the money back quickly (32%).
Most have confidence in banks
The survey found good news for the banking industry in that 81% of people have confidence in their financial institution to protect them from card fraud. Across all countries surveyed, only 19% of consumers feel that their banks could do more to protect them. Only 13% of UK consumers feel this way, but in some BRIC (Brazil, Russia, India and China) and Middle Eastern economies, the survey says financial institutions need to do more to instil trust in their services. In China, 42% of respondents alongside 29% of Brazilians, and 25% in Dubai have little or no confidence in the ability of their financial institution to protect them from card fraud.
Consumers themselves claim they want to be kept informed about fraud by their financial institution. Over half (54%) of people want their bank to contact them on their mobile, either with a call or by SMS, if they notice suspicious activity on their card, rising to 65 per cent in India, 85% in Dubai and 78% in Singapore. In the UK, 39% of consumers want to be contacted on their mobile.
David Divitt, senior fraud consultant at ACI Worldwide, commented on the findings: “It is clear that financial institutions and processors are working tirelessly to combat card fraud and protect their customers – and this is paying dividends in terms of customer satisfaction. However fraud is constantly changing and, looking forward, the industry will need to increase focus on identifying identity theft and assisting victims to maintain this improvement in customer experience.”
Second MP jailed for expenses fraud
Another UK MP has been given a jail term for expense fraud.
Eric Illsley, who resigned his seat this week as Labour MP for Barnsley Central, was jailed for 12 months at Southwark Crown Court in London.
Illsley had pleaded guilty plea to claiming £14,500 more in expense than he was entitled to.
The court had heard that llsley regularly submitted false expenses forms worth hundreds of pounds for council tax and utility and telephone bills without supplying any receipts.
His sentence came shortly after Jim Devine, the former Labour MP for Livingston, was found guilty of filing false invoices totalling £9,000.
Last month former Labour MP David Chaytor was jailed for 18 months, while Conservative peer Lord Taylor of Warwick was convicted of expenses fraud and is awaiting sentencing.
The number of identity fraud incidents in the United States fell by three million (28%) in 2010, according to new research.
The 2011 Identity Fraud Survey Report from Javelin Strategy & Research found that the total overall fraud amount decreased from US$56bn to US$37bn in 2010 – the lowest figure recorded since the report started eight year ago.
Around 8.1 million people - 3.5% of the US population - were victims of identity theft in 2010, down from the 11 million victims in 2009.
However, mean consumer out-of-pocket costs due to identity fraud increased 63% from $387 per incident in 2009 to $631 per incident in 2010. Javelin attributed the increase to a spike in new account fraud and "friendly fraud," which are generally harder to detect.
Average fraud losses per victim also fell from $5,000 in 2009 to $4,600 in 2010.
The number of reported data breaches fell sharply with around 26 million records exposed in 404 reported breaches during 2010, compared to 221 million records in 604 breaches during 2009.
“Economic conditions also appear to have contributed
to this year-over-year decline, as well as increased security measures
and some significant law enforcement successes," said James Van
Dyke, president and founder of Javelin Strategy & Research.
A reduction in credit and greater checks on those who apply for loans could also have contributed to the fall in the fraud level, though the Javelin report does not specifically mention this.
Existing card fraud fell by 38% from $23bn in 2009 to $14bn in 2010. Fraudsters usually carry out this type of fraud by either adding their name as a registered user on an account or changing the physical address of the account.
Other key findings of the survey included:
New account fraud tops all others: New account fraud (accounts that have been opened without the victim's knowledge) is harder to detect and the most likely to severely impact victims. New account fraud was responsible for the greatest fraud amount in 2010 ($17bn). Identity detection and web monitoring services, like those offered by Intersections, can track for unauthorized usage of consumer's personal information like new car loans and home applications. It can detect when a user's Social Security, credit card, and bank account numbers are found in unsecure locations.
Physical address change is #1 means of account takeover: The survey found changing physical addresses was the most common method of account takeover in 2010. Services that monitor the user's address will alert them to any changes, enabling them to take immediate action if necessary.
Most victims discovered they had been victimized through
bank & credit card company notifications: Consumers can monitor
new account openings through monitoring services, and should also sign
up for notifications from their banks.
Mean resolution time is increasing: The time consumers spent resolving an identity fraud incident significantly increased in 2011. Prevention is key to minimizing the costs associated with identity fraud. Vigilant consumers can decrease this time by taking stock of their personal and financial profiles, and monitoring that information before fraudsters wreak havoc on them.
Online fraud still biggest threat to UK business
The online fraud
problem has not improved for many UK merchants and in some cases is
Those are among the findings of the seventh annual UK Online Fraud Report from e-security company CyberSource, which states that despite an overall challenging economy UK merchants predict positive e-commerce growth in 2011 with only 2% expecting a decline.
In the face of this projected revenue growth, the survey found that key fraud metrics have not improved for many survey respondents. On average, 1.9% of 2010 orders accepted later resulted in fraud (compared to 1.6% in 2009), although this figure does vary by market sector. Furthermore, 59% of respondents expect fraud management budgets to remain stagnant in 2011, with 10% expecting to have less available.
Dr Akif Khan, co-author of the report and director, products and services at CyberSource, commented: “Merchants’ 2011 e-commerce growth predictions are certainly encouraging. However, as organisations look to drive more online revenue, it is vital that they address any vulnerabilities to protect themselves from fraud. With the majority of merchants not allocating any additional budget to manage the issue, businesses should focus on designing sustainable strategies that not only reduce fraud losses, but streamline the entire process.”
Merchants continue to expand into new territories with nearly 60% of UK merchants now accepting online orders from abroad. The US has become an increasingly popular market for UK merchants in recent years – capitalising on a similar language and online buying culture. However, survey respondents have now ranked the US third, behind Nigeria and Ghana, as a likely source of fraud.
“Expanding into new geographies can be very attractive from a revenue perspective,” said Khan. “However, merchants need to exercise due diligence and arm themselves with the right anti-fraud tools. There is no single approach – the merchant’s business model, sector and specific products and services should all play a part in the decision making process.”
When asked to specify the range of order identifiers used to classify a country as ‘high risk’, 59% of merchants use the delivery address and 58%, IP address. Although both provide an insight into the purchaser, today’s fraudsters are better able to imitate legitimate transactions, and order characteristics like the IP address can appear valid unless deeper analysis takes place.
For the first time in the report, systems uptime has been identified as one of the top two business concerns. Payment data theft is now seen as the third greatest business threat. Data security has been a major concern for merchants for many years, particularly given the number of high profile data loss incidents. However, as regulations such as PCI DSS evolve, businesses appear to be feeling more confident in the management of data security.
Online fraud remains the number one business threat. When asked why it was ranked so highly, 56% of respondents stated that they are spending too much by reviewing too many orders. Second to this is a concern about the overall revenue being lost to fraud (44%).
The manual review process continues to represent a critical area of potential profit leakage. On average, merchants are reviewing 20% of incoming orders. However, 71% of reviewed transactions are ultimately approved, representing significant cost and time inefficiencies.
Respondents report that each reviewer analyses an average of 77 orders per day. This is even higher at very large businesses (>£25m annual online revenue); nearly a quarter indicated that each reviewer checks over 120 orders a day. Such merchants are more likely to employ case management systems to streamline the review process; 48% compared to the survey average of 37%.
Despite planned business growth, 75% of merchants expect to make no change to the size of their review teams in 2011. Attention should therefore centre on optimising workflows of the existing team. By consolidating order information, case management systems can boost the efficiency of the review process; 29% of merchants are expecting to implement such systems during 2011.
Khan said: “Merchants have demonstrated confidence in the ability of the online channel to deliver for them in 2011. However there is a risk that expectations may not be met if the appropriate investment is not made. To capitalise on the eCommerce opportunity, businesses should focus on streamlining internal fraud management processes. Improving automated detection and bolstering case management can help reduce the inefficiencies and enable merchants to make more accurate decisions.”
Indian card cloning gang caught
Indian police have
arrested two people on charges of hacking into international customers'
accounts and making cloned debit and credit cards of various banks.
A French-made specially designed card embossing machine, 87 cloned debit and credit cards issued by various banks containing data of foreigner customers, and two magnetic strip reader machines are among items recovered by police in North India.
The arrested pair have been identified as Dharmesh and Rashid Sheikh (both 24).
H G S Dhaliwal, Deputy Commissioner of Police (South), said: "They have used data of international customers only," he said.
The arrests came on January 25 following a report filed by Axis Bank that they had suffered huge loss due to unknown persons using cloned cards.
A tip off was then received that members of this gang were in a shopping mall in Saket and were planning to purchase goods by using cloned cards. The duo were arrested.
Deputy Commissioner Dhaliwal said the pair were experts in data hacking and as such they decided to hack the data of foreigner customers only because they rarely file complaint in India," he said. Both of the accused carried false ID to match their cloned cards.
Joseph Stiglitz, former chief economist at the World Bank, says that western nations have been enabling corruption in Africa by providing havens where dishonest officials can hide their money.
Interviewed by CNN, the Nobel laureate said he was optimistic about Africa's economic prospects, but he said there should be more discussion about undisclosed bank accounts in the West that are used to facilitate high-level fraud in Africa.
"The advanced industrial countries have some responsibility," said Stiglitz. "One of the things that's on a standard form is for corrupt dictators to steal money and put it in a bank account in an advanced industrial country.”
He added that, while there has been a lot of discussion among G20 nations about secret bank accounts as tax agents, there has not been enough discussion of secret bank accounts as facilitators of corruption.
Stiglitz said corruption could be reduced by increasing scrutiny of corrupt governments, using mechanisms such as freedom of information acts and a free press.
Stressing the importance of the role of western nations, he said: "One of the countries that hosted the G20 and talked all the time about tax corruption, that same country is a haven for corrupt money and refuses to repatriate money that has been stolen from Africa.
"Now, this seems to me something that ought to be on the agenda. There's a relationship, there are people making money off of it, and we ought to stop that. We shouldn't enable that corruption and we're doing that in the West when we allow them to have their secret bank accounts."
He added that there was a strong opportunity for economic growth in Africa, with changes to economic policies in recent years starting to bear fruit.
offer hackers ‘open door’ to data?
Attacks include custom malware, covert social networking and automated threats, finds report
Cybercriminals are shifting the target of their attacks from traditional infrastructure to mobile users and endpoint devices, according to a new report.
Malicious tools became more customised, automated and persistent in 2010, according to the 2011 Global Security Report from Trustwave’s SpiderLabs advanced security team.
The report found that this trend, combined with the popularity of mobile devices and social media, is providing the perfect recipe for cybercriminals looking to compromise business, customer and user private and sensitive information.
The report offers analyses of data compromise investigations, offensive security exercises and defense strategies taken directly from Trustwave’s global client base.?Key report findings include:
1. Third-party vendors continue to put companies at risk — 88% of breaches resulting from insecure software code or lax security practices in the management of third-party technology
2. Cybercriminals “got fresh” in 2010—because in-transit credit card data is usually more recently created (more fresh) than stored data, two-thirds (66%) of investigations found the theft of data in transit
3. Food and beverage regained its title as the most breached industry—representing 57% of the investigations
4. A single organised crime syndicate may be responsible for more than 30% of all 2010 data breaches
Among the most interesting and surprising elements of the report is the rate and sophistication of attacks against mobile platforms and social networking sites. As the security of mobile networks has improved, mobile devices are increasingly the target of attacks, while social networking sites are quickly becoming cybercriminals’ platform of choice to expand and propagate destructive botnets. Drive-by infections and mobile phishing attacks were among the most popular client-side attacks in 2010.
1. Mobile devices offer cybercriminals an open door to corporate authentication credentials, sensitive data and trade secrets
2. Geolocation data is helping cybercriminals launch more sophisticated and targeted attacks against social networks
3. Anti-virus software is losing the battle against malware – the new breed of malware is virtually undetectable by current scanning software
security initiatives for 2011
A key take-away from the report is that attacks are often successful in organisations that believed a comprehensive data security strategy was in place. For executives and managers who are tasked with ensuring their company does not suffer a security event, the report offers specific guidance for 2011.
• Assess, reduce and monitor client-side attack surface: monitor and inventory applications to measure adherence to standards and evaluate risk
• Embrace social networking but educate staff: an established policy and education can help protect against attacks originating from social networking tools
• Develop a mobile security programme: gaining control over configurations of mobile devices will help reduce risk
• Enforce security upon third-party relationships: choose a platform and vendor with a solid security history, and require vendors to undergo third-party security testing
Robert McCullen, chairman and CEO of Trustwave, commented: “This year, we expanded the analysis of our compromise investigations, took a deeper look at the expanding and evolving landscape of data security vulnerabilities. In 2011 and beyond, organisations that approach their initiatives firmly committed to including security as an integrated requirement, and not just as a checkbox, will be most resilient to attack, reduce their risk to compromise, and be able to best protect both sensitive data and reputation.”
John Yeo, director of SpiderLabs EMEA, added: “While the myriad of new devices and services around us continue to enable our personal and professional lives, it’s imperative that there is a responsible focus on security at both the organisation and individual level. Criminals seek the path of least resistance and will take any opportunity to get hold of valuable information. We’ve seen that new or poorly managed systems are low-hanging fruit when the security implications have not been fully considered.”
A complete copy of the report is available at: http://bit.ly/fjWsNZ
Confidence in the UK Financial Services Association has dropped sharply since the last biennial survey both in terms of its ability to regulate the financial services industry and as to how it will shape up after its reorganization.
According to the FSA Practitioner Panel less than a fifth of those working within financial services believe the FSA responded effectively to the banking crisis. Only three in 10 believe that government plans to break up the association into several entities will improve the situation.
Sentiment has also turned against the FSA’s big project to revamp the way retail investment products are sold, called the Retail Distribution Review. Only 47 per cent said they welcomed the initiative, down from 60 per cent two years earlier.
The survey found significant disquiet about the coalition’s plan to break up the FSA next year into the Prudential Regulatory Authority, which will be part of the Bank of England, and the independent Consumer Protection and Markets Authority.
Nearly four in 10 believed the transition would affect the FSA’s ability to do its job in the short term, and would also distract the regulator from European Union and other international issues.
The survey was conducted on behalf of the Practitioner Panel by TNS-BMRB between July and October 2010 and is based on responses of 4,256 regulated firms with an overall response rate of 43%.
Since 2008, the Practitioner Panel found a significant drop in confidence in the watchdog.
The Panel qualifies its findings with the comment: “Given the scale of the recent financial crisis, and the impact which it has had on firms, it was never likely that this survey would register the highest marks for the FSA, or indeed any part of the regulatory infrastructure. It is not surprising that overall levels of satisfaction with the FSA amongst regulated firms have fallen slightly over the last two years.”
However, there was a difference in overall satisfaction with the relationship with the FSA depending on how recently they had been in contact with the FSA – around a third of firms (34%) that had had contact with the FSA in the last six months were highly satisfied with their relationship, compared with 22% of firms that had not had recent contact.
Particularly due to the imminent FSA reorganization, the panel recommends:
- There should be no automatic read across of policies and supervisory approaches between sectors. The regulators should take clear account of the different characteristics of different sectors and the different risks within and between sectors.
- Costs and impacts of implementation of new policies must be considered, with clear success measures identified, to minimise any unintended consequences and to develop policies which are proportionate to the risk.
- The regulators must aim for greater continuity within supervisory teams, and those teams must have the requisite skills, experience and firm specific knowledge.
- There must be greater focus on value for money – with clear explanation and justification for increases in expenditure.
- During this time of change, regulators must prioritise in a disciplined way and not lose sight of key imperatives – particularly the need for engagement with the EU and internationally.
Iain Cornish, Chairman of the Practitioner Panel said:?“This survey recognises the importance to the industry and consumers alike of strong and cost effective regulation. It also highlights areas where regulation could be more effective. At a time of regulatory change, it is important that the views of regulated firms are listened to, as well as the views of consumers, the media and politicians.”
Businesses gave the FSA an average mark of 3.7 out of 10 on its efforts to maintain confidence in the financial system, down from 4.3 in the 2008 survey. The watchdog got better marks for its attempts to reduce financial crime – 5.5 out of 10 – and for protecting consumers – 4.8 out of 10.
“A lot of what the regulator has been doing, you are not going to be able to judge the effectiveness of for another two to three years,” said Iain Cornish, who chairs the FSA’s 13-member Practitioner Panel, which includes representatives from large banks, brokers and insurers, along with smaller firms.
While a large majority of FSA-regulated executives agreed that strong regulation was good for the industry, six in 10 thought the regulator’s supervision of their own business was too intrusive.
Nearly seven in 10 said the cost of compliance had increased, and six in 10 now believed the costs were excessive. Most companies no longer believed the FSA delivered value for money, a shift from the 2008 survey.
Charges filed against ex-Nigerian state governor
The former Governor of Nigeria’s Edo State has been charged over a US$300m fraud he allegedly was involved in while in office.
Chief Lucky Igbinadion was charged along with six others including his brother, Michael Igbinedion and Patrick Ehoedodin.
None of the accused were in court to hear the charges read by the counsel to the country’s financial regulator the Economic and Financial Crimes Commission (EFCC).
The EFCC also charged four companies alongside the accused: Gaba Corporation, Roney Nigeria, CML Security and ML Nigeria.
The seven accused people were alleged to have converted Edo State shares in African Bank worth US$6.2m to personal use and another $300m in government funding for the purchase of Sheraton Hotel in Benin City.
Igbinadion has denied the charges and the case has been adjourned until March 22.
A chief risk officer at JP Morgan Chase was sent several emails by bank employees warning that Bernard Madoff was performing suspicious transactions.
The revelation has come out as part of the US$6.4bn lawsuit by trustee Irving Piacrd that is attempting to recover money for victims of Madoff’s Ponzi scheme.
As part of the suit JP Morgan's email archive has been opened up and numerous messages have been published.
The lawsuit, which was unsealed at the end of January, accuses the bank of "aiding and abetting" Madoff's fraud. JP Morgan denies the allegations and has said it will defend itself "vigorously".
"While numerous financial institutions enabled Madoff's fraud, JPMC was at the very center of that fraud, and thoroughly complicit in it," according to the 115-page lawsuit, filed under seal in December by Picard.
In one email dated June 2007, the risk officer allegedly wrote he had been told by a colleague “that there is a well-known cloud over the head of Madoff” and that his returns were speculated to be part of a Ponzi scheme.
The colleague "said if we google the guy we can see the articles for ourselves....I think we owe it to ourselves to investigate further", the complaint said. However, the risk officer then allegedly still signed off $250m in structured products, according to the complaint
The bank responded to the new claims by saying: “Contrary to the trustee’s allegations, JPMorgan did not know about or in any way become a party to the fraud.”
The lawsuit against JP Morgan is seeking to recover US$1bn in fees and profits allegedly earned by the bank as primary banker to Madoff, as well as a further $5.4bn in damages.
Picard's latest action from December is one of a large number of lawsuits he has filed in recent months, some of which have already been settled, and had been kept sealed at JP Morgan's request.
Madoff is currently serving a 150-year jail sentence after pleading guilty to running the massive fraud.
The company says that with Lumidigm sensors, Verimetrics’ biometric single sign-on (SSO) solution succeeds in real world conditions ranging from sub-zero temperatures to the use of latex gloves.
“Gone are the days when end-users must present their fingerprint over and over again to authenticate, if authentication was even possible,” said Dave Cullen of Lumidigm, Healthcare Solutions Cullen. “Lumidigm fingerprint sensors eliminate these problems, enhancing the user’s experience while improving productivity.”
Lumidigm multispectral fingerprint sensors capture fingerprint data beneath the surface of the skin so that dryness or even damaged or worn fingers create no problems for reliable reads. Using multiple wavelengths of light and advanced polarization techniques to extract unique fingerprint characteristics from both the surface and subsurface of the skin, Lumidigm claims its sensors provide results that are more consistent, more inclusive and more tamper resistant than conventional biometric readers.
SmartProfile readers are already used in healthcare organizations, financial centers, government operations, retail stores, offices, research centers, airports, shipping ports and national borders among other applications.
Cybercriminals are shifting the target of their attacks from traditional infrastructures to mobile users and endpoint devices, according to the 2011 Global Security Report from Trustwave.
Research from Trustwave’s SpiderLabs — the company’s advanced security team responsible for application security, incident response, penetration testing and security research — found that malicious tools became more customised, automated and persistent in 2010. This trend, combined with the popularity of mobile devices and social media, is providing the perfect recipe for cybercriminals looking to compromise business, customer and user private and sensitive information.
Key report findings:
. Third-party vendors continue to put companies at risk— 88 per cent of breaches resulting from insecure software code or lax security practices in the management of third-party technology
. Cybercriminals “got fresh” in 2010—because in-transit credit card data is usually more recently created (more fresh) than stored data, two-thirds (66 per cent) of investigations found the theft of data in transit
. Food and beverage regained its title as the most breached industry—representing 57 per cent of the investigations
. A single organised crime syndicate may be responsible for more than 30 per cent of all 2010 data breaches
Among the most interesting and surprising elements of the report is the rate and sophistication of attacks against mobile platforms and social networking sites. As the security of mobile networks has improved, mobile devices are increasingly the target of attacks, while social networking sites are quickly becoming cybercriminals’ platform of choice to expand and propagate destructive botnets. Drive-by infections and mobile phishing attacks were among the most popular client-side attacks in 2010.
. Mobile devices offer cybercriminals an open door to
corporate authentication credentials, sensitive data and trade secrets
. Geolocation data is helping cybercriminals launch more sophisticated and targeted attacks against social networks
. Anti-virus software is losing the battle against malware – the new breed of malware is virtually undetectable by current scanning software
security initiatives for 2011
Attacks are often successful in organisations that believed a comprehensive data security strategy was in place. For executives and managers who are tasked with ensuring their company does not suffer a security event, the report offers specific guidance for 2011:
. Assess, reduce and monitor client-side attack surface:
monitor and inventory applications to measure adherence to standards
and evaluate risk
. Embrace social networking but educate staff: an established policy and education can help protect against attacks originating from social networking tools
. Develop a mobile security programme: gaining control over configurations of mobile devices will help reduce risk
. Enforce security upon third-party relationships: choose a platform and vendor with a solid security history, and require vendors to undergo third-party security testing
Robert McCullen, chairman and CEO of Trustwave, said, “This year, we expanded the analysis of our compromise investigations, took a deeper look at the expanding and evolving landscape of data security vulnerabilities. In 2011 and beyond, organisations that approach their initiatives firmly committed to including security as an integrated requirement, and not just as a checkbox, will be most resilient to attack, reduce their risk to compromise, and be able to best protect both sensitive data and reputation.”
A complete copy of the "2011 Global Security Report" is available at: http://bit.ly/fjWsNZ
MBNA commissioned a SKOPOS Opinion People panel of 752 UK credit card customers in August 2010. More than 88% highlighted security and protection as a vital part of their credit card – 43% singled it out as the most important factor.
More info: http://www.mbna.co.uk/protection-security/mcafee
Littlewood (right) was sentenced
along with his wife and her best friend after the three engaged in an
eight-year insider-dealing conspiracy that netted them at least £590,000
The Financial Services Authority (FSA) admitted it had come close to catching the plotters six years ago when suspicious trades by Littlewood's wife prompted officials to send her a letter asking her to explain her share dealings.
Littlewood, 37, pleaded guilty to eight counts of insider dealing after a Financial Services Authority (FSA) investigation. His wife and co-conspirator Angie Littlewood was given a 12-month suspended sentence. The couple have three children.
Their third accomplice, Helmy Omar Sa’aid, was sentenced to two years in jail.
Ahead of the sentencing at Southwark Crown Court, the FSA released details of the Littlewood case and, for the first time, how it detects, investigates and prosecutes insider dealing.
FSA suspicions were raised in 2005 against Angie Littlewood, but were put on hold when she stopped trading and again in 2008 when Helmy Omar Sa'aid invested in Highway Insurance, which was due to be taken over.
The FSA investigation then crossed continents, involved thousands of man hours and resulted in the collection of 1700 gigabytes of information.
The trading which brought the insider dealing ring back into the FSA's attention was carried out over a two-week period just before spotlight was the takeover of Highway by Liverpool Victoria. Four trades worth £338,000 were placed by Sa'aid. The day after the last trade was placed the takeover was announced. Highway's shares jumped over 50pc.
The deal resulted in a £160,000
profit for the conspirators. It also resulted in a "suspicious
transaction report" being sent to the FSA. The size, frequency
and timing of the Highway transactions raised serious questions about
Sa'aid's knowledge of the market.
A check on his trading record found that wasn't all he knew. He had traded at or just prior to 22 merger or acquisition announcements between 2000 and 2008.
The evidence was highly suspicious but by no means damning. Having emigrated from Singapore Sa'aid was a relative newcomer to the UK. He had no obvious links to the City or to inside information.
"At this point we had to prove there was a link to an insider," explained Lee Alam of the FSA's monitoring division. "One of the first things we did was carry out a review of the advisors on the deals. Dresdner Kleinwort appeared on 15 out of the 22 trades Sa'aid had carried out."
The FSA worked out that the one name linking the trades was that of Christian Littlewood. The investment banker was named an insider by an advisor to the deal, Shore Capital, on August 13. Sa'aid bought his first tranche of shares the same day.
When it was discovered Littlewood had worked at Dresdner prior to joining Shore Capital it was enough to warrant passing the case to the FSA's enforcement division.
Banking records showed no money transfers between the menand phone records failed to establish a link but all became clear when it was established that Siew-Yoon Lew was the maiden name of Angie Littlewood.
"We found significant payments between these parties," said Matthew Nunan, manager of FSA's wholesale enforcement.
What had emerged was a simple yet effective way of disguising trades. For nearly 10 years inside information was passed from Littlewood to his wife Angie and then on to Sa'aid.
In total the FSA investigated £5.5m of suspicious trading relating to 51 deals. The vast majority of them were deals Littlewood worked on while at Dresdner.
Working on this information the FSA had the Littlewoods arrested at the beginning of 2010. Days later Sa'aid was detained in the French Pacific island of Mayotte, where he had been setting up a restaurant business. He was extradited and has been held in prison ever since.
For the trial, lasting over eight months, 150 statements, 1,500 exhibits and 50,000 electronic files were prepared.
Following the sentencing, confiscation of the three's assets will follow in days if not weeks.
Christian Littlewood attempted to blame his wife for much of the trading, but this was rejected by Judge Anthony Leonard on Monday. He enters the history books, for now, as the man with the longest prison sentence for insider trading in the UK.
Remedial action needed
on illicit Malaysian money outflow
There is a need to investigate and take remedial action where necessary, on the report of illicit financial outflow from Malaysia, said the chairman of the Asian Strategy and Leadership Institute (ASLI) Centre for Public Policy Studies, Tan Sri Ramon Navaratnam.
It was reported recently by financial watchdog, Global Financial Integrity (GFI), that illicit money outflow from Malaysia in 2000 was RM67.7bn (US$22.2bn) and eight years later, it ballooned to RM208bn (US$68.2bn).
“We must ask ourselves why the money is going out,” Ramon told reporters at the 13th Mlaysia Strategic Outlook Conference 2011 on Thursday.
The president of the American Malaysian Chamber of Commerce, Datuk Nicholas Zefferys told reporters at the conference that Bank Negara Malaysia has set up strict money laundering regulations.
“Malaysia has strong protection against money laundering in the traditional banking system,” he said.
FATF report warns that India continues to be a “significant target” for ML and terrorist financing
While a leader among the
emerging economies in Asia with a strongly growing economy and demography,
India is facing a range of money laundering and terrorist financing
risks, according to a new International Monetary Fund (IMF) report.
The reports adds to the pressure on the Indian authorities after the country's Supreme Court accused the government of failing to prevent hundreds of billions of dollars being moved to overseas tax havens.
"India continues to
be a significant target for terrorist groups and has been the victim
of numerous attacks," says the report prepared for the IMF by the
OECD Financial Action Task Force (FATF).
"The main sources of money laundering in India result from a range of illegal activities committed within and outside the country," says the report titled "Observance of Standards and Codes FATF Recommendations for Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT)".
The sources mainly encompass drug trafficking, fraud, counterfeiting of Indian currency, transnational organised crime, human trafficking and corruption.
Money laundering methods are diverse, it says.
In domestic crimes, "the most common money laundering methods are opening multiple bank accounts, intermingling criminal proceeds with assets of a legal origin, purchasing bank cheques against cash, and routing through complex legal structures".
For transnational organised crimes, methods used to disguise the criminal origin of the funds include the use of offshore corporations and trade based money laundering, the report said.
While acknowledging "India's serious commitment to combating terrorism in all its forms", the report made several recommendations including the need to address the technical shortcomings in the criminalisation of both money laundering and terrorist financing and in the domestic framework of confiscation and provisional measures.
Other key recommendations include: clear and specific measures to enhance the current requirements regarding beneficial ownership, improve the reliability of identification documents and the use of pooled accounts and non-face-to-face business.
It should also ensure that India Post, which recently became subject to the PMLA (Prevention of Money Laundering Act), effectively implements the AML/CFT requirements, enhance the effectiveness of the financial sector supervisory regime and ensures that India Post is adequately supervised.
Another recommendation is to ensure that the competent supervisory authorities make changes to their sanctioning regimes to allow for effective, proportionate and dissuasive sanctions for failures to comply with AML/CFT requirements.
Former Greek minister admits money was given by Siemens
A former Greek minister
says he was given money by the German electronics giant Siemens in return
for Olympics contracts.
His statement comes amid an investigation into bribes paid to politicians.
The former Socialist transport minister, Tassos Mantelis, told a parliamentary committee he had accepted the equivalent of 100,000 euros (£116,000, $122,000) in 1998.
The minister said the money had been paid as a "campaign donation".
The money was paid into a Swiss bank account. Mantelis has subsequently been charged with money laundering.
The case relates to contracts being granted in the run-up to the Athens Olympics of 2004.
Siemens officials stand accused of paying politicians and officials at the state telecoms operator OTE to help it get a multi-million-euro contract before the Games.
A Siemen’s spokesperson says the company is fully co-operating with the enquiry.
The national registries for EU carbon trading permits remain closed 12 days after thefts by hackers forced their closure by the European Commission. Some may be allowed reopen this week, EU Climate Commissioner Connie Hedegaard said on Friday, but those identified as not up to scratch on security may stay closed for some time. The Czech registry may be closed for six weeks, Bloomberg reported.
The Commission closed the registries to market transfers of EUA emissions permits on January 19 for at least a week as news came to light that security of the online registry systems had been breached in the Czech Republic, Austria and Greece. Over a million EUAs (EU carbon emissions allowances) have been reported stolen by Czech emitters and around two million overall are missing worth up to €30m.
Greek police say they have traced the illegal access back to IP addresses in Romania and that Interpol is investigating further.
The registry closures have halted spot trade in EUA permits but futures trade, accounting for the bulk of the EU carbon market, is not affected. Each member country of the EU must file a report detailing security measures to Brussels before it’s registry can reopen.
Commenting on the fraud, Jonathan Holmes of PwC forensic services said: " The level of sophistication and organisation demonstrated by such a fraud should not be underestimated. A theft of this magnitude is more likely to be performed by a coordinated and organised crime ring than by one or two hackers, and the ongoing threat remains. "As we said in a report supported by the Centre for the Protection of National Infrastructure (CPNI),.........."a growing number of well-resourced and highly sophisticated cyber-criminals from across the globe are seeking to gain unauthorised access to valuable or sensitive data and information held by companies and governments." "That carbon markets are of interest to the criminal fraternity is an indication of market maturity and the fact they are now a feature of the mainstream. But it is also a stark warning sign that any market is open to abuse. While emergency measures are put in place to enable the market to reopen, member states should be considering in-depth and harmonised reviews of trading activity and participant identities.
within the EU Emission Trading System
One year on from a Europol warning about an estimated Eur5bn in damage for European taxpayers due to VAT-fraud within the EU Emission Trading System (ETS), Europol is warning that the problem is far from solved.
In operations during 2010, several hundred offices all over Europe have been raided and more than 100 people arrested.
In the latest operation on 17 December 2010, the Italian Guardia di Finanza, under the instruction of Milan's prosecution office, carried out raids on about 150 companies in eight different regions of Italy. These operations happened just a few weeks after the Italian Power Exchange (G.M.E) halted all trading in carbon credits due to a high number of abnormal transactions. The potential VAT-loss is estimated to reach 500 million euros.
Earlier last year authorities in France, Germany, Spain, United Kingdom and other countries conducted numerous operations against criminal networks involved in carbon credit fraud. The biggest swoop, initiated by Germany in late April, saw more than 2500 officers involved across Europe and in non-EU countries.
Norway, Switzerland and the EU countries Belgium, Czech Republic, Denmark, Latvia, the Netherlands, Slovak Republic and Portugal are all among the countries trying to identify the network of criminals behind this massive fraud - a fraud with links to criminal networks operating outside the EU and in other continents, including the Middle East.
Rob Wainwright, Director of Europol, says: "Organised VAT fraud remains a significant criminal activity in Europe. It is responsible for draining huge resources from central government revenues and undermining the objective of transforming Europe into a competitive and greener economy. Europol is determined to crack down on the organised crime groups involved and is pleased to have assisted a number of successful operations this year, carried out by law enforcement authorities in EU Member States. Europol is also currently monitoring apparent new trends in this criminal activity, including possible organised crime infiltration of the gas and electricity markets."
Together with a large group of countries affected by the carbon credit fraud and Eurojust, Europol is collecting and analysing information in order to identify and disrupt the organised criminal structures behind these fraud schemes.
Indications of suspicious trading activities were noted in late 2008, when several market platforms saw an unprecedented increase in the volume of trade in European Unit Allowances (EUAs). Market volume peaked in May 2009, with several hundred million EUAs traded in countries including France and Denmark. At that time the market price of 1 EUA, which equals 1 tonne of carbon dioxide, was around 12.5 euros. As a measure to prevent further losses, many EU Member Stateschanged their taxation rules on these transactions. After these measures were taken, the market volume dropped by up to 90%.
The Emissions Trading Scheme (EU ETS) was created as a cap-and-trade system for transactions of European Unit Allowances. Each transfer of EUAs is recorded in a national registry before it is centrally stored in the Community Independent Transaction Log (CITL) at the European Commission. Carbon credit fraud is a variation on VAT carousel fraud.
Stock exchanges in the US and UK have called in security services to help them prevent further cyber-attacks.
The London Stock Exchange has been working with British security services to investigate cyber attacks that may have caused the postponement of the planned transfer to a new open source technology trading platform.
In November the London Stock Exchange suggested that cyber-attacks may have been involved in an outage at its Turquoise trading platform. The transfer to the new Millennium Exchange trading platform has now been postponed until February 14.
US officials are also reported to be investigating a cyber-attack on an American exchange, tracing it to Russia, with "unusual" trading patterns at New York and Chicago platforms also under scrutiny
A report in The
Times suggests security services looking into last May’s ‘flash
crash’ which caused the Dow Jones Industrial Average to plummet,
have not ruled out a cyber-attack. They think one possibility is that
the incident could have been caused by groups aiming to wipe billions
off the value of companies, causing market panic and a destabilising
of the West's financial system.
A report on the Dow Jones incident by US regulators blamed it on a huge sale of e-mini futures by asset management house Waddell & Reed, after a technical problem set off a wave of selling.
Unlike US stock exchanges, London’s platform is not internet-based, and therefore is less vulnerable to general cyber-attacks. However, cyber-attacks on exchanges are becoming more sophisticated, according to security experts, which poses new threats.
The latest news comes after there was a further indication of the vulnerability of online systems earlier this month with the revelation of a massive fraud on Europe’s carbon emission trading carbon market.
The EU closed down
all carbon emission trading registries across Europe in response to
a hacking attack on 19 January.
The shutdown across Europe followed the theft of around two million pollution licence allowances worth about €30m in the most serious of three cyber attacks on the registries used to track carbon allowances since the start of 2011 alone.
Around€30m carbon credits went missing during the series of cyber-attacks on the systems of ETS (the EU’s Emissions Trading Scheme), which gives companies in EU member states credits for the amount of carbon they emit
Financial services company PriceWaterhouseCoopers has called on the European Commission to invest in the prevention of cyber attacks against the ETS scheme, and to mandate much more stringent security measures that all member states must adhere to.
Police question Israel bank CEO
Zion Kenan, the CEO of Israel’s Bank Hapoalim has been questioned by police on suspicion of fraudulent receiving and breach of trust.
The Israel Police National Fraud Unit alleges that Kenan was involved in the granting of illegal loans to former Bank Hapoalim chairman Dan Dankner.
Dankner was forced out of his position at Hapoalim - Israel’s second biggest bank - for alleged breaches of corporate governance, in a case that is already under investigation.
He was questioned in connection with receiving millions of shekels in loans that he allegedly granted improperly while he was chairman from 2005 to 2009, and while Kenan was head of the bank’s corporate division.
Bank Hapoalim's credit committee and other bank executives would have had to approve the loans.
Dankner resigned as chairman of Hapoalim in 2009 after a two-month battle with banking regulators who demanded his departure from the job. The Bank of Israel said at the time that it was unhappy with disagreements between Dankner and former chief executive Zvi Ziv that led to Ziv's resignation. Ziv was replaced by Kenan.
The minister also said there will be a period of at least three months from when new guidance is published on the law to when it is implemented. The earliest that the law could now be introduced is in May.
John Cridland, who takes over today from Sir Richard Lambert as the new director-general of business group the CBI, said that the legislation is "not fit for purpose".
He added that the CBI backs reform of the bribery laws, but that the legislation in its current form lacks clarity and could be harmful for British businesses.
Speaking on the BBC Radio 4’s Today Programme he said: "Exporters won't be able to hoover up the demand in developing countries like Asia if the new Bribery Act prevents them from knowing which side of the law they stand.”
"I'm afraid none of the definitions have been properly defined."
He said that statutory guidance was needed in the next couple of weeks before its launch.
The legislation is now being looked at again under the Government's growth review.
A Ministry of Justice spokesman said in a statement today: "We are working on the guidance to make it practical and comprehensive for business. We will come forward with further details in due course. The most important thing is to get it right."
The new legislation carries a maximum jail term of 10 years for bribery, and creates two general offences of bribery. There is a specific offence of bribery of a foreign public official and another more controversial one of failure by a company to prevent a bribe being paid for or on its behalf.
News of the postponement of the law's introduction was branded as "disastrous" by Transparency International's executive director Chandrashekhar Krishnan. He added that it raised "serious doubts about the credibility of the government’s commitment to the Bribery Act, which was passed in the last parliament on the basis of an all-party consensus”.
In every recent
conference that Fraud Watch has attended, when the UK's new Bribery
Act is discussed someone will ask the question "What about Wimbledon?"
And no they are not asking about the chances of Andy Murray breaking his tennis Grand Slam duck. What they are seeking is clarification on exactly what constitutes a bribe under the new legislation and what can be regarded as 'oiling the wheels' or 'corporate entertaining'.
Companies such as Pricewaterhousecoopers and the Lotus Formula One racing team have expressed concerns that the Act could mean that giving tickets or Christmas presents to clients becomes an offence. Environment minister Lord Henley has said that "lavish corporate hospitality" could in some circumstances be classed as a bribe.
While there is general consensus that the UK's antiquated and ineffectual bribery laws need bringing up to date, it has been obvious for months that there is widespread confusion among companies over what they will and will not be allowed to do to win business. If, for example, an employee is confronted by a guard at a checkpoint in China who requests a few Remnimbi to let them through, will this be regarded as "bribery"? Is taking a valued client to a high profile sporting event an act of corruption?
These are vital questions for UK businesses to know the answer to, because the new legislation's most controversial aspect is the creation of a new offence of a company failing to prevent an act of bribery taking place for or on its behalf. Businesses have said this could leave them open to a charge of bribery stemming from the conduct of agents or suppliers.
The UK's bribery legislation has long been in need of major changes to bring it into line with stricter systems such as the US, where there is a far tighter definition of what constitutes 'graft' in foreign business deals. However it is vital that the government uses the next few weeks before the new details of the Act are revealed to clarify the definitions it contains and let businesses (and their representatives) know what they can and cannot do.
Indian government under fire over tax fraud
The Indian government has been accused of failing to
prevent hundreds of billions of dollars being moved to overseas tax
The country’s Supreme Court this month said there was a "mind-boggling plunder" of India’s wealth by tax evaders.
Government Finance Minister Pranab Mukherjee responded to criticism of the government’s inaction by stating it was hamstrung by legal restrictions.
He said that India had completed negotiations on tax information exchange agreements with 10 well-known tax havens - including Bermuda and the Cayman Islands - and had initiated similar negotiations with 65 other countries.
"No sovereign country is going to share information unless there is a legal framework in place," he said at a news conference.
Estimates for the amount of illicit money deposited secretly in overseas bank accounts by wealthy Indians and businesses range from US$500bn to US$1.4 trillion.
The minister claimed such estimates are based on “unverifiable assumptions and approximations" and added that a government committee has been set up to get more accurate data on the tax avoidance problem.
The government has come under fire over the tax issue after it filed an affidavit with the Supreme Court restricting information on money deposited by 26 unidentified Indians in a Liechtenstein bank.
Mukherjee said those on the list could not be named as the information had been received "on condition of secrecy."
"If I divulge those secrets, the day after tomorrow the other countries will not give us information," he said. "The government has nothing to hide.”
He added that measures taken over the last 18 months had led to R150bn (US$3.3bn) in undisclosed income being detected.
A loose collective calling itself Anonymous claimed responsibility for the ‘Operation Payback’ campaign of attacks, which it targeted companies that had refused to process payments for Wikileaks. The attacks used software that was free to download over the internet.
The arrests are part of an ongoing investigation into Anonymous being carried out in conjunction with agencies in Europe and the US, where Federal Bureau of Investigation agents have carried out more than 40 search warrants.
The FBI has warned that anyone
convicted of a DDoS attack could be jailed for 10 years. Offences under
the UK’s Computer Misuse Act also carry a maximum 10-year term.
Visa Europe’s ban on donations to Wikileaks is still in place while it is carries out an ongoing investigation into the website.
for Congressman over fraud
Former Senate Majority Leader and Republican senator Tom DeLay has been given a three-year prison sentence and ten years of community service on charges of fraud and money laundering.
Prosecutors had alleged he was behind a scheme to get more Republicans into Congress in 2002 by channelling illegal corporate money to Texas legislative candidates.
“I can’t be remorseful for something I don’t think I did,” DeLay, who was convicted by a jury last November prior to this week’s sentencing.
The Senator added: “I never intended to break the law; I have always played within the rules and even the spirit of the laws; and even if I didn’t, I am not stupid. Everything I did was covered by accountants and lawyers telling me what I needed to do to stay within the law.”
DeLay, 63, had made a mission out of solidifying the Republican majority in Congress, and his ability to raise money for campaigning was part of his power and led to his eventual downfall. His dictatorial style earned him the nickname ‘The Hammer’.
It is not yet clear whether DeLay will actually go to prison. Senior Judge Pat Priest rejected DeLay's claim that he was the victim of a political prosecution by Democrats at the Travis County district attorney's office, but he acknowledged from the bench that appeals courts might not take the same view.
"There's very much the possibility that some appellate court will disagree with me," he said.
DeLay is lodging an appeal at the Third Court of Appeals in Austin, which has a 4-2 Republican majority.
January 28, 2011
Chinese bank at centre of major loan fraud investigation
Bank of Qilu in China is at the centre of a major credit loan fraud investigation which has extended to at least two other banks in the country.
Police are investigating Bank of Qilu (which is 20%-owned by Commonwealth Bank of Australia) for reportedly accepting about 1.5bn yuan (Eur165m) worth of forged commercial bank bills - short-term loans issued to corporate customers.
The China Banking Regulatory Commission has also launched an investigation into the case.
Some Chinese media reports say that Qilu Bank's auditor PricewaterhouseCoopers had cited irregularities in the bank's accounts. PWC’s annual report in 2009 said there were serious problems such as abnormal credit scale of some lenders and illegal deposit pledges.
Because PWC insisted on writing these problems in the report, the bank is said to have changed its auditor. Bank of Qilu is based in Ji'nan, the capital of Shandong Province, south of Beijing.
Two other banks - Huaxia and China Citic – are also reported to be under investigation for links to the credit fraud.
On January 21, Chinese credit rating agency Dagong Global Credit placed Qilu Bank on its credit watch list for a possible downgrade, citing the potential negative impact on the bank's credit quality from the fraud.
fraud cost soars to £38bn
Losses up by 25% in one year
Fraud costs the UK over £38bn a year, according the second Annual Fraud Indicator from the National Fraud Authority (NFA).
The figure represents an increase of nearly £8bn (over 25%) from the losses recorded in the first Annual Fraud Indicator in 2010.
The public sector remains the highest proportion of the fraud loss at £21bn - 55% of the total figure. The NFA says the estimate includes for the first time new and more accurate figures for procurement (£2.4bn) and grant fraud (£515m).
Loss estimates to fraud by sector:
• Public - £21bn
• Private - £12bn
• Individuals - £4bn
• Charity - £1.3bn
The NFA says the size of the public sector estimate is, in part, due to diligence in reporting fraud loss data, combined with more comprehensive measurement techniques than other sectors. It is also important to note that this figure represents a relatively small percentage when taken in context of the public sector's overall spending and income.
The authority says a better understanding of fraud in the public sector has led to the Cabinet Office setting up a cross-Government Counter-Fraud Taskforce which is overseeing a number of pilots to develop and establish counter fraud techniques that can be rolled out across the public sector. In addition to this, the NFA is progressing 15 different projects, many of which form a part of the Taskforce work, to help central and local government cut key fraud risks and deliver savings.
Collaboration with the charity sector has enabled the NFA, for the first time, to provide an accurate estimate of the level of fraud within this sector. The £1.3bn figure was identified in a survey the NFA conducted gauging how fraud affects the sector, to which over 1,000 charities responded. This estimate represents around 2.4% of the total charity sector turnover. The NFA and the Charity Commission are working closely together on a number of counter-fraud prevention initiatives to encourage charities to build improved fraud prevention measures into their operations and to develop a stronger counter fraud culture in this sector.
Private sector fraud
losses of £12bn make up 31% of the total annual figure.
• The financial services industry recorded the highest loss to fraudsters at £3.6bn. This is a slight decrease on the 2010 AFI figure of £3.8bn due to improved fraud prevention methods involving plastic card (£440m) and cheque fraud (£30m)
• Online banking, however, has seen an increase of 14% (£60m). The sector continues to invest heavily in counter fraud systems and solutions to help stay one step head of the criminals
• Mortgage fraud (£1bn) and insurance fraud (£2.1bn) remain high.
• A new inclusion in the AFI is fraud losses to SMEs at £780m. The NFA and the Federation of Small Businesses (FSB) worked together to produce this estimate - the first of its kind. It is hoped that raising awareness of the scale of loss will spur new fraud prevention initiatives in this sector.
Individual citizens' losses equated to 10% of the overall fraud figure (£4bn), covering loss from mass-marketing fraud such as share sale, lottery and advanced fee frauds as well as newer frauds such as online ticketing and rental fraud.
This additional information along with data included from Action Fraud, the national fraud reporting centre run by the NFA, widened the scope of last year's figure (£3.5bn) to produce an increased figure within this AFI. Action Fraud saw over 70,000 contacts made by the public and 10,000 crimes reported totalling £93m lost by individuals over the past 12 months to fraudsters.
The NFA says it is working together with law enforcement to build increased capacity for disruption of criminal attacks against individuals, as well as better intelligence sharing and analytics to support enforcement action. It added that cross-government and industry work also continues to increase public awareness of fraud and how to protect against it.
Dr Bernard Herdan, chief executive of the NFA, commented: "Annual Fraud Indicator is our blueprint. It enables us to gain a perspective and judge the scale of the problem and target our actions accordingly.
"Tackling fraud will not solely be achieved through more investigation, prosecution and pun
ishment of fraudsters. The NFA is working with its partners to promote greater fraud awareness and self-protection, encourage organisations to adopt fraud proof systems, enable fraud reporting and facilitate better sharing of intelligence on fraudsters. We want to develop a stronger counter fraud culture, which helps to disrupt fraudulent activity across the UK and globally."
John Cassey, UK head of fraud and litigation at risk consultancy Protiviti, commented on the figures: “Over the last year we have seen a significant increase in companies coming to us for advice on fraud risk management, which could explain why the overall number of cases has risen.
“Currently we’re seeing a big rise in large scale bankruptcy frauds with traders over-reaching themselves and then contriving a bankruptcy where the largest creditors are the victims.”
“In all these cases rigorous processes can be put in place to prevent fraudulent acts but also to alert management when these acts are being committed and to ensure that there is an effective response.
Allen Stanford, the US financier accused of carrying out a US$7bn investment fraud, has been ruled unfit to stand trial.
The decision by Texas–based US District Judge David Hittner means that Stanford’s trial, originally scheduled to begin this month, could be delayed until at least the second half of the year.
Stanford - who is facing charges of fraud, money laundering and obstruction - sustained an injury after being attacked in prison in 2009 and has become addicted to the medication he was prescribed while in jail.
finds Stanford is incompetent to stand trial at this time based on his
apparent impaired ability to rationally assist his attorneys in preparing
his defence," Judge Hittner wrote in his ruling in Houston, Texas
after listening to conclusions from three psychiatrists.
The judge said that the decision did not mean that Stanford would not stand trial, and he advised lawyers for both sides to continue preparing for the case to come to court.
The psychiatrists said that Stanford’s condition had deteriorated since he was incarcerated in mid-2009 due to a combination of factors, including a head injury sustained in the prison attack, a major depressive disorder and excessive medication for anxiety and depression, to which he has become addicted.
The psychiatrists recommended that Stanford be weaned off his medication, a process that one said could take up to six months.
The judge ordered that Stanford be transferred from
the federal prison in Houston where he is currently housed to a prison
medical facility, such as the Federal Medical Center in Butner, N.C.,
where he can undergo treatment.
He rejected requests by Stanford's lawyers that he be released so he can be treated at a private facility.
January 26, 2011
Conservative peer convicted over expenses
Conservative House of Lords peer Lord Taylor of Warwick has been convicted of falsifying £11,000 worth of expenses claims.
Southwark Crown Court heard that he had submitted fake claims for travel and overnight subsistence.
The 58-year-old, the Conservative Party’s first black peer, did not denymaking false claims but said that he was a scapegoat for a common practice many other MPs engaged in.
He registered a house in Oxford as his main residence and claimed expenses for travel to London and overnight stays in the capital.
The house was actually owned by university lecturer Tristram Wyatt, who lives with Lord Taylor’s step-nephew Robert Taylor.
The court heard that Lord Taylor never stayed at the Oxford property but continued to live at his home in Ealing, West London, for which he also claimed second home expenses.
Lord Taylor was appointed as a Conservative peer in 1996, but resigned the Tory whip in July last year.
Although he has been convicted he will remain a member of the House of Lords and his peerage can be removed only by an act of parliament.
He will be sentenced at a later date, and faces a possible jail term. Earlier this month former Labour MP David Chaytor was sentenced to 18 months imprisonment by the same judge as Lord Taylor after pleading guilty to three charges of false accounting related to his Parliamentary expenses.
Edwin Dayan and Christopher Ford who were both directors at the Torex subsidiary XN Checkout, caused over £1.65m in fictitious profits to be recognized within the published accounts of Torex.
The Serious Fraud Office started investigating the case in January 2007 after whistleblowers from Torex presented it with information about alleged accounting irregularities at the company. The investigation was carried out in conjunction with the City of London Police.
In January 2010 49-year-old Dayan from Dorset and Ford, 47, from Buckinghamshire were charged with conspiracy to defraud, false accounting and misleading an auditor. They were found guilty at Oxford Crown Court of the principal offence, conspiracy to defraud. The other counts will not be proceeded with.
Dayan was the MD at XN Checkout and also sat on the main board at Torex as its chief technology officer. Ford was the finance director at XNC.
XNC had a contract to provide a depot repair service to pub and restaurant operator Mitchells and Butlers (MAB). This meant that if a piece of XNC equipment used by MAB could not be repaired on-site it would be returned to XNC for repair. In 2000, XNC lost this contract to another company, IBM. However, XNC continued to provide the depot repair service to MAB as it was retained by IBM as a sub-contractor.
After 2003 IBM renegotiated its agreement with XNC resulting in a reduced value in the contract for the depot repair service. The amount paid to XNC by IBM was reduced year after year resulting in a shortfall in XNC's income.
In Torex's 2005 year-end accounts, Dayan and Ford made it look as if MAB had agreed to pay the shortfall and thus liable to pay an extra sum to XNC for the depot repair service. They caused an invoice to be created purporting to show that a debt of £756,000 was due to XNC from MAB. They also created other documentation to give the illusion that MAB had an agreement with XNC to pay the debt and provided this documentation to Torex's auditors, BDO Stoy Hayward, to justify the additional £756,000 in profits.
In reality, this money was not owed by MAB and there was never any agreement between MAB and XNC for MAB to pay the shortfall.
Dayan and Ford continued the fabrication in Torex's 2006 interim accounts, causing another £900,000 of profit to be recognized in connection with this purported agreement between XNC and MAB. The company accounts for Torex were therefore fraudulently boosted by a further £900,000 that was never paid.
Dayan and Ford were found guilty of conspiracy to defraud the shareholders of Torex, false accounting, and misleading an auditor. They will be sentenced on 18 February.
Commenting on the verdicts, SFO director Richard Alderman said: "I welcome today's verdicts and the part played by whistleblowers in helping to uncover this crime. It's a victory for honesty and fair dealing in business life.”
Migrant ID cards can no longer be used for ML due diligence in UK
UK ID cards for migrants can no longer be accepted as proof of identity under the country’s Money Laundering Regulations, HM Customs and Excise has said.
Under the ML Regulations businesses need to carry out due diligence on their customers, which involves asking to see documentary evidence of a customer’s identity.
Since November 2008 the UK Borders Agency (UKBA) has issued an ID card to migrants from countries outside the European Economic Area (EEA) and Switzerland.
Despite the cancellation of the UK’ proposed national identity scheme in December, the government has confirmed that the compulsory ID card for foreign nationals will still be used.
However from 21 January 2011 this form of identity was longer be valid for proof of ID under the UK’s ML Regulations, and HM Customs and Excise says businesses carrying out customer due diligence on or after that date should not accept an ID card issued by the UKBA as proof of identity.
Acceptable forms of documents, data or information will still include passports and photographic driving licences, as well as a range of other paper based evidence, as well as electronic verification reports.
At least one G20 nation's critical infrastructure will be disrupted and damaged by online sabotage by 2015, according to research by Gartner.
Citing the success of the Stuxnet worm in attacking industrial control systems as a prime example of what to expect in 2011, the analyst says the biggest security concerns for the coming year will be cyber-sabotage and cyber-espionage.
Gartner says online attacks can be multimodal, in the sense of targeting multiple systems for maximum impact, such as the financial system (the stock exchange), physical plant (the control systems of a chemical, nuclear or electric plant), or mobile communications (mobile-phone message routers).
Such a multimodal attack can have lasting effects beyond a temporary disruption, in the same manner that the September 11 attacks on the US had repercussions that have lasted for nearly a decade. If a national stock market was rendered unavailable for several weeks, the Gartner report says there would be lasting effects even if there was no change in government, although it is also possible that such disruptive actions could eventually result in a change in leadership.
Gartner says that, with the help of private cloud computing, these worries can be virtually eliminated and with the year ahead set to be the year of the cloud, mass business migration to sophisticated data centres will become inevitable. As well as improved security, cloud technologies will enable companies of all sizes to cut costs and drive efficiencies by renting their IT on a pay-per-use-basis, without the hassle of maintaining or managing their own data.
The analyst predicts that by 2012, 20% of all companies will no longer own their own IT assets. Furthermore, this research goes on to indicate that by 2015, businesses will increase recognised IT spending per head by 60% and consequently tools and automation will eliminate 25% of labour hours associated with IT services.
Cosmetics website shut down after hack attack
Card details stolen in attacks taking place over several months
UK cosmetics retailer Lush shut down its website after hackers stole thousands of customer credit card numbers stored at the site over several months.
After closing the website down for transaction on January 21, the company posted a message on the site warning customers that their account information is likely to have been compromised if they conducted transactions on the site between October 20 and January 21.
Lush says it will shortly launch a completely separate and temporary website, which IT industry observers said was an indication that the security problems with the site were more serious than just fixing a few lines of coding.
The company has not released technical details of the attack, or revealed how many customers’ data were compromised. Anecdotal evidence suggest that some customers have been the victims of credit card fraud.
The card details held on Lush’s website had not been encrypted which could lead to them being banned from accepting credit card payment online under PCI-DSS industry rules. The new website it is setting up will only accepts PayPal payments, which do not require PCI compliance.
Customers of the company have criticized it for storing credit card details on remotely accessible servers which enabled the hackers to get hold of the data.
There has also been criticism that Lush discovered the issue in late December, yet affected transactions include ones made in January, and customers have only just been notified.
Ironically, Lush announced this month that it has implemented a new PCI-DSS compliant system for card transactions, but only for those occurring in its stores and not online.
The company says it is carrying out a "thorough” investigation and introducing extra security measures.
Trying to make light of the compromise, Lush also left a message for the hackers on its site which read: “If you are reading this, our web team would like to say that your talents are formidable. We would like to offer you a job – were it not for the fact that your morals are clearly not compatible with ours or our customers.”
The introduction of a UK Bribery Act would set a new bar in the fight against business corruption and any move to dilute, or drop, the proposed Act would be detrimental to the UK from a reputational point of view and question the UK’s commitment to stamping out bribery.
That is the view of compliance company World-Check, which adds that urgent clarification and further guidance is needed on many aspects of the new legislation.
Robert Mitchell, head of enhanced due diligence, EMEA, World-Check, said any review of the Act in its current form must not compromise the UK’s move to a more just and bribe-free business environment.
“Widespread confusion about the impact the Act will have on business, particularly with regards to adequate procedures and corporate hospitality, points to the fact clear guidance from the Ministry of Justice (MoJ) is crucial,” said Mitchell. “But any move to about-turn on approved legislation could have a disastrous affect on Britain’s commitment to stamping out corruption, and its chances of winning international business.”
Mitchell said it should be remembered that the previous government initiated the introduction of legislation that would see the introduction of the Bribery Act, which was then passed by the then Conservative opposition. He added that while there are a number of grey areas that require urgent clarification, the UK Bribery Act casts a wider jurisdictional net than the US Foreign Corrupt Practices Act (FCPA) once and for all – stating that corruption, private or public, large or small, is illegal.
“We feel strongly that the Act must have substance and be appropriately enforced – it is far more relevant and effective than the current Victorian legislation and quite simply, any civilised nation should not be seen to be reneging on plans to eliminate the cancer of bribery,” said Mitchell.
He added that while UK businesses have been convicted of bribery in other jurisdictions, the number of organisations being convicted in the UK is considerably lower in comparison. “That’s not to say cases weren’t brought before the courts but the current legislation has proven wholly ineffective lacking both clarity and teeth, making convictions for bribery near to impossible – this should be a clear enough sign that our legislation needs updating.
“Looking post implementation, the new laws on bribery and corruption will only truly demonstrate that the UK has changed its attitude to corruption with an increase in the levels of prosecution and severity of outcomes which will really demonstrate – and plea bargaining, as an incentive to self report, will be one way of achieving this.”
The number of ‘‘It’s
me’’ fraud cases increased by 44.5% in 2010 from a year
earlier to 4,418, according to police figures.
Victims of the fraud lost a total of 7.92bn yen last year.
The crime targets mainly elderly people to defraud them of cash cards or money by pretending to be relatives, bank officials or policemen.
Total bank-transfer frauds, including ‘‘It’s me’’ cases, fell 9.6% to 6,637 cases with fraud losses amounting to 10.09 billion yen.
Other bank-transfer crimes include cases in which people are falsely told they have incurred charges by browsing certain websites or using other services.
Annual fraud losses associated with bank-transfer scams have been going down since 2009 after totalling over 25bn yen from 2004 to 2008. In 2009, such losses fell by two-thirds from 2008.
But police data showed that the number of recorded ‘‘It’s me’’ fraud cases bounced back in 2010.
Cases recorded in 2010 included 1,333 instances of fraudsters disguising themselves as policemen or bank officials to defraud people of cash cards and then using the cards to withdraw bank savings.
Under this type of fraud, criminals typically make phone calls to people to tell them their cash cards must be replaced by new cards as their accounts are being abused by someone. Victims are then told officials will come round to collect their cards in order to reissue new ones.
The National Police Agency said it became aware of this mode of cash-card swindle for the first time in March 2009 and began compiling relevant data in 2010.
There are many cases in which criminals withdrew the full amount of a victim’s bank savings in this kind of fraud, it said.
In 2010, police arrested only 686 perpetrators of bank-transfer scams, down 28.2% from 2009. Of these criminals, 151 defrauded victims of their cash cards by disguising themselves as policemen or bank officials, it said.
Global spending on retail banking technology will increase by 24% over the next five years to hit $132bn, according to new research released by technology analyst Ovum.
The report found that ever increasing regulatory requirements will also drive investment into technologies that reduce costs, such as data management, business intelligence and analytics. Global spending on various middle-office components, such as risk management, anti-fraud, compliance or performance management, based on these technologies, will experience growth of 30% from 2010 to 2015, hitting $7.2bn.
The research indicated that Europe will have the lowest growth of all the regions, despite being the second biggest market in terms of overall spend.
The analyst believes the increase in investment will be driven by the need to grow revenues and improve customers’ trust. This will lead to accelerated investment in online and mobile banking, technology in branches (in emerging markets) and channel integration.
Ovum’s figures show that global investment in technology to allow customers to access banking services via the internet will experience growth of 33% from 2010 to 2015, to hit $9.7bn. Senior analyst Jaroslaw Knapik commented: “There is a strong focus on online platforms and their extension onto mobile devices and tablets, given their ability to service clients at a lower cost. In addition, technologies that allow ‘smarter’ selling and servicing, such as customer analytics and channel integration are expected to remain hot spot areas in the near future.”
The emerging markets will also demonstrate strong growth with Emerging Asia Pacific growing by 49% from 2010 to 2015 to hit $12.7bn. Middle East and Africa will grow by 36% during the same timeframe to hit $5.5bn.
An increase in spending on technology in branches is expected be one of the major driving forces behind this rise in the emerging markets. The area will experience global growth of 28% over the next five years to hit $18.6bn. As new branches open in the less saturated markets, investment is needed in new operations.
While Europe is the second biggest market in terms of overall spend and will reach $43bn by 2015, five-year growth will only hit 19%, the lowest of all the regions. “Recent budget crises within European governments are having a negative impact on the financial sector and consequently growth in retail banking technology in Europe will be slower than in other regions,” commented Knapik.
Breakdown of figures by sub-region (from 2010 to 2015):
- South and Central America – growth of 29% to $3.9bn
- North America – growth of 23% to $50.2bn
- Central and Eastern Europe – growth of 21% to $3.6bn
- Western Europe – growth of 19% to $40.1bn
- Middle East – growth of 30% to $2.2bn
- Africa – growth of 40% to $3.2bn
Emerging economies in Asia and Pacific- growth of 49% to hit $12.7bn. Newly industrialized and developed economies in Asia and Pacific – growth of 23% to hit $15.5bn.
Guernsey needs to be tackle the issue of money laundering
more directly, a series of new reports by the International Monetary
Fund have stated.
The IMF gave a positive assessment of the UK channel island’s laws, but said they needed to be implemented more regularly, adding that Guernsey was over-reliant on foreign law enforcers.
The IMF said the size of the financial sector and Guernsey's international status means more money laundering cases should be pursued in the local courts.
A team of six IMF assessors visited the bailiwick in May 2010. After meetings with law officers, tax authorities and regulators and companies based on the island, they produced six reports.
The reports praised Guernsey for its legal framework and the efficiency with which it reported suspicious activity, but criticised its low rate of prosecution.
However the reports added that most of the shortcomings are technicalities, and that some of the problems have already been addressed by Guernsey's authorities since the IMF visit.
of UK adults hit by card fraud
Brighton is fraud capital
Card fraud now affects
a total of 13 million people in the UK, according to new research.
The annual Card Fraud Index released by life assistance company CPP has named Brighton as the card fraud capital of the country. With the south coast city jumping from tenth place in the number of people falling victim at least once to card fraud.
The top five card fraud hotspots in the UK are Brighton (38%), London (34%), Manchester (33%), Bristol and Leeds at joint fourth place (32%) and Edinburgh (31%).
But there is some good news. 2010 saw a 3% reduction in the number of card fraud incidences with seven per cent of people saying they had suffered from card fraud in the last 12 months compared to 10% in 2009. However, card fraud is still a problem and people need to remain vigilant and take responsibility when using their cards.
The Card Fraud Index also found that the methods criminals are using, with most victims (20%) having the magnetic stripe on their card cloned at an ATM or via a Chip and PIN machine. This is a three per cent increase on 2009. One in five victims have been defrauded online with criminals using the internet to obtain card details.
A third of card fraud victims (33%) do not know how they became a financial victim, with a third hearing directly from their bank (34%) and six per cent being refused money at an ATM. A further six per cent found out when their card was refused at point of sale.
Victims of card fraud reported the average amount stolen was £417 with one in 20 (4%) reporting losses of more than £2,000.
Although card fraud has decreased year-on-year, consumers are still practicing behaviour that could put them at risk. 18% don't check ATMs to see if they have been tampered with, 17% don't shield their PIN numbers at cash points and most worryingly 16% admit to letting their cards out of sight in shops and restaurants. Moreover, consumers take an average of more than eight hours to report their cards lost or stolen, giving ample time for fraudulent use.
Sarah Blaney, card fraud expert at CPP, said: "In 2010 we saw a three per cent decrease in card fraud incidents in the UK compared to the previous year. This in itself is good news and shows how progress is being made to reduce the number of victims. In particular, online fraud has decreased, which could be a result of industry initiatives such as Verified by Visa and MasterCard SecureCode.
"We are also continuing to see consumers protecting themselves with preventative measures such as Card Protection policies that immediately cancels lost and stolen cards. However, with card fraud costing the UK £440m a year, consumers still need to remain vigilant and not let their guard down. We want to see the continued decrease in card fraud and hope that consumers will take responsibility alongside industry initiatives."
Dr Bernard Herdan, CEO of the National Fraud Authority, said: "The ongoing decrease in card fraud is a very positive sign that industry safety measures and consumers ability to self-protect are improving. However, it is important to remind consumers not to become complacent about taking precautions when using credit and debit cards.”
Reported fraud in the UK exploded over the last five years and topped £7bn, according to new figures from accountancy firm BDO.
BDO’s annual FraudTrack report predicts that the £7bn mark is just a precursor of worse things to come and warns that annual reported corporate fraud will continue to rise significantly over coming years. Areas fuelling this warning include fraud expected across commercial lending and mortgage markets.
Although reported fraud dropped in 2010 to £1.4bn from £2bn the previous year, BDO believes this is a temporary drop due to two issues facing the UK.
The first issue centres around the fact that fraud figures are seriously skewed by the trial dates of very large frauds that frequently can take in excess of a year to settle. As a result, the reported downward trend should reverse next year as cases reach their conclusion and figures are reported to regulators.
The accountancy firm says the more alarming reason is that in economic downturns whistleblowers tend to be less active. Despite pressure from management to squeeze out smaller frauds, larger frauds - which usually come to light due to the action of whistleblowers - remain undetected. At a time of cutbacks and increasing unemployment employees become disenchanted and are less likely to report suspicious behaviour. This is especially a threat to organisational survival rates as such frauds often seriously affect financial stability so in the long run everybody’s job is at risk. But if an employee feels their job is under threat or they no longer have loyalty to their employer, the likelihood is that they will not stick their heads above the parapet to blow the whistle on fraud.
With an increasing focus on fraud and bribery by US and UK regulators these organisations do not actively go out looking for large fraud but react to reports of fraud making the role of the whistleblower critical to detection and prosecution.
Simon Bevan, head of BDO’s Fraud Team, commented: “In 2010 we had 372 cases totalling £1.4bn in the UK. The highest fraud was £170m and the second highest £161m compared to the previous year that saw two frauds estimated at £200m each and one reaching the £400m mark.”
Bevan also believes that fraud is not flavour of the month with risk departments at the moment: “Every few years there is a different hot topic for organisations to address. In the past this has covered the Y2K bug and money laundering.”
He added: “The current flavour of the month is bribery. There has been widespread marketing by law firms on the Bribery and Corruption Act as well as heavy press coverage that has distracted attention away from fraud as a priority. Although risk and compliance departments should address both old and new risks, they face limited resources and giving equal attention to matters is problematic often with new risks taking a lead.”
Bevan warns against this fascination with the new: “Although you may have a theoretical loss if one of your agents is bribing a customs official in Shenzhen, you will have a crystallised bottom line loss if your UK supplier is over charging you because of collusion with a member of your purchasing department.”
Other findings of the research which examined reported frauds in excess of £50,000 include:
· Average custodial sentences have dropped to just over three years from 3.5 years
· London, the North-West and Wales are the UK’s top fraud hot spots
· Motivation - greed continues to overwhelmingly be the number one motive for fraud in the UK, accounting for over 78 percent of frauds in 2010. Fraudsters will go out of their way to embed themselves in a business for personal gain and they also make sure that they won't stand out from the crowd. From investigating hundreds of frauds in recent years, BDO finds that it is often the most trusted people in an organisation that might defraud that business.
arrested in US$100m Nigeria oil bribe case
Twelve oil industry employees of overseas companies have been arrested in Nigeria as part of an investigation into a US$100m bribery scheme.
The twelve were held as part of a probe were arrested on suspicion of offering bribes worth $100m to Nigerian officials, according to the country’s Economic and Financial Crimes Commission (EFCC).
Swiss-based Transocean, the world’s largest offshore oil drilling company, said that two of its employees have now been released. Four workers from US company Noble who were also detained have since been released as well.
Other executives who were arrested were from US companies Tidewater and Murphy Shipping.
Nigeria has been conducting a bribery investigation into French, Swiss, Italian, US and Japanese firms involved in the nation’s $62bn petroleum industry – the biggest in Africa.
The EFCC dropped bribery charges against firms in 2010, including US oil services firm Halliburton after it agreed to pay a fine. The agency gave no further details of the case against Noble, Tidewater, Transocean and Murphy Shipping.
Noble, Transocean and Tidewater settled allegations of bribery in Nigeria with US regulators in November. Transocean made illicit payments from at least 2002 to 2007 via customs agents to extend its importation status in Nigeria and to obtain false paperwork. The company agreed to pay US$7.27m in disgorgement and a US$13.44m fine.
Noble admitted making via its Nigerian subsidiary to obtain eight temporary permits and will pay US$5.58m in disgorgement and a US$2.59m fine.
Tidewater agreed to pay US$8.1m in disgorgement, a US$217,000 penalty and a US$7.35m fine for both conspiring to violate the Foreign Corrupt Practices Act and for substantively violating the Act in giving US$160,000 in bribes to Azerbaijan, and for giving US$1.6m in reimbursements to a broker in Nigeria who bribed customs officials.
The UK government is planning a major overhaul of the system for fighting corporate fraud.
Plans that will be consulted on from this spring with key stakeholders could see the Serious Fraud Office merged into the new Economic Crime Agency (ECA).
Also part of the consultation process will be whether the new body should be part of the National Crime Agency (NCA) and whether or not it should retain powers of prosecution as well as powers of investigation.
The NCA was announced by the new coalition government in July last year to replace the Serious and Organised Crime Agency (SOCA) in leading the fight against organised crime. SOCA had been launched by the previous Labour government in 2006.
Policing minister Nick Herbert told the Financial Times that the Home Office had taken over from the Treasury the project to create the ECA as a single body to combat economic crime. He said this would end the current "piecemeal" approach to combating the crime, and added: “As the department with the role of crime-fighting, it is right that the Home Office should be focused on economic crime,” he said. “There has not been that focus until now.”
Herbert said that the City of London Police would retain its role as the main anti-fraud force after the creation of the ECA.
The Treasury had previously
planned to bring together the law enforcement functions of the Serious
Fraud Office, the Financial Services Authority (FSA) and the Office
of Fair Trading within the proposed ECA.
However, the FSA won a battle to keep its powers to police insider dealing.
The minister said that the initial elements of the ECA should be in place "in shadow form” by the end of the summer.
The government says that corporate crime costs the country £30bn a year and is increasing. Its high level of complexity has made the offence very difficult to prosecute with a relatively small number of prosecuted each year.
The government says its current plans are at an early stage, but that reform is needed as corporate fraud cases are perceived to move too slowly and garner lenient sentences compared to offences such as robberies.
It added that, as part of the plans to create the ECA, it was hoped to world-class specialisations in asset recovery and digital forensics (where the movement of funds through computerised accounts is tracked).
Economic Crime Agency
The establishment of an Economic Crime Agency in the UK follows on from the decision to transfer part of the Financial Services Authority’s supervisory functions to the Bank of England in the wake of the credit crisis.
The Serious Fraud Office will be fully absorbed into the ECA, but other details remain unclear. For example, it is not yet known which parts of the Office of Fair Trading and the FSA are to be transferred in.
January 17, 2011
Six more MPs facing fraud investigations
Six more UK members of Parliament are to be investigated for fraud after whistleblowing allegations over false expenses claims made by a Labour MP.
The six cannot be named for legal reasons but are reported include an ex-Labour Cabinet Minister, two other Labour MPs, one Liberal Democrat and two Conservatives.
The MP who passed on the
names of the other six members has also been under police investigation
into expenses. He is reportedly not one of the politicians who are currently
awaiting trial for expenses fraud who include two former Labour MPs
Elliot Morley and Jim Devine and Conservative House of Lords member
The whistleblowing MP highlighted claims by colleagues which were similar to his own expenses for household expenditure such as council tax, maintenance and utility bills.
The Metropolitan Police has already passed cases of 10 MPs to the Crown Prosecution Service of whom six have been charged with fraud. Two of the cases are being examined while two others have been closed.
The investigations have so far led to an 18-month prison sentence for former Labour MP David Chaytor for false accounting, while Barnsley Central MP Eric Illsley is resigning from his parliamentary seat after being convicted over false claims of more than £14,000. He will be sentenced in February.
India’s financial watchdog Sebi has warned financial market players that entities and funds from Iran they deal with from Iran may be connected to money laundering and the financing of terrorism.
The warning, issued to stock exchanges and other market intermediaries through a circular, contained a global financial market caution notice on Iran by the Financial Action Task Force (FATF).
The stock exchanges, in turn, have asked brokers to ensure compliance with the Sebi circular.
All Indian financial institutions have been advised "to give special attention to business relationships and transactions with Iran, including Iranian companies and financial institutions."
India became a member of OECD body FATF in 2010, following which the country is required to follow the global standards set by it against money laundering and terror financing activities.
Paris-based FATF informs the central government of its member countries about all its caution notices and policies, which in turn are forwarded to the concerned enforcement and regulatory agencies.
Iran has been subject to various sanctions from the US and European countries to prevent the flow of funds for financing the country's nuclear ambitions and terror-related activities. There have been demands in the US for asking all listed companies to mandatorily disclose any Iranian links.
In its latest public notice, FATF has named Iran as a jurisdiction for which countries need to apply counter-measures to protect the international financial system from substantial money laundering and terror financing risks.
FATF has also asked its members "to apply effective counter-measures to protect their financial sectors from money laundering and financing of terrorism risks emanating from Iran."
The task force said it would consider asking its members to its members to strengthen counter-measures in February 2011, if Iran fails to take any concrete steps in this regard.
Two thirds of US SMEs believe they are not vulnerable to card data theft
Almost two-thirds (64%) of US retailers believe that their business is not vulnerable to credit/debit card data theft and 60% are unaware of the costs they could incur in the event of a breach.
Those are among the findings of a new survey by the National Retail Federation and payment processor First Data covering the data security and fraud prevention strategies practiced at small to mid-sized retailers. Most of the retailers surveyed had annual sales of less than US$100,000.
An overwhelming majority of respondents (86%) stated they care about keeping their customer card information secure and feel payment card data security is important to their business.
While two-thirds (66%) of respondents to the survey claimed awareness of the Payment Card Industry Data Security Standard (PCI DSS), only 49% of respondents had completed a self-assessment at the time of the survey. Among those who had heard of PCI DSS; however, 42% did not know that merchants are obligated to conduct the self-assessment annually and 41% had not heard of the recent change in regulations.
The survey also showed there appears to be some confusion among retailers regarding the liability costs in the event of a data security breach. More than 60% of these smaller merchants did not realize that credit card companies are authorized to fine their business a per-card fee for every card that has to be canceled if it is determined that they are the source of a data breach. According to the 2009 US Cost of a Data Breach Study by the Ponemon Institute, the average cost for merchants coping with a data breach in 2009 rose to $6.7m with the cost per customer record breached estimated at $204.
Most of the specific data security and fraud prevention practices cited in the survey were familiar to the majority of respondents with several of the strategies already integrated into their business operations.
Restricting physical access to cardholder data and using anti-virus software were the two most frequently reported protection methods (76%). Other practices toward the top of the list were restricting access to cardholder data by business need to know (67%); developing and maintaining secure systems and applications (64%); and maintaining a policy that addresses information security (63%). Of those who electronically-store cardholder data, 68% also take steps to protect that data and 53% use encryption technology.
More than 4% of respondents reported having been a victim of any one type of fraud listed in the survey. Although the percentage appears low, it equates to a potential one million small businesses being impacted. The latest Federal data estimates there are approximately 24.6 million small businesses currently operating in the United States.
Physical theft or tampering with terminals and computer viruses, including malware, were the top two fraud and security incidents experienced by respondents at 37% and 22%, respectively. Employee misuse or theft of card data accounted for another 17% of incidents.
"Our survey results illustrate that smaller retailers take protection of their customers' sensitive payment card data very seriously and continue to add more layers of security to their business operations," said Mark Herrington, senior VP of global product management and innovation, First Data. "The finding we found most intriguing was the confusion around the potential liabilities in the event of a data breach. We're confident that continued education in the payments industry will raise awareness of the importance of annual self-assessments and the right mix of data security and fraud prevention tools."
Eric Illsley has become the second UK member of Parliament to be convicted of expenses fraud.
The Barnsley Central MP follows fellow Labour member David Chaytor who was jailed for 18 months on January 7 for falsifying £20,000 worth of taxpayer-funded expenses.
Illsley was suspended by the Labour Party after being charged with false accounting in his expense claims and currently sits as an independent. He will be sentenced in February and faces automatic disqualification from parliament if he is sent to jail for over a year.
Since the MP expenses scandal
broke in 2009, hundreds of MPs have been ordered to repay a total of
over £1m and the system has been overhauled.
Revelations in the Daily Telegraph showed MPs from all the main parties had made claims for items ranging from toilet paper to dog food, moat cleaning and ornamental duck houses.
Breach of trust
The judge in the Chaytor case, Justice John Saunders, said the MP had breached the trust placed in MPs by the public with his false claims for rent and IT work and had subsequently been vilified and humiliated.
"That is an inevitable consequence for people who aspire to and achieve important public positions together with the influence which goes with those positions and who then defraud the public who elected them," he said. "The public understandably feel cheated by what has happened."
Two other former Labour MPs Elliot Morley and Jim Devine and Conservative House of Lords member Lord Hanningfield are also facing criminal charges following a nine-month police investigation.
Parliament’s expenses watchdog IPSA (the Independent Parliamentary Standards Authority), which was set up in May 2010 in the wake of the scandal to implement tougher rules on expenses, has started a review of the MPs’ scheme which it says will give the public a greater say in what they can claim for.
IPSA chairman Sir Ian Kennedy says he will ask members of the public to send in their views in a six-week consultation period.
The watchdog has proved unpopular with MPs during its brief life with complaints that it has imposed excessive administrative burdens on them.
The MPs claim they should be attending to the needs of their constituents rather than those of the authority. Some have said they have been unable to pay their staff as IPSA has taken so long to process claims.
A City trader has admitted carrying out a £14m investment fraud that claimed 350 victims.
A court in London heard that Terence Freeman set up the Ponzi scheme to fund a luxurious lifestyle.
The 62-year-old admitted fraudulent trading and the judge at Southwark Crown Court said he faced a lengthy prison term when sentenced.
One of Freeman's victims was said to have invested £1.5m through Freeman’s company GFX Capital Markets. He was told his investment had risen to £2.7m, and later found just £15,000 left in his trading account. City of London Police said Freeman hid the fact that he was losing investors' money on the markets for several years.
Judge Geoffrey Rivlin QC said: "People were putting good money into this business and they were being conned."
Freeman had recently been released from a previous prison sentence for being a company director while disqualified when he began carrying out his Ponzi scheme.
He changed his surname to from Sparks to Freeman on being released from prison, and set up GFX Capital Markets which he claimed would bring large returns for investors on foreign currency exchanges.
Freeman invested heavily in dollars, but was severely hit by the collapse of finance company Lehman Brothers during the 2008 banking crisis.
The authorities became aware of Freeman when he rang the police to say his investors were threatening him.
Freeman admitted five other offences, and three charges relating to money laundering - to which he pleaded not guilty - were left on file.
Bank of America has created a 15 to 20-person ‘war room’ headed by chief risk officer Bruce Thompson to defend itself against the likely imminent publication of compromising information from whistleblowing website WikiLeaks.
WikiLeaks founder Julian Assange has been threatening since November 2010 to release compromising emails from a senior executive at Bank of America that reveals what he describes as an "ecosystem of corruption".
Assange now says he plans to release thousands of internal documents that will “take down” an unnamed major US bank (widely assumed to be BofA).
He added that the leaked documents will give a "true and representative insight into how banks behave at the executive level in a way that will stimulate investigations and reforms". He said the revelations would lead to the resignation of the senior leadership of the bank in question.
Straight after Assange made his statement in November, BofA held a conference call between senior executives to set up a risk and defence strategy.
The team headed by Thompson is made up of members of several departments, including finance, technology, legal and communications. It is examining what the leaks might contain and how they occurred. It is making regular reports to CEO Brian Moynihan.
The New York Times reported this month that the team has so far been unable to establish what documents Wikileaks may have.
The current storm over Wikileaks broke in November last year, when it began releasing the first of what it says are over 250,000 US State department diplomatic cables that it possesses. The missives contain unguarded remarks from US embassies around the world on issues including the War on Terror, ongoing tensions in the Middle East, and both critical and positive remarks from embassy officials about their host nations.
The leaked documents, which were widely reported by newspapers around the world, contain a number of embarrassing revelations for the US such as the fact that both it and the UK had eavesdropped on UN Secretary General Kofi Annan prior to the 2003 invasion of Iraq in 2003 – a contravention of international treaties that prohibit spying at the UN.
In December BofA joined MasterCard, PayPal and Visa Europe in announcing it would not process payment transactions that it believed were connected to WikiLeaks.
The websites of the two payment networks and PayPal were the targets of denial of service attacks by Wikileaks supporters after introducing their bans.
As a preemptive measure against the possible revelations
from WikiLeaks, Bank of America is reported to have purchased hundreds
of abusive domain names. Domain Name Wire said BofA has been aggressively
registering domain names including those consisting of directors’
names followed by "sucks" and "blows".
The bank registered several domains for CEO Brian Moynihan including BrianMoynihanBlows.com, BrianMoynihanSucks.com, BrianTMoynihanBlows.com, and BrianTMoynihanSucks.com. BofA reportedly registered hundreds of such domain names on 17 December alone.
BofA, which has not publicly commented on its defence strategy, has also brought in consulting firm Booz Allen Hamilton to manage the defence review, and consulted external lawyers about the legal issues that could result from a leak
French engineering group denies bribery claims
French engineering group Alstom has denied allegations from the UK’s Serious Fraud Office that it paid £81m in bribes to officials to win overseas contracts.
Three UK-based Alstom executives – UK president Stephen Burgin, finance director Robert Purcell, and legal director Altan Cledwyn-Davies - were arrested and questioned over the allegations in March last year.
The SFO suspected them of "bribery and corruption, conspiracy to pay bribes, money laundering and false accounting". A number of Alstom properties in the UK were also searched. The three were subsequently released without charge.
Court documents filed by the SFO and the police claim that £81m were made in corrupt payments by Alstom’s UK operations to foreign officials between 2004 and 2010. The SFO claims the company attempted to disguise the payments as consultancy agreements.
The company has denied the claims and has challenged the legality of the arrests of its executives.
Stephen Burgin and Robert Purcell have been granted a judicial review into whether the police had reasonable suspicion to arrest them and search their homes. Alton Cledwyn-Davies died last April.
The SFO investigation is
linked to a Swiss enquiry into alleged bribery at Alstom dating back
Alstom builds power stations and the TGV high-speed trains, and has 80,000 employees and offices in 70 countries.
The newly-published Barometer found that 42% of all cases were levelled at the public purse, totalling £571m. This was an increase of nearly 20%, from 59 instances in 2009 to 70 in 2010.
One of the biggest cases was worth £103m, in which a 48-year-old man claimed a flood of fraudulent bids for tax breaks on research into green technologies.
Hitesh Patel, KPMG forensic partner, commented: "Government agencies, like commercial businesses, have been increasingly vulnerable to the threat of fraud. In a year of austerity measures implemented by Government, tax increases, the threat of rising unemployment, and significant structural change it is hardly surprising that the long fingers of the fraudster have reached into the public purse.
"Fraud is not a victimless crime, particularly at a time when the country deficit is so high. Anti-fraud measures need to be reviewed and amplified by the public sector to combat this assault.”
The Government is now making £900m available over the spending review period to raise additional revenues from those who undermine the tax system. They have estimated that this should bring in around £7bn per annum, by 2014-15, in additional tax revenues.
The volume of UK fraud cases snowballed in 2010, with 314 incidents reported (total value of £1.374bn), the highest level ever recorded in the 23-year history of KPMG's Fraud Barometer. This was up 16% on the previous year (271).
"Businesses trying to survive and individuals seeking to maintain lifestyles by whatever means will have undoubtedly driven the numbers up - it is are these same vulnerable groups that will have been the prey for professional criminals,” said Patel.
Management remained unchecked during 2010, as fraud increased in this group by 20% year-on-year, to £419m. Being in a position of trust and authority enabled management to cause greater financial damage than employees - i.e. 61 cases totalling £419m in 2010 compared with 79 cases totalling £129m respectively.
The biggest case over the
last 12 months was worth £200m - in which a director of a City
firm transferred large sums of taxpayer money out of the country. He
then went on to set up a currency exchange business to help more than
100 criminal clients clean up the proceeds of their fraud.
However, professional criminals remain the biggest threat to the UK, being largest group of perpetrators of fraud, recording a total of £709m in 2010 (51%) compared to £718 million in 2009.
Patel said that professional gangs are “the chameleons for the fraud world: constantly changing their colours to constantly creep one step ahead of technological development, exploiting business evolution for nefarious ends.”
Determined fraudsters continue to adapt and exploit new technology, as one case in the Midlands demonstrated, where a DJ was accused of plotting a credit card scam on the iTunes website. Both the man and his ten accomplices targeted the Apple and Amazon sites with twenty songs which they then sold through the respective websites. It is thought that they then stole approximately 1,500 credit cards to buy the songs, and then claimed back just under £469,000 in royalties.
Patel commented: "The online universe has opened up a whole new world for innovative fraudsters. While credit card and data theft remain common tools from which they are able to profit, the need for ever more effective techniques to combat fraud grow greater by the day. Unfortunately anti-fraud measures do not always keep pace with professional criminal activity.”
Mortgage fraud, which was rife in the first half of 2010, plummeted, from July to December, dropping from 21 to 13 cases (£96m - £12.4m) suggesting the bigger, which KPMG says is an indication that more organised mortgage fraud is being tackled head on by the financial institutions.
Visa announces “significant” improvements to fraud detection capabilities
Visa Inc says it
has made “significant” improvements to its security capabilities
which will greatly improve its ability to detect and prevent global
The payments network says its VisaNet global processing platform has enabled it to develop new fraud models to enhance the speed and accuracy with which it detects attempted payment card fraud.
In a statement it said: “An analysis of past global transactions suggests Visa's enhancements could help identify US$1.5bn in fraud, representing a 29 percent performance improvement from 2009. In particular, fraud detection rates on the riskiest transactions improved by 122% over the previous model.”
Visa attribtutes the increase in fraud identification to improvements in its Advanced Authorization security technology that analyzes and scores every Visa transaction for its fraud potential. It says that a new operating system implemented recently allows more information to be analyzed at once and performs more complex processing functions in milliseconds to provide it with a comprehensive view into the global payments system, and improving its ability to detect and prevent fraud in near real-time.
It says the improvements mean that Visa and its card issuing financial institutions will be able to more finely target different types of fraud and better isolate fraudulent transactions from legitimate ones.
"The growth of digital currency has yielded vast benefits to consumers, merchants and entire economies around the world. Continued success requires that every time a consumer uses their Visa card, there's confidence that the purchase will be convenient and secure," said Jim McCarthy, global product executive, Visa Inc.
Visa says it has enhanced its fraud reduction capabilities in a number of ways:
• Visa Advanced Authorization is better able to detect "high speed fraud," where criminals attempt multiple transactions within a very short time period – minutes or even seconds apart. Because Visa's network is not only able to process thousands of transactions per second, but also instantly recall and analyze millions of pieces of information in its memory, Visa is able to identify emerging fraud trends as they happen – not hours or days later.
• A new cross-border model takes advantage of Visa's unrivaled global transaction perspective to increase fraud detection for transactions occurring outside a cardholder's home country. By being able to build "models-within-models," Visa is able to better focus on specific transactions types, fraud types and Visa product types. The new modeling capabilities are so powerful that it allows Visa to detect more than three times the amount of fraudulent cross-border fraud than previously identified.
VisaNet is the foundation
of Visa Advanced Authorization, providing a modular processing platform
that is able to handle more than 20,000 transactions per second and
an unprecedented amount of processing memory to track emerging fraud
trends as they occur. As Visa processes more transactions, the data
helps further enhance the models over time and better identify potential
fraud across the entire network.
According to McCarthy, fraud rates within the Visa system remain flat, having fallen to historic low levels: "Visa's continuous investments in the most sophisticated fraud-fighting systems have helped us to stay a step ahead of the criminals."
A former risk manager at German bank BayernLB has been arrested for allegedly receiving $50m in payments linked to the sale of a stake in the Formula One (F1) motor racing business.
Prosecutors allege Gerhard Gribkowsky was paid the money as ‘kickback’ after the state-owned bank sold its stake in F1 to CVC Capital Investment, the company holding the rights to the sport.
He was arrested on charges of corruption, tax fraud and breach of trust in connection with BayernLB.
Gribkowsky is alleged to have sold his stake “without evaluation of its current value".
This led to him receiving "two consultancy contracts totalling $50m", which he is alleged to have paid into companies he established in Austria, prosecutors claimed.
CVC Capital Partners said in a statement that it had no knowledge of the investigation or any of the circumstances surrounding it.
“CVC confirms that it has no knowledge of, nor any involvement in, any payment to Mr Gribkowsky or anyone connected with him in relation to CVC’s acquisition of Formula One,” the company said.
Financial firms need better risk data, finds global report
Financial services firms
around the world have made progress in developing risk appetite frameworks
but the gathering of effective risk management data remains a challenge,
according to a new report.
Senior financial supervisors from 10 countries — collectively, the Senior Supervisors Group (SSG) —issued the report that evaluates how financial institutions have progressed in developing formal risk appetite frameworks and in building out highly developed IT infrastructures and firm wide data aggregation capabilities.
The report — Observations on Developments in Risk Appetite Frameworks and IT Infrastructures — concludes that while firms have made progress in developing risk appetite frameworks and have begun multi-year projects to improve IT infrastructure, considerably more work must be done to strengthen these practices. In particular, the aggregation of risk data remains a challenge, despite its criticality to strategic planning, decision making, and risk management.
"We believe that vigorous leadership and a commitment to strengthening management's ability to make judgments about risk will prove essential in the uncertain times ahead," said group chairman William Rutledge, who is executive VP in charge of supervision at the Federal Reserve Bank of New York.
He added that significant progress has been made since an earlier report was published that looked into risk management lessons from the 2008 global banking crisis but warned that a great deal more work was still needed.
The report authors conducted a series of interviews with boards of directors and senior management of global financial institutions to gauge progress in risk appetite frameworks, while another working group on the report focused on IT infrastructure based its views on observations from a number of existing supervisory efforts.
The report represents a joint effort on the part of twelve supervisory agencies: the Canadian Office of the Superintendent of Financial Institutions, the French Prudential Control Authority, the German Federal Financial Supervisory Authority, the Bank of Italy, the Japanese Financial Services Agency, the Netherlands Bank, the Bank of Spain, the Swiss Financial Market Supervisory Authority, the UK Financial Services Authority, and, in the United States, the Office of the Comptroller of the Currency, the Securities and Exchange Commission, and the Federal Reserve.
Police say they will not be charging Citigroup CEO Vikram Pandit in connections with the alleged fraud that took place at its Indian operation.
said they had “no intention” of charging Indian-birn Pandit
or other board members of US banking giant Citigroup.
Senior Citigroup managers, including Pandit, were named in a complaint by Indian businessman Sanjeev Aggarwal who lost money in the fraud at a branch in the town of Gurgaon near the capital New Delhi.
Aggarwal claims that the fraud "points to a systemic failure" in the global bank for which senior management should be held responsible.
Citibank responded in a statement that "claims against senior executives are completely without basis and we intend to contest them vigorously."
Investigations have shown that employees at the bank in Gurgaon, where many international companies are based, had forged letters to divert funds and sell fake investment schemes. A senior manager working for India's biggest motorcycle maker, Hero, has also been arrested in the case.
In late December police arrested Gurgaon Citibank employee Shivraj Puri on charges of defrauding investors and diverting more than R4bn (US$88m).
"It is only the complainant who has named these persons and not the police," said Surgeet Singh Deshwal, police commissioner in Gurgaon.
"As per our investigations, remotely settled authorities cannot be held responsible for a local incident," Deshwal told commented, a day after India's central Reserve Bank of India promised an independent investigation into the fraud.
January 6, 2011
Students arrested over PayPal fraud
Pair suspected of involvement in large Vietnamese underground operation in US
Two foreign exchange students have been arrested in the US over suspicions of involvement in a Vietnamese criminal gang that uses stolen credit card numbers to commit frauds using the PayPal online payment system.
Winona State University students Tram Vo and Khoi Van are thought to have taken part in the fraud that has affected websites including Amazon, eBay, Apple and Rosetta Stone.
The Vietnamese pair, who are yet to be charged, are suspected of setting up over 150 eBay, and more than 300 PayPal, accounts using stolen identities of US citizens. The accounts were used to sell video games and iTunes gift cards worth over US$1.2m on eBay.
To obtain the items they were selling, the men are alleged to have bought them directly from manufacturers using stolen credit card details, shipping the goods directly to the eBay buyers.
The stolen funds were then transferred from PayPal to dozens of bank accounts including ones at Wells Fargo and HSBC, and were then moved on to Vietnam and Canada.
According to an affidavit filed by Homeland Security Investigations Special Agent Daniel Schwarz, the investigation into the international crime ring, dubbed “Operation eMule,” has been ongoing since September, 2009, utilizing the assistance of other law enforcement agencies including the National Cyber Crimes Center (C3).
According to Schwarz, the operation is part of the “Vietnam Underground Economy,” an elaborate network that has fraudulently obtained hundreds of millions of US dollars in illicit funds and high end electronic merchandise, then laundered or shipped it back to Vietnam.
The lawyer for Russian oligarchMikhail Khodorkovsky has appealed his sentence of six further years in jail on fraud and money laundering charges.
Karinna Moskalenko said she filed the appeal on the final work day before the New Year vacation (the first ten days of January are national holidays in Russia).
On December 30 last year a judge ordered that Khodorkovsky and his former business partner Platon Lebedev should remain in prison until 2017 for stealing 218 million tons of oil from their now defunct Yukos oil company and laundering the proceeds. Lebdev is also appealing his sentence.
It is the second conviction for both Khodorkovsky and Lebedev, and the additional 14-year sentences, although back-dated to coincide with the date of their original arrests, means both men will remain behind bars for a further six years.
The trial of Khodorkovsky
, a political rival of Prime Minister Vladimir Putin, has drawn major
criticism from Europe and the US, with allegations that it was politically
motivated and an attempt to sideline Khodorkovsky prior to the 2012
However, Russia's Foreign Minister, Sergey Lavrov, strongly denied the allegations.
“Russia's courts are
dependent neither on foreign nor on Russian agencies. If this verdict
strongly alarms anybody, I would like to remind them that the accused
has the right to appeal,” he told the Interfax news agency.”
Critics of the trial say Khodorkovsky and Lebdev are being punished for challenging the authority of Putin when he was president and Khodorkovsky, as head of the Yukos oil giant, was Russia's wealthiest man and an outspoken critic of the government.
iovation fraud protection
e-money network Ukash has adopted iovation’s ReputationManager 360 for global fraud protection across its e-commerce payment services.
Through its single-use prepaid voucher, Ukash enables consumers to convert their cash into electronic money which can then be spent at participating merchants, reloaded into e-wallets and prepaid cards or sent around the world.
iovation ReputationManager 360 is a fraud prevention solution that combines customizable business rules, risk profiles, and the shared experiences of more than 2000 fraud analysts from leading brands worldwide.
Over 30 major financial services firms use iovation's fraud protection service that incorporate intelligence about end-user devices, associated accounts, and shared history.
iovation CEO and founder, Greg Pierson commented: “Ukash joins a growing group of the largest financial services clients in the world that report and share their fraud and abuse experiences. Together, we’ve created a collaborative environment to mitigate risk and help make the Internet a safer place to interact and do business.”
The 2010 Barometer captures the experiences and views of more than 91,500 people in 86 countries and territories.
Views on corruption were most negative in Western Europe and North America, where 73% and 67% of people respectively thought corruption had increased over the last three years.
"The fall-out of the financial crises continues to affect people's opinions of corruption, particular in North America and Western Europe. Institutions everywhere must be resolute in their efforts to restore good governance and trust," said Huguette Labelle, Chair of Transparency International.
In the past 12 months one
in four people reported paying a bribe to one of nine institutions and
services, from health to education to tax authorities. The police are
cited as being the most frequent recipient of bribes, according to those
surveyed. About 30 per cent of those who had contact with the police
reported having paid a bribe.
More than 20 countries have reported significant increases in petty bribery since 2006. The biggest increases were in Chile, Colombia, Kenya, FYR Macedonia, Nigeria, Poland, Russia, Senegal and Thailand. More than one in two people in Sub-Saharan Africa reported paying a bribe - more than anywhere else in the world.
Poorer people are twice as likely to pay bribes for basic services, such as education, than wealthier people. A third of all people under the age of 30 reported paying a bribe in the past 12 months, compared to less than one in five people aged 51 years and over.
Most worrying is the fact that bribes to the police have almost doubled since 2006, and more people report paying bribes to the judiciary and for registry and permit services than five years ago.
Sadly, few people trust their governments or politicians. Eight out of 10 say political parties are corrupt or extremely corrupt, while half the people questioned say their government's action to stop corruption is ineffective.
"The message from the 2010 Barometer is that corruption is insidious. It makes people lose faith. The good news is that people are ready to act," said Labelle. "Public engagement in the fight against corruption will force those in authority to act - and will give people further courage to speak out and stand up for a cleaner, more transparent world."
the hack itself occurred via a SQL Injection attack.
In such an attack, the hacker gains illegal access to information in
the database. As media reports have shown, the hacker launched the attack
on September 26 over a 3 week period obtaining over 100K credit card
details including the account number, expiration date, CVV2, and other
personal identifying information such as home and email addresses.
According to Amichai Shulman, chief technology officer with data security specialist company Imperva, whose team have investigated this attack, what they found was an Indonesian hacker’s blog listing numerous websites vulnerable to attack, including the site of CitySights. Interestingly enough, the blog’s entry was dated September 9th – more than two weeks prior to the initial attack campaign.
The PCI regulation, mandated by major credit-card processing companies including Visa and Mastercard, defines the required security controls to be placed on the storage and processing of credit cards. The PCI regulation includes specific requirements in regards to the storage of unencrypted credit card data as well as prohibiting the storage of sensitive authentication data (CVV2) in the same place.
Since the hacker was able to gain access to this data, says Shulman, “it may indicate that the firm’s data security practices are not aligned with PCI DSS requirements.”
An added mistake is that the tour company had hastily offered a 50% discount voucher to its affected customers. Ironicall, Shulman says, they posted the discount code online, making it available for anyone. This in itself will have major repercussions for the company.
The Securities and Exchange Commission is thought to be conducting a wide ranging investigation into frauds being carried out in collaboration between US and Chinese businesses.
The Commission has this month fined a US audit company and one of its partners US$129,500 for “improper professional conduct” in connection with a Chinese energy firm accused of accounting fraud.
The SEC said that California-based Moore Stephens Wurth Frazer & Torbet “did not exercise professional skepticism and due professional care” in audits of
China Energy Savings Technology. Kerry Dean Yamagata, the partner at Moore Stephens responsible for the audits, was barred from practicing as an independent accountant for at least two years.
The rapidly expanding Chinse economy is presenting numerous opportunities for financial fraud and the SEC is though to be investigating accusations that US
companies and individuals, with co-conspirators in China, have defrauded US investors out of billions of dollars via a specific method of taking a company public: the reverse merger.
Several Chinese IPOs have been suspected of being fraudulent in recent years.
China Energy Savings Technology,
Fuwei Films, and China Water and Drinks, after they listed in the US,
were found to have engaged in fraud.
In addition, China Life Insurance was plagued by $652m in "financial irregularities" for months after its IPO.
Plans for listing China's only privately held bank were delayed after the firm admitted faking a shareholder meeting.
FSA fines up by 154%
The Financial Services Authority (FSA) handed out £88m in fines during 2010, a figure almost twice as high as last year’s total penalty, new research has found.
According to legal firm Reynolds Porter Chamberlain (RPC), the £88.4m was a record for the UK regulator and up by 154% on the £34.8m imposed during 2009.
Findings from the research showed that the number of fines more than doubled while the average size of a fine increased by 15.5% to £1,005,000 from £870,000.
The number of fines of more than £1m also increased from eight to 13 during the period.
Richard Burger of RPC said: “The FSA has been much more aggressive this year. The FSA has had new political masters to impress this year but we may have reached the point where this level of regulation could be having a negative effect on the financial services sector.
“The FSA handed down record fines this year, but with more cases coming through its new financial penalty policy in the year ahead, it looks like the FSA could break its enforcement record yet again."
RPC said the introduction of ‘PS10/4: Enforcement financial penalties’ in March was one of the reasons behind the rise.
However, the organisation also predicted that figures should increase further during next year as many 2010 fines will not have been charged under these new regulations.
Deutsche Bank agrees
to pay US$553.6m to settle fraud probe
Second European bank caught in US crackdown
Deutsche Bank has agreed to pay a US$553.6m penalty after admitting that it criminally helped affluent US citizens hide US$29bn overseas to avoid taxes.
The penalty, which will end the case and prevent the bank being prosecuted, included the return of all fees Deutsche bank earned on fake shelters between
1996 and 2002, all unpaid US taxes, in addition to a US$149.8m civil fine. The bank is said to have helped 2,100 customers evade taxes through 2,300 financial transactions.
Some former Deutsche Bank executives, and their clients, could still face criminal prosecution as they are not protected by the settlement.
"This settlement marks another victory in the long effort to stop financial institutions, law firms and accounting firms from designing and marketing abusive tax shelters, and facilitating those who use them," said Senator Carl Levin, chairman of the Permanent Subcommittee on Investigations, which has been investigating tax shelters for almost a decade.
The US crackdown on tax shelter frauds is being headed by Manhattan Attorney Preet Bharara. In 2009 Swiss-based UBS was fined US$780m for helping US citizens conceal around $20m from the tax authorities.
The UK's HSBC for is also under investigation for tax-shelter schemes, in addition to banks in Asia and the Middle East.
The investigation into Deutsche Bank resulted from an earlier inquiry into the accounting company KPMG, which marketed tax shelters.
In a statement Deutsche Bank said it was "pleased that this investigation, which concerned transactions that ceased more than eight years ago, has come to a resolution."
It added that that the $553m penalty would not affect net income and said: "Since 2002, the bank has significantly strengthened its policies and procedures
as part of an ongoing effort to ensure strict adherence to the law and the highest standards of ethical conduct."
Deutsche Bank reached the settlement after becoming increasingly concerned over evidence that might emerge in the forthcoming trial of two former employees, David Parse and Raymond Craig Brubaker, who were indicted for fraud and conspiracy in 2009 for their role in selling tax shelters.
The trial is due to start on February 28 in Manhattan.
Ernst & Young sued in US over Lehman collapse
New York attorney general Andrew Cuomo has issued a lawsuit against accounting company Ernst & Young over its role in the collapse of Lehman Brothers which sparked the 2008 financial crisis.
Cuomo claims that the company was complicit in a "massive accounting fraud" carried out by the investment bank. As reported in Fraud Watch on December 20, Cuomo alleges that Ernst & Young "stood by" while the investment bank used what it called ‘Repo 105’ transactions to temporarily improve its balance sheet.
The confirmation of the lawsuit represents the first time that one of the '"big four" accounting firms has been targeted over its role in the financial crisis.
"These Repo 105 transactions had no independent business purpose and were designed solely to enable Lehman to manage the company's financial balance sheet 'metrics'," the 32-page suit claims.
Ernst & Young said it intended to "vigorously defend" against the civil claims lodged by Cuomo. It added: "In short, Lehman's bankruptcy was not caused by any accounting issues.
“Lehman’s audited financial statement clearly portrayed Lehman as a highly leveraged entity operating in a risky and volatile industry.”
Cuomo's lawsuit counters: "At a time when it was critical for investors to make informed decisions as to whether to keep or to buy Lehman, Ernst & Young assisted Lehman in defrauding the public."
The lawsuit alleges that the accountant made over $150m in fees auditing Lehman's books between 2001 and 2008.
It has not named as defendants any former top executives at Lehman Brothers.
BAE Systems has been fined
£500,000 by a UK court for not keeping proper records of payments
it made to an adviser in Tanzania.
The ruling by a judge at Southwark Crown Court comes after the company had already agreed a deal with the Serious Fraud Office (SFO) to end the six-year investigation, and threatens the future of US-style plea bargains to settle fraud cases in the UK.
The case had been seen a test for UK courts’ acceptance of plea bargains. BAE was fined US$400m by US regulators over the case. The minimal UK fine will be seen as a sign of the weakness of the SFO agreement to an investigation that involved into billions of dollars of payments allegedly made over many years to secure contracts for BAE in Europe, the Middle East, Africa and Latin America.
The defence group
has been under investigation for paying £7.7m to two firms controlled
by businessman Shailesh Vithlani prior to winning a £28m Tanzanian
military radar contract.
BAE will also have to pay a lower than expected fine of £225,000 costs as part of the court decision. The judge, Mr Justice Bean, said he was under pressure to keep the court fine to a minimum. He was heavily critical of the SFO’s settlement with BAE, saying it was “loosely and perhaps hastily” drafted.
Under the agreement struck between the SFO and BAE, the company would deduct the fine from the £30m it had offered to the people of Tanzania to settle the case.
"The structure of this settlement agreement places moral pressure on the court to keep the fine to a minimum so that the reparation is kept at a maximum," said the judge.
He also criticised another part of the SFO agreement which he said gave any member of BAE Systems group "blanket immunity for all offences committed in the past, whether disclosed or not".
Kazakh threat to Swiss ML case
Switzerland’s money laundering case against Kazakh billionaire Timur Kulibayev has been thrown into doubt by Kazakhstan’s authorities.
The country has been hitting back at outside attacks on its business culture, and a spokesman for its Prosecutor General's Office said: "Because today we have received no request from any foreign government to assist in investigation, it follows that the reliability of this information cannot be officially confirmed.”
Kazakhstan has been questioning allegations of wrongdoing by Kulibayev, the son-in-law of President Nursultan Nazarbayev, who is the most powerful figure in the national oil industry.
The Swiss federal prosecutor started a money laundering investigation into Kulibayev for money laundering in November, on the basis of evidence supplied by his unnamed Kazakh clients. He is suspected of laundering SFr600m (US$597m) through bank accounts in Zurich, Geneva and Lugano.
Kulibayev and others are accused of using the Swiss banking system to conceal the the proceeds of frauds carried out in Kazakhstan.
At the start of this year Kulibayea's wife Dinara, the daughter of the Kazakh president, bought a huge Swiss property in Anières worth SFr74.7m.
The claims have been dismissed by senior Kazakh officials as originating from banker Mukhtar Ablyazov, who fled the country last year to London and is accused of defrauding billions of dollars from BTA, of which he was chairman.
Ablyazov alleged in September that Kulibayev had bought Prince Andrew’s former marital home Sunninghill Park to launder money received illicitly as part of the sale of oil assets to Chinese oil company CNPC.
Auditor Ernst & Young is facing civil fraud charges over its role in the 2008 collapse of Lehman Brothers.
New York Attorney General Mario Cuomo is reported to be planning to file charges, possibly before Christmas, alleging that Ernst & Young stood by while the investment bank used what it called ‘Repo 105’ transactions to temporarily improve its balance sheet.
The transactions are alleged to have enabled Lehman to downplay its leverage in late 2007 and 2008 by temporarily moving around US$50bn worth of assets off its balance sheet.
Cuomo alleges, according to a report in the Wall Street Journal, that the auditor knew Lehman was using the Repo 105 ‘window dressing’ accounting technique, which enhanced the appearance of its balance sheet for creditors and investors without permanently changing the true amount of asset and liability balances.
The technique is not always illegal or fraudulent but the report issued by Lehman bankruptcy examiner Anton Valukas earlier this year said that E&Y’s activities were almost ceetainly misleading and that it could be guilty of “professional malptractice”. The firm is thought to have earned around US$100m in auditing fee work for Lehman between 2001 and 2008.
Cuomo, who is shortly to leave his position to become New York State Governor, is also thought to have been looking into other banks’ use of window dressing techniques as part of a wider investigation.
Lehman Brothers collapsed in September 2008 due to high-risk real estate transactions and a huge debt burden, which Valukas said it had attempted to conceal from investors.
UK accounting regulator the Financial Reporting Council, said earlier in 2010 that it was investigating Ernst & Young’s auditing of Lehman’s Repo 105 transactions.
US$7bn settlement for Madoff victims
The investor victims of Bernard Madoff could get up to half their money back after the widow of one of the biggest beneficiary of his massive fraud said she would return US$7.2bn of the proceeds he had withdrawn from his Madoff accounts.
The money will be returned by the widow of Jeffry Picower, 67, who drowned after having a heart attack in the swimming pool of his beachfront Palm Beach, Florida mansion in October 2009.
So far court-appointed trustee Irving Picard has only managed to claw back about US$1.55bn from Madoff’s fraud, which on paper amounted to US$65bn, although the actual cash losses amounted to about US$20bn.
However, with the Picower money and other recent settlements, including US$625m from Boston philanthropist Carl Shapiro, the Department of Justice will now have nearly US$10bn to distribute to victims – about half of the US$20bn that Picard says investors originally placed with Madoff.
The Picower settlement is
the largest so far in the Madoff case. It represents all the omney Picower
and his wife withdrew from Madoff accounts over nearly 40 years.
His widow Barbara said she was handing over the entire US$7.2bn — even though she believed their legal liability was only US$2.4bn — because that is what her late husband would have wanted.
“I am absolutely confident that my husband Jeffry was in no way complicit in Madoff’s fraud and want to underscore the fact that neither the trustee nor the US attorney has charged him with any illegal conduct,’’ she said in a statement.
Picard had sued Picower in spring 2009, accusing him of accepting investment returns from Madoff that in some years exceeded 950%. However, after news of Barbara Picower’s action, he distanced himseld from allegations that Picower knew about Madoff’s Ponzi scheme.
“With the benefit of additional records, I have determined that there is no basis to pursue the complaint against Mr. Picower,’’ Picard said.
Argentina has been given a critical report on its measures to combat money laundering and terrorist funding by the Financial Action Task Force.
The international anti-laundering watchdog says that Argentina has not made adequate progress in addressing a number of deficiencies identified since it was previously inspected in June 2004, and the legal and preventive AML/CFT measures that are in place lack effectiveness.
The report was so negative it means Argentina could become the first G20 nation to go on the FATF’s blacklist of non-compliant countries and territories in the fight against money laundering. It has been given ten months to fix its system.
The FATF says it
will closely monitor promised reforms before deciding whether to put
Argentina on the list next year.
The Task Force has recommended nearly a thousand changes for Argentina to implement, where the large cash economy provides opportunities for criminals to conceal the sources of their money. Failure to comply could lead to closer monitoring of international transactions, raising the costs of doing business in Argentina.
“Any country that fails to comply is classified with a grade of risk, to alert the global financial system," said FATF president Luis Urrutia of Mexico.
Argentina will present its action plan in February, and by late 2011 Urrutia said the task force should have more of the information needed to decide if the country should be blacklisted.
Urrutia said he met with government ministers, Central Bank authorities, lawmakers, judicial officials and the head of Argentina's money-laundering-control agency, and came away optimistic about the country's ability to improve its system.
"The first step is already being taken by Argentina: the commitment to address these challenges," Urrutia said. "It's still too early to speculate about the decisions we'll have to make. In June we'll have a better idea and in October something more concrete."
The FATF report summarises the anti-money laundering (AML)/combating the financing of terrorism (CFT) measures in place in Argentina as of the time of task force’s on-site visit of 16-27 November 2009, and shortly thereafter. It sets out Argentina’s levels of compliance with the Financial Action Task Force (FATF) 40+9 Recommendations.
This is the FATF’s third mutual evaluation of Argentina (and second joint FATF/GAFISUD evaluation of Argentina). The report said the ineffectiveness of the current AML/CFT measures is complicated by a lack of adequate coordination, overlapping jurisdictions of a number of domestic agencies, and varied and inconsistent requirements vertically through the levels of applicable regulatory texts for each financial sector and horizontally across the various financial sectors.
Key recommendations the FATF makes to Argentina include:
- Address the technical shortcomings in the ML and FT offences and more proactively target ML and proceeds of crime investigations
- Enhance the framework for freezing FT-related assets
- Enhance the FIU’s authority to process cases regarding all predicate offences and all money laundering activities
- Update financial sector laws to specifically provide for AML/CFT supervision and sanction and enhance the ability to cooperate internationally
- More effectively supervise financial institutions; harmonise and update CDD requirements for financial institutions
- Extend AML/CFT requirements to financial institutions and DNFBPs that are not covered and create an effective monitoring framework for the latter
- Provide adequate resources for the all relevant AML/CFT agencies, and provide more authority to Argentina’s National Coordination Representation office to more effectively coordinate AML/CFT policies.
Accountants banned over boiler room scam
Two UK chartered accountants have been fined and banned for their involvement in a boiler room fraud.
Paolo Maranzana and Laurence Finger, accountants for
Sedley Richard Laurence Voulters’ (SRLV), received the penalties
from regulator the Financial Services Authority.
Maranzana was fined £105,000 and has been banned from working in financial services. Finger was fined £35,000 and has been banned from being a Money Laundering Reporting Officer. SRLV, which was authorised by the FSA, was fined £163,140.
In May 2008 SRLV was instructed by Natrocell Shareholders Limited (NSL) to assist with a fund raising by receiving and dispersing money through its client bank accounts and providing company secretarial and registrar services through its sister company. Maranzana, was the relationship partner for NSL and Finger was SRLV’s Money Laundering Reporting Officer.
To assist with the fundraising, NSL used the services of overseas entities to sell shares in NSL to investors. These entities were not authorised by the FSA, or in the countries where they were based, and were in fact share fraud operators (boiler rooms).
The boiler rooms contacted at least 1,262 potential investors. The FSA says some were subjected to high-pressure selling techniques to encourage them to buy shares. They paid over £2.5m into bank accounts operated by SRLV and significant sums were subsequently paid out on the instructions of NSL as commission to various boiler rooms rather than going to NSL.
Without the involvement of firms like SRLV, the FSA says boiler rooms would not be able to operate effectively. The regulator added that despite warning signs of possible financial crime by the boiler rooms, Maranzana and SRLV continued the disbursement of monies to the boiler rooms and their associates.
Margaret Cole, managing director of enforcement and financial crime, commented: "Authorised firms and their employees have an important role to play in combating financial crime. This means that they cannot turn a blind eye when they see warning signs that their clients might be involved in financial crime. In this case, the failures by SRLV, Finger and Maranzana to carry out their responsibilities had an impact on consumers who have probably lost their money by investing through boiler rooms."
Maranzana and Finger agreed to settle at an early stage and therefore received a 30% discount under the FSA's executive settlement procedures.
The penalty also includes the disgorgement of £9,140 in fees generated by SRLV over the period of the activity.
Four ex-employees of jailed
fraudster Bernard Madoff have pleaded not guilty to charges that they
conspired in his crimes.
A judge ordered a fifth employee, Madoff’s secretary of over 40 years Annette Bongiorno, to also stand trial with them in New York.
Bongiorno was named in a new indictment along with back office worker Joann Crupi, former operations boss Daniel Bonventre and computer programmers Jerome O'Hara and George Perez.
US District Judge Laura Taylor Swain said she will consider letting her stay out of jail on bail if she hands over US$2.4m in cash plus whatever remains of about US$3.8m that her husband withdrew from a Madoff account over several 30 years.
Bongiorno’s lawyers had objected to identifying the location of the cash due to concerns that prosecutors will try to seize it.
The new indictment alleges
that Bongiorno and Crupi executed trades in the accounts of wealthy
clients only on paper, which achieved annual rates of return that had
been predetermined by Madoff.
Prosecutors allege that Bongiorno deposited about US$920,000 in her own Madoff account from 1975 to 2008 and took pout over US$14m in investor funds over the same period to pay for expensive houses and other luxuries.
Daniel Bonventre’s lawyer Andrew Frisch, told the judge he plans to file a motion to have his client’s case tried separately from the others four to avoid delay.
Madoff's brother Peter and
son Andrew, who were executives in the Madoff firm's investment and
proprietary-trading business are still under investigation. Neither
has been charged.
Madoff's eldest son Mark hanged himself on December 11 after also coming under investigation.
The number of fraud attempts in European online trade has declined slightly, according to a new survey.
The E-Commerce Report 2010 by Deutsche Card Services found that, in the case of the most popular e-commerce payment method – the credit card – fewer chargebacks after a cardholder complaint were caused by fraud attempts.
The report says this is evident from the fact that the share of chargebacks due to the purchase not being authorised by the cardholder or that the card was not presented fell by 7%. In contrast, the number of chargebacks stemming from logistical and formal failures during the transaction has increased. At 0.34%, the chargeback ratio is still low, and below the current shoplifting ratio in stationary business (0.5%).
The study found that improper use of cards, such as ones that have expired, is the main reason for transaction rejections.
risk higher for men
The non-payment risk is higher for men than for women if card payments or direct debits are used. While the difference between the sexes amounts to only 0.04% for the chargeback ratio, it rises to 1.217% for direct debit chargebacks. Interestingly, the MasterCard chargeback ratio is 0.07% higher than the Visa ratio if men have made the purchase in question. In contrast, the ratios for women are virtually identical.
risk in British shops
The non-payment risk is higher for both British shops and British customers and is above the European average. One reason why British merchants are attractive to international customers is that there is no language barrier. Unfortunately, the report says that encourages online fraudsters, too. It found that using the 3-D Secure security technology helps, and the non-payment risk declines to 0.12% if online merchants use 3-D Secure.
The further, slight decline in the chargeback ratio (to 2.735%) went hand in hand with an overall decline in the importance of direct debits in e-commerce. The main reason is that fewer direct debits were rejected by the credit institutions on the grounds of insufficient funds on the accountholder’s account.
According to Deutsche Card Services, the share dropped from 71.41% to 66.28%. Encouragingly, fewer expensive direct debit chargebacks occurred due to differing or wrong account numbers or accountholder names or on the grounds that the account was a savings account. Direct debits from a savings account are not possible.
The equation “higher transaction value = higher non-payment risk” applies to all card payments in e-commerce and, with one exception, to direct debits. According to the study, the direct debit chargeback ratio is highest for the transaction value category of Eur100 – Eur500 (3.348%). The direct debit chargeback ratio drops to 1.370% for luxury goods worth more than Eur500.
The E-Commerce Report by the Deutsche Ban subsidiary analyses purchasing and payment behaviour and non-payment risks in online trade and has been published since 2002.
The brokers include
Patrick Cruickshank, who was informed in May by the Securities and Exchange
Commission that he may be sued for fraud, Finra disciplinary records
Cruickshank is now a registered financial adviser with IMS Securities in Austin, Texas. The SEC is considering taking action against him for alleged securities law violations at the financial services company founded by Stanford.
Cruickshank denies wrongdoing and insists he was a victim in the case along with his clients having lost money he personally invested in Stanford International Bank (SIB) products.
The SEC has also notified Danny Bogar, former head of the Stanford Group broker-dealer unit, that it may sue him as part of its investigation, according to a report in the Financial Times.
In May, Lloyd’s of London lawyer Neel Lane, who deals with requests for directors’ and officers’ insurance coverage by former Stanford brokers and executives, told a judge in Houston that four ex-executives had been notified by the SEC that they might be sued in connection with the Stanford investigation.
Stanford was accused in June last year of running a US$8bn investment fraud through his banking operation.
The regulators’ attention to the brokers marks an expansion of the investigation which has so far centred on Stanford, four other senior former SIB executives and an Antiguan regulator.
Stanford denies the allegations and his court case is due to start in January next year, though his lawyers claimed this month that he was too heavily medicated to face trial.
Former Stanford chief financial officer James Davis has pleaded guilty to the charges against him and is co-operating with the investigation. Others accused have denied any wrongdoing.
Goldman Sachs programmer convicted over code theft
Former Goldman Sachs
employee Sergey Aleynikov has been convicted by a US court of theft
of trade secrets and transportation of stolen property.
The 40-year-old Russian-born programmer was found guilty by the Manhattan jury of stealing a proprietary code from the investment company’s high-frequency trading platform to build a trading system in July 2008 for his new employer Teza Technologies after having been offered US$300,000 in salary, US$700,000 in bonus money and a profit-sharing cut by Teza.
Aleynikov was arrested a year and a half ago, shortly after he left Goldman Sachs for a position with Chicago-based high frequency trading company Teza Technologies.
The court complaint said Aleynikov "copied, without authorization, proprietary computer code belonging to a financial institution in the United States and then uploaded the code to a computer server in Germany."
He was arrested after Goldman Sachs noticed large amounts of data being uploaded from its servers via https transfers. The uploads, 32 MB in total, were ultimately traced to Aleynikov's workstation, the court complaint stated.
Aleynikov is currently free on bail in home confinement, but faces a sentence of 10-15 years in prison when he is sentenced on March 18 next year.
High-frequency trading uses complex computer algorithms to exploit tiny price discrepancies in "rapid-fire trades" by executing the trades at the best possible prces. It has become an major source of revenue and a competitive advantage at investment firms.
The US Justice Department has made the prosecution of high-tech crime a priority.
The European Union is considering adopting increased and uniform criminal penalties for banks that break its financial services laws.
The EU’s executive body the European Commission says higher and more standardised penalties are need because uneven enforcement across the EU’s 27 members is damaging market confidence.
The EC is calling for the possible introduction of criminal sanctions for the most serious violations of EU financial law such as Ponzi schemes and insider dealing.
Announcing the initial proposals in Brussels on December 8, European internal market commissioner Michel Barnier said penalties for market rigging and manipulation should be the same across Europe.
He cited UK regulator the Financial Services Authority's multi-million-pound sanctions as the benchmark. The FSA recently fined Golodman Sachs £17m for not revealing that it was under investigation by US authorities.
Barnier said that national penalties vary hugely across the EU with some as low as Eur150,000, while other impose fines in the multi-millions.
He added: “We are dealing with something to do with whether people are respecting regulations, and if they are not, something needs to be done.
“Traders and those responsible must realise that they will be hit hard if there is malpractice.
The EC is set to announce more detailed proposals in February after a consultation period. Any new system of penalties would need to be approved by national governments in the EU and the European Parliament.
Barnier said that a system of minimum sanctions was the obvious follow-up to moves already made to improve national financial supervision measures with a series of EU-level authorities.
“We are now supervising (financial institutions)
more intelligently, building a whole (supervision) construction in Europe,”
he said. “Week by week we are putting more bricks in the wall,
consulting and listening, because markets move more quickly than the
“We have three (EU) supervisory bodies, plus supervision of systemic risk, with private equity and hedge funds being monitored. We are also looking at credit ratings agencies.
“Sometimes we forget what provoked the financial crisis, and it is important to get the construction in place to stop negative things happening again.”
New allegations against Vatican Bank
Fresh allegations of money laundering and criminal connections have been made against the Vatican Bank.Newly uncovered court documents set out new money-laundering allegations against the Institute for Religious Works (otherwise known as the Vatican Bank). Italian prosecutors claim that the private bank has repeatedly and deliberately ignored EU rules against money laundering, and even acted as front men for the Italian Mafia.
The court documents highlight two unreported transactions, the first in 2009 using a false name and involving a large sum and the second in 2010 involving a withdrawal of Eur650,000 without disclosure of the money’s final destination.
Most of the first amount - Eur20m - was headed for a JP Morgan branch in Frankfurt, with the rest going to an account held at the Italian Banca del Fucino. Prosecutors allege the banks involved ignored regulations stating foreign banks must inform the Italian authorities of the origins of funds transferred.
Previously in September, a team from the Italian financial police seized the £19m from an account at the Vatican Bank after its refusal to comply with AML laws by providing information on the origin and destination of the amount.
The Vatican says the seizure of assets is a ‘misunderstanding’ which it expects to be resolved at an early date.
However, prosecutors claim they have documents which clearly show the bank deliberately contravened money-laundering legislation by hiding the origin, destination and ownership of the money.
He was found hanged in his New York apartment on December
11, exactly two years to the day after Bernard Madoff’s arrest,
and after apparently sending a final email to his attorney saying "no
one wants to hear the truth.”
He had not been charged over his father’s investment fraud, but it had long been suspected that he and his Andrew knew more about the colossal fraud than they claimed – even though it was they who blew the whistle on their father after he confessed about his US$60bn investment fraud.
Last week Irving Picard, the trustee responsible for repaying defrauded investors, issued a lawsuit complaint against Mark, Andrew, Bernard Madoff's brother Peter, and Sonja Kohn over their roles as directors of Madoff Securities International (MSIL), the UK operation of the Madoff business.
According to friends, Mark Madoff feared he would face criminal charges stemming from the lawsuit and also that he would never work again because of the taint of his father’s name.
He is reported not to have spoken to his parents in two years since the fraud came to light, and it is not yet clear whether Madoff senior will be allowed out from prison to attend his funeral.
On the same day as Alex Madoff’s suicide, the deadline for filing lawsuits civil over the Madoff case passed.
David Sheehan, the counsel for Irving Picard, said at least 1,000 civil lawsuits will now go forward to try to recover more than $50bn for victims of the fraud.
Sheehan added that he expected hundreds of these suits to be settled before or soon after they reach court in coming months.
The rest are likely to proceed to trial, he said.
Sheehan said that Mark Madoff’s death would not affect the complaints against him, his brother, Andrew, and other relatives.
over US oil spill claims
Eight people have been charged for fraud over claims of damages connected to the BP oil spill in the Gulf of Mexico.
The Department of Justice filed the charges against people in Louisiana, Alabama, Mississippi, Texas, Michigan and North Carolina for fraudulently seeking money from BP’s US$20bn pool to cover claims from the incident.
One of those charged were Cam Hang from Louisiana, who the DoJ alleges demanded $42,000 for business losses related to a non-existant restaurant. Kevin Hall from Michigan claimed he lost $9,000 at an ice cream stand in Pensacola, Fla., that the DoJ claims is similarly fake.
Charlette Dufray Johnson from North Carolina is alleged to have filed claims in the name of her sister, saying that she worked for a company in New Orleans that suffered losses because of the spill. The sister is deceased. She is also alleged to have filed a dozen other claims totaling nearly $80,000 related to Hurricane Katrina, a California wildfire and storms in Georgia and Tennessee.
Dennis Moore of Mississippi
was charged with mail and wire fraud for allegedly submitting false
documents - including fake tax returns and sales receipts - to make
claims totalling $180,000.
"The charges announced today send a strong message that we will not tolerate any fraudulent activity designed to profit from this tragic oil spill," said assistant attorney general Lanny Breuer in a statement.
"The Department of Justice and federal law enforcement agencies are placing a high priority on the prompt investigation and prosecution of all forms of fraud related to this disaster."
The sentence for 72-year-old Tanzi comes after a seven-year case prosecuting the fraud at the company that left it Eur14bn in debt when it went filed for bankruptcy in December 2003
The case is one of Europe’s biggest corporate bankruptcies and destroyed the savings of 130,000 investors around the world.
Investigators found that the group had been in trouble for many years,
and had disguised its problems through major falsifications of its balance
sheets and by the use of sophisticated financial instruments.
“Parmalat was the symbol of a sick system and the biggest debt factory of European capitalism,” investigator Lucia Russo said during the trial.
The court in Parmalat’s northern Italian home town of Parma said
Tanzi and 14 other former executives sentenced with him will have to
pay Eur2bn back to the company, which has subsequently emerged from
They will also have to compensate the defrauded investors who were plaintiffs in the trial with around Eur30m. The compensation figures was described as “very disappointing” by one of the investors who attended the hearing.
Tanzi’s lawyers said they would be appealing the verdict. Prosecutors, who had been looking for a 20-year sentence, said they were happy with the court’s decision.
In a separate trial in Milan, Tanzi has already been given a ten-year jail term for stock market manipulation. An upcoming appeals hearing will decide whether or not he will serve time for that sentence.
Among the 17 defendants who were on trial, Parmalat’s former
financial director Fausto Tonna was also sentenced to 14 years in prison
and Mr Tanzi’s brother Giovanni got 10 and a half years. Two men
When it collapsed in 2003, Parmalat employed around 36,000 people and its range of subsidiaries included the Parma football club and a tourism operation. It now has around 14,000 employees in 15 countries including Australia, Canada, South Africa and in South America.
The company was restructured after the banktruptcy and re-listed on the Milan stock exchange in 2005.
transactions “unaffected” by Wikileaks attacks
MasterCard insists core payments business has not been damaged
As the payments networks assessed the damage from the attacks on their websites by Wikileaks supporters, Visa said transactions using its Verifiedby Visa internet security protocol had not been affected.
The situation regarding MasterCard remains somewhat confused, with reports that some cardholders had been unable to use its SecureCode system to authenticate internet transactions – although it has not been established if this was due to the “hacktivist” group of WikiLeaks supporters that tags itself Anonymous.
In a statement MasterCard said its core processing capabilities “have not been compromised and cardholder account data has not been placed at risk. While we have seen limited interruption in some web-based services, cardholders can continue to use their cards for secure transactions globally."
The network added that it has made “significant progress” in restoring full-service to its corporate website.
Visa said in a statement that there has been “no impact whatsoever in making a payment with Visa either online or in-store."
A Visa Europe spokeswoman told Card World that “VerifiedbyVisa is working” and transaction processing had not been affected by the attacks.
She added that both the Visa Inc (www.visa.com) and Visa Europe (www.visa-europe.com) websites had been targeted in the denial of service attacks, but access to them was improving: “What we’ve been seeing is heavy traffic to the sites which has led to intermittent access. We are trying our best to prevent the attacks and the situation seems to be improving.”
The spokeswoman confirmed that it was the bank-owned association Visa Europe that took the action to stop payments to Wikileaks rather than US-based Visa Inc. She added that internal discussions are currently taking place into whether the payments ban should be lifted or maintained.
Businesses that have attracted the WikiLeaks protestors’ ire seem to have been targeted in order. So far the two card networks have been hit along with Amazon, PayPal and PostFinance (the Swiss bank which closed WikiLeaks founder Julian Assange's account earlier this week).
Next on the list could be Facebook and Twitter which have removed the Anonymous group from their sites and have been accused of censorship.
PayPal has denied claims that is came under direct pressure from the US government to stop payments to WikiLeaks.
Its general counsel John Muller says the firm "restricted the account based on our Acceptable Use Policy review".
He added that, while the account will remain restricted, PayPal will release all remaining funds in the account to the foundation that was raising funds for WikiLeaks.
WikiLeaks’ payment processor, Iceland-based DataCell, says it is preparing to sue Visa and MasterCard over their refusal to process donations to the whistleblowing website.
DataCell CEO Andreas Fink said he would look to have the case heard in a court in London, where Visa Europe is based.
and Visa websites taken down by WikiLeaks supporters
Devastating cyber-attacks follow bans on payments to whistleblowing site
MasterCard and Visa's websites have been brought down by vengeful hackers in support of the Wikileaks website and its beleagured founder Julian Assange.
In an onslaught of "hacktivism" the websites of epayments players Amazon and PayPal also came under attack and the Swedish government's website was brought down. Five thousand loosely grouped hackers around the world are thought to be behind the incidents, which have graphically demonstrated how vulnerable commercial websites are to attack.
The MasterCard website could not be accessed on the afternoon of December 8 following the attacks, and later in the day Visa's site went down as well.
The attack on MasterCard's site seems to have affected the SecureCode online payment authentication system. When consumers on eshopping sites were redirected to the SecureCode site it was not authorising card payments so the transactions were completed without using the protocol.
Distributed denial-of-service (DDoS) attacks also appeared to have been launched against PayPal, PostFinance (the Swiss bank which closed Assange's account earlier this week), and the Swedish prosecutors office, which is attempting to extradite Assange from the UK on rape charges.
MasterCard and Visa - along with Amazon and PayPal – had imposed a ban on transactions involving Wikileaks. Visa was reportedly acting under strong pressure from the US government in introducing its ban.
The loose-knit group of activists, which calls itself Anonymous, claimed responsibility for the MasterCard attack, stating on their Twitter account: "We are glad to tell you that www.mastercard.com is down and it's confirmed."
The group has warned:
"We will fire at anything or anyone that tries to censor WikiLeaks,
including multibillion-dollar companies such as PayPal."
PayPal confirmed that there has also been an attempted denial of service attack on its website. DDoS attacks involve overloading a website with requests to stop it from functioning.
In the wake of the major payment companies' bans, Swedish-based micropayment system Flattr said on December 8 it would be continuing to channel donations to the WikiLeaks organization.
WikiLeaks launched its own attack on the payment networks today by releasing a state department cable indicating that the US lobbied Russia earlier this year on behalf of Visa and MasterCard in an attempt to ensure the companies’ payments business was not adversely affected by new legislation passing through the Duma.
According to the cable from US diplomats dated February 1 this year, the government’s explicit aim was to ensure the new law did not disadvantage the two US companies.
The cable states that the Obama administration raised the payment networks’ concerns with senior Russian government officials. Earlier this year Russia announced plans to create a new National Payment Card System (NPCS) that would collect all credit card fees on domestic transactions, which threatenes to cause a major loss of revenue for Visa and MasterCard.
MasterCard would not confirm that customers had been affected, but said in a statement that it had suffered "a service disruption to the MasterCard Directory Server." It added that "customers may still be experiencing intermittent connectivity issues."
It described the incident as "a concentrated effort to flood our corporate web site with traffic and slow access. We are working to restore normal service levels. There is no impact on our cardholders’ ability to use their cards for secure transactions globally.
Visa said its website was experiencing "heavier than normal traffic". The Visa.com website was still inaccessible this morning (December 9), while www.mastercard.com was back online. Visa Europe has so far not responded to a request from Card World or comment.
Alan Bentley, senior VP international of global security firm, Lumension, said that the attacks on the payment company websites shouldn’t surprise anyone, since WikiLeaks has a strong following amongst the hacker community. He said it was “inevitable” that there was going to be some form of backlash.
“Many disgruntled hacktivists will be seeking revenge on behalf of the whistleblowing website and it is highly likely that this will be the first in a series of attacks on businesses such as Amazon, PayPal, Visa and Swiss Bank, all of which withdrew services to Wikileaks over recent days,” said Bentley. “The Wikileaks saga is undoubtedly set to continue for some time and all organisations involved will want to beef up their security efforts in a bid to protect themselves from the wrath of the ‘hactivist’ community."
The Anonymous group said in a statement on its website that the attacks were part of ‘Operation: Payback’, adding: "We want transparency and we counter censorship... This is why we intend to utilise our resources to raise awareness, attack those against and support those who are helping lead our world to freedom and democracy."
Directors of the London operation of Bernard Madoff’s investment company are being sued by US liquidators looking to recover funds from the fraudulent operation.
The naming of all the UK directors in a lawsuit comes after the February decision of the Serious Fraud Office to not take any action against Madoff Securities International (MSIL) or its directors. The SFO said at the time there was "insufficient evidence” to provide a realistic prospect of conviction.
MSIL has until now avoided any legal action resulting from Madoff’s huge bPonzi scheme, even though £1bn worth of Mr Madoff’s funds passed through the UK in a year. The high court complaint is attempting to recoup US$80m.
Irving Picard, the court-appointed trustee for the liquidation of BLMIS [Bernard L Madoff Investment Securities, the main US firm], said: "MSIL was part of Madoff's global shell game. Funds stolen in the Ponzi scheme travelled around the world, but ultimately ended up in the pockets of Madoff, his family and confederates like Sonja Kohn. The London operation was a critical piece of the facade of legitimacy that Madoff constructed to conceal BLMIS's lack of actual trading activity."
The complaint names Madoff's brother Peter, and his sons Mark and Andrew and Sonja Kohn.
It brings personal claims against the directors and officers for “breaching their duties to MSIL, in part by making fraudulent payments to various Madoff-related entities, including payments for luxury goods and services enjoyed by Bernard Madoff and the Madoff family”. The complaint adds that these luxury goods included a yacht, a home in the south of France and an Aston Martin car.
The latest lawsuit emerged on the same day as Picard raised his previous claim against Swiss bank UBS to $2.5bn, an increase of $550m, which was another in a string of other new cases that have been filed as the statute of limitations deadline for such claims nears on 15 December.
Picard is also targeting international banks and said earlier this week that he will sue HSBC and others for $9bn in New York, for ignoring warning signs about Madoff’s fraud.
Picard has also now increased his previous claim against Swiss-based UBS by US$550m to US$2.5bn. A $6.4bn suit has also been filed against JP Morgan. All the banks deny the claims Picard is making against them.
Fraud cases reduce after China-Taiwan agreement
Fraud cases in Taiwan have substantially reduced after a co-operation agreement between the island and China, it is claimed
The two countries signed the third Chiang-Chen agreement just over a year ago, vowing to provide mutual legal assistance in fighting cross-strait crime.
A spokesman for Taiwan’s Criminal Investigation Bureau (CIB) says the agreement has resulted in highly effective and successful bilateral cooperation, reducing the number of fraud cases per year from an average of 40,000 to under 29,000.
Lin De-hua said the gradual decentralization of police authority and
the willingness of both sides to work closely together have made significant
strides in the race to reduce crime.
He added that as a result of the CIB and Sichuan authorities working more closely together, one of the largest cross-strait fraud rings was uncovered late last year. After that, a succession of cases resulted in the arrest of over 500 people at once.
Lin said that, since the agreement was signed, over 5,000 people have been held under suspicion of committing fraud, reducing the number of fraud cases by around 11,000.
He said the number of fraud cases is expected to decline this year to 28,000 from 29,000.
Aside from fraud, the two sides say they have also successfully cracked down on corporate crimes and mob activities, resulting in the extradition of some high-profile offenders from the mainland to Taiwan.
It adds that intelligence and enforcement agencies tracking suspicious transactions have also found growing usage of credit and debit cards to draw huge amounts of cash which are later channelled into terror activities.
The FIU, which received more than 17,000 Suspicious Transaction Reports (STRs) during the 2009-10 financial year, voiced its concerns over the ATM incidents in a 66-page report to the Finance Ministry. The unit followed up these suspicious transactions with central security agencies to try and trace the individuals involved.
A senior Finance Minsitry official commented: "The ATMs have emerged as the new gateways for terror funding. The trend seen is that one source remits the money from within the country or abroad and multiple individuals withdraw it from one or multiple locations. Such accounts, when detected, were immediately frozen by the government under provisions of the Unlawful Activities Prevention Act.”
Withdrawals from ATMs reduce the chances of detection
of terror agents by police and intelligence agencies, the official added.
To illustrate the nature of ATM laundering problem, the FIU gives the example of a report that was received from a bank on transactions in a savings account in a district in Kerala. The account showed cash deposits below Rs50,000 across several branches in Kerala and Maharashtra, followed by withdrawals through ATMs.
The report was passed to an intelligence agency which found that the subject had gone to one of the Gulf countries for employment and had started his own business in flowers and curtains in Kerala on his return.
Analysis of two bank accounts of the man and his son revealed remittances from the Gulf and immediate cash withdrawal from an ATM at Hyderabad. Investigations showed business connections with an accused who was in police custody for involvement in a pipe bomb case. The money was withdrawn from Hyderabad-based ATMs by an associate of the accused and was allegedly used to facilitate terrorist activities.
Officials in economic intelligence units said they are also investigating instances of Nepal-based credit cards being used to withdraw huge sums of money from ATMs in the Indian states of Jammu and Kashmir.
49,000 over boiler room frauds
Biggest ever ‘master list’ of potential victims found
The UK’s Financial Services Authority says it is contacting thousands of people to warn them they could become victims of share fraud after it recovered its biggest ever ‘master list’ used by boiler room fraudsters.
The list contains the names, addresses and telephone numbers of 49,387 people and includes potential victims who the financial regulator believes may have been contacted out of the blue and offered worthless shares.
The greatest concentration of targets is in London, with a significant number also based in Scotland and the South East of England. The list is thought to still be in use by fraudsters operating in the UK and abroad and is likely to have been circulated between different boiler room networks.
The FSA says it is writing to every person on the list to alert them to their presence on it and to advise them how to avoid getting defrauded.
Margaret Cole, the FSA’s managing director of enforcement and financial crime, commented: "So far this year we have contacted 95,000 people across the UK to warn them about the risks of investing via boiler room fraudsters.
"Boiler room fraudsters often sound like the real deal so it’s easy to be drawn in by their professional and high pressure sales tactics. In reality however, the shares are worthless or don’t exist and the money is lost forever."
The FSA recovered the list via its intelligence work with counterparts in the United States, Homeland Security Investigations (formerly known as Immigration & Customs Enforcement), and the Internal Revenue Service - Criminal Investigation (IRS-CI).
Boiler room (share) frauds, usually involve contacting people by telephone to fool them into investing in non-tradable, overpriced or even non-existent shares. These fraudsters are unauthorised, normally overseas-based companies with fake UK addresses and phone lines routed abroad.
The US Financial Crimes Enforcement Network (FinCEN) is proposing new rules that would require non-bank mortgage lenders to establish anti-money-laundering compliance programmes and to file suspicious activity reports (SARs).
Under current rules only banks and insured depository institutions are required to file SARs. The proposals would cover institutions such as mortgage brokers and mortgage lenders not affiliated with banks, who currently do not have AML and SAR filing obligations.
FinCEN says SARs are a critical source of information for law enforcement in investigating and prosecuting mortgage fraud related crimes. FinCEN believes that new regulations requiring non-bank residential mortgage lenders and originators to adopt AML programs and report suspicious transactions would be consistent with those business’s due diligence and information collection processes to assess creditworthiness in lending, and could augment FinCEN’s initiatives in this area.
FinCEN says that additionally, the effectiveness of these proposed AML/SAR regulations may be enhanced by new rules imposed under the Secure and Fair Enforcement for Mortgage Licensing Act of 2008 (SAFE Act) that require development of a nationwide licensing system and registry for certain mortgage professionals.
“These lenders and originators generally deal directly with consumers. As important mortgage finance providers they are ideally positioned to assess and identify money-laundering risks and possible mortgage fraud,” commented FinCEN’s James Freis. “This protects both their business interests and their customers from the abuses of fraud and financial crime.”
FinCEN was sent around 1.28 million SARs in 2009, according to its semi-annual report, a decrease of about 10,000 on 2008.
“We have been talking with FinCEN about this for a while and will work with them on implementation, ensuring it is not overly burdensome for non-bank lenders,” said John Mechem, VP of public affairs at the Mortgage Bankers Association. “We support the use of SARs to help root out fraud, particularly fraud against mortgage lenders.”
Computers removed in anti-corruption investigation
Police have raided
the headquarters of Ghana’s football association the GFA as part
of an anti-corruption investigation.
Officers from the country’s Serious Fraud Office prevented GFA staff from leaving or entering the premises in Accra as they searched for documents and removed mobile phones and computers from the building.
A spokesman for the GFA said that police wanted to examine documents relating to sponsorship agreements between the association and various corporate bodies.
Local media reported that recent controversies about the activities of the GFA, especially in respect to the US$15m Glo sponsorship of the Ghana Premier League, has led to calls for the GFA to be investigated.
Some of the computers removed belonged to GFA president Kwesi Nyantakyi and his secretary, as well as the General Secretary and other senior officials within the association.
The Serious Fraud Office’s Economic and Serious Crime Unit had written to the GFA in October to request details of the corporate agreements, but the GFA had responded by saying that the timeframe was too short.
The raid by authorities comes a week after world football governing body FIFA warned the Ghanaian government of potential sanctions if it continued to interfere in the administration of the country's football.
FIFA claims the government has been putting the GFA under pressure over a number of issues, including trying to impose former player Abedi Pele as a candidate for a vacant Confederation of African Football despite the GFA's opposition to his appointment.
HSBC has been sued for US$9bn by the court-appointed New York trustee trying to recover losses for victims of Bernard Madoff’s Ponzi scheme.
Irving Picard has initiated a lawsuit against the UK-based bank in the US Bankruptcy Court for the Southern District of New York. The suit alleges 24 counts of fraud and misconduct and claims that HSBC’s conduct helped fuel Madoff’s US$65bn investment fraud.
The lawsuit against HSBC is the thitd lodged against
a bank for conduct over the Madoff case. A US$6.4bn claim was filed
earlier this month against JPMorgan, which followed a US$2bn claim against
Picard says HSBC helped channel over US$8.9bn to Madoff through a dozen feeder funds based in Europe, the Caribbean and Central America.
He says the bank ignored warnings from its own accountants that Madoff’s huge claims regarding the returns on investment from his fund were suspect.
"Had HSBC and the defendants reacted appropriately to such warnings and other obvious badges of fraud... the Madoff Ponzi scheme would have collapsed years, billions of dollars, and countless victims sooner," said Picard.
The lawsuit names other defendants in the filing, including the management companies and providers of the feeder funds.
HSBC has so far not commented on the lawsuit.
A cable sent from the US Embassy in Argentina describes the country as becoming awash in laundered drug money due to the lack of action against organised criminals
The December 2009 cable is one of thousands of documents so far published by the WikiLeaks website of previously secret US government communications and documents.
The dispatch from the Embassy in Buenos Aires, signed by US Ambassador Vilma Martinez, said Argentina’s problem with money laundering goes all the way to the top with president Cristina Fernandez who “stands to lose” if she goes after the criminals.
The cable contains the serious allegation that a key Argentine anti-money-laundering unit has been protecting Fernandez and her husband former president Nestor Kerchner (who died in October this year) from investigation regarding dirty money.
The leaked papers have created a media storm in Argentina and US Secretary of State Hilary Clinton called Fernandez to apologise after the document came to light.
The embassy cable gives a detailed assessment of Argentina’s anti-money laundering efforts and concludes: ""The near complete absence of enforcement coupled with a culture of impunity and corruption make Argentina ripe for exploitation by narco-traffickers and terrorist cells.
"For the most part, [embassy contacts] insist that terror financing is seldom, if ever transacted in Argentina. Most maintain, however, that narcotics-trafficking is becoming a real problem and that, increasingly, the dirty money sloshing through the financial system originates in the drug trade."
The cable quotes Fabio Contini, the Italian who heads the operational review team at international AML watchdog FATF and who has spent over a year in Argentina as the Economic and Financial attaché at the Italian embassy." The documents claims Contini "has a sober view of the [government's money-laundering/counter-terrorism financing] efforts, which he deems little more than a fig-leaf."
It adds that Contini says Argentina's actions "are calculated for minimal compliance with international standards and evince little real enthusiasm for cleaning up the financial system."
Another leaked US document from September 10, 2009, shared unsubstantiated allegations that Fernandez’s cabinet chief was linked to drug traffickers.
A further cable dated December 31, 2009, saw the US
Embassy being asked to find out if Fernandez was taking medicine to
control her mental health.
In the FATF's executive summary of Argentina’s AML regime, published in October, the country earned "noncompliance" or "partial compliance" in almost all categories. The solution the FATF’s summary called for was greater effort in terms of laws and allocations of resources, but the leaked US Embassy documents indicate the country has neither the resources nor - it is claimed - the inclination to seriously tackle the problem.
Wall Street is in the grip of one of the most extensive insider trading probes in its history.
The investigation, whose existence has now been officially confirmed by the US authorities, has already examined some of the most successful hedge fund players in the US.
The pattern of arrests and raids suggests investigators are focused on shadowy 'expert networks' suspected of passing on confidential information.
The fall-out from the US investigation spread to the UK yesterday when the Financial Services Authority, in conjunction with US regulators and the FBI, announced that a former tax partner at Deloitte and his wife have been charged with insider trading.
The couple, Arnold and Annabel McClellan, of San Francisco, were charged with repeatedly leaking confidential takeover information to family members overseas in a multimillion-dollar scheme.
Margaret Cole, the FSA's
managing director, said regulators are 'tightening the net on people
who set out to abuse the markets'.
The direction of the probe is still not fully clear but it appears to be an extension of an earlier investigation into the Galleon Group, a New York hedge fund that collapsed last year after founder Raj Rajaratnam was charged with insider trading.
Of the 23 people arrested in that case, many are said to be cooperating in the current inquiries.
The FBI paid surprise visits last week to three large hedge funds in Connecticut and Massachusetts and the subpoenaed trading records from several others, including industry giant SAC Capital.
Investigators are also looking at Level Global and Diamondback, both multi-billion funds run by former managers at Cohen's firm. Cohen himself has not been named by investigators.
One theory is the authorities are zooming in on firms' use of 'expert networks'. Firms often describe their research as building a 'mosaic' of legitimately-gathered market information. But the authorities increasingly view 'mosaic theory' using 'expert networks' as a cover for insider trading.
Their unprecedented and widespread use of telephone wiretaps - and the willingness of trial judges to accept the recordings into evidence - has made Wall Street highly nervous.
The anxiety may be justified. It's been a decade since Wall Street's last big bust when analysts such as Merrill Lynch's Henry Blodgett offered public assessments of technology stocks that differed wildly from views expressed in internal research reports and emails. In that case, Blodgett was charged with securities fraud by Eliot Spitzer, the New York prosecutor-turned-governor who was brought down in a prostitution probe.
Blodgett, who settled the case, paid US$2m in fines and was barred from trading securities for life, is now editor-in-chief of the Business Insider website.
Legal demands for paperwork relating to trading in Schering-Plough stock before its takeover by Merck & Co in 2009 have already been served on an asset management division of Prudential Financial (the US giant, unconnected to Prudential in the UK), UBS Financial Services, and Deutsche Bank.
The probe threatens to expose the delicate line between legitimately acquired market information-and insider trading.
RBS executives cleared
Report finds series of “bad decisions” prior to crisis
An investigation by the Financial Services Authority has found that there is no evidence of fraud being committed by bosses at the Royal Bank of Scotland in the lead-up to the global financial crisis.
The UK regulator said that RBS made “a series of bad decisions" prior to the crisis in 2008, but added that these were not the result of a lack of integrity by any individual and that it would not be bringing any formal fraud charges.
The FSA’s investigation covered the bank’s decision to rapidly expand its investment banking business, the expensive £49bn acquisition of ABN Amro in 2007 and its 2008 rights issues.
The outcome of the 17-month investigation came under immediate attack from unions and investors for not holding former CEO Sir Fred Goodwin or any other senior executives to account.
Liberal Democrat Treasury spokesman Lord Oakeshott told The Daily Telegraph he had requested that the report, co-written by PricewaterhouseCoopers, should be made public and available to Parliament. The FSA had previously said that it will not be making the report public.
When the financial crisis hit in 2008, RBS made the biggest ever annual corporate loss by a UK company of over £24bn, leading to it having to be bailed out by taxpayers and is now 80% state-owned.
The FSA’s review concluded that the “we did not identify any instances of fraud or dishonest activity by RBS senior individuals or a failure of governance on the part of the Board."
Following the bank’s near-collapse Stephen Hester replaced Goodwin as CEO.
Johnny Cameron, the ex-chairman of the bank’s investment-banking operation, said in May that he had agreed not to hold a major position at a bank or regulated financial company. He now works as a part-time consultant to investment-banking company Gleacher Shacklock.
The United States government has significantly ramped up its efforts to combat counterfeiting and piracy, shutting down dozens of websites linked to the sale or distribution of fake goods, as well as sites that facilitate online file-sharing.
On Monday morning (November 29), U.S. Attorney General Eric Holder and John Morton, director of Immigration and Customs Enforcement, which is part of the Department of Homeland Security, announced the seizures of 82 websites. The new crackdown, part of “Operation In Our Sites v. 2.0,” is aimed at websites that sell counterfeit goods like fake scarves and golf gear, as well sites that facilitate what the government deems to be illegal music piracy, officials said. The announcement appears timed to coincide with Cyber Monday, the start of the holiday online shopping season.
“Intellectual property crimes are not victimless,” Holder said in a statement. “The theft of ideas and the sale of counterfeit goods threaten economic opportunities and financial stability, suppress innovation and destroy jobs.”
According to Wired.com, the list of seized domains is dominated by sites dealing in tangible goods, with addresses like realtimberland.com and louis-vuitton-outlet-store.com. Scattered among them are a handful of music or movie sites, including filespump.com, thepiratecity.org, planetmoviez.com, and the torrent search site torrent-finder.com. (A complete list of the sites seized by ICE is at the bottom of this post).
Federal law enforcement agents made undercover purchases from a variety of sites, according to Holder. For items confirmed as counterfeit or infringing, agents won seizure orders against the sites’ domain names from U.S. magistrate judges.
Visitors to the closed websites are now greeted with the following message from ICE: “This domain name has been seized by ICE — Homeland Security investigations, pursuant to a seizure warrant issued by a United States District Court under the authority of 18 U.S.C. §§ 981 and 2323.” Those two sections of the federal code describe civil seizure.
“The sale of counterfeit U.S. brands on the internet steals the creative work of others, costs our economy jobs and revenue and can threaten the health and safety of American consumers,” Morton said.
The latest domain name seizures
represent a substantial escalation of law enforcement activity from
“Operation Our Sites I”, announced last June, in which nine
domains were seized because they allegedly allowed users to stream first-run
movies over the internet.
The domain name seizures have alarmed some civil liberties and free speech advocates: in at least some of the closures the proprietors of the targeted websites were not given advance notice of the action, and had no opportunity to challenge the seizure in court.
The operator of torrent-finder.com, one of the shuttered websites, told news agencies that he was given no advance notice of the seizure of his web address.
“My website does not even host any torrents or direct-link to them,” Waleed GadElKareem, who is based in Alexandria, Egypt told the New York Times by e-mail. GadElKareem said he only links to other websites. “I am sure something is wrong!”
GadElKareem quickly re-opened his website at torrent-finder.info.
The crackdown comes as Congress mulls a bill called the Combating Online Infringements and Counterfeits Act (COICA), which would allow the government to shut down websites that are “dedicated to infringing activities.”
COICA was approved unanimously by the Senate Judiciary Committee, but Sen. Ron Wyden (D-Oregon) has said he will exercise his right to block the bill, meaning it is effectively dead until the next legislative session begins in early 2011. Legal experts, technologists, and civil liberties groups have denounced the bill, saying it makes it too easy for the feds to seize a website and puts the U.S. on course to censor the internet.
Billions of Euros in EU funding is being misused and often ending up the hands of criminals according to new research.
The EU has allocated Eur347bn to be distributed under its regional development programme from 2007-2013.
MEPs have this week called for the funding to be cut off to regions where the money is misused.
In Italy the Mafia are alleged to be getting hold of generous handouts intended to fund the development of wind farms in the country.
Between 2005 and 2009 Italian police said that they investigated more than 4,700 cases of misuse of EU funds, suspected to involve Eur2.1bn worth of fraud. More than 50% of the cases involved structural funds, and 2,200 suspects were identified.
The Bureau of Investigative Journalism, which has created a database tracking the distribution of the EU’s Structural Funds, says that Italy’s most dangerous Mafia – the ndrangheta - has become an expert at getting hold of the funding.
The Bureau, a not for profit UK-based organisation which has produced its figures in partnership with the Financial Times, says that only 10% of the Eur347bn budget for 2007-2013 has so far been spent on the projects it was intended for. The German Press Agency dpa reported that internal EC figures it had seen showed that Romania (11%), Italy (13.2%) and Malta (14%) have been the slowest in spending EU funding.
Part of this delay in spending has been attributable to the need for governments in recession-hit countries to match, at least in part, the funding they have been given.
The Bureau says its database also reveals that:
· A “decentralised, cumbersome and weak” system allow fraud and misuse of funds which is rarely punished
· Millions of euros are given to multinational companies to help them move factories within the EU despite guidelines discouraging this practice
· Funds have been used to finance a hotel building boom on protected nature reserves in Spain
· The lack of thorough
checks means money is being wasted
· Some of the world’s biggest companies are receiving funding despite the programme being aimed at small and medium-sized firms.
German Liberal MEP Jorgo Chatzimarkakis this week asked why the EC persisted in sending funding to assist projects in regions where spending had repeatedly been shown to be rife with the risk of fraud and misuse.EC spokeswoman Pia Ahrenkilde admitted that “irregularities and fraud do exist and this is, of course, regrettable.” She added that their incidence had been reduced to about 5% in 2010, compared to 17-18% in previous years.
The EC says that it is increasingly making temporary halts in payments to regions that fail to offer sufficient assurances over the use of funding.
Negotiations between the EC and national governments on the bloc's next multi-annual budget for 2014-2020, are due to start next year.
South African ML body gets more powers
South Africa’s anti-money laundering body, the
Financial Intelligence Centre (FIC), has been given greater powers
The Financial Intelligence Centre Amendment Act, 2008 comes into effect today (December 1), introducing a number of amendments to the 2001 Act.
"These amendments bring about a significant change to the legislative framework of the FIC as it broadens our functions and those of supervisory bodies to ensure greater compliance," said FIC director Murray Michell.
"It also strengthens our ability to detect and to prevent illicit monies from being laundered through our financial system."
The changes give the FIC various administrative measures to ensure compliance, including the power to impose fines. The amendments also require all accountable and reporting institutions to register with the FIC between December 1, 2010 and March 1, 2011.
The FIC was established to identify the proceeds of unlawful activities and combat money laundering and terror financing. It provides information, when required, to the SA Revenue Service and intelligence agencies to follow up.
continues to rise
Eleven European countries report increases
The increase in European ATM skimming incidents in the first half of 2010 is continuing, with eleven countries reporting increases in the third quarter of the year and only four countries seeing decreases.
The figures from the European ATM Security Team (EAST) found that one un-named country has reported that instead of maximising fraudulent cash withdrawals at a single ATM, criminals are now visiting more ATMs and using fewer cards at each site. A new type of analogue skimming device, using audio technology, has been reported by five countries.
The trend of the majority of losses due to skimming occurring outside of EMV liability shift areas continues. Since the beginning of 2010 EAST members have reported such losses in 25 countries outside of the Single Euro Payments Area (SEPA), and in 12 countries within SEPA. The main criminal groupings engaged in skimming at ATMs in Europe continue to be Romanian and Bulgarian nationals, and activity has also been reported by criminals from Moldavia, Montenegro, Serbia and Slovakia.
With regard to skimming attacks at other payment terminals, decreases in attacks against attended point of sales (POS) terminals were reported by one country due to continuing terminal migration to EMV.
Card trapping attacks, were reported by three countries and the number of incidents appears to be stable. Cash trapping attacks were reported in two countries, one of them reporting significant increases.
ATM malware attacks have been reported by one country, and no reports of card shimming at ATMs have been received.
Ram raids and ATM burglary were reported by seven countries, three reporting increases in such attacks and three decreases. Explosive and gas attacks were reported by four countries, and gas attacks are now a significant issue for two countries.
The countries supplying full or partial figures to not for profit industry organization EAST for its update were: Austria; Belgium; Cyprus; Finland; France; Germany; Ireland; Italy; Liechtenstein; the Netherlands; Norway; Portugal; Russia; Spain; Sweden; Switzerland; the United Kingdom.
The full update is available to EAST subscribers at www.european-atm-security.eu
US regulators are reported to be preparing insider dealing charges against a number of traders, investment managers and financial consultants.
The move reflects a similar crackdown in the UK, where the Financial Services Authority has been prosecuting a number of cases this year, including charges this month against five people who worked at brokerage Blue Index.
The US charges would be the product of a three-year investigation by the Federal Bureau of Investigation, the Securities and Exchange Commission and the US Attorney’s office.
Insider dealing cases have been neglected by authorities in the past as they are notoriously difficult to prove. Notable figures such as economist Milton Friedman have argued that insider dealing should be legal as insiders are best placed to know the true state of companies and to share that knowledge through the rapid buying and selling of shares.
However the authorities’ crackdown reflects the view that insider dealing undermines the legitimacy an credibility of financial markets.
In addition to investment funds, one of the other main focuses of the US investigation has been on whether networks of expert consultants passed on non-public information among themselves to inform trades. The consultants are alleged to have used such inside information to make millions of dollars from trades.
The Manhattan US Attorney Preet Bharara is thought to be one of the main leaders of the investigation and he has spoken in the past of making insider dealing investigations a major priority.
The Wall Street Journal reported that bankers at Goldman Sachs are also thought to be under investigation as part of the probe.
Regulators are looking into whether executives from the investment bank leaked non-public information surrounding various transactions.
The latest arrest in the US offensive on insider dealing came on November 24 when investigators detained a consultancy executive that prosecutors allege tipped off a hedge fund manager on corporate earnings before they became public.
The arrest of Don Ching Trang Chu of Somerset, New Jersey, came when investigators discovered he was to leave for Taiwan - a trip he made frequently – on November 28. Chu was interviewed by the FBI on the day of his arrest.
wins encryption solution of the year
Vasco gets remote access prize at Computing Security Awards
The DESlock+ product from UK software and data security company Data Encryption Systems (DES) has been named ‘Encryption Solution of the Year’ at the Computing Security Awards 2010.
The presentation for the inaugural Computing Security Awards took place earlier this month. Runner-up in the encryption category was the Becrypt product from Disk Protect.
The Remote Access Solution of the Year award was given to US-based Vasco for its Identikey product. The runner up was Swivel Secure with the PINsafe solution.
In total 23 awards were presented at the Hotel Russell in London's Russell Square. The winners in 20 of these categories were determined by nominations and votes cast by the readers of Network Computing and Computing Security.
DESlock+ is designed to help organisations protect against all types of data breach by offering encryption of documents, folders, disks and removable storage media, and computer systems. The solution is both Windows 7 compatible and FIPS 140-2 approved. The United States Federal Government is required to only purchase cryptographic products which are validated to the FIPS 140-2 standard therefore this is a highly sought after accreditation.
David Bonner, event manager for the Computing Security Awards said: “I am delighted to see a British company coming out on top against some pretty heavyweight US software vendors. Britain has talent and DES demonstrates the power of innovation through DESlock+.”
The other award winners were:
Solution of the Year
Winner: Webroot - Webroot Email Security Service
Runner up: Halon Security - VSP
Solution of the Year
Winner: PC Tools - Spyware Doctor with Anti Virus
Runner up:AVG - AntiVirus Business Edition
Security Solution of the Year
Winner: Webroot - Webroot Email Security Service
Runner up:Smoothwall - Smoothzap
Security Solution of the Year
Winner: Lancope - Stealthwatch
Runner up: CRYPTOCard - CRYPTOMas
Threat Management Solution of the Year
Winner: WatchGuard XTM 810
Runner up: Check Point - UTM 1
and Access Management Solution of the Year
Winner: Courion - Access Assurance Suite
Runner up: ArcSight - IdentityView
Solution of the Year
Winner: Check Point - Safe@Office 1000n Series
Runner up: CRYPTOCard - CRYPTOMas
Enterprise Security Solution of the Year
Winner: Cyber-Ark Software - Privileged Identity Management Suite
Runner up: Webroot Web Security Service
Data Leakage Prevention Solution of the Year
Winner: GFI - GFI Endpoint Secuirty
Runner up: DeviceLock - DeviceLock
Security Solution of the Year
Winner: M86 Security - InterScan Messaging Security Virtual Appliance
Runner up: M86 Security - MailMarshal
Security Solution of the Year
Winner: Aruba - Aruba Operating System 5.0
Runner up: AirMagnet - AitMagnet Enterprise
Solution of the Year
Winner: TSSI - Verid+
Runner up: Human Recognition Systems - Msecure
Solution of the Year
Winner: AccessData - Forensic Toolkit 3
Runner up: Splunk - Splunk
Security Service Provider of the Year
Runner up: Webroot
Security Distributor of the Year
Winner: Wick Hill
Runner up: E92 Plus
Reseller of the Year - Sponsored by Check Point Software Technologies
Winner: Brookcourt Solutions
Runner up: Blue Cube Security
of the Year
Winner: ArcSight - Logger
Runner up: Sourcefire - Sourcefire SSL Appliance
Project of the Year
Winner: NetIntelligence - Home Access Scheme
Solution of the Year
Winner: Tufin Technologies - SecureChange Workflow
Editors Award for Innovation
Altman Technologies - LT Auditor +9
to IT Security Award
Runner up: Webroot
The Central Bank of Kenya has been trying to tackle the fraud problem, and in September last year mandated that cheques must be written only for amounts less than Sh1m. It also introduced the Real Time Gross Settlement (RTGS) electronic clearing system to be used for amounts above Sh1m.
"This system eliminates the opportunities for fraud that could emanate from paper-based instructions such as cheques," said CBK governor Njuguna Ndungu.
The BFID says that forensic auditing sections often fall under either the internal audit or security department in some banks, which compromises their independence and integrity. It recommends setting up of independent forensic units within the banks.
The authorities say that the provisions of Kenya’s new Anti Money Laundering Act, which came to effect on June 28, should help in tracking down fraudsters. The Act requires financial institutions to submit suspicious transactions and Cash Threshold Reports to the Financial Reporting Centre, which will then be used to gather financial intelligence for analysis.
Banks are also taking their own internal measures. Consolidated Bank has introduced multi-level access points (where staff have different access rights in the system), password management and a more stringent recruitment process.
November 29, 2010
Regulator secures first laundering conviction
Manager convicted of siphoning off insider dealing profits
The UK’s Financial Services Authority has secured its first money laundering conviction in the case of a manager trying to cover up insider dealing profits.
Neil Rollins, former manager at the Bradford-based waste management firm PM Group, tried to hide his insider dealing from investigators by channelling the proceeds into a bank account in his father's name.
He was found guilty of five counts of insider dealing and four counts of money laundering at Southwark Crown Court. The case represented the firsat time the FSA has brought money laundering charges in a case.
Before his trial Rollins’ lawyers had argued that the FSA could not bring the ML charges. This argument went to the supreme court, which ruled in favour of the regulator.
The FSA said that, based on his knowledge of the company's worsening financial position, Rollins sold his entire share holding in PM Group in August and September 2006.
When information about the company’s worsening financial position was announced to the market the share price fell immediately by 17 % so that by selling his shares when he did he avoided substantial losses (approximately £45,000), he also encouraged his wife, Louisa Rollins, to do the same with her entire shareholding. Rollins subsequently laundered the money by transferring the proceeds of his crime into accounts that he had set up in the name of his father, David Rollins.
When Rollins became aware of the FSA's interest in his dealing he laundered the proceeds (£173,500) to try to hide his conduct.
Rollins had told the court that he wa not using the price-sensitive information to make his decision to sell shares.
He is due to be sentenced on January 21.
Insider dealing crackdown
Margaret Cole, managing director of enforcement and financial crime at the FSA, commented: “Insider dealing damages the very confidence that underpins the integrity of our markets. Rollins’ crime was aggravated by the fact that he sought to hide his conduct from the FSA by laundering the proceeds.”
Rollins’ conviction is the latest in a wave of actions the UK regulator has brought in insider dealing cases this year. In a high profile case in March, former Cazenove equities trader Malcolm Calvert was given a 21-month sentence for insider dealing.
Earlier this month the FSA brought insider dealing charges against James Sanders, the co-owner of broker Blue Index, his wife Miranda, and three others. Sanders and his wife are accused of seven offences related to trading ahead of a number of takeover deals between 2006 and 2008.
FSA clampdown boosts compliance recruitment
Fears over increasingly aggressive fines from the FSA means that 14% of all new jobs created in the City last month were in compliance, control and risk says Astbury Marsden, a leading financial services recruitment firm.
Astbury Marsden says that with more than 700 of the 5,231 new City jobs created in October 2010 within those areas it is the demand for ever greater auditing, policing and reporting that is keeping the City jobs market buoyant.
Overall the number of new City jobs created in financial services increased by just 1% on the 5,157 created in September.
Says Mark Cameron: "As with the usual seasonal trend we are seeing a slowdown in the hiring of front office staff like traders."
"In clear contrast to that, the hiring of back and middle office staff has continued to power ahead and most of these are directly related to compliance, product control, regulatory and liquidity reporting roles."
"We are being told by clients that a lot of these new jobs are being created because the FSA is still taking such an aggressive line on fining organisations that they perceive gaps in their systems and controls."
"Compliance and risk has been a hot sector for two years and new jobs keep being created by each new regulatory initiative. The whole field is getting more heated with Basle III and Solvency II work starting in real earnest."
Astbury Marsden says that in particular regulatory reporting (providing data for regulatory purposes) has really taken off in the last few months. For example, one institution has an outstanding requirement for 30 staff in the regulatory and liquidity monitoring field.
The FSA handed down a record £33.1m in fines last year (to March 31 2010), up 21% on the previous year's record-breaking £27.3m.
There were eight £1m+ fines (worth £27.5m handed down) up from six the year before.
Astbury Marsden explains that a year ago banks were hiring compliance and risk officers because they genuinely felt the credit crunch had exposed gaps in that area - now they are hiring in this area because the FSA is more actively holding firms to account.
Mark Cameron says that his firm had expected the surge in demand for governance roles to have ended by now but this boom is now expected to enter its third year.
Comments Mark Cameron: "While these roles undoubtedly add value, if you asked our clients they would say they already have too many staff paid too much to check boxes but the regulatory burden just keeps getting heavier."
November 26, 2010
BAE pleads guilty to minor offence to end long running corruption inquiry
BAE Systems, Britain's biggest arms firm, pleaded guilty this week to a relatively minor criminal offence as part of a controversial deal to bring a long-running corruption investigation to final conclusion.
Under the proposed deal with the Serious Fraud Office, the arms giant admitted it was guilty of accounting irregularities in a radar contract with Tanzania.
It made the admission at City of Westminster magistrates court, London, and is now due to be sentenced at a crown court hearing on 20 December.
However, the deal will have to be approved by the crown court judge, amid doubt in legal circles that the SFO has the power to strike such plea bargains.
The deal has also been criticised by anti-corruption campaigners who say BAE has been let off too lightly.
The SFO spent years investigating allegations that BAE paid bribes to officials and politicians in a range of countries including Saudi Arabia, Tanzania, Romania, South Africa and the Czech Republic.
Under the deal, BAE is willing to pay a £30m penalty, some of which will be "an ex-gratia payment for the benefit of the people of Tanzania".BAE Systems, europe’s biggest defense company, said it failed to keep proper accounting records of payments in a case that tests the ability of UK fraud prosecutors to negotiate plea deals.
BAE lawyer David Perry said today at a hearing at a Magistrates Court in London that the company will enter a guilty plea at a higher court next month.
The SFO had been investigating allegations that BAE covertly channelled bribes to secure the Tanzanian contract through the Panama-registered Envers from its offshore front company, Red Diamond.
In recent months, lawyers for the SFO and BAE have been finalising the deal, announced in February, to ensure that it will be approved by the judge, Mr Justice Bean, at Southwark crown court next month.
In a ruling in March, in another corruption case involving chemical firm Innospec, Lord Justice Thomas said the SFO had no power to strike plea bargains and that judges were responsible for deciding sentences.
BAE has already paid $400m to the US government to settle an American investigation into bribery accusations over jet fighter sales to Saudi Arabia and the Czech Republic.
Following the announcement by the Information Commissioners
Office (‘ICO’) of its first fines for breaches of the Data
Protection Act, KPMG’s 2010 Data Loss Barometer (‘DLB’),
which considers lost and stolen information worldwide, has found that
a fifth of reported data loss incidents in the first half of 2010 came
from malicious attacks inside the organisation.
The growth of the threat from within has been rapid, rising from only 4 per cent of all incidents in 2007, to 20 per cent in 2010. Since 2007, 23 million people globally have been affected by data breaches stemming from a malicious insider, according to the DLB.
Malcolm Marshall, head of the information security practice at KPMG in the UK commented: “The recession may have played its part in driving up the increase in malicious insider data loss incidences, as data becomes an increasingly valuable commodity. But the alternative is that as organisations get wiser to the tactics of hackers, then criminals may be tempting staff to pass on valuable information – hence the massive growth in the insider threat.”
Hacking – biggest concern
As well as the rapid growth in malicious insider incidents, the Barometer has found that hacking remains the biggest threat of data loss, with almost a quarter of a billion people affected by it since 2007. The lure of financial gain, corporate espionage and terrorism provide the main motivation behind hacking attacks. These findings support the current concerns of the UK government who have identified cyber war as one of the key threats facing the UK’s critical infrastructure.
The healthcare sector is closely followed by government as prime targets, which accounted for a fifth of all incidents this year. Within government, nearly 40 per cent of incidents involved a third party.
When you look at the number of people affected, financial services continues to be the worst affected sector, accounting for a third of the total number of records that were lost or stolen since 2007. The retail industry (31%) comes in at second place, where access to the details of credit and store cards continues to be a security risk.
While the Barometer showed a decrease in the number of publicly disclosed data loss incidents for the second year in a row, it is clear that there is little room for complacency given the sheer numbers of people that continue to be affected.
Data loss is one thing. But when information is accidentally lost it is very often not found This usually means that while there is an impact on the organisation that loses the information, the actual impact on the data subjects to whom the information relates is minimal. But this is not the case with data theft, instances of which are now more and more frequently targeted and built around identity theft or basic account take over for clear financial gain.
Marshall comments: “2011 and beyond will undoubtedly see the data theft threat continue to grow – Stuxnet is seen as the first ‘weaponised cyber-attack’ and it has upped the game in terms of the level of sophistication. It will only be a matter of time before similar techniques are developed by criminal gangs. The likely result is broader ‘general’ security breaches and increasingly large direct financial losses.”
Malcolm Marshall concludes: “The fear of tougher sanctions, regulatory developments and negative publicity appears to have increased the awareness of the need to protect vital information. But as ‘cyber wars’ begin to take hold as a threat, and criminals constantly seek new ways of infiltrating systems, businesses and individuals alike need to ensure the security of their data is given utmost priority.”
The bank added that these clients were represented by "sophisticated financial institutions" that were fully aware of the nature of the Madoff investments, and that Luxalpha's fund documents specifically said that UBS was not responsible for the safekeeping of clients' assets.
"UBS does not have responsibility
to these shareholders for the unfortunate results of the Madoff scandal,"
the bank said.
UBS and its local units have been sued for damages and compensation in more than 100 cases in Luxembourg by investors who lost millions of dollars through the funds.
In March 2009, BNP Paribas lost its legal battle to force UBS to pay it Eur2.55m to compenstate it for its investment losses in the Luxalpha fund.
A number of other Luxalpha and Groupemont investors lost similar cases against UBS after the Madoff fraud was uncovered, because UBS argued investigations into the fraud were ongoing.
HSBC hires Deloitte
to review laundering compliance
HSBC has hired auditing firm Deloitte to help review the internal transactions of its US unit in connection to a money laundering probe.
According to the Financial Times, a Deloitte team is being brought in to analyse HSBC US transactions to check that the banking division adhered to the correct rules surrounding compliance.
HSBC is under investigation by the US Attorney’s Office and the Department of Justice and has been ordered to set up an independent review by the regulators. It has admitted it was expecting to be subject to a formal enforcement action as part of the probe.
However, HSBC stated that it was “unable at this time to determine the terms on which it might be brought, the timing of any possible regulatory resolution or enforcement action or the amount of fines or penalties, if any, that may be imposed by the regulators or agencies”.
The bank received a “cease and desist” order from regulators earlier in the year after its lack of rules surrounding compliance were alleged to have created the potential for money laundering.
The Royal Bank of Australia is to sell off its 50% stake in plastic banknote manufacturer Securency, which is at the centre of bribery and corruption allegations.
The Australian central bank said its UK-based joint-venture partner Innovia Films wants to sell its half-share in the business and so the two bodies will pursue a joint sale.
The company has been under
investigation by Australian Federal Police since May last yer over allegations
that it had carried out the systemic bribery of foreign officials to
win contracts for over a decade.
The RBA's announcement on November 23 coincided with the Labor party and the Coalition joining forces in the Australian Senate to defeat a call by Greens leader Bob Brown for a parliamentary inquiry into the RBA's supervision of Securency.
Some media sources claimed that RBA’s planned sale of its stake was a move to get the investigation into Securency abandoned. The RBA has half-owned and supervised the company since 1996.
The company has been under investigation by Australian Federal Police since May 2009 over the allegations that it had carried out the systemic bribery of foreign officials for over a decade.
Newspaper The Age alleged that some of the A$50m Securency paid to its network of overseas agents, often via offshore accounts, is suspected to have been used to bribe several of the foreign officials who gave the company contracts.
Government sources have claimed that the RBA ignored repeated warnings that its company was engaged in bribery and instead endorsed many of its high-risk business practices.
So far none of the former or serving RBA appointees to Securency's board (who include high profile Australian business and government officials) have been held accountable for the RBA's conduct in the case.
Police are investigating up to ten Securency senior employees for alleged bribery but have no power to examine the conduct of the company's board or of the government agencies that worked with the company overseas.
Securency’s UK competitor in banknote manufacturing, De La Rue, is also currently mired in a police investigation after it called in the Serious Fraud Office after finding that staff had deliberately falsified paper specification test certificates on banknotes thought to be headed for India.
fitted for London bikes
Fears of attacks by card fraudsters
The docking stations used
for hiring out bikes in London are being fitted with anti-skimming technology
to stop attacks by credit card fraudsters.
Transit operator Transport for London says there were concerns the cycle hire scheme could be targeted by criminals when it is widened to include tourists and casual users in December.
TfL said in a statement: “Additional security anti-skimming devices will be fitted to all Barclays Cycle Hire terminals. This will ensure card readers are not tampered with in any way.”
It added that software will be used to detect if electronic equipment is fitted to the terminal by fraudsters looking to clone cards.
Unregistered users will be able to hire bikes from December 3, under the scheme established by London Mayor Boris Johnson.
The scheme has been hit by delays caused by software concerns and a shortage of bikes or docking stations at peak times. Until now, bikes have only be available to the around 100,000 registered subscribers, who pay up to £48 a year for a membership key which they insert to release a bike from the docking points.
From December 3, anyone with an accepted credit or debit card can put it in a docking station and enter their PIN to take out a £1 daily or £5 weekly subscription. Extra charges are only impopsed if they cycle for over 30 minutes at a time.
The scheme only accepts Visa and MasterCard credit and debit cards and Visa Electron.
TfL says it would be too expensive to incorporate the Oyster transit card scheme into the system.
The number is set to escalate over the next three years, said home insurance company LV= which produced the figures in partnership with the Centre for Economics and Business Research (CEBR).
The CEBR data found that 26,000 people in the UK have discovered criminal direct debits so far this year. These typically see criminals gaining £540 before the fraud is noticed and stopped. The figures found that the rate of direct debit fraud has increased to comprising 10.6% of all identity fraud cases from the 0.01% level in 2001.
There has been a 288% rise
in the practice over the last four years, with 6,200 incidents reported
The sharp increase has been partly attributed to the introduction of Chip and PIN in the UK, which makes stealing cards and using them illegally more difficult, prompting criminals to look elsewhere and to migrate to direct debit fraud. The report says the credit squeeze has also fuelled the increase.
However the figures were disputed by BACS - the Bankers’ Automated Clearing Services – which handles direct debit on behalf of banks. The organisation said in a statement: “Instances of direct debit fraud are very low, particularly when compared with methods such as cheque or card.
“There is no empirical evidence within the industry to show this type of fraud is increasing.
“If a customer believes funds have been taken incorrectly, they should contact their bank immediately.
BACS – the Bankers’ Automated Clearing Services – which handles direct debit on behalf of banks, said: ‘Instances of direct debit fraud are very low, particularly when compared with methods such as cheque or card.
“There is no empirical evidence within the industry to show this type of fraud is increasing,” it added.
“If a customer believes funds have been taken incorrectly, they should contact their bank immediately.”
BACS says that all direct debit instructions are protected under the terms and conditions of their use. "If a customer believes funds have been taken incorrectly from their bank account by direct debit, they should contact their bank branch immediately to request that the money be returned under the terms of the Direct Debit Guarantee."
The LV= report predicts direct debit fraud is set to grow to 41,000 cases a year by 2013, equating to a 57% rise in the coming three years.
Examples of direct debit fraud include regularly recurring payments for gym memberships, mobile phone accounts or TV subscriptions. In other cases, the fraudster will set up the payment to their own account but label it with the name of a commonly used service provider, leading the victim to think it is a legitimate payment
Fraudsters use stolen bank information to set up direct debits to pay for the goods, services and memberships they will benefit from. Some arrange for payments to accounts from which money can be withdrawn via ATMs.
Details are obtained in the same way as for other types of identity fraud, including redirecting a victim’s post or gaining online banking details through email ‘phishing’ scams.
LV= says the increasing practice of many companies such as energy firms to offer discounts to customers who pay bills by direct debit is fuelling this type of fraud as it means more bank details are in circulation.
John O'Roarke, managing director
of LV=, said: "While most of us are aware of the need to protect
our card details, the increase in fraudsters setting up direct debits
in victims' names proves the need for everyone to regularly check their
banks statements and ensure they're not paying out for someone else's
mobile phone account or gym membership or any other direct debit they
He added that account holders should check they are not making duplicate or out of date payments.
US recovers record
amount in government fraud cases
Figure driven by whistleblower incentives
The US Department of Justice recovered a record US$3bn in cases of healthcare fraud and other false claims against the government over the last year.
Assistant Attorney General Tony West said health care fraud, an enforcement priority for Barack Obama’s government, made up $2.5bn in civil settlements and judgments in the last fiscal year, which ended in September.
The government collected $1.6bn in settlements with pharmaceutical and medical device companies in cases alleging fraud against Medicare and other federal health insurance programmes.
The DoJ says the money recovered has come mostly with the help of whistleblowing drug company employees who have informed the government of malpractices. They are being incentivised by getting a share of money recovered.
Tony West, assistant attorney general for the DoJ’s civil division, commented: "When you look at health care fraud and the recoveries that we've been able to obtain over the last two years, it's been about $4.6bn. That's more money recovered in a two-year period than at any other time in history."
The figure has been boosted by major settlements with pharmaceutical giants Pfizer, AstraZenica and Novartis, who were accused of questionable marketing practices or overbilling federal insurance programmes. The DoJ reached a record $669m settlement with Pfizer, which was accused of marketing drugs for uses not approved by the Food and Drug Administration.
The DoJ is using the False Claims Act, a law dating back to the Civil War era, that helps the federal government recover money when it has been overcharged by contractors.
The law has worked so efficiently in the healthcare sector that the authorities are trying to recruit whistleblowers in a variety of ways. Financial regulator the Securities and Exchange Commission recently started a programme where corporate employees can share in the financial rewards if they provide tips on fraud to the federal government, just as the Justice Department initiative works.
AstraZeneca paid $302m over claims that it marketed an antipsychotic drug, Seroquel, for uses unapproved by the Food and Drug Administration and not covered by federal and state Medicaid programs. AstraZenica also paid out $218m to participating states. Whistleblowers' share: $45m.
Novartis Pharmaceuticals paid $192.7m in two settlements — also primarily over drugs marketed for uses not approved by the FDA and not covered by Medicaid. In total for the settlements, the company paid $495m in damages, fines and forfeitures. Whistleblowers' share: $33.5m
Millionaire Australian hotelier Michael Milne has been found guilty of money laundering and tax evasion, the latest high profile scalp in a crackdown by the country’s tax authorities.
Milne, 54, was convicted by a jury of dealing, between April 2004 and September 2005, with a bundle of shares valued at more than A$1m, knowing it would become the instrument of crime.
The Supreme Court in New South Wales heard that Milne had organised a complicated web of offshore companies that was ''completely contrived and an artificial arrangement'' in order to make illicit money.
The Australian tax office has been carrying out the major Wickenby investigation, which has so far led to convictions for music entrepreneur Glenn Wheatley, and now Milne.
Milne is said to have used Swiss bank accounts to buy antique French furniture, an A$2.7m house, a Bentley car, a $270,000 yacht and a $440,000 painting by Jeffrey Smart. Most of his assets have been frozen under proceeds of crime laws.
He sold shares with the proceeds going into Swiss banks and then either onwards to Australian bank accounts linked to Milne, or for purchases that benefited him.
Money from one Swiss account was used to buy French antiques. In March 2005, $1m was sent from the Swiss bank account to a Commonwealth Bank account in Sydney for a company called Barat Advisory of which Milne was the sole director and shareholder.
Milne is free on bail after a $100,000 security surety was met, and is due to be sentenced on December 2.
Four charged over Philippines bank laundering
Two employees of the Philippine
National Bank (PNB) at and two depositors have been charged with allegedly
stealing P25.18m from a university’s revolving fund account.
The country’s Anti-Money Laundering Council (AMLC) has filed charges against Rosemarie Ann Pamplona, former junior sales and service officer of the PNB branch on the University of Philippines Dillman campus. Also charged were Evangeline Domingo, former senior sales and service associate at PNB, and depositors Jamie Santos and Ely Zanda Clemente.
They were charged under the Anti-Money Laundering Act of 2001.
The four are all at large, and the university has so far been unable to recover the money.
Based on its investigation, the AMLC said the university’s revolving fund account was pre-terminated by Pamplona and Domingo without the university’s authority and knowledge on January 4, 2007.
The council said the proceeds of the account were then deposited in three “suspicious” accounts under the names of Clemente, Santos and UP Cons (a joint account of Clemente and Santos). It eventually discovered that UP Cons was a non-existent business entity and other details relating to the account were fictitious.
The four, “acting in conspiracy with each other,” were also liable for qualified theft under Section 310 of the Revised Penal Code for benefiting from the transfer of the accounts, the AMLC said.
“The respondents had full knowledge of the illegal nature of the proceeds that they transacted. (A)ll the elements of money laundering are present,” the council said in a statement.
The investigation started in 2008 from a complaint filed by Malou Francisco, assistant manager and regional review officer of the PNB.
Armed with the DoJ resolution, the AMLC took nine months just to get the freeze order on the accounts of the suspects, and well over two years to file the case before the department.
Two long-serving secretaries of Bernard Madoff have been arrested and charged with having helped him perpetrate his US$65bn investment fraud.
Annette Bongiorno, who worked for Bernard L Madoff Investment Securities for 40 years, was arrested at her home in Boca Raton, Florida. JoAnn Crupi, employed by Madoff for 25 years, was arrested at her home in New Jersey.
The pair were charged with conspiracy, securities fraud, falsifying books and records of a broker dealer and investment adviser and tax evasion. The Securities and Exchange Commission brought concurrent civil charges against the pair.
Bongiorno, 62, faces up to 75 years in prison, while Crupi, 49, could be sentenced to up to 65 years in jail.
Preet Bharara, the US attorney in Manhattan, said that the arrests backed up suspicions that Madoff had not perpetrated his fraud alone.
"A house of cards is almost never built by one lone architect," Bharara said. "Year after year, Annette Bongiorno and JoAnn Crupi protected and perpetrated the Madoff mirage while putting very real money in their own pockets."
Bharara alleges that Bongiorno put US$920,000 of her own money into the accounts of Madoff’s company between 1975 and 2008, but withdrew over US$14m, having recorded fraudulent "trades" that inflated her investments. She also received US$325,000 in "off the books" income, according to the charges.
In a June 2009 article in Vanity Fair, another Madoff secretary, Eleanor Squillari, recalled the iron fist with which Bongiorno oversaw other clerical workers.
The other workers were "young and naive, with no background in finance, so they weren't able to connect the dots," Ms Squillari recalled.
"Whenever I went downstairs, they were always busy doing paperwork while Annette watched them like a hawk," she told the magazine.
Cruspi is alleged to have withdrawn around US$2.7bn from the BLMIS account and was paid more than US$270,000 "off the books".
Earlier this year, prosecutors filed civil forfeiture complaints against the women, seeking the return of US$7m in assets that they claimed were unlawfully gained from Madoff's scam. Madoff is serving a 150-year sentence in a North Carolina prison for running the world's largest Ponzi scheme for at least 20 years.
He pleaded guilty in March 2009, having insisted that no one assisted his long-running fraud in which investors are thought to have lost about $US20bn. At one point, Madoff had falsely inflated their investments to the value of about $US65bn.
Bongiorno’s lawyer Roland Riopelle said she would defend herself against the charges. Lawyers for Crupi have previously said that she had no knowledge of Madoff's fraud operation.
400,000 credit card numbers from Fed
Malaysian apprehended in restaurant
A Malaysian hacker is alleged to have exploited a vulnerability in the US Federal Reserve's network to steal more than 400,000 credit card numbers.
Lin Mun Poo, 32, was arrested in a Brooklyn restuarant last month where he was selling some of the stolen card numbers for US$1,000. He had only arrived in the US a few hours previously.
He has been charged with fraud and identity theft which carry a maximum of ten years in prison, and is currently in custody pending a court appearance.
Poo found a security vulnerability at a Federal Reserve bank in Cleveland, according to court papers.
The stolen card details were found on his encrypted laptop after his arrest, and officials said Poo had come to the US to get more stolen cards and PINs and steal from ATMs.
The hacker has also confessed to breaking into networks of several international banks and a major defense contractor, the complaint states.
"Cybercriminals continue to use their sophistication and skill as hackers to attack our financial and national security sectors," said Brooklyn US Attorney Loretta Lynch.
SK Telecom, the biggest mobile telco in South Korea, is under investigation for tax fraud and the possible creation of slush funds.
Investigators from the Seoul Regional Tax Office have been at SK Telecom’s headquarters in Jongro-gu, central Seoul, since November 16. It is understood they are investigating not only SK Telecom but also its subsidiaries and subcontractors including SK Telesys.
SK Telecom said that the matter was a regular tax investigation, but national tax office NTS is thought have put specialist investigators in business investigation and tax fraud on the case.
The investigation revolves firm’s stock price change in the past few months, and whether it has created large slush funds.
“SK Telecom gets some parts for their mobile phones supplied by SK Telesys, and executives for SK Telesys’ two subcontractors who have worked for the company before are known to be playing key business roles there,” a person close to the matter told the Korea Herald.
“Thus the NTS seems to be paying particular attention to the possibility of slush funds creation and tax evasion in such firms.”
The NTS has declined to speak about the case, saying it cannot comment on investigation of individual companies.
reveal “bleak and complex” reality of UK fraud
Facility takeover cases remain high
Nearly 168,000 confirmed cases of fraud were recorded in the UK in the first 9 months of 2010, despite a slight decrease from the same period in 2009
The data provided by the 265 member organisations of the UK’s Fraud Prevention Service CIFAS, demonstrates that fraud remains rife:
Facility takeover fraud (when a fraudster, rather than impersonating a victim, secretly hijacks and plunders a victim's accounts) remained high, with over 16,000 confirmed cases,
Products targeted by fraudsters demonstrate how fraud adapts to economic conditions, and the continuing scourge of identity fraud, which now directly impacts more than 70,000 victims of impersonation (a 17.56% increase from the first three quarters of 2009).
only part of the story
In the first nine months of 2010, nearly 168,000 confirmed cases of fraud were recorded by CIFAS members. While this represents a decrease of 4.52% from the same period in 2009, this apparent good news must be placed in context: as it represents an increase of 6.31% since the end of September 2008.
CIFAS communications manager, Richard Hurley, commented: “Any decrease in the level of fraud recorded by CIFAS Members is to be warmly greeted – but the enthusiasm for a reduction in the overall level of fraud must be reined in. In a year where the ‘age of austerity’ has become a catch all term (and applications for products and services may decrease as a result) it is perhaps unsurprising to see such a reduction.
“The fact, however, that fraud has increased by over 6% during a two-year period only serves to underline how the fraud threat is just as potent and widespread as ever.”
In the first nine months of 2010, there were over 16,000 cases of facility takeover fraud (also known as account takeover fraud) – a slight decrease (1.97%) from the same period in 2010. This, however, again demonstrates that fraud is not plummeting but remaining relatively constant – and far in excess of the levels occurring during recent years. Facility takeover fraud has increased by just over 20% compared with the same period in 2008 and by 231% since the first nine months of 2007.
Hurley added: “CIFAS has previously commented upon the increases in this kind of fraud, and warned that this was more than just a change in tactic for organised fraudsters to get them through a period of recession. With the continued prevalence of spam in people’s email inboxes, and the increasing sophistication of the phishing emails being received, it is perhaps no surprise that the level of this type of fraud remains as high this year as it was last year.”
Perhaps the most surprising aspect of the frauds identified by CIFAS Members during the first nine months of 2010 concerns the variations in products currently being favoured by fraudsters. Communications products and services, and mail order accounts, are experiencing the biggest increases in fraud in 2010 to date (when compared with 2009) while frauds against bank accounts and plastic cards have decreased. A possible explanation for this is that as lenders mitigate against bad credit risks, they also counter the fraud risk – meaning applications never get past the initial lending decision before being fully examined.
In addition, when viewing these in the context of the overall pattern of application frauds (applications containing lies or supplying false supporting documentation – a decrease of 23%) and identity frauds (the use of false identity details and cases where an innocent victim has had their identity details used fraudulently – an increase of 9.68%), the view that fraudsters specifically target the areas where they feel that they can secure most profit is strengthened.
CIFAS chief executive Peter Hurst warned that, as the tentative steps to economic recovery continue, it is important not to lose sight of the threats that are just around the corner.
He added: “Businesses, individuals, regulators and government alike are all victims when fraud goes unchecked and, as such, all have a part to play in helping to prevent fraud from increasing. There is a danger that all lenders or service providers could see the fraud floodgates open once again.
“In a climate where every penny counts, correctly identifying the victims and perpetrators of fraudulent transactions, sharing their details to prevent further fraud, as well as designing systems to prevent fraud going unnoticed are vital steps that all UK businesses and public sector organisations now need to start taking.”
The following table shows a summary of the statistics and the number of fraud cases recorded by CIFAS Members during the first nine months of 2009, broken down by the type of fraud identified. Definitions are given below the table.
Application Fraud/False Insurance Claim relates to applications or claims with material falsehood (lies) or false supporting documentation where the name has not been identified as false.
Facility Takeover Fraud occurs where a person (the 'facility hijacker') unlawfully obtains access to details of the 'victim of takeover', namely an existing account holder or policy holder (or of an account or policy of a genuine customer or policy holder) and fraudulently operates the account or policy for his own (or someone else's) benefit.
Asset Conversion relates to the sale of assets subject to a credit agreement where the lender retained ownership of the asset (for example a car or a lorry).
Misuse of Facility is where an account, policy or other facility is used fraudulently.
The Business Crime and Regulation team at law firm Russell Jones & Walker is launching a nationwide survey assessing UK businesses’ understanding of – and preparedness for – the implementation of the Bribery Act in April 2011.
The survey is targeting businesses with an annual turnover of up to £100m, in particular those in the banking and finance, media, property and construction sectors.
A full report of the survey results will be published early in February 2011.
The survey, targeted at key decision makers and executives of SMEs with an annual turnover up to £100m, will be conducted across the finance and banking, media, and property and construction sectors.
To participate in the survey, click on the link below:
The Bribery Act represents a significant change to UK law in the area of business and commerce, and aims to provide a more effective legal framework to combat bribery in the public and private sectors. The Act covers day-to-day practices of UK businesses and presents a host of new risks to businesses.
Rod Fletcher, head of the business crime & regulation team at Russell Jones & Walker, commented on the survey: “The Bribery Act requires businesses to be absolutely confident that they have in place adequate procedures to minimise the risk of corruption. Our survey focuses on the finance, media, property and construction sectors.
“The Ministry of Justice has issued draft guidance but many key questions remain as to how the Act should and will be interpreted, not least the circumstances in which corporate hospitality could be viewed as a bribe.”
Helmut Kiener, who was arrested amid great publicity in October last year after an investigation, was charged with 35 counts of aggravated fraud, as well as forgery of documents and tax evasion.
German prosecutors allege in a 630-page charge sheet that he swindled investors out of around Eur345m in an elaborate Ponzi scheme.
Barclays and BNP Paribas may have lost millions in the case, which prosecutors said was carried out in the US as well as Europe and featured lavish personal spending on planes, a helicopter and luxury properties.
Kiener is alleged to have tricked investors into putting their money into funds K1 Global Ltd and K1 Invest Ltd by pretending the funds were posting large profits and would continue to do so, even though both of them had suffered massive losses.
"Alleged profits could only be paid out via new investments," said the German prosecutors office.
Barclays and BNP Paribas invested at total of Eur223m with Kiener, the prosecutors' office said. Five thousand other investors also put money in the funds, which are now thought to have vanished.
German financial regulator BaFin had banned Kiener from being a fund manager in Germany in 2001, but he got round the ban by moving the funds to the British Virgin Islands.
Kiener denies the charges and says he will use the case to expose the “greed” of his investment clients.
His lawyers claimed that “the greed of the investors” should help reduce any sentence the court decides to impose.
Another man, identified by prosecutors only as Claus Z., is being charged with abetment of fraud that caused additional damages in the case of just over Eur150m.
Prosecutors said three further suspects had also been arrested following fresh searches in early November.
QuestGates enhances counter fraud division
UK loss adjuster QuestGates has added a further new recruit to its counter fraud team, which has doubled in size since its formation earlier this year.
Stuart Gibbs, joins as a counter fraud investigator, and will widen the company’s expertise due to his specific background in the handling of jewellery claims.
Stuart holds the CIP and ACII qualifications and is also an Accredited Counter Fraud specialist (ACFS), with over 10 years’ jewellery retail experience.
QuestGates said this blend of knowledge and expertise means that he will bring exceptional insight to claims involving jewellery and in particular the high net worth arena.
John Freeman ACFS, counter fraud director at QuestGates, commented: “The insurance industry has traditionally had two choices when it comes to suspect jewellery claims – instruct a general investigator or a jewellery validation company. Both do good jobs but we believe there is a need for a third option, particularly when it comes to high net worth individuals.
“Shouldn’t insurers have the choice to instruct an investigator who is not only a specialist in counter fraud but also a specialist when it comes to jewellery? Service and brand reputation are paramount when it comes to high net worth cases, and a specialist in this niche area will ensure that the insurer’s brand is protected. With Stuart on board, QuestGates can bring that important third choice to the industry.”
Stuart joins the business from LMG Jewellery claims services where he has worked for the last 13 years, most recently as technical claims manager in charge of LMG’s counter fraud team.
FICO appoints two to European fraud team
Anti-card fraud technology provider FICO has made two appointments to its European operations.
Paul Eagles, who has worked for both SAS and Visa Europe, has joined FICO’s fraud professional services team as a senior consultant, while Brian Kinch, most recently of Lloyds Banking Group, has joined the company as a senior partner working with its global fraud clients. Both executives will be based in the UK.
Paul Eagles has extensive experience of the cards and retail banking industry, and most recently served as principal fraud consultant for SAS Institute. From 2000 to 2005, he worked for Visa Europe, first as a senior manager in product risk and due diligence and then as the head of product risk and fraud services. Eagles also worked for HNC Software Inc., the creator of the industry-leading FICO Falcon Fraud Manager solution for card account fraud; HNC merged with FICO in 2002. Prior to that, he spent 12 years at HSBC, both in fraud and in branch operations.
Brian Kinch has spent the last three years with Lloyds TSB and Lloyds Banking Group, initially designing and implementing the bank’s fraud management target operating model, and most recently as head of customer account fraud. From 2005-2007, he worked for FICO, and served as global fraud consulting director. He spent 2001-2005 with Visa Europe’s risk management group with specific responsibilities for driving reductions in both issuing and acquiring fraud across the region, and previously spent 15 years at HSBC Card Services.
“Banking leaders across Europe are prioritising fraud prevention, and we’re building our fraud team in Europe with the best talent around,” said Mike Gordon, FICO managing director and vice president for Europe, the Middle East and Africa. “Paul Eagles and Brian Kinch know the fraud schemes, know the issues, know the technology and know our clients. They bring immeasurable insight and innovation to our fraud team and our clients’ challenges.”
A Russian lawyer who died in prison after accusing police of involvment in a US$230m tax fraud has been accused by authorities of organising the fraud himself.
Russia’s interior ministry says that Sergei Magnitsky, who died last November, was the mastermind behind the fraud.
Magnitsky, 37, had been in prison for a year after accusing police over the fraud, thought to be the largest in Russia since the fall of Communism. He did not get any medical treatment for the pancreatitis he was suffering from, and a public oversight committee called the conditions of his detention "torturous."
The accusations against Magnitsky come after Interior Minister Rashid Nurgaliev has come under media pressure to resign over allegations of police corruption. Russian president Dmitry Medvedev revealed plans earlier this year to dismiss around 10% of the country’s 1.4 million-strong police force within two years.
Medvedev ordered an investigation into Magnitsky's death late last year, and around 20 prison officials were dismissed, but no charges have been filed
Magnitsky provided legal work for the Hermitage Capital foreign investment fund in Russia. He had alleged that in October 2007, three Hermitage companies had been stolen and registered in other names, using documents police had seized in a raid on Hermitage four months previously.
Hermitage filed three criminal complaints in December 2007, describing a complicated scheme involving police and fake tax deductions that would result in a tax refund of US$230m to the stolen shell companies.
Despite the complaints, the
fraud is thought to have been carried out on December 24, 2007 with
a $230m tax refund - the largest ever paid in a single day.
Speaking a a news conference on November 15, Irina Dudukina, spokeswoman for the Ministry of Interior Investigative Committee, accused Magnitsky of the crime.
“Magnitsky had a degree in economics and worked as an accountant and auditor. He was not a lawyer," she said. "And as an accountant, he was developing a tax-evasion scheme."
She said results of the investigation would be sent to prosecutors for action.
Hermitage Capital’s chief executive Bill Browder said there was no foundation to the charges against Magnitsky and that the ministry had tried to “blacken Sergei’s name” on the anniversary of his death.
ML association amasses 10,000 members
The Association of Certified Anti-Money Laundering Specialists (ACAMS) has just recruited its 10,000th member.
The new member is London, UK-based Richard Curran, a practicing Global Business Manager for the COBAM KYC team with HSBC, who has been active in the anti-money laundering (AML) field for six years.
ACAMS is an international membership organization that aims to enhance the knowledge and skills of AML professionals from a range of industries. It has members in 160 countries with resources designed to develop and sharpen the skills required for improved job performance and career advancement.
Curran cited the constant changing requirements and regulatory scrutiny on large financial institutions as the biggest challenge facing AML compliance professionals today.
He said: "Working for such a global organization, we have specific challenges in trying to align our global requirements where regulations permit and translate this into a global KYC system. ACAMS can continue to help propose and share solutions to these issues. Identifying solutions used by peer banks can go a long way in assisting with our local issues. The various forums are great for information sharing.”
As reward for becoming ACAMS’ 10,000th member, Curran will be receiving a complimentary registration to a 2011 ACAMS conference of his choosing to further his continued AML training and education.
"This achievement marks a critical turning point for ACAMS," said John Byrne, CAMS, ACAMS, executive VP. "With the intrinsic volatility in the AML field, professionals and experts from around the world are continuing to rely on ACAMS to be their connection to continuing education and career networking. It comes as no surprise that we've reached this epoch within the organization considering the monumental successes we've experienced from all other facets of ACAMS."
In September, ACAMS held its 9th annual international anti-money laundering conference in Las Vegas, NV, attended by 1,000 AML/CTF professionals.
ACAMS website is at www.ACAMS.org
A US unit of HSBC bank is still being investigated by the US Justice Department and other agencies for compliance with bank-secrecy laws, despite agreeing to overhaill its anti-money laundering controls.
In October, the Federal Reserve Bank of Chicago and the Office of the Comptroller of the Currency issued ‘cease and desist’ orders and ordered the bank to improve its internal controls after an investigation found that its ineffective compliance programmes were causing significant potential for unreported money laundering or terrorist financing. HSBC is also under investigation by the Department of Justice and the US Attorney’s Office
The UK-based bank’s US division, HSBC USA Inc, said in a quarterly filing with the US Securities and Exchange Commission: “We remain the subject of ongoing inquiries, including grand jury subpoenas and other requests for information, by government agencies, including the US Attorney’s Office and the U Department of Justice.”
The filing added that the bank was likely to be the subject of some formal enforcement action in the US, such as fines or penalties, though it was too early to say what this would be and when it would be imposed.
HSBC has just appointed Deloitte to conduct an independent examination of transactions related to the US regulatory investigations.
The consulting firm will examine transactions worth thousands of billions of dollars to find out if any failings have taken place.
HSBC says the inquiries relate to the company’s Global Banknotes business, which it has now exited, and to its foreign correspondent banking business, as well as its compliance with the US Bank Secrecy Act and anti-money laundering requirements.
Niall Booker, chief executive officer of HSBC North America, said in a conference call with reporters that the bank is making its “best endeavours” to meet the requirements of the cease-and-desist orders.
“We perhaps didn’t staff the compliance and particularly the AML, BSA functions as vigorously as we should have done,” Booker added, referring to the Bank Secrecy Act and anti-money laundering.
FSA say trader work phones will be taped
The Financial Services Authority (FSA) said all calls made on company mobile phones by dealers and traders in the city will need to be taped from November 2011 and archived for at least six months.
Personal mobiles will be exempt from the rules, although institutions will be expected to ensure traders do not use private phone to carry out transactions.
Fixed-line calls involving financial transactions such as share orders are already taped to help the City regulator investigate frauds or market abuse. The FSA estimates the extension will cover about 16,000 mobile phones and cost the industry about £11m to set up and £18m to maintain each year.
In a statement, the FSA said: "Removing the exemption will provide an extra source of voice and electronic communication evidence, which can be used to help us counter the key priority of market abuse and increase the probability of successful enforcement. The new rules will also contribute to our wider effort to promote cleaner markets which should, in turn, enhance market confidence."
The Supreme Court’s decision will allow the appointment of an investigating judge and the opening of a judicial inquiry into how luxury assets (properties and cars, as well as bank accounts) were acquired in France by three foreign heads of state - Denis SASSOU NGUESSO (Congo-Brazzaville), Omar BONGO ONDIMBA (Gabon, now deceased), Téodoro OBIANG MBASOGO (Equatorial Guinea) - and their relatives.
This judge will have to determine
the conditions under which the assets in question were acquired, as
well as how the numerous bank accounts identified by the police were
accumulated. The inquiry should also shed light on the role played by
various intermediaries who might have facilitated operations identified
as suspect by the French police. First among those are the banking institutions
which were identified by the investigations, and whose respect for their
anti-laundering obligations one can only question.
A statement from Transparency International says: “In all cases, this decision stands as a considerable legal milestone that goes beyond the “Biens Mal Acquis” Case. For the first time in France, the collective action of an anti-corruption association is deemed admissible before a criminal court.
“This decision, which is in line with the evolution of positive laws regarding collective action of associations (2), should permit to overcome the inertia of public prosecution in sensitive cases of political or financial nature in the future.”
Goldman sacks head of block trading team
Goldman Sachs has sacked the head of its block trading team despite a highly successful month and a “trade of the year” for breaching internal policies.Alexandre Harfouche, head of European block trading at Goldman Sachs, left the US bank for failing to make disclosures to the bank's compliance department.
No securities law had been violated, says the bank and no client was harmed by the events, according to reports, suggesting his dismissal is not related to any of the bank's recent block trade transactions. The exact circumstances of his departure remain unclear.
Harfouche was named managing director less than a year ago, and first registered with the UK Financial Services Authority in 2001. He is registered as inactive with the regulator, as of October 31.
He headed a block trading team at Goldman Sachs which has grown to be a dominant force this year, with the US bank boasting a more than 20% market share in accelerated book builds in 2010 in Europe, Middle East and Africa.
The bank worked on 23 transactions this year, the largest of which was the October 7 sale of $4.2bn in Volvo stock on behalf of Renault, where the US bank acted as sole bookrunner.
Other sizeable transactions in the last six weeks include the sale of $856m in Amadeus stock alongside JP Morgan and Morgan Stanley, the sale of $119m in Gecina stock on behalf of Banco Castilla la Mancha and the sale of $1.4bn in PGE stock on behalf of the Polish Government.
The biggest terrorist threat to the UK is now considered to be IRA splinter groups, with banks and bankers considered to be a primary target.
This was the disturbing warning given to delegates at this week’s British Banker’s Association Financial Crime conference in the City by Commander Steve Kavanagh, who heads up the Counter Terrorist Command for the Metropolitan Police Service.
Kavanagh told the audience that intelligence coming from Northern Ireland painted a disappointing picture of splinter groups with changing methodologies, working in tight cells using a hierarchical military structure. He said: “In the last 18 months, the trajectory and sophistication of the groups in Northern Ireland is giving cause for concern. There is an aspiration to attack the UK. Already reported in the Guardian newspaper is a specific mention made of a determination to attack bankers, not just the banking industry. Before it was symbolism. Now we are working through how we are going to protect individuals.”
Kavanagh stressed that he was not trying to alarm people, but to enter into a calm conversation. He said: “The problem is how do we alert you without giving terrorism that state they require [of fear and publicity] caused by an over reaction and propaganda. Dealing with this is going to take co-operation.”
Referring to the June 7th bombings, the inquiry for which is currently taking place, Kavanagh said everyone’s sympathy was with the 52 victims and 700 injured by the four bombers.
The threat to the banking industry, says Kavanagh, is not just coming from IRA splinter groups. Religious extremists see the financial sector as a target, and so do the political extreme right and left, as illustrated by the recent attacks on banks in Athens, in Greece this year. “The threat is physical, radical and reputational.”
Kavanagh also asked the banking audience to step up their monitoring and reporting of suspicious funds, pointing out that terrorist groups have to be financially supported. He referred to the UK£35 million of IRA funds that had been seized by the Irish Garda and the Asset Recovery Agency and the importance of stopping false IDs and false credit cards as these are used for the laundering of cash.
Kavanagh said how important the National Terrorist Financial Investigation Unit – an EU requirement – was in providing information at the right time to help an investigation, and of the government/security initiative that works with the Financial Crime Inteligence unit, to develop a working relationship between bodies to assist when necessary in the course of justice.
Said Kavanagh: “Without a public/private initiative, we would not be nearly as effective.”
calls for new agency to retain its criminal powers
Firms must use “common sense” not just lists for PEP and AML compliance
Margaret Cole, director of enforcement and financial crime at the FSA made a strong appeal that the new agency replacing it will maintain powers to bring criminal prosecutions as well as civil enforcement actions.
Speaking at the British Bankers Association Financial Crime conference, Cole said: “The cases we bring in the future will be more complex and will increasingly involve our priority targets such as organised rings and city professionals. Our ability to develop this pipeline [of cases] and choose the right cases to take forward results from the integration of the enforcement function with the market surveillance and intelligence capability of the FSA.”
Cole explained that
prior t.o the new structure of financial regulation being decided by
the UK government, the FSA had split into a shadow structure that mirrors
the two potential organisations that would replace it. The Bank of England
will sit at the top of a structure in which a subsidiary of the Bank
– likely to be called the Prudential Regulation Authority –
will regulate deposit takes, insurers, investment banks and a few others,
while another regulator, currently with the working title of the Consumer
Protection and Markets Agency (CPMA) will be responsible for consumer
protection in financial services, the regulation of conduct of business
(including firms regulated by the PRA and market conduct.
Cole believes that because most of the work in Enforcement and Financial Crime is about conduct of business, her division should be within the CPMA. However, Cole made it clear that at this stage, it was unclear who would remain in the new structure, and if the CPMA would be involved in the fight against financial crime.
She said: “For the new CPMA to be successful, we believe it must maintain a strong and effective enforcement function with the full range of powers.” She added: “At a time when at least one senior markets regulator in another country has spoken out in favour of being given authority to bring criminal prosecutions, it would seem perverse for the UK to consider stripping its markets supervisor of that power.
Cole accepts that there needs to be substantial improvement to the way the UK approaches the investigation and prosecution of white collar crime. But she pointed out that in the last months the FSA has succeeded in following up on the warning from FSA chief Hector Sants last year when he told those in the regulated sector they should “be afraid”.
• In August
the FSA took its first action under the Money Laundering Regulations
2007 when it fined Royal Bank of Scotland £5.6m for failures in
its controls to ensure it compied with sanctions and asset freezes imposed
by the UK government.
• The FSA has banned nearly one hundred mortgage brokers for failures related to mortgage fraud. Since 2008 they have imposed penalties of over £2m. Some of these cases have been taken through to criminal prosecutions.
• One of the largest fines levied for financial crime failings was imposed on the insurance brokerage Aon in January 2009 for its substandard bribery and corruption controls. Criminal actions under the Bribery Act, which comes into force in Aril 2011 will be carried out by the Serious Fraud Office.
• Among the notable successes by the FSA this year, they have received a High Court judgement ordering repayment of unauthorised deposit taking of approximately £115m to investors. They have received an order from the High Court freezing assets of up to £8.2m and returned £270,000 to victims in a share fraud scheme. It has taken the lead in an ongoing criminal investigation in relation to a share fraud of a value of £38m.
• The FSA has brought five cases to court in a relatively short space of time for insider dealing will many more criminal cases ongoing.
Activity Reports – FSA review
Cole issued a strong warning to firms who rely exclusively on lists to comply with their responsibility to check the status of clients. She said: “We have visited firms who seem to treat commercially available databases listing Politically Exposed Persons as the be all and end all of PEP compliance. These databases are a great source of information, not a substitute for common sense.
The FSA is publishing its thematic review of how firms identify higher-risk areas and how they design and build their AML defences next year. FSA regulators visited 27 financial groups and almost all banks, with a heavy focus on their international activity.
A separate thematic review looking at the steps taken by banks and building societies to detect and prevent money laundering in higher-risk situations will also be published next year. It researches specifically how firms handle the risks associated with high-risk customers, cross-border electronic payments and correspondent banking relationships.
Call for more emphasis on action at anti-corruption conference
The 14th International Anti-Corruption Conference (IACC),
a biennial meeting of world leaders, academics and activists, opens
here today with a call for greater action to combat corruption at a
time when global crises threaten trust in institutions and the hope
for greater social justice.
With the theme Restoring trust: global action for transparency, this year’s conference will investigate innovative perspectives on the role of anti-corruption in restoring trust in five key areas: peace and security, natural resources and energy markets, climate governance, the corporate world and the Millennium Development Goals.
“We need more emphasis on action rather than words to tackle the serious crises that threaten so many livelihoods. The goal of this conference is to inspire governments and all stakeholders to move from mere expressions of political will to positive actions,” said the Honorable Justice Barry O’Keefe, Chair of the IACC Council.
Huguette Labelle, chair of Transparency International added: “Corruption distorts markets, has a devastating effect on people, especially the poor, and if left unchecked destroys citizens’ trust in government. We come together here to look for practical solutions to empower both individuals and institutions to work towards a world free of corruption.”
The four-day conference will have more than 1000 participants, from over 100 countries, representing government, civil society, multilateral institutions, academia and business who are here to share experiences during the 50-plus workshops and plenary sessions.
First held in 1983, the IACC is the leading forum for bringing together all those concerned with governance and anti-corruption. Its collaborative format and free exchanges of information help to reinvigorate the anti-corruption movement by providing a forum for the development and dissemination of innovative ideas and anti-corruption tools.
Prof. Dr. Pakdee Pothisiri, Commissioner of the National Anti-Corruption Commission (NACC), said: “Having the honour to co-host the 14th IACC with the Royal Thai Government is a fitting climax to the end of the first decade of the 21st century during which the NACC has grown from its founding as an independent organization under the so-called “People’s Constitution” of 1997 to being the acknowledged leader in the fields of corruption prevention and integrity promotion that it is today.”
In the 15-minute late night
speech he said: “My biggest terrorist client was the IRA and I
am pleased to say that I managed to write off more than £1bn of
He added that he also had extensive connections with north African terrorists, which was of “a far nastier nature”, but he could not give any further details as it was still a security issue.
He said that he had been brought into a company between 1989 and 1997/98 at the direction of the Bank of England, with instructions to run it down and liquidise its assets as they had been identified as conduits for IRA funds.
Speaking to Fraud Watch, Lord James said that the authorities had been fully aware of his actions all the time that he ran the unnamed company, which had interests in several business areas including film production, parcel services and heavy foundries.
“The company was legitimate and the IRA bought a small share in it which they then built up to between 35 and 40%,” he said, adding that the IRA was attempting to generate income through the purchase of shares to fraudulently manipulate the company’s market price.
“I was instructed to send money to people for services that had never been supplied.”
He gave one example of being told in a phone call from an “IRA treasurer” to pay £7m into a bank account for a company in Dun Laoghaire in the Irish Republic to pay for computer programming work. He says that he dispatched the money and alerted the Bank of England who traced the bank account details. They in turn alerted the authorities and the SAS was used to intercept the recipients and recover the money.
In response to an enquiry from Fraud Watch, a Bank of England spokesman said: “The Bank has no wish to comment on this.”
the BBA annual financial crime conference, Steve
Kavanagh, commander of the MPS counter terrorist command, Metropolitan
Police, said he was unaware of the case but was evasive when asked to
comment on the Hansard report of the Lords speech by Lord James.
Lord James’ claims have been met with derision in some quarters. One Labour peer was quoted as saying: "This speech has been the talk of the bars in the House of Lords and the general view is that it is bonkers. If anything he said is true, it should be looked into, but we all think he's in a parallel universe."
Regarding his activities, Lord James said: “I hasten to add that it is no good getting the police in, because I shall immediately call the Bank of England as my defence witness, given that it put me in to deal with these problems."
He added that the Bank of England was involved in similar “running down” operations at four other companies linked to the IRA, though he was not personally involved with these.
He told reporters: "The IRA had five companies completely ruined. They had built the companies up as pensions funds.
"I'm a money washer, not a money launderer," he added.
Lord James also said in his speech that a shadowy group referred to as ‘Foundation X’ had contacted him with an offer to help solve the UK's economic problems.
He claims the group has more gold on hand than all the world's bullion reserves combined. He said that it had offered to give the UK £5bn immediately and then a further £17bn for schools, hospitals and London's crossrail project.
Oracle partly cleared
Software giant off the hook on some fraud charges
The US Department of Justice has agreed to dismiss some parts of the fraud lawsuit it is bringing against software giant Oracle.
The DoJ had sued the company in July alleging it had massively overcharged the US government over contracts by “tens of millions of dollars”.
Oracle filed a motion in September claiming that the DoJ’s allegations should be dismissed in part as they were outdated and exceeded the US statute of limitations.
On 2 November Judge Leonie Brinkema dismissed "any claims based upon the 1997 disclosures; (2) any claims alleging common law fraud occurring before May 29, 2004; and (3) any claims alleging False Claims Act violations, breach of contract, or quasi-contract violations occurring before May 29, 2001."
The judge said that the US government has until 16 November to file an amended complaint "stating only common law fraud claims based upon conduct occurring on or after May 29, 2004, along with any False Claims Act and breach of contract or quasi-contract claims based upon conduct occurring on or after May 29, 2001.”
Paul Frascella, formerly senior director of contract services at Oracle, filed the original lawsuit against the company in 2007.
He alleged that Oracle did not give the US government the same levels of discounts it did for commercial customers, something that's required by the General Services Administration (GSA), which does contract processing for US government agencies.
The DoJ joined Frascella's lawsuit in April this year, and then brought its own complaint against Oracle under the False Claims Act in July.
Fraud Watch is investigating a bizarre speech given by Conservative peer Lord James of Blackheath in the House of Lords last week which seems to have provoked equal measures of surprise and disbelief.
He claims he was brought in by the Bank of England between 1989 and 1997 to deliberately run down a company that was being used by the IRA for money laundering activities and fraudulent share price manipulation.
There will be full story about the case on the Fraud Watch website tomorrow, but in the meantime the text of relevant parts of the speech is reproduced below:
Lord James of Blackheath: I have had one of the biggest experiences in the laundering of terrorist money and funny money that anyone has had in the City. I have handled billions of pounds of terrorist money.
Baroness Hollis of Heigham: Where did it go to?
Lord James of Blackheath: Not into my pocket. My biggest terrorist client was the IRA and I am pleased to say that I managed to write off more than £1 billion of its money. I have also had extensive connections with north African terrorists, but that was of a far nastier nature, and I do not want to talk about that because it is still a security issue. I hasten to add that it is no good getting the police in, because I shall immediately call the Bank of England as my defence witness, given that it put me in to deal with these problems.
The US Securities and Exchange Commission has set aside about US$452m to reward tipsters under new authority granted by the Dodd-Frank law.
According to the agency website, whistleblowers who help the SEC prosecute fraud cases will receive as much as 30% of the money the agency collects in cases where sanctions reach at least $1m.
Congress gave the SEC the authority to increase bounties and awards for whistleblowers after faulting the agency for missing Bernard Madoff’s Ponzi scheme and failing to curb Wall Street practices that contributed to the 2008 financial crisis. Before the Dodd-Frank law was enacted, the SEC could only reward tipsters in insider trading cases.
The agency has yet to pay any whistleblowers under the new authority and is still drafting rules to define the program, the report said. The fund, which also finances the SEC’s inspector general’s office, is financed by a portion of monetary sanctions collected by the SEC that aren’t paid to harmed investors, the report said.
Insider trading pair arrested
A Mizuho International employee has been arrested in London on suspicion of insider trading in connection with an investigation by the UK Financial Services Authority, a spokesman for the Japanese brokerage has reported.
Mizuho says the employee has been suspended with immediate effect pending the outcome of relevant investigations," the London-based arm of Mizuho Financial Group said in a statement.
The statement added the FSA is investigating actions carried out by the individual "in a personal capacity" and does not involve any conduct by Mizuho International or any of its other employees.
The news comes after the FSA said earlier last week that a 37-year-old man and a 28-year-old woman were arrested in London for insider trading.
The FSA also said that the arrest came after executing search warrants at two addresses in London and one in in Königstein, near the German city of Frankfurt.
It is not yet clear whether the FSA investigation is connected with a probe that was launched by Japanese financial regulators to review suspicious trading activity in shares of companies recently announcing capital-raising plans. An official at Japan's Financial Services Agency said he cannot comment on individual cases.
Mizuho International was established in 2000 through the merger of Mizuho FG's three U.K. units and is a wholly-owned subsidiary of Mizuho Securities Co. (8606.TO). The company's operations include sales and trading of debt and equity securities, the underwriting of new shares and advisory services on merger and acquisition deals.
Mizuho Securities has been scaling down its overseas operations following the subprime crisis, which caused the brokerage to post significant losses at its collateralized debt obligation-related business. Hefty losses from the brokerage's UK subsidiary forced it to close down the CDO department in London and cut workers by 15% or 300 employees globally in 2008.
Smart phone security flaws pose serious business risk
A scan of the software used to run the HTC Droid Incredible has discovered dozens of serious security flaws affecting the popular smartphone.
The study, performed by the application code testing firm Coverity, found 359 total bugs on the Android-powered phone, 88 of which were labeled high risk.
Those particular bugs could cause memory corruption and illegal access to user data.An analysis of the most critical part of the Android smartphone operating system has turned up programming errors, some of which could allow hackers or malicious applications to access users’ e-mail or other sensitive information.
The study examined the publicly disclosed version of the Android kernel – heart of Google’s open-source software for phones – that shipped inside the HTC Droid Incredible phones.
But the study says it is likely other Android phones have the same programming flaws.
Android software could be updated wirelessly, so Google would be able to issue the fixes if it confirmed they were needed, a spokesman said.
The study by Coverity, the code analysis group, serves as a reminder that smartphones are vulnerable to attacks even as the phones are welcomed more extensively in big companies.
Research in Motion, maker of the BlackBerry, and Apple, maker of the iPhone, have also fixed critical security issues in their software through updates.
Companies are increasingly allowing employees smartphones for mixed business and personal use, and are granting more access to internal functions from the phones.
Some groups that previously accepted only BlackBerry, which has a strong reputation on security, are allowing iPhones, Androids or both.
Rather than naming the security holes, Coverity is giving them to the Android security team and security researchers and allowing them about 60 days to review the results and devise a fix.
Andy Chou, Coverity’s co-founder, said he planned to make the details of the errors public in about two months. “We want them to fix the problems. We are trying to follow the model for responsible disclosure,” Chou said.
While the number of Android kernel flaws Coverity turned up per thousand lines of code is lower than the average for open-source projects, 88 of the Android problems are “high-risk defects”.
Big corporate vendors, such as Juniper Networks and Cisco Systems, have started selling secure virtual private networks for smartphones and antivirus and other defensive measures for gadgets.
Such worries pale beside concerns about smartphones being lost or stolen, John Pescatore, lead internet security analyst at Gartner, said.
“The information loss [through loss or theft] is so much more of a risk than a worm or virus. Yes, they exist. And sharks eat people, but that doesn’t make the top 10 of my list either.”
Lawyers of accused fraudster Allen Stanford have released shocking photos of the accused fraudster taken after he was assaulted in prison last year.
The photos from October 2009 show Stanford, still manacled, with severe facial cuts and bruises as he is treated by nurses after the attack by his cellmates.
Stanford is seen with his neck is in a brace, one of his eyes bleeding and half-closed and his head bandaged prior to being taken to hospital.
A friend who visited Stanford after the attack told reporters that the billionaire had been on the telephone and that ‘some of the other people in the cell didn't like it.'
Stanford, 60, is awaiting trial accused of carrying out a US$7bn fraud.
Polish firms prefer fines to financial transparency
280,000 Polish companies should by law publish their annual reports,
less than one in three do so.
The transparency of the Polish economy is diminishing with the falling numbers of companies that announce their financial results. According to data gathered by business information provider Dun & Bradstreet, only 31.5% of companies obliged by law to publish their results did so last year, compared to 36.2% in 2008 and 40.7% in 2007.
"The reasons lie in the fact that the last two years were bad for Polish companies. In consequence, they registered falls in profit and revenues on sales," D&B's Tomasz Starzyk told daily Rzeczpospolita.
However, company policy also has something to do with it, as some international concerns with Polish offices refuse to publish results, saying that headquarters only allows for the publication of global results. Another reason may be the fact that a company that failed to publish an annual report may expect a fine of just zl.5,000 (€1,284) in Poland, compared to as much as €50,000 in Germany.
November 8, 2010
Russia works to stop kickbacks worth US$33bn a year
Russia has admitted it is losing up to 1 trillion roubles (£20bn,US$33bn) each year due to procurement corruption and ineffectiveness in its state purchases system.
Russia was ranked as the most corrupt major G20 economy last month at 154th out of 178 states by Transparency International in its Corruption Perceptions Index. It put the vast nation with Laos and Cambodia and next to next to Tajikistan and Kenya.
But the 1 trillion roubles figure, which significantly exceeds previous official estimates, is huge even for such a big economy as Russia and amounts to 20% of Russia's budget for state and local procurement. It is more than 10% of the state budget's income for 2010.
"Gigantic sums of money are being pocketed by officials and dishonest businessmen," Russian President Dmitry Medvedev said last week.
"Deal with them and put them in prison - there is no other way out."
While bribes are clearly a massive problem, corrupt police are an even bigger nightmare.
President Dmitry Medvedev fired 15 police generals this year and announced a wholesale reform of the police by 2012, but there are limits of the Kremlin’s ability, or desire, to rein in the security services. Authorities have failed to tackle many dramatic miscarriages of justice in spite of numerous legal appeals.
In 2008 Sergei Magnitsky, a lawyer, testified against police for allegedly participating in a tax fraud worth $230m, the largest ever recorded in Russia, using companies belonging to clients of his that they had in effect confiscated. Soon after this testimony he was accused of tax evasion, imprisoned without trial for 11 months and died in custody a year ago as a result of medical complications. The Moscow Helsinki Commission, the influential Russian human rights group, said the death was tantamount to torture and murder by the police.
An investigation ordered by Medvedev 11 months ago into the death of Magnitsky has gone nowhere; no arrests have been made. Oleg Silchenko, the interior ministry officer who signed the orders detaining Magnitsky without trial for nearly a year until his death, was even promoted in July to lieutenant colonel.
Police corruption alleged
The Financial Times reports that some of the circumstances surrounding the $230m tax fraud make Magnitsky’s allegations of police corruption striking. Stamps and documents used in the tax fraud had been confiscated during a raid in June 2007 on the offices of his law firm and on those of a client, Hermitage Capital Management, an investment fund run by the US-born Bill Browder, who is now London-based. The items were in the possession of the police at the time the fraud was committed that December, using those documents.
The Moscow City Bar Association said in July that Magnitsky’s death represented the systematic persecution of lawyers in Russia, adding that “the perpetrators of the theft of budget funds have remained unpunished, while the lawyers who have attempted to report them have been subjected to criminal prosecution”.
According to Irina Kuznetsova, head of the Institute for State and Local Procurement Management at Moscow's Higher School of Economics, in the January-October period, Russian prosecutors established 26,000 instances when laws were broken, which resulted in some 100 criminal cases being registered and 7,700 officials reprimanded. But this is small in comparison with more than 10 million procurement contracts awarded in Russia to some 260 contractors and suppliers every year.
"We need to
get rid of the 'white noise' of ineffectiveness to be able to fight
corruption," says Kuznetsova.
In order to do that, existing laws that regulate state purchases need to be changed, experts believe.
"They are clearly not working if it is possible to steal or mismanage onetrillion roubles," says Kuznetsova.
Andrei Khramkin, head of the Government Procurement Institute at the Russian Academy of Public Administration, gives an example of his state academy's purchases to illustrate that existing laws do not help increase effectiveness.
South Africa unit to combat public service corruption
Unit is expected to be launched in South Africa at the end of this month,
to focus on a coherent approach for the prevention, detection and combating
of corruption in the public service.
The unit is part of the Public Service Anti-Corruption Strategy, which seeks to improve lines to report wrong-doing, as well as to protect whistleblowers and witnesses, Public Service Minister Richard Baloyi said.
The new unit will operate in collaboration with existing institutions such as the Special Investigative Unit, Auditor-General, Public Service Commission and National Treasury.
Baloyi told the National Assembly that the unit will prohibit corrupt activities by individuals and businesses; improve management policies and practices; ensure the management of professional ethics as well as create awareness, educate and train public servants.
Brussels blocks UK from VIS superdatabase
The UK’s refusal to join the Schengen Agreement and its insistence that EU visitors to the country carry passports have resulted in a rejection by European judges of an attempt by British security officials to gain access to VIS.
VIS (the European Vis Information System) is a huge new store of visa application data being set up to combat illegal immigration, organised crime and terrorism.
The UK government went to court to force the EU to allow agencies including MI5, SOCA and the UK Border Agency to use the Visa Information System (VIS), which will store details of every foreigner who applies to enter the bloc, including their fingerprints and photograph. Intelligence on those who have previously been refused a visa by another country is seen as particularly valuable.
Work on the system was agreed following the 2004 Madrid bombings, which killed 191. It is currently being implemented, with travellers from terrorism hotspots in North Africa and the Middle East the first to be affected. Once it covers all visas, the VIS is set to become the world's largest store of biometric data.
The data will be shared among intelligence and law enforcement agencies of every signatory to the Schengen Agreement, which allows their citizens of member countries to cross EU borders freely. Because Britain is not a member, however, and requires EU visitors to carry a passport, our authorities will be excluded following a ruling by the European Court of Justice in Luxembourg.
The Home Office spokesperson said it was disappointed with the decision and commented: "Although the UK retains independent border controls, we saw value in having access to information on visas issued by our European counterparts to assist in criminal investigations and to help clamp down on fraudulent visa applications."
Lawyers for the government argued that Britain should be included in the VIS because it will act as a law enforcement cooperation measure, rather than part of Schengen, the main aim of which is free movement and immigration control. British agencies were offering to grant EU countries access to its visa application records, the Central Reference System, in return.
The court agreed with the Schengen members and the European Commission, however, that Britain's rejection of the Schengen Agreement means it cannot share the new database. There is no possibility of an appeal.
The defeat is a blow to efforts by British agencies to gather more "PROTINT" - intelligence from protected information, ie stores of personal data. Sir David Omand, a former director of GCHQ and Cabinet Office intelligence coordinator, last year highlighted the growing importance of such sources.
"Access to such information, and in some cases to the ability to apply data mining and pattern recognition software to databases, might well be the key to effective pre-emption in future terrorist cases," he said.
The Home Office said despite the defeat British agencies are able to access intelligence from European immigration databases through other EU exchange mechanisms.
Europol, the EU's criminal intelligence agency, will have direct access to VIS, and may pass information to Britain via SOCA. However, without direct access, VIS data cannot be used as part of the mass passenger profiling announced by Home Secretary Theresa May in the wake of the recent foiled airline bomb plot.
Corruption probe targets Colombian anti-drug agency
The Colombian government agency that manages assets seized from drug traffickers was raided Tuesday after “hundreds of irregularities” were detected, Justice Minister German Vargas Lleras said.
Police and agents from the Inspector General’s Office and the Controller General’s Office occupied the DNE’s main headquarters in Bogota.
The raid came in response to “multiple and serious anomalies” at the DNE, Vargas Lleras said, mentioning the “falsification of the figures of the real value of the assets that were going to be auctioned.”
The government discovered that many drug traffickers or their front men were enjoying the use of their assets or properties despite the fact that they had been seized by the authorities.
Vargas Lleras invited all DNE personnel to cooperate in the investigation” so that the country can clarify the load of anomalies and complaints that have been speculated about” in recent months.
In addition, he announced that about 100 DNE officials whose employment contracts expired last Friday would not have those contracts renewed.
The DNE is an advisory, coordinating and enforcing entity within the government focused on controlling and reducing the production, trafficking and consumption of illegal drugs.
It is the official entity that acts in the process of confiscating assets derived from drug trafficking activities and associated crimes, including securities laundering, and the agency charged with the administration of those assets.
country black list information
FATF warns of ML risk of new payment methods
Azerbaijan and Qatar have both been withdrawn from FATF monitoring .
At the recent FATF
plenary meeting held in Paris on 18-22 October under Mexican presidency,
it was agreed that both countries had made significant progress in improving
their AML/CFT regimes. It was noted that both countries had met its
commitments intheir action plan regarding specific defiencies that FATF
had identified in February this year
There are now 31 states under the FATF monitoring.
The FATF expressed disappointment and serious concern however regarding Argentina’s failure to implement an adequate and effective AML/CFT system. It said it would closely monitor the situation.
In addition, Denmark, Spain and Sweden were taken off the follow up list after complying with suggestions for improvement.
FATF made comments on the risk of money laundering through new payment methods and has published a report describing a number of indicators of suspicious activity. These red flag indicators will help NPM service providers and other financial institutions to detect ML/TF activities. The report describes the challenges presented in developing appropriate legislation and regulations for NPMs and the different approaches taken by national legislators and regulators.
On the subject of Trust and Company Service Providers, the FATF has published a further report which points out tht TCSPs have often been used wittingly or unwittingly, in the conduct of money laundering activities.
This comprehensive typologies report evaluates the effectiveness of the practical applications of the FATF 40+9 Recommendations as they relate to TCSPs. It also considers the role of TCSPs in the detection, prevention and prosecution of money laundering and terrorist financing. Finally, it evaluates the potential need for additional international requirements or sector-specific international standards for TCSPs. The report will be made available on the FATF website within the next few weeks.
round of evaluations
In preparation for the FATF’s fourth round of evaluations?, it is is considering a number of issues, including the Risk Based Approach, Customer Due Diligence and Reliance on Third Parties, in preparation for the 4th Round of evaluations. It reviewed the progress which has been made in considering these issues and it has prepared a first set of proposals for changes to the FATF Standards that will be subject to public consultation.
The Financial Action Task Force (FATF) is the global standard setting body for anti-money laundering and combating the financing of terrorism (AML/CFT). In order to protect the international financial system from ML/FT risks and to encourage greater compliance with the AML/CFT standards, the FATF identified jurisdictions that have strategic deficiencies and, along with the FATF-style regional bodies (FSRBs), works with them to address those deficiencies that pose a risk to the international financial system. The FATF and the relevant FSRBs will continue to work with the jurisdictions below and report on their progress in addressing the identified deficiencies.
The G20 leaders have asked the FATF to help detect the proceeds of corruption and deter corruption offences by strengthening the FATF Recommendations, taking corruption issues into account in the process. The FATF recognises the link between corruption and money laundering. Effectively implemented AML/CFT measures create an environment in which it is more difficult for corruption to thrive and go undetected. The FATF has therefore developed an information note to raise public awareness on how the use of the FATF Recommendations can help combat corruption.
on the black list
Iran remains subject to a FATF call on its members and other jurisdictions to apply counter-measures to protect the international financial system from the ongoing and substantial money laundering and terrorist financing (ML/TF) risks emanating from the jurisdiction although the FATF welcomes the recent steps that Iran has taken to engage with the FATF, but remains concerned by Iran’s failure to meaningfully address the ongoing and substantial deficiencies in its anti-money laundering and combating the financing of terrorism (AML/CFT) regime.
The FATF remains particularly concerned about Iran’s failure to address the risk of terrorist financing and the serious threat this poses to the integrity of the international financial system. The FATF urges Iran to immediately and meaningfully address its AML/CFT deficiencies, in particular by criminalising terrorist financing and effectively implementing suspicious transaction reporting (STR) requirements.
Korea remains a jurisdiction with strategic AML/CFT deficiencies that have not committed to an action plan developed with the FATF to address key deficiencies as of October 2010. The FATF calls on its members to consider the risks arising from the deficiencies associated with the jurisdiction. The FATF says the Democratic People’s Republic of Korea (DPRK) has not committed to the AML/CFT international standards, nor has it responded to the FATF’s numerous requests for engagement on these issues. DPRK’s lack of a comprehensive AML/CFT regime poses a risk to the international financial system. DPRK should work with the FATF to develop a viable AML/CFT regime in line with international standards.
Economies improving business regulation and empowering entrepreneurs, says World Bank
In the past year, governments in 117 economies carried out 216 regulatory reforms aimed at making it easier to start and operate a business, strengthening transparency and property rights, and improving the efficiency of commercial dispute resolution and bankruptcy procedures.
This is a finding
of Doing Business 2011: Making a Difference for Entrepreneurs, the eighth
in a series of annual reports published by IFC and the World Bank. The
report ranks 183 economies on key aspects of business
regulation for domestic firms.
business remains easiest in the high-income economies of the Organisation
for Economic Co-Operation and Development and most difficult in Sub-Saharan
Africa and South Asia. But developing economies are increasingly
active. In the past year, 66 percent reformed business regulation, up from 34 percent six years earlier.
In the past five
years, about 85 percent of the world’s economies have made it
easier for local entrepreneurs to operate, through 1,511 improvements
to business regulation. Doing Business 2011 pioneers a new measure showing
much business regulation has changed in 174 economies since 2005. China and India are among the top 40 most-improved economies.
Wolf Theiss wins Euro patent victory
Wolf Theiss has achieved a decisive victory by having an application for the invalidation of a European patent for an anti-counterfeiting technology upheld by Austria's Supreme Senate for Patent and Trademark Matters.
Back in 2005, the US-American firm Document Security Systems (DSS), based in Rochester, New York took on the European Central Bank (ECB) with an infringement proceeding before the European Court of First Instance ("CFI").
DSS argued that the EURO bank notes issued by the ECB infringed DSS' European patent (No. 0 455 750) and sought damages for lost license fees. The patent in question concerns an anti-forgery technology.
DSS was of the view that this technology is being used to incorporate security features (an interference pattern also known as a moiré pattern) in bank notes to make it impossible to get exact copies of them using colour photocopiers or scanners.
The ECB countered by applying for a declaration of the invalidity of DSS' European patent in nine European countries – including Austria, Germany, the Netherlands, France, Great Britain and Italy. Wolf Theiss represented the ECB in Austria, filing the application for the invalidity declaration with the Austrian Patent Office.
The application above was based on the ground of invalidity known as "impermissible added matter". This means that the patent granted to DSS features additional content that was not covered in the original application. The Austrian Patent Office granted Wolf Theiss' application and declared DSS' European patent to be invalid on this ground – a decision that has since been affirmed by the Oberster Patent- und Markensenat (Supreme Senate for Patent and Trademark Matters) in Austria and therefore is now definitive. DSS' patent has also been declared invalid in other countries.
Wolf Theiss partner Georg Kresbach explains: "This case is unique because of how the proceedings for invalidation of a European patent were brought in a concerted action in nine different European countries. We are delighted that we were able to use our expertise in patent disputes to obtain a positive result for our client in Austria at the end of the protracted proceeding."
The transnational invalidation proceeding itself was coordinated by the German law firm Bird & Bird, attorneys-at-law Dr. Wolfgang von Meibom, Dr. Christian Harmsen and Dr. Matthias Meyer.
Hartmut Degwert from the Munich firm Kanzlei Prinz & Partner provided
the requisite patent law expertise.
Sicily probe adds to Vatican bank pressure
Police have made
six arrests so far in investigations in Sicily into suspected fraud
and money laundering involving a Roman Catholic priest and possibly
The case has put even more pressure on the Vatican to bring its banking operations in line with international standards and to be more open over its financial dealings.
The Pope is fully supportive of a change to working practices at the Vatican bank. At the end of October, the European Commission reported that Pope Benedict XVI will bind the Vatican to implementing European Union laws against money laundering and financial fraud.
The Vatican is “fully committed” to putting relevant EU legislation into effect by the end of 2010, as stipulated by a monetary accord the Vatican signed with the commission December 17 last year, Amadeu Altafaj, spokesman for EU Monetary Affairs Commissioner Olli Rehn, said in an interview in Brussels.
By an “act of the pope,” the law will become applicable to “the institutions of the Holy See, including the Institute for Religious Works,” as the Vatican Bank is called.
However, police made six arrests last week in connection with Father Orazio Bonaccorsi allegedly using an account in the name of the Vatican bank to help his father launder €250,000 ($350,000) he had obtained from European Union funding for an allegedly non-existent fish farm project.
After passing through the account as a “charity” donation in 2006, the money allegedly returned to Sicily to be withdrawn by an uncle previously convicted for mafia association.
Asked for his reaction, Ettore Gotti Tedeschi, head of the Institute of Religious Works (IOR replied: “No comment. The fact regards the past. It could not happen anymore.”
Italian officials credit Tedeschi with bringing about greater transparency at the Vatican bank, but in September when a separate investigation in Rome resulted in the freezing of €23m held by IOR in a Rome branch of Credito Artigiano, an Italian bank.
IOR was accused of violating Italian anti-money laundering regulations in attempting to make two transfers without providing adequate details of the intended beneficiaries or reasons for the transfers. The Vatican said there had been a “misunderstanding” with Credito Artigiano.
Italian officials are hopeful that the investigations and pressure from Mario Draghi, governor of Italy’s central bank, will assist rather than derail Mr Gotti Tedeschi’s efforts to propel the Vatican into the modern age.
Tedeschi has been communicating with the Financial Action Task Force in which the Vatican bank committed itself to adopt anti-money laundering standards set by the FATF.
This lengthy process would involve the Vatican passing anti-money laundering legislation and setting up the equivalent of the Bank of Italy’s Financial Intelligence Unit to monitor IOR’s activities.
With regard to implementing EU laws against money laundering and financial fraud this year, the Pope is expected to appoint Cardinal Attilio Nicora to act as the equivalent of a central banker with a regulatory role over IOR.
IOR does not publish its accounts but is reported to hold €5bn in assets. It provides banking operations for Vatican staff, charitable operations and missions worldwide. It also serves an unknown number of private Italian account holders who use the Vatican as a tax haven – a separate issue that the Vatican is tackling with the Organisation for Economic Co-operation and Development.
Security concerns as Germany launches national eID cards
An electronic ID card has been launched in Germany to help protect people when transacting on the internet, but the initiative has set off a major discussion both into personal data security, but also state snooping.
Supplied by SCM
Microsystems, the card includes an electronic proof of identity (eID)
feature that safeguards the user's personal data when transferring information
over the Internet, such as when making online purchases, downloading
music, confirming age or place of birth, filing an insurance claim,
or communicating with local or federal authorities and administrations.
To use the eID feature online, a dedicated smart card reader is required to significantly increases online trust and security compared with simply typing a user name and password, which is still the most widespread but easily attackable security method used for online transactions.
The CHIPDRIVE IT Security Kit includes a smart card reader for contactless smart cards certified by the German Federal Office for Information Security or "BSI"), a government-provided eID interface application (AusweisApp), and a 12-months' license for the popular AVIRA Antivirus and Firewall software, AntiVir Premium. The package costs German cirtizens 24.95 Euro including VAT.
The new ID card is valid for ten years.
While on the face of it, the card provides positive benefits, it is raising questions over personal privacy, and the likelihood that it will be used for snooping by authorities.
cards are nothing new to Germans. Citizens have been required to show
their ID card or a passport to the authorities since 1939, when the
Nazis first wrote it into law. After World War II, the various occupying
powers kept the policy of national ID cards for everyone over the age
The eID card is the latest incarnation of the German national ID card. All citizens whose ID cards are expiring this year can apply for new ones, as the government begins to phase them in.
The Federal Office for Information Security, better known by its German acronym, BSI, is developing the new cards.
"We have a lot of features in the card which are very, very useful," said Manuel Bach, the EID project manager. "For example, the protection against phishing sites which are a big problem in Germany and around the world, and we totally get rid of it using the Germany ID card."
Another security measure on the card is the beefed-up encryption, which is based on elliptic curve cryptography and, according to Bach, is essentially unbreakable.
Hole in the security wall
Hackers tend to agree that the encryption is not the weakness in the system.
The German hacker collective, the Chaos Computer Club (CCC), put the German eID card through its paces in September when they went on television and hacked the new ID using basic spyware. But it wasn't the card itself that made the hack so easy.
To take advantage of the online authentication perks for the computer, the card must be coupled with a peripheral card-reading piece of hardware. Card readers come in a variety of models, and the CCC circumvented the most basic model.
Their hackers installed a keylogger on the user's computer, enabling them to steal the PIN and then rewrite data on the ID card using that information.
“It is disingenuous of the government to promote the new system as secure while such a hole exists,” according to Constanze Kurz, a CCC spokeswoman. “If you pretend that all your citizens are really good with computers, and that they can manage their own IT security on their systems, then you are definitely wrong,” she said. “The hackers will always attack the weakest point and the weakest point is the user.”
Despite this downside, security expert Karsten Nohl is convinced that the authentication and remote signature functions of the ID are better than the alternatives.
"This, of course, promises much more security than some wobbly line of ink on a piece of paper," he said.
The European Union is planning to launch a new initiative in 2011 called STORK. Through this program, 17 participating European nations with electronic IDs, including Germany, would be able to cooperate across borders.
The program claims that in the future, European users will be able to start a company, get a tax refund or obtain university admissions status online.
Cuts in the wrong place will leave public sector open to fraud
PwC is warning its public sector clients that spending constraints and staff cuts in the wrong places may leave the public sector open to fraud, as employees affected by redundancy (and suppliers faced with contract termination) seek to maximise their benefit on the way out. The report, Navigating Your Way Through Stormy Waters, focuses on increasing risks in this area.
At a recent event hosted by PwC forensic services, only three out of twenty seven senior representatives of large public sector bodies were able to confirm their organisation had a formal fraud risk register, a basic tool for managing risks in this area, commonplace in private sector firms of any significant size.
Ian Elliott, partner, PwC, said: “In good times, loss through fraud is less visible as delivery of services is still possible, even with a certain level of misappropriation. Things are tightening now and businesses everywhere are seeking to reduce loss through waste in all its forms.”
The increased threat of fraud will hit different parts of the public sector at different times as the cuts become real. Some Whitehall civil servants are facing decisions about their future employment right now while, for local government, the pinch points are likely to come in the run up to April when cuts announced in the Comprehensive Spending Review (CSR) are realised in next year’s Local Authority budgets.
Fraud in the public sector ranges from manipulation of data to meet targets in the health sector, to procurement frauds, which include a range of established activities such as false invoicing via dummy suppliers, pass through schemes, over-billing , write-offs, kickbacks and suppression of rebates.
Alongside basic recommendations for fraud controls and monitoring, the report covers some of the emerging techniques for fraud detection. For example, data analytics is increasingly applied to find hidden patterns in data within financial systems, which may indicate fraud.
Ian Elliott, partner, PwC, said: “Experience has taught us that each procurement fraud leaves a ‘data fingerprint’. ‘Kick-back’ schemes, for example, will typically involve a large supplier with purchase orders raised by a limited number of individuals and supplier relationships controlled by the same group.”
By using techniques such as ‘data visualisation’ and ‘data clustering’, organisations are able to search for the typical fingerprint and identify procurement frauds earlier, preventing loss and imposing an effective deterrent against future fraudsters.
Full report http://fraudacademy.pwc.co.uk/publications/navigating_your_way_through_stormy_waters.html
November 2, 2010
Internal auditors admit inability to tackle fraud
Internal auditors at leading UK companies feel increasingly vulnerable to fraud, but half of them consider they are both understaffed and undertrained, therefore unable to address with the problem.
These are the disturbing findings from a Deloitte survey of the heads of internal audit at 75 UK companies with an average turnover of £500m. They found that 63 per cent believed their vulnerability to fraud has increased over the past 18 months.
Two-thirds of those who believed vulnerability was rising also said their companies had experienced a rise in internal and external fraud.
The three most common types of fraud were misappropriation of assets, suffered by 31 per cent of companies, improper expenditures (22 per cent) and procurement fraud at 16 per cent. Poor financial controls and collusion between employees and third parties were seen as important drivers of fraud.
The economic recession and the increased focus under which auditors have been operating has prompted companies to pay more attention to fraud detection and 77 per cent of the auditors surveyed said it had led to increased board-level discussions on improving fraud detection and monitoring.
However, half of the internal auditors said they did not have enough staff to identify and track fraud risks and roughly 60 per cent said their staff lacked the necessary skills in evidence handing, data analysis and interviewing.
“There are still instances where clearly people aren’t putting their full resources into the fight against internal fraud,” said Nic Carrington, a partner in Deloitte’s forensic and dispute resolution practice.
Internal auditors offer board members and senior managers assurance – often on an in-house basis – that risk is being managed properly in a company.
Their role is subtly different to that of external auditors, who vet company accounts on behalf of shareholders as a statutory requirement
How to manage the relationship between external and internal audit has become a sensitive issue, particularly over the extent to which an external audit firm can also do internal audit work for its client.
The Deloitte survey results support some of the findings of another big annual fraud survey, commissioned by risk consultancy Kroll, which recently found that 83 per cent of UK companies had suffered some sort of loss to fraud.
Information fraud and data theft rose 50 per cent and physical losses and fraud due to management conflicts held roughly stable in that survey.
led initiative breaks up credit card fraud ring
French and Romanian law enforcement authorities supported by Europol have successfully disrupted the activities of an international organised crime group active in France, Italy, Romania and Spain.
The criminals have
been responsible for an international payment card scam, producing counterfeit
payment cards and making illegal purchases via the internet.
Following the execution of arrest warrants, Europol supported French and Romanian law enforcement authorities to carry out 17 house searches in both countries, resulting in the arrest of 11 suspects in France and 5 in Romania. During the operation last week, police also seized counterfeit payment cards, equipment used to illegally copy card data and 15 000 euros in cash. The criminals had been buying and exchanging compromised credit card data via the internet and then using the counterfeit payment cards worldwide. The estimated losses caused by their purchases exceeds 400 000 euros.
Europol has been involved in this investigation for more than a year and, during the raids carried out in Romania by the Directorate for Investigating Organised Crime and Terrorism, the Europol mobile office was deployed to coordinate the international operation and provide access to databases containing criminal intelligence. Investigators from the Member States involved made use of Europol‘s analytical, tactical and technical support capabilities.
Payment card fraud has become a global problem. Criminals with access to compromised payment card data distributed via the internet, affect not only EU Member States but also non-EU countries. In such cases, cross–border cooperation and coordination of international investigations is crucial to effectively tackling this problem.
to be held daily to meet deadline
The special court in Hyderabad conducting the Satyam fraud trial is to hear the case daily from November 8 to meet the Supreme Court directive to complete the proceedings by July 2011.
Though the trial in the Rs.14,000 crore accounting fraud began on Tuesday, the Central Bureau of Investigation (CBI) sought time to present six witnesses before the court.
BVLN. Chakravarthy, the 21st Additional Chief Metropolitan Magistrate, granted the time and declared that the case would be heard daily from November 8.
The Magistrate suggested that both prosecution and defence lawyers follow the court directives to enable it to complete the hearing within the time-frame set by the Apex court.
The disgraced Chairman of Satyam Computer Services and prime accused B. Ramalinga Raju and nine other accused appeared before the court. Their bail has been cancelled.
HP Sued by shareholders over kickback and foreign bribery claims
Directors at Hewlett-Packard, the world’s largest computer maker, have been sued by shareholders over claims they permitted or encouraged violations of federal kickback and foreign bribery laws.
From 2007 to 2009, HP violated the federal anti-bribery law by paying government vendors “influencer fees” to win contracts to design information technology systems, according to the complaint filed in federal court in San Jose, California. The company is also under investigation for possible violations of the US Foreign Corrupt Practices Act.
Current and former directors at HP “consciously condoned HP’s illegal and unethical marketing practices,” according to the October 19 complaint. The misconduct has “put the company at risk of having its US government contracts rescinded,” the shareholders claim, adding that HP sales to US agencies from 2007 to 2009 totaled more than $880 million.
Justice Department probe
The case relies in part on HP’s announcement in August that it agreed to pay $55 million to settle a Justice Department probe of whether the company overcharged taxpayers through a General Services Administration contract. That settlement also resolved a False Claims Act lawsuit, first filed by a whistleblower and joined by the government, alleging that the company paid kickbacks.
While the US made HP aware of its illegal marketing practices in “late 2006/early 2007,” the directors allowed the unlawful conduct to continue until December 31, 2009, according to the shareholder complaint.
The complaint also cites HP’s disclosure last month that the Justice Department and U.S. Securities Exchange Commission joined a probe by the German Public Prosecutor’s Office examining whether the Palo Alto, California-based company engaged in bribery overseas.
The case seeks to recover the False Claims Act fines and repayment of the salaries paid to the directors serving from 2007 to 2009.
The case is Saginaw Police and Fire Pension Fund v. Andreessen, 10-4720, U.S. District Court, Northern District of California (San Jose).
JMLSG Guidance Part III published
The Joint Money Laundering Steeering Group has published Part III of its Guidance for the UK financial sector with the qualification that Ministerial approval still needs to be gained, and amendments may have to be made after the eventual passing of the Terrorist Asset Freezing Bill into law expected later this year.
As explained when the consultation version was published, Part III includes certain existing material that for various reasons did not sit comfortably within Parts I or II, and some additional, new material.
No substantive changes have been made to the consultation text as a result of comments received, although there has been some re-ordering of the text to improve clarity, and to reduce some elements of duplication.
JMLSG says it considered holding back publication of the guidance until the Terrorist Asset Bill was passed, but concluded that, as it will likely only be legal references that change, firms would wish to see the final text at the earliest opportunity.
The part III guidance adds extensive new sections related to sanctions and proliferation financing. Only two sections, related to electronic payments and the Directions under the Counter-Terrorism Act 2008, Schedule 7, have the same ministerial approval as the guidance in parts I and II.?
The guidance can be downloaded from http://www.jmlsg.org.uk?
US prosecutors have started their first fraud case arising from BP’s Deepwater Horizon oil spill in the Gulf of Mexico.
In the first investigation
to produce a criminal charge, prosecutors say Charlotte Johnson of Fayetteville,
North Carolina, used a fake name to claim US$15,500 in lost wages. Prosecutors
charged her with wire fraud on October 25 in a federal court in North
Carolina, a charge that can carry up to 20 years in prison.
Claims administrator Kenneth Feinberg said that nearly two-thirds of the outstanding compensation claims from the BP case have no documentation to back up their losses. He added that at least 50 claims are considered "very suspicious" and could be referred to the US Department of Justice.
The National Center for Disaster
Fraud in Baton Rouge, Louisiana says it has logged about 1,000 complaints
since the Deepwater Horizon rig exploded April 20.
The complaints have led to hundreds of investigations into businesses demanding advance fees to help oil spill victims file claims or train for oil spill cleanup jobs, and into dubious charities soliciting donations to rescue wildlife or restore Gulf Coast habitat, says US Attorney Jim Letten, who oversees the Baton Rouge center.
"With the increasing number of cases under investigation, there will be charges coming down the road," he says. "We know there are viable investigations out there."
Fenberg, who is responsible for distributing compensation to genuine victims in the case, said that fraud hurts the credibility of the Gulf Coast claims process: "If eligible claimants or the public believe that the program is ripe for fraud, we'll receive claims without merit that tie up the system, that divert badly needed funds from worthy victims to criminals, and the entire program will suffer.
"There are scores of suspicious claims that we have sent or are sending to the Department of Justice."
Assistant Attorney General Lanny Breuer said that prosecuting disaster fraud is "a high priority."
"We're simply not going to tolerate criminals preying on disaster victims," he added.
Forex company owners
charged in investor case
Pair alleged to have swindled over 1,000 people
Two owners of a US foreign-currency trading company have been charged with defrauding more than 1,000 investors out of US$30m.
The Securities and Exchange Commission said the owners of the Boston-based company Craig Karlis and Ahmet Devrim Akyil, used some of the money to buy themselves houses, cars and jewelry.
Karlis, 50, of Hopkinton, was arrested on October 28 and charged yesterday with nine counts of wire fraud and two tax crimes, while his business partner Akyil, 38, a former Hingham resident currently living in Turkey, faces 10 counts of wire fraud. The SEC also accused the two men of fraud in a lawsuit filed in US District Court in Boston.
Authorities said Karlis and Akyil founded Boston Trading and Research LLC to invest in foreign currency markets, and raised as much $40m from as many as 1,200 investors, including many who live in Florida.
But the SEC and Department of Justice allege that the currency traders misled their customers. Instead of paying themselves from any profits, they allegedly diverted millions of dollars from customer accounts to cover company expenses and buy personal items, according to the federal indictment. Authorities said Karlis and Akyil also falsely told investors they had a system that automatically limited losses, when they actually wound up losing much more money in bad trades.
Their company, which had 20 employees, folded in September 2008, leaving customers with only about 10% of the money in their account balances, the SEC said.
The agency’s enforcement director, Robert Khuzami, said in a statement that the scheme amounted to a bait and switch: “The bait was the promise by Akyil and Karlis to limit investor risk. The switch was the theft and unauthorized trading that cost investors 90 percent of the invested funds.’’
The company allegedly recruited customers with the help of marketing materials, presentations, its website and salespeople, who received both a percentage of profits and other commissions. Investors were asked to make a minimum investment of US$10,000 and give the company permission to make currency trades on their behalf.
If convicted of the criminal charges, the pair face up to 20 years in prison and a $250,000 fine for each of the wire fraud charges. Karlis also faces up to three years in prison and a $100,000 fine for the charge of filing a false tax document. The SEC, which accused them of violating antifraud and registration provisions of securities laws, seeks injunctions blocking further improper conduct, the return of ill-gotten gains, and unspecified fines.
The task force says a summary of the comprehensive assessment
will soon be on its website and the full report will be released in
the coming weeks.
The FATF has approved and published the follow-up reports of the Kingdom of Denmark, Spain and Sweden. These countries were originally placed in the regular follow-up process as a result of partially compliant (PC) ratings in certain of the Core Recommendations in their mutual evaluation reports. The mutual evaluation report of Sweden was adopted in February 2006, the mutual evaluation reports of the Kingdom of Denmark and Spain were adopted in October 2006.
The task force says these countries have since taken sufficient action and have therefore been taken off the regular follow-up process. From now on, they will report back to the FATF Plenary on any further improvements to their AML/CFT system on a biennial basis.
The FATF also said that it is revising its recommendations to include tax crimes, and domestic politically exposed persons (PEPs). It added that it was considering asking countries to make tax evasion a predicate crime of money laundering and to issue tougher AML standards on political figures.
Finnish Olympics star on fraud charge
A former Olympic
medal-winning Finnish cross country skier has been charged with aggravated
Jari Rasanen was charged along with former skiing coaches Pekka Vahasoyrinki and Antti Leppavuori and former national head of cross-country skiing Jari Piirainen.
The four are charged in relation to a 1999 libel case against the STT news agency editor-in-chief Kari Vaisanen and reporter Johanna Aatsalo-Sallinen.
STT had published an article alleging that Rasanen had used banned substances during his career and that leading figures in the FSA were aware of it.
"The journalists were convicted of that crime and they got fines in the Court of Appeal. The District Court had sentenced them to prison, and of course, quite big damages to be paid to Jari Rasanen," said Finnish district prosecutor Mikko Jaatinen.
The four accused are now suspected of giving false information during the libel investigation.
Rasanen competed in his last official International Ski Federation race in 1997, and won two bronze medals at the Winter Olympics in 1992 and 1994 as part of the Finnish 4x 10km relay team.
More than two-fifths of mobile owners use their devices for both personal and business purposes which should be a top concern for business, because 98% of devices are not protected by security software, said Dan Hoffman, chief mobile security evangelist at Juniper.
Juniper has just carried out a global survey in which an 81% majority of over 6,000 respondents in 16 countries admitted using their devices to access corporate networks without their employer's knowledge.
More than half of those who access corporate networks without permission, do so every day, according to the survey commissioned by Juniper Networks.
It also found that 18% of respondents admitted to using mobile devices to access employer's proprietary information.
Mobile security is a growing problem with an estimated two out of three Blackberry devices, three out of four Windows Mobile devices, and just about all Android devices have malware infectionsaccording to Hoffman.
Hoffman, a certified ethical hacker, said most of these infections are types of spyware capable of stealing login details, forwarding e-mail and text messages, tapping phone conversations, and tracking the location of devices.
"Never before in the history of technology has there been a more perfect distribution channel to send applications, including malicious applications, to tens of millions of devices," he said.
In response, Juniper has released what it claims is the only integrated mobile security software for business and consumer users, backed by a just-opened global threat and research centre in Columbus, Ohio that is only for mobile security.
The Mobile Security Suite is part of the broader Junos Pulse platform and includes anti-virus, personal firewall, anti-spam, loss and theft prevention, and monitoring and control services.
According to Hoffman, who heads the global threat centre, using software on the mobile device is the best approach to ensuring protection.
Devices no longer connect to a single network, he said. Instead, mobile devices connect to multiple provider networks and Wi-Fi networks.
Around half of mobile devices are Wi-Fi enabled, but this is expected to rise to 90% in the next couple of years, he said.
"There has to be a software client on every device to ensure protection regardless of what network they are connected to," said Hoffman.
On-device software can defend against direct attacks, but in the event of loss or theft, also enable users to lock, wipe, back-up and track their devices remotely, he said.
Commenting on the report, Bjoern Rupp of GSMK CryptoPhone said: “Increasingly, malicious fraudsters are targeting mobile devices to gain access to sensitive information such as PIN numbers and passwords and listen-in on confidential conversations. With the majority of people citing security as a key concern it still beggars belief that so many users are freely storing vital information on unsecure and unencrypted phones. A radical re-think needs to take place to ensure individuals are protected by 360-degree encryption to fight this growing threat.”
Nigeria fraud blacklist issued by police
Nigerian anti-fraud police have issued a blacklist of people it considers are unfit to run for political office. Senior politicians and businessmen are among more than 100 people on the list.
The EFCC (Economic and Financial Crimes Commission) said those on the blacklist were all being prosecuted for corruption.
The commission urged political parties not to endorse them as candidates in next year's elections.
One of those named, Orji Kalu, is running for president but has been arraigned on 107 counts of fraud. He is accused of involvement in a fraud worth 5bn naira (£21m; US$33m).
Politicians make up at least 40 people on the list, which the EFCC has published on its website.
Thirteen are former state governors, five are former ministers, three are serving MPs, and two are serving senators.
The EFCC says many of the defendants are deliberately stalling their cases in court so that they will not be tried before the elections next year.
MOTO (mail order/telephone order) fraud is on the rise
but banks have limited anti-fraud solutions to fight it.
Neira Jones, head of payment security at Barclaycard, says the MOTO space is attracting fraudsters as face to face payments are increasingly secured by chip and PIN, and MasterCard SecurCode and Verified by Visa are working on the card not present (CNP) scenario.
MOTO fraud in the UK accounted fo losses of £113.2m out of the total CNP losses for the year of £266.4m in 2009 according to figures from payments industry body the UK Cards Association and despite the focus of innovators being centred on the internet MOTO transactions are showing little sign of declining.
Two of the main initiatives Jones (right) believes can be useful for combating MOTO fraud are dynamic passwords and ‘call masking’.
Visa announced this month that its dynamic password solution CodeSure is on the verge of being rolled out commercially by Turkey's third largest bank Yapi Kredi, which has been pleased with the results of a several month-long pilot. A rollout in the UK is unlikely before 2012.
The CodeSure system consists of a card with an in-built numeric keypad and LCD display. It can operate in five modes: as an interactive extension to the Verified by Visa programme; as an interactive authenticator for online banking; as an authenticator for telephone banking; as an authenticator for online purchases; and as a regular payment/cash withdrawal card.
When a non-face to face transaction is requested, the bank generates a challenge code to the cardholder, either on the internet or over the phone, and the cardholder inputs this code into the keypad.
The card then returns a reply code, which authenticates the user as being in possession of the genuine card, rather than using a cloned card or having stolen the card data.
Jones says of CodeSure: “Visa is now talking to a number of banks in Europe about issuing it. Interestingly, PayWave [Visa’s contactless application] is now also available on the cards. The good news is that there would be no changes required for merchants, as anyone who supports the Verified by Visa interface today can make use of it.”
MasterCard also has a similar initiative. Bank SinoPac in Taiwan this month issued the first MasterCard credit card incorporating a digital display for one-time-password authentication.
The MasterCard "SinoPac Display Card" uses technology developed by Swiss-based NagrraID Security. Cardholders shopping online tap a button on the card, and a six-digit screen in the top right corner displays the one-time dynamic password.
The second major option available for combating MOTO fraud is DTMF (dual-tone multi-frequency) ‘call masking’.
This involves a customer doing a MOTO transaction remotely (not speaking to a real person) by entering their card details via the telephone keypad. The tones are captured by the merchant recording, but white noise is imposed so it is not possible for anyone listening in to hear the tones.
Neira Jones says the ideal solution would be to combine ‘masking’ and dynamic passwords since “the more protection there is the better.”
Key sectors impacted by MOTO fraud are telcos, financial Institutions, travel agents and contact centres.
One problem with call masking is that while legislation in some countries requires the recording and storage of telephone conversations in a range of situations, the Payment Card Industry Data Security Standard (PCI DSS) stipulates that the CVV2 (Credit Card Validation Value, or three-digit security code) cannot be kept post-authorisation, and full Personal Account Numbers (PANs) cannot be kept without further protection measures. If a call is recorded, as in call masking, it breaks the PCI DSS rules.
Third party care
Two of the businesses being targeted the most in the MOTO space are telcos and insurance, and Jones says that any companies using third party providers should ensure that these are PCI compliant if they are storing or processing cardholder data. If they are not compliant it is they, not the third party service provider, that will hold the responsibility for a breach.
Jones advises: “When you create a contract with a third party provider, ensure you have a PCI clause, and make sure that you can shift the liability should a breach occur.”
According to a report by Verizon, 80% of breaches of data are due to unauthorized access mostly caused by the sharing of passwords to access a system. “So let’s forget about PCI here,” says Jones. “It’s an information security issue.”
Jones says business should only store the data they need: “The main piece of card data that should not be stored is the CVV number. The major problem for us is the SMEs – a lot of them store un-necessary data.”
This is quite a big problem for Barclaycard, which has around 800 large merchants and between 80-90,000 SMEs.
Barclaycard claims around 33% of the UK card acquiring market. Its most PCI DSS-compliant customer sectors are Hotels (44%) and Insurance (43%). The least compliant are Airlines (20%) and the Public Sector (17%).
Google under fire over personal data revelations
Collection practices come under increasing spotlight after Canadian revelations
The UK’s Information Commissioners Office has reopened its investigation into Google after revelations of alleged data privacy breaches by the internet giant in Canada.
The ICO’s previous investigation into the way Google uses cars to collect information for its StreetView service found that it had not gathered any, "meaningful personal details" that could be linked to an identifiable person.
However, concerns over Google’s policies regarding potentially sensitive personal data remained and the ICO continued to monitor the more rigorous investigations carried out by its international counterparts.
Google has now admitted accidentally copying household computer passwords and emails from unsecured wireless networks when taking photographs for its Street View mapping service in Canada, potentially endangering the privacy of thousands of Canadians. Similar allegations have been surfacing in other countries and the UK investigation is now being reopened.
Seven privacy regulators in other jurisdictions have also analysed the data and uncovered full details of what was copied, with reports due shortly from several others.
In June an investigation by French data protection agency CNIL found that Google had gaathered sensitive data includingpasswords when putting together its Street View service in France.
An ICO spokesman commented: "Now that these findings are starting to emerge, we understand that Google has accepted that in some instances entire URLs and emails have been captured.”
He added that the ICO will be making enquires to see whether this information relates to the data inadvertently captured in the UK, before deciding on the necessary course of action, including a consideration of the need to use its enforcement powers.
Fears over Google’s data practices first emerged in May when it announced that it had mistakenly collected unencrypted WiFi payload data (information sent over networks) using its Street View cars.
Initially the company said that external inspections showed that most of the data in question was “fragmentary”, but it later admitted that in some instances entire emails and URLs were captured, as well as passwords.
In a statement on its blog Google said it accepts that in some cases complete emails, usernames and passwords had been inadvertently collected from unsecured wireless networks.
It added: “We’ve spent the past several months looking at how to strengthen our internal privacy and security practices, as well as talking to external regulators globally about possible improvements to our policies.”
Google says it has now created a ‘director of privacy’ to improve its practises and educate staff on how its products impact people's privacy.
Facebook has also getting some unwanted publicity over data collection when the Wall Street Journal reported earlier this month that ten of its most popular apps, including FarmVille (which has 59 million users), Texas HoldEm Poker and FrontierVille breached Facebook’s own privacy rules by being able to transmit user IDs to advertising and internet tracking companies.
Facebook said the leakage was not deliberate and that it would be introducing new technology to prevent it happening again.
World football governing body FIFA widened its investigation into alleged corruption in the World Cup bidding process after one of its former senior administrators claimed competing countries had colluded to trade votes.
FIFA said it has "immediately requested to receive
all ... potential evidence," from the UK’s Sunday Times newspaper
regarding its reporting of comments from Michel Zen-Ruffinen, who was
general secretary of football's world governing body for four years
Zen-Ruffinen, who was unaware he was being recorded by journalists posing as lobbyists, said that Qatar and the joint Spain-Portugal secretly formed a deal giving each seven votes from the 24-man FIFA executive committee that is choosing World Cup finals tournament hosts in December. Spain-Portugal wants to host in 2018 and Qatar is a 2022 candidate. Both need 13 votes to win their bids under existing rules.~
“So they start with seven (votes), which ...
was not expected by the other candidates. And this is not just a rumor,
that's fact," Zen-Ruffinen told the reporters.
Zen-Ruffinen also gave the under-cover reporters a list of executive FIFA members, saying how much their votes would cost.
He described one of them as "the biggest gangster on earth.
FIFA said it will refer the evidence to its ethics committee,
which has started an official investigation into alleged illegal collusion
between bidders that it did not name.
The latest revelations come after FIFA last week summoned senior Nigerian and Oceanian officials Amos Adamu and Reynald Temarii to a committee meeting on October 27 about the allegations of votes being sold in the bidding process.
The Sunday Times had reported that Adamu and Temarii, who are members of FIFA's executive committee, had offered to sell their votes in the bidding process for the 2018 World Cup.
85-year term for property fraud
A man has been given an 85-year prison setnence for a US$23m real estate fraud plotted by two men while they were in prison for other crimes.
Mark Shapiro, 50, founder of the Cobalt group of companies, received the same sentence as his co-conspirator Irving Stitsky, 55, was given on July 6 for defrauding around 250 investors.
The men came up with the scheme while they already were in prison for previous fraud offences.
US District Judge Kimba Wood said: "The offense resulted in devastating injury to hundreds of victims.
"For many, it wiped out their life savings at the end of their lives when they no longer had the ability to earn substantial amounts of money."
Cobalt, which had offices in New York, Florida and Massachusetts, tricked money out of investors by lying about investments in residential real estate developments, including many that Shapiro and Stitsky did not own.
The judge described Stitsky as "an inveterate con man" and said the fact they had carried out the fraud while already serving terms for other offences added to the length of the sentence.
A third co-conspirator, William Foster, 70, was given a three-year sentence in September for his role as a frontman for Shapiro and Stitsky.
The three were convicted by a jury last November after a three-week long trial.
Prosecutors said that, beginning in 2003, the three men established Cobalt's corporate headquarters in Springfield, Massachusetts, a satellite office in Miami, Florida, and a telemarketing center in Great Neck, New York.
Shapiro's sentence included three years of supervised release and an order to pay US$22m in restitution and to forfeit US$23.1m in proceeds from the crimes.
The money laundering investigation into the Vatican Bank has been expanded to include a number of clergymen.
The clergymen are suspected of having posed as account holders at the lender for wealthy individuals, news daily Corriere della Sera reported citing court documents.
On October 20 a judge in Rome rejected a bid by the Vatican bank (which is called the Institute for Religious Works or IOR) to reverse the seizure of Eur23m (US$32m) at Italian bank Credito Artigiano which was registered to the Vatican bank.
Three other Vatican bank operations are under scrutiny for alleged money laundering violations.
Investigators are looking into the source of cheques for Eur300,000 deposited in an IOR account at a branch of UniCredit and a withdrawal of Eur600,000 from an account with Intesa SanPaolo In one of the cases a priest allegedly moved Eur300,000 from an account in San Marino and transferred it to a businessman.
Ettore Gotti Tedeschi and Paolo Cipriani, the bank’s two most senior officials, have been under investigation since September for suspected breaches of AML practices.The Vatican bank’s lawyer Gotti Tedeschi said the ML case has been caused by a “misunderstanding” between the Vatican bank and Credito Artigiano when the Vatican tried to transfer money to two accounts it held in two other banks in Germany and Italy.
He said the bank would lodge an appeal over the court seizure of the Eur23m.
The bank’s challenge the freezing of its funds is thought to be the first case of the Vatican, a sovereign state, seeking redress through the Italian judicial system.
The Vatican is highly sensitive to the allegations as it is seeking to be approved on the Financial Action Task Force’s list of jurisdictions compliant with international standards on money laundering.
It is also seeking to be approved as compliant with the Organisation for Economic Co-operation and Development’s standards on tax co-operation.
World’s most prolific phishing gang migrates to Zeus
A phishing gang, claimed to be the world’s most prolific, has moved from using conventional phishing techniques to employing Zeus Trojan crimeware that can steal passwords without the victim’s cooperation.
That is one of the findings in a new report from the Anti-Phishing Working Group (APWG).
APWG researchers found that while conventional Avalanche botnet infrastructure had been used to launch spam-based phishing attacks over the past two years, the phishing has now been replaced with a scheme that infects users’ PCs with the potent Zeus Trojan malware that steals bank data.
The phishing syndicate had been successfully using the Avalanche botnet for conventional spam-based phishing attacks that provoke a user to visit a counterfeit website and enter or his or her credentials. This Avalanche phishing accounted for two-thirds of all phishing attacks observed worldwide in the second in late 2009.
But the Avalanche infrastructure was involved in just four conventional phishing attacks in July this year. Instead, the Avalanche-based syndicate ramped up a concerted campaign of crimeware propagation to fool victims into receiving the Zeus crimeware and infecting their PCs with it. Avalanche has been sending billions of faked messages from tax authorities such as the IRS, false alerts/updates purporting to be from popular social networking sites, and other lures. These lures take victims to drive-by download sites, where the criminals infect vulnerable machines.
Once a machine is infected, the APWG says the criminals can remotely access it, steal the personal information stored on it, and intercept passwords and online transactions. The criminals can even log into the victim’s machine to perform online banking transactions.
"While the cessation of phishing operations by the Avalanche phishing group is great news for the anti-phisihing community, their shift to the nearly exclusive distribution of Zeus malware is an ominous development in the e-crime landscape," said study co-author Rod Rasmussen. "Their spamming and other activities to target victims continues at high levels, implying they are finding malware distribution a more effective and profitable tactic than traditional phishing.”
Co-author Greg Aaron added: “The Avalanche criminals recently rented a large botnet called Cutwail to send out massive amounts of spam lures. Those spams led unsuspecting Internet users to Zeus crimeware hosted on the Avalanche botnet. So this is a good example of how e-criminals don’t work in isolation, and often use multiple tools – spam, malware, botnets, and phishing – to do their work.”
Highlights of the Global Phishing Survey: Trends and Domain Name Use in 1H2010 also include:
- The Avalanche phishing gang migrated to distributing the dangerous Zeus crimeware
- Average uptime of all phishing attacks rose from previous periods
- Phishers continue to use subdomain services to host and manage phishing sites
- Amount of Internet domain names and numbers used for phishing was steady as number of registered domain names has grown
The complete report can be downloaded from: http://www.antiphishing.org/reports/APWG_GlobalPhishingSurvey_1H2010.pdf
The government has earmarked a further £500m to help the UK defend against the growing threat of cyber attacks.
Prime minister David Cameron said in the House of Commons today, during his much awaited Spending Review, that the rise in "unconventional threats" had made an increase in spending on cyber defences necessary.
"Over the next four years, we will invest over £500m of new money in a national cyber security programme," he said in a statement on the Strategic Defence and Security Review.
"This will significantly enhance our ability to detect and defend against cyber attacks, and fix shortfalls in the critical cyber infrastructure on which the whole country now depends."
The announcement is particularly notable as it comes at the same time that the UK government is revealing the huge cuts necessary for the country to balance the books, and underlines the seriousness with which the cyber threat is being treated at the highest levels.
The increased budget will be welcomed by GCHQ director Iain Lobban, who warned earlier this week that a cyber attack on the UK is increasingly likely as criminals continue to target national infrastructure networks.
"Cyber space is contested every day, every hour, every minute, every second. I can vouch for that from the displays in our own operations centre of minute-by-minute cyber attempts to penetrate systems around the world," he said.
William Beer, director of PricewaterhouseCooper's One Security division, welcomed the government's increased spending, arguing that it is vital to have trained IT professionals to combat this threat before it is too late.
"Fighting the cyber war requires an army of prize troops, and we just don't have enough of them at the moment," he said.
"The people element is often overlooked in building strong cyber defences, but this funding will be vital in attracting top talent into the industry as well as providing security professionals with the best training and support."
Beer added that it is necessary to fund this area of security because cyber criminals are becoming ever more adept at attacking and infiltrating systems.
"Computer systems in the UK are being targeted daily by highly organised cyber criminals and state-led operations from across the globe," he said.
"They are willing to invest in developing sophisticated attacks and, although it's impossible to predict the future, gaining insight into new developments will help to build better defences against potentially crippling attacks."
suspended over fraud allegations
William Ruto, the Higher Education Minister in Kenya, has been suspended from office after a constitutional court ruled he will face fraud charges.
On October 15, a three-judge
bench ruled that Ruto will face criminal prosecution over a Ksh272m
President Mwai Kibaki appointed the minister for East African Community Hellen Sambili to replace him in an acting capacity.
Ruto and four other people face fraud charges over the alleged sale of a piece of land in Ngong forest to Kenya Pipeline Company Ltd.
The minister allegedly received Ksh96m at various intervals during the alleged transaction.
Ruto had previously dismissed
calls for his resignation saying there was “nothing new”
to warrant his stepping aside.
He had had filed a court petition with eight objections as to why the case before the chief magistrate in Nairobi should be terminated. Other than infringing on his constitutional rights, Ruto alleged that the Kenya Anti Corruption Commission (KACC) was discriminatory in prosecuting him.
He argued that many persons had been involved in alleged allocation of the land, its transfer and subsequent sale and was wondering why others were left out. According to him, the State left out 16 government departments and offices that facilitated the transfer of the land.
launched for US market
Magstripe device uses unique dynamic security code
An anti-skimming magstripe card is being launched for the US market by payment technology company Dynamics.
The Dynamic Credit Card is designed to protect cardholders and merchants from skimming attacks that steal card numbers by automatically writing a new, unique dynamic security code onto its magnetic stripe for every online purchase. A display can also be added to the card so it can automatically display a new, unique dynamic security code for every online or in-store purchase – replacing the three or four digit security code physically printed on traditional cards.
The anti-skimming technology will be demonstrated at the Alternative Payment System Innovations event on October 21 in San Francisco.
The global migration to EMV standards has left the still magstripe-based US bank card market appearing a weak link for fraudsters to exploit. Dynamics says that all that is needed to steal a credit card number is a pen and paper or a portable card reader. More advanced fraudsters have stolen credit card numbers by breaking into merchant servers where the numbers are electronically stored, such as in the TJX case.
“The Dynamic Credit Card technology eradicates skimming both domestically and internationally without changing a single card reader or impacting a single merchant system,” said Jeff Mullen, Dynamics’ CEO.
He added that the security benefits of the technology can be increased when combined with other anti-fraud technologies. For example, Dynamic codes can be added to Dynamics’ Hidden card, where an on-card interface requires a user to enter an unlocking code into the card in order to activate the card.
“Hidden eradicates fraud associated with lost or stolen physical credit cards. Adding dynamic codes to Hidden eradicates fraud associated with lost or stolen intangible credit card numbers,” said Mullen. “With this best-in-class one-two security punch, and combined with the US’ superior fraud monitoring techniques, consumers can now enjoy the highest level of fraud protection in the world.”
The Dynamic Credit Card technology can also be integrated into any Dynamics card such as MultiAccount and Redemption.
“Dynamics’ card technology promotes consumer choice and segmentation. While one consumer may want a security-oriented experience that requires an unlocking code to activate the card, another consumer may want a loyalty-oriented experience that allows them to pay for a purchase at the point of sale with points they’ve earned. The Dynamic Credit Card technology allows us to add a transparent layer of security to all of our products without impacting the consumer experience in any way,” said Mullen.
Nigeria files new
Nigeria has filed new charges against a suspect in connection with the alleged payment of bribes by companies including former Halliburton Co. unit KBR Inc., while prosecutors said other indictments would be filed against the companies involved.
The Nigerian federal government had kept to its promise to arraign the first set of the suspects in the US$180m Halliburton scam, as a personal assistant to former President Olusegun Obasanjo, Adeyanju Bodunde was put in the dock at the federal high court, Abuja.
He was accused of laundering about US$5m.
Prosecutors charged Adeyanju Bodunde with six counts of money laundering at the federal high court in the capital, Abuja. Bodunde pleaded innocent to all charges and was granted bail of 1 million naira ($6,564).
About $180m was alleged to have been paid by the group of international companies, including Paris-based Technip SA; Milan-based Snamprogetti SpA, an affiliate of Eni SpA; and JGC Corp. of Japan, to win a $6bn liquefied natural-gas contract. Charges against Julius Berger Plc, the local unit of Bilfinger Berger AG of Germany, were dropped when the company reached an out-of-court agreement after being accused of funneling the bribes to the recipients.
“A settlement has been reached in respect of Julius Berger and persons associated with Julius Berger,” Godwin Obla, the lead prosecutor, told reporters today, without giving details of the settlement.
The bribes were alleged to have been paid to win a contract to build Nigeria LNG Ltd.’s gas plant on Bonny Island on the country’s Atlantic coast.
KBR and Halliburton had agreed to pay $579m in February 2009 to the US Justice Department and the Securities and Exchange Commission to resolve criminal and regulatory charges arising from the bribery payments that stretched from 1994 to 2004. The company pleaded guilty to conspiracy and to violating the US Foreign Corrupt Practices Act.
Technip took a charge of Eur245m (US$342m) related to its stake in the Nigerian group and discussed “resolution of all potential claims” with the Justice Department and the Securities and Exchange Commission, the Paris-based company said on February 12 this year.
UK media wises up
to cybercrime threat
The huge threat posed by cybercrime to the UK’s security has belatedly been highlighted by the country’s mainstream media.
The recognition came in the wake of the release of the government’s National Security Strategy report, which said Britain was entering an “age of uncertainty” and faced a different and more complex range of threats from “a myriad of sources.”
Cybercrime is now considered a Tier 1 threat, ranking it alongside international terrorism, a major accident or natural hazard such as a flu pandemic, or an international military crisis between states. It is ranked as one of the top five threats to the UK that need to be addressed as part of its security strategy over the next five years.
“During the Cold War we faced an existential threat from a state adversary through largely predictable military or nuclear means. We no longer face such predictable threats,” the report said.
The Strategy called for a
much greater emphasis on spotting emerging risks and dealing with them
before they become crises.
Fraud and security insiders (and industry publications like Fraud Watch) have been warning for several years that combating cybercrime involves an ongoing struggle with hackers and fraudsters who are becoming more sophisticated in their methods and are choosing bigger targets.
The UK government cited the possibility of attacks on country via computer networks and "large scale cybercrime" as a threat to its national security, as use of the Internet is crucial to the country’s economy.
Highlighting the growing
nature of the threat, Home Secretary Theresa May said that 51% of the
malicious software threats that have ever been identified were in 2009.
The government is calling for the formation of a "transformative programme" to tackle threats from states, criminals and terrorists. The National Security Strategy paper will set the tone for how the UK decides to allocate its resources in an economic climate where the government is under pressure to reduce public spending.
Bank claims to have cut online fraud to “almost zero”
Financial giant makes heavy investment in technology in Asia-Pacific region
The CEO of Citibank’s Australian operation says it has cut online fraud to “almost zero” via the use of two-factor authentication.
Roy Gori added that the bank is now preparing to roll out the system to its mobile banking customers. He said he cannot remember a single case of online fraud among the bank's 200,000 online customers in the last year.
Citi’s two factor authentication system for internet banking entails online customers entering their user ID then a password through a dynamic keypad that comes up on the screen. They then answer a predetermined security question.
The bank says it will now extend the sytem smartphones such as the Apple iPhone as it increases the number of merchants in its rewards programme by 700%.
Gori told reporters the bank's plan was to be the "smartest bank so the fraudsters go after the dumbest ones" and that the system is now being extended to its mobile banking customers.
"Security is paramount to giving people confidence ... with security, generally consumers are more receptive to using the online channel," said Gori.
He added that Citibank's strategy was to be the "smartest bank so the fraudsters go after the dumbest ones".
The bank is rapidly expanding its ‘World Privileges’ rewards scheme from 120 retail offers to 700 by the end of the year. iPhone users can download an application to check dining or shopping offers based on their location.
Citibank head of digital banking Michael Weeding said versions for other platforms such as iPad, Android and BlackBerry would follow.
Citigroup is investing heavily in technology in the Asia-Pacific region, which was the largest contributor to the bank's net income globally last year. It reported net income from Asia of US$2.5bn on revenue of US$7.2bn in the last financial year.
The bank has already partnered with telecom operators Vodafone Group in India, M1 in Singapore and Chunghwa Telecom in Taiwan to offer mobile payment services.
Citi Australia has also just launched a voice biometrics trial in its collection department.
Gori said voice recognition was one way to reduce the cumbersome process of identification Citibank currently has in place. Voice biometrics was chosen due to its high accuracy rate.
"Right now….you need to identify who you are. It's a very painful process," he said, which involves several steps.
The bank plans to make the voice system available in three months to its customers, who will be able to opt-in to use it.
National Australia Bank was the first financial institution in the country to offer customers a voiceprint recognition system in 2009.
Citibank had lower levels of fraud than the rest of the industry, according to Gori. He said it was easier for it to implement innovative solutions due to its smaller size in the country.
Citibank has also announced a new mobile banking service allowing customers to perform normal online banking transactions via their mobile phones, as well as releasing a location-based iPhone application.
The iPhone app allows customers to see which merchants nearby have partnerships with Citibank and will offer deals, such as cheaper restaurant meals. The new mobile application will also locate Citibank ATMs.
The two functions are available in 16 Asian countries.
Data theft tops all
other forms of fraud for the first time
Kroll’s annual report shows a 20% increase in past 12 months
Theft of information and electronic data at global companies has overtaken physical theft for the first time, according to the latest edition of the Kroll Annual Global Fraud Report.
This year’s study shows that the amount lost by businesses to fraud rose from US$1.4m to US$1.7m per billion dollars of sales in the past 12 months – an increase of more than 20%. The findings are the result of a study commissioned by Kroll with the Economist Intelligence Unit. It consisted of input from more than 800 senior executives worldwide.
While physical theft of cash, assets and inventory has been the most widespread fraud by a considerable margin in previous Global Fraud Reports, this year’s findings reveal that theft of information or assets was reported by 27.3% of companies over the past 12 months, up from 18% in 2009. In contrast, reported incidences of theft of physical assets or stock declined slightly from 28% in 2009 to 27.2% in 2010.
According to the 2010 survey, 88% of companies said they had been the victim of at least one type of fraud during the past year. Of the specific countries analyzed, China is the top market in which companies suffered fraud with 98% of businesses operating there affected. Colombia ranked second with a 94% incidence of fraud in 2010, followed by Brazil with 90%.
Tom Hartley, vice president of Kroll’s Eurasia region, said: “Theft of confidential information is on the rise because data is increasingly portable and perpetrators – often departing or disgruntled employees – can remove it with ease in the absence of sufficient controls. At the same time, there is a growing awareness among thieves of the increasing intrinsic value of an organization’s intellectual property. The results of the survey do not suggest other types of fraud are decreasing but merely that the rise in theft of intellectual capital has outstripped other fraudulent activity that has remained constant. Companies need to regularly evaluate how they are controlling access to information within their organization to ensure they are keeping pace with technological advancement and the imperative for collaboration in the workplace.”
Information-based industries reported the highest incidence of theft of information and electronic data over the past 12 months. These include financial services (42% in 2010 versus 24% in 2009), professional services (40% in 2010 versus 27% in 2009) and technology, media and telecoms (37% in 2010 versus 29% in 2009).
The speed of technological developments poses new challenges in the fight against fraud. Nearly one-third (28%) of respondents cited information infrastructure complexity as the single most important factor in raising their exposure to fraud. However, despite the increased risks, only 48% of companies are planning to spend more on information security in the next 12 months, down from 51% last year.
Other key findings include:
• Fear of fraud dissuades nearly half of companies surveyed from becoming more global: 48% of respondents indicated that fraud had dissuaded them from pursuing business opportunities in at least one foreign country. The biggest impact has been on emerging economies, with fraud deterring 11% of businesses operating in China and similar percentages of businesses operating in Africa (11%) and Latin America (10%). Respondents claimed they managed risk in these countries simply by avoiding the regions, even though they may offer attractive investment opportunities.
• Companies are unprepared for regulation: Increased regulation through the Foreign Corrupt Practices Act (FCPA) and the introduction of the UK’s new Bribery Act has created new challenges for companies. According to the survey, nearly two-thirds (63%) of businesses with operations in the US or UK believe the laws do not apply to them or are unsure. As a result, many are unprepared to deal with the regulatory risks: less than one-half (47%) are confident that they have the controls in place to prevent bribery at all levels of the operation, compared with 42% who say they have assessed the risks and put in place the necessary monitoring and reporting procedures.
• Fraud continues to be an ‘inside job’: For those companies who have been affected by fraud over the past year, junior employees and senior management were the most likely perpetrators at 22% each, followed by agents or other intermediaries at 11%. The proportion of fraud carried out by these employees ranged from 50% to 60% in North America, Europe and Asia-Pacific to 71% in the Middle East and Africa. The number dropped to 42% in Latin America where customers are the primary fraudsters.
Melvin Glapion, head of Kroll’s UK business intelligence practice, said: “Some of the most concerning findings from the report this year were that challenges faced by corporates investing in unfamiliar territories in search of growth are dissuading them from expansion. This is a combination of opportunity lying where fraud risk is highest and at the same time, the penalties for regulatory failure and likelihood of prosecution increasing. Companies can manage these risks but need to think broadly about the appropriate steps taken to minimize exposure and investigate suspicious actions.”
More information at www.kroll.com/fraud
A campaign is underway in the UK to highlight that high tech crime should be a funding priority as more ‘home-grown’ cybercrime units are being detected.
Britain’s most senior police officer Sir Paul Stephenson, Commissioner of the Metropolitan Police, has raised concerns that a focus on putting police on the streets will take away funding from initiatives to break organised gangs who appreciate the low risks and high rewards of cybercrime.
In a Sunday newspaper article highlighting the importance of specialist officers Stephenson said the debate around policing in the run-up to the Comprehensive Spending Review has so far been dominated by calls to preserve bobbies on the beat.
"At the moment, British criminals would probably have to buy 'packages' of bogus identities or virus kits from foreign criminal organisations. But for how long?" he wrote.
Sir Paul's warning challenges the common view that large-scale cybercrime is generally associated with Eastern European gangs. Only last week, the Met's Police Central e-Crime Unit (PCeU) charged 11 Estonians, Latvians and Ukranians with stealing millions of pounds using bank details harvested by the Zeus Trojan.
Yet "there are disturbing signs that 'traditional' British organised crime is waking up to the profits and uses of e-crime," Sir Paul wrote.
"PCeU regularly receives calls from other Met units informing them that criminal gangs are using cyber communication to plan their crimes and launder the proceeds."
Traditionally, drug gangs would commit robberies to pay debts when they lost a shipment to law enforcement, but Sir Paul suggested the relative ease of cyber attacks makes them increasingly attractive to British career criminals.
"There is a risk that cyber crime will become their main source of cash flow," he wrote.
The PCeU was set up in 2008 and serves as the national unit for investigating cybercrime. However, the Home Office recently cut its small budget by 14 per cent, ahead of the CSR, which is expected to bring further cuts of about 30 per cent across policing.
Sir Paul concluded with a call to protect PCeU and other specialist units.
"We must... ensure that, if British crime gangs take up e-crime as enthusiastically as we fear, we can match the skills at their disposal. We must have the expertise to stay ahead of the criminals.
"Uniform officers alone will not keep the streets safe – specialist detectives are just as crucial to ensuring we are all better protected."
Russian spy ring linked to forged Irish passports
The Irish GARDA police say an investigation has established that the details of six Irish passports were replicated for use by alleged members of a Russian spy ring.
The investigation, which is being carried out by detectives from the Special Branch, is trying to pinpoint where the details were copied and then inserted into the forged documentation.
The inquiries also involve officials from the Department of Foreign Affairs and the Passport Office and follow a tip-off to the authorities from the FBI.
The fraudulent use of the passports was discovered when the FBI smashed the spy ring, which was based in the US.
But it is not yet confirmed whether all of the forged documentation had been used by the spies.
One of the passports belonged to a volunteer with Irish charity To Russia With Love named as Kathryn Sherry and two others to a married couple in Co Donegal. All had all been granted visas at the Russian Embassy in Dublin.
After gardai have completed a file, it will be studied by senior officials from the Department of Foreign Affairs and, if the Russians are clearly implicated in the forgeries, a decision will be taken on whether diplomatic action should be taken.
Earlier this year, forged Irish passports were used by Israeli agents, who were alleged to have murdered Hamas activist Mahmoud al-Mabhouh in a Dubai hotel.
As a result of investigations by the Garda and the findings of police in other countries, the Irish government concluded that an official Israeli agency had been responsible for the "misuse and, most likely, manufacture of the eight fake Irish passports".
In both Israeli and Russian cases, the passports were of a type produced before the introduction of new design and security standards in 2005.
These included a more secure personal details page, made of a polycarbonate substance, containing the personal details and photograph of the holder.
The polycarbonate makes it virtually impossible to reproduce the page without sophisticated production processes or to alter it without being detected by standard examination techniques.
watchdog Global Witness says that, despite previous warnings from UK
regulator the Financial Services Authority, banks have continued to
take illegally-obtained money from Nigerian governors. It added that
in failing to inform their clients the UK banks – plus UBS from
Switzerland – were not acting illegally but had helped corruption
to take place.
The watchdog believes that the five banks took the money between 1999 and 2005 from two former Nigerian governors accused of corruption, but had failed sufficiently to investigate the customers or the source of their funds.
The report says the FSA should enforce money laundering regulations more thoroughly, after RBS was found to have allowed former politician Dieypreye Alamieyeseigha to bring around £2.7m into the UK.
The report, which examined court documents from London, showed that £1.56m of this money came from bribes paid by a contractor to get work.
Robert Palmer, a campaigner at Global Witness, said: “Banks are quick to penalise ordinary customers for minor infractions but seem to be less concerned about dirty money passing through their accounts.
corruption is simply not possible without a bank willing to process
payments from dodgy sources, or hold accounts for corrupt politicians.”
HSBC said the Global Witness allegations were 'misguided'. The other four banks and the FSA have declined to comment.
HSBC’s North American unit was recently told to improve its due diligence systems by the Federal Reserve to ensure that it adhered to regulations surrounding the Bank Secrecy Act and anti-money laundering rules.
Regulator cleared in Goldman case
An internal watchdog at the Securities and Exchange Commission has thrown out accusations that the US financial regulator was politically motivated during its landmark fraud case against Goldman Sachs.
After declaring the accusations void the watchdog then, however, went on to question the SEC for violations of its own policy as it had failed to warn Goldman Sachs of an imminent fraud charge.
SEC inspector general David Kotz’s report rejected claims made by some Republican legislators that SEC officials timed the Goldman case so that it emerged at the same time as the Dodd-Frank financial regulation bill was being debated in Congress and diverted attention so the Democrats were able to pass the contentious legislation.
The report, however, indicates that senior SEC officials did time the case to generate greater media attention. It adds that the SEC officials had reservations about the press strategy of Goldman and acted rather complacently in intimating the company about the impending fraud case, which is a violation of SEC rules, though the delay was just about "10 minutes."
Kotz gives an insight into the SEC's actions leading up to its suit issued against Goldman Sachs and one of the firm's traders on April 16 this year. Goldman was accused of misleading clients by selling mortgage-linked securities without revealing the role of a hedge fund that was seeking to profit from the housing market's collapse.
On July 15 this year Goldman agreed to pay a US$550m penalty to settle the charges without admitting or denying any wrongdoing.
Kotz, although finding the timing “suspicious”, also found that there was no concrete evidence to suggest that the lawsuit against Goldman was filed to coincide with his earlier report that was highly critical of the SEC’s failure to aggressively investigate concerns about the US$8bn Ponzi scheme allegedly run by Allen Stanford. The Stanford report was released just hours after the Goldman lawsuit was filed.
Goldman declined to comment on the exoneration of the SEC, while commission spokesman John Nester said the report "reaffirms that the case was brought on the merits, and only on the merits."
Russian authorities have detained a Ukrainian citizen accused of overseeing a criminal operation that used fraudulent credit cards and passports to siphon large amounts of cash out of banks around the world.
The detention of the unnamed suspect came as Department K of the Russian Interior Ministry stopped the actions of the international criminal group which they suspected the Ukrainian of leading. The group, which was made up of at least 50 members, siphoned more than US$660,000 out of 17 Russian banks between January and June alone.
Russian authorities say they also confiscated more than 100 counterfeit credit cards and an encoder used to write data to cards' magnetic stripe.
The action comes as authorities in Ukraine, the US, and UK arrested dozens of people suspected of participating in bank fraud related to Zeus, a prolific computer trojan that specializes in stealing banking credentials of its victims. Most of those arrested were accused of being money mules who used fraudulent passports to launder money stolen from compromised accounts. Five of those detained in Ukraine were accused of orchestrating the overarching scheme.
The tampered terminals were in use from June 1 to August 31 in an undisclosed number of stores. As many as 1,000 Aldi shoppers in Illinois and Indianapolis have already reported fraudulent charges.
Aldi, which has about 1,100 stores in 31 states, said it believes it has removed all the tampered terminals have been removed.
Researches at Trusteer, which provides secure browsing services, says that a new version of the Bugat financial malware is being used to infect computers with the more common Zeus Trojan.
The emergence of this new version of Bugat appears to
be an attempt by criminals to diversify their attack tools using a platform
that is less well known and therefore harder to detect and block.
Bugat is similar in functionality to its better known financial malware brethren Zeus, Clampi and Gozi. It targets Internet Explorer and Firefox browsers and harvests information during online banking sessions. The stolen financial credentials are used to commit fraudulent Automated Clearing House (ACH) and wire transfer transactions mostly against small to midsized businesses, which result in high-value losses. Bugat is three times more common in the US than Europe, but its distribution is still fairly low.
In last week’s attack, LinkedIn users received emails reminding them of pending messages in their account and providing a malicious URL. When a victim clicked on the link they were directed to a fraudulent website where a java applet fetched and installed the Bugat executable. LinkedIn spam email is an effective tool to push malware to enterprise users, and is being used to gather credentials for commercial bank accounts and other sensitive services used by businesses.
“Criminals are stepping up their malware distribution efforts by continuously updating configurations of well known malware like Zeus, and using new versions of less common Trojans like Bugat, to avoid detection,” said Mickey Boodaei, CEO of Trusteer. “We are in an arms race with criminals. Although Zeus gets a lot of attention from law enforcement, banks and the security industry, we need to be vigilant against new forms of financial malware like Bugat and SpyEye which are just as deadly and quietly expanding their footprint across the internet.”
Another one to watch is Carberp which is less wide spread but equally sophisticated. Carberp currently targets nine banks in the United States, Denmark, The Netherlands, Germany, and Israel.
Blocking and removing Bugat
Trusteer says its Secure Browsing Service protects banking and other online sessions by blocking attacks and then disinfecting machines that are infected with Bugat and other financial malware including Zeus, SpyEye, and Carberp. When a Trusteer user browses to sensitive websites such as internet banking, Webmail, or online payment pages, the service immediately locks down the browser and creates a tunnel for safe communication with the web site. This prevents malware like Bugat from injecting data and stealing information entered and presented in the browser. The service is directly connected to the bank (or other online business protected by Trusteer) and to Trusteer’s 24x7 fraud analysis service. Attempts to steal money from consumers protected by Trusteer are immediately detected by the bank or operator of the website and are blocked using various layers of protection.
Outlaw Motorcycle Club gang problem grows
Europol warns of expanding Hells Angel chapters
Europe is the continent with the highest increase in new Outlaw Motorcycle Club Gang (OMCG's) chapters.
During the last five years Bandidos, Hells Angels and
the Outlaws have opened more than 120 chapters which makes a total number
of more than 425 chapters in Europe. The number of chapters for these
three large groups in the United States and Canada are around 300.
Europol is following the developments of the OMCG's as part of its responsibility to monitor the threat from organised crime and terrorism in Europe.
The OMCG's are identified as a national threat and as a national policing priority in several EU countries. Because of a recent significant expansion of the presence of the Hells Angels into South-East Europe, Europol and the Croatian Ministry of Interior this week co-organised a seminar for law enforcement specialists in Dubrovnik. The seminar was financed by the European Commission's TAIEX programme and representatives from Albania, Bosnia and Hercegovina, Croatia, Montenegro, the former Yugoslav Republic of Macedonia, the Republic of Serbia and Turkey received presentations from expert speakers from Europol, Luxemburg, Norway and Spain. The aim of the seminar was to raise a national and regional awareness about the character of the OMCG's in South-East Europe and Turkey.
The specialist speakers warned against taking it at face value when the members of the OMCG's say that they are not involved in crime and only interested in riding their motorbikes, since crime and violence have for decades been an inherent part of their lifestyle.
"Serious criminality is a feature of the activities of Outlaw Motorcycle Gangs in Europe. At Europol, therefore, we are worried about their expansion and are increasing our efforts to track their activities. Working with our law enforcement colleagues across Europe we are determined to bring to an end their illicit activities in society," says Rob Wainwright, Director of Europol.
Europol offers support to the countries facing the challenge of dealing with OMCG gangs through its analytical and criminal intelligence-sharing capabilities and encourages the participating countries to establish a single point of contact within national law enforcement authorities.
Fannie Mae logic-bomb saboteur found guilty
A computer contractor has been convicted of planting a logic bomb on the servers of Fannie Mae, the financially troubled US housing and mortgage giant.
Rajendrasinh Babubhai Makwana, 36, responded to the termination of his two-year-long spell as a software development contractor at Fannie Mae in October 2008 by planting a malicious script designed to wipe all the data from its network on 31 January 2009.
Anyone attempting to access data on the system after the logic bomb went off would have received the message "Server Graveyard".
Fortunately, Fannie Mae system administrators found
the malware days after Makwana left work at the Urbana, Maryland technology
centre and weeks before the logic bomb was due to explode. Subsequent
forensic analysis of computer logs traced the attempted attack back
to Makwana's workplace laptop, which yielded more evidence. Because
of his job developing software for Unix boxes, Makwana reportedly had
access to the full range of Fannie Mae's 5,000 servers.
Even though Fannie Mae had back-up, the attempted attack would have been enormously disruptive and extremely costly - even if it was only partially successful deleting securities and mortgage data, the court was told. Company representatives testified that it might take as long as a week to fully restore systems using off-site backups if the failed attack had been entirely successful in its malicious aims.
Makwana, who was convicted of computer sabotage and hacking offences punishable by a maximum of 10 years imprisonment by a jury, will be sentenced on 8 December.
Fannie Mae (The Federal National Mortgage Association) and the smaller Freddie Mac (The Federal Home Loan Mortgage Corporation) either control or guarantee almost half of all home loans in the US. Shares in Fannie Mae plummeted as a result of the US sub-prime housing crisis but its operations continued thanks to access to low-interest loans and supportive statements from the federal government that its business was vital to the US housing market.
Former Nigerian bank
CEO gets six month jail term
Sentences sends shock waves round financial community
Cecilia Ibru, the former
CEO of Oceanic Bank in Nigeria, has been given a six month jail term
She was also ordered to hand over $1.2bn (£786m) in cash and assets, after pleading guilty to three of 25 counts of fraud and mismanagement.
Ibru is one of several top financial executives who the government removed from their positions and who were being held in connection with the near-collapse of nine banks in 2009 amid allegations of fraud and wreckless lending.
Nigeria’s central bank said the assets forfeited by Ibru included 94 properties in the country, and in the US and Dubai, as well as shares in 100 companies, 80 of them listed in Nigeria and 20 private.
"This is an indication that we are making progress in the war against graft in the country," said Farida Waziri, the head of Nigeria's anti-corruption agency.
Critics says there are still too few serious fraud prosecutions in Nigeria, although the sentence is reprted to have sent shock waves around the country’s financial community. Until her arrest, the high-profile and well-connected Ibru had been considered immune to action from the authorities.
Total card fraud losses in the UK fell by 20% in the first six months of 2010.
Figures from industry body The UK Cards Association, also showed that online fraud fell by 36% in the first half of 2010 to £24.9m, compared to the same period in 2009. This represented the first reduction in online fraud since 2007.
Total fraud losses on UK cards fell to £186.8m between January and June, the lowest half-year total for ten years.
The payments body
said this sustained fall is due to the success of a number of banking
industry initiatives: the increasing rollout of updated chip cards in
the UK, ongoing work with the retail community to raise awareness in
protecting their chip and PIN equipment from criminal attack; greater
sign-up to MasterCard SecureCode and Verified by Visa by cardholders
and retailers; increasing use of fraud detection tools by banks and
retailers; and the increasing roll-out of chip and PIN abroad.
Online banking fraud losses totalled £24.9m in January to June. The UK Cards Association attributed the fall to increased customer awareness of the need to protect their own computers with up-to-date anti-virus software and banks’ use of sophisticated fraud detection software.
However, the association added that over the past five years fraud losses in this area have been fairly volatile over a six-month period so the decrease was “not necessarily the start of an ongoing trend.”
It added that fraudsters are still focusing on this type of fraud, and the industry will continue to advance its crime prevention initiatives in this area.
Phone banking fraud losses totalled £5.8m during January to June, an increase of nine per cent from January to June 2009. Most losses involve customers being tricked into disclosing security details - through cold calling or fake emails - which the criminal then uses to commit fraud. To help customers protect themselves the industry continues to highlight the fact that banks will never cold call or email customers and ask them for login details and passwords.
Cheque fraud losses decreased from £15.6m in the first half of 2009 to £13.5m during the same period in 2010. The overwhelming majority of attempted cheque fraud gets stopped before the cheque is paid. The UKCA says the industry’s ongoing work to prevent cheque fraud - particularly through its use of fraud prevention profiling - has played a key part in driving these losses down. The continuing drop in cheque usage has also contributed to the 13% fall in overall cheque fraud losses.
Melanie Johnson, chair of The UKCA, said: "These figures are testament to the importance that the UK’s card companies place on driving down card fraud losses and reducing any inconvenience to customers. We are determined to make sure that customers feel as safe and secure as possible when they use their cards. To that end the banking industry is committed to detecting and preventing card fraud in all its guises.”
David Cooper, chairman of the fraud control steering group, the payment industry’s main fraud prevention group, said of the non-plastic related fraud losses: “The fight against fraud can only be effective with a joined-up approach, so we continue to collaborate with businesses, consumers, the police and the government whenever and wherever possible. Just last week our work with the Police Central e-Crime Unit (PCeU) paid off, with a number of criminals - who infected customers' computers with a virus to steal from their accounts - being arrested."
Quoting overall fraud figures released by the National Fraud Authority (NFA) earlier in the year, The UKCA says they serve to put banking fraud losses into perspective. The NFA estimated that fraud in all its guises costs the UK more than £30bn a year – card and banking fraud accounts for less than 2% of this figure.
Search engine’s caching policy makes stolen card details easily available, claims ‘ethical hacker’
Policies employed by Google are making fraud easily possible, an “ethical hacker” says.
The search engine’s policy of doing an historic cache of all its internet pages every night means that criminal sites that have been shut down remain available online in perpetuity for those who know how to find them via the cache, according to Neil O’Neil.
He cites the case of a cybercrime website in Vietnam containing the details of 19,000 UK credit cards, that was closed down by authorities.
“Because Google cached it, criminals didn’t need to go out and rob any banks – they could sit at home and access the card details via Google’s cache of the site,” he says.
He added that details on such caches are shared via online criminal forums.
O’Neil (who besides being an ethical hacker is also principal digital forensics investigator for The Logic Group), says that no password is secure and there are several relatively easy ways for hackers to break them and access a company’s network and all the data it holds.
He says call centres can be particularly vulnerable to card fraudsters, as they operate 24/7 and often take credit card numbers. He claims it is quite easy for a worker to put a keylogging device into a computer at the end of their shift which will collect the keystrokes from the next two shifts.
“They can then collect this information when they start their next shift,” says O’Neill. “And all the stolen card details will come from the other shifts so they won’t be suspected.”
He adds that keylogging can also be done via malicious software which sends an email from an infected computer with all the keystroke activity from the device that day.
In the UK police recently arrested 19 people over a £6m online bank fraud which employed the Zbot/Zeus keylogging Trojan to steal banking information.
O’Neil brands as “a fallacy” the idea that passwords can protect documents: “I can get into any system in the world in five minutes and do anything I want using a free tool like Backtrack. You cannot stop hackers if they want to get into your system. The good news [for smaller companies] is they generally go for ‘the big one’.”
He says that compliance with the PCI DSS standards for the protection of cardholder data is not a panacea, but will make it harder for criminals who will likely move on to an easier target.
To combat the use of keylogging, he recommends that companies disable USB ports and that only company-approved equipment is used with computers.
This was the statement made by Hector Sants, CEO of the UK Financial Services Authority in a Mansion House conference on values and trust in which he suggested that a regulator has a role to play in ensuring that culture and ethics feature in business life.
Sants said that trust was an important issue that was not receiving the attention it should.
He said: “To date,
the post-crisis debate, from a regulatory perspective, has focused more
on the economic purpose of financial markets and institutions, and the
economic role that regulators and governments, through formal standards
and supervision, play in shaping the market.
Sants said: "I believe that until this issue is addressed we will not be able to prevent another crisis of this magnitude from occurring again, and will never fully restore the trust of society in the financial system."
He added that the recent
agreement at Basel covered the first phase of this financial reform
focusing on capital but that the second phase of the work will be more
important, covering the need for further capital and resolution tools
for large systemic institutions and the need for an effective regulatory
regime for managing liquidity risk and limiting leverage.
“If we do not deliver on liquidity and leverage and solve the problem of ‘too big to fail’ banks, we will not be able to deliver on the key requirement of the Basel reforms: namely ensuring that tax payers never have to foot the bill again."
Sants argued that some of the causes of the crisis were deeply rooted in behavioural or cultural issues that resulted in actions and decisions that, with the benefit of hindsight, were not the ‘right’ ones. “Indeed,” he said, “there are examples of actions and decisions by senior management that can be seen to be at the root cause of their firms’ demise.
Worryingly, as I have said recently, even after all the ‘supposed’ lessons learnt exercises, we are still seeing some decisions by senior management in major firms that we judge not to be prudent.”
Sants said that most major institutions have a ‘set of values’ to which they ascribe – however, in many cases there is a gap between what they claim to do and what they actually do. These values also tend not to be aligned or ‘lived’ by the employees, meaning the firm does not ‘practice what it preaches’.
Legitimate area of
Sants said that regulators should recognise culture as a legitimate area of intervention.
“For regulators, the starting point should be that we want the firm to have a culture which encourages individuals to make the appropriate judgements and deliver the outcomes we are seeking. At all times we want an institution to act with integrity. The regulator’s focus should therefore be on what an unacceptable culture looks like and what outcomes that drives. It should not be on defining the culture itself."
Sants said that remuneration practices (bonuses) have been “a symbol – a lightening rod of society’s lack of trust in bankers – and to address the trust issue, this state of affairs has to be recognised and resolved.
"I believe that unless bankers demonstrate sensitivity and exercise restraint in this area, trust will not be restored,” he said.
If Jerome Kerviel had faced trial in the US, his future would have been very different. A 20 year sentence would have surprised no-one.
As it was, there were many in the French court who gasped when the three presiding judges found him guilty and ordered the trader to pay back damages to Société Genéralé of almost 5 billion and handed out a five year prison sentence, two years of which were suspended.
Kerviel’s defence had been that his employee knew what he was doing and while he was making a profit, were happy for him to continue. He argued that he made no money apart from bonus from his dealings and has never been accused of making money for himself.
It was this suggestion that the bank should take responsibility for the actions of employees that struck a chord with the public, especially after the recent banking crisis, and it was the cornerstone of Kerviel’s defence
He admitted throughout the investigation and trial that he had hidden his bets and conceded at the trial that accumulating positions worth 50 billion euros was “probably not” in his mandate. However, his view was that he wouldn’t be a scapegoat for the “blind eye” the bank turned.
Prosecutors argued that Kerviel was driven to boost his bonus, while Kerviel said his sole motivation was to make money for the Paris-based bank, France’s second largest.
Kerviel said taking unauthorized positions and covering them up was a common practice by Société Genéralé traders. That assertion was contradicted by almost all the witnesses who testified.
The three French judges disagreed with Kerviel and ruled that a trader should take individual responsibility for his actions, whether or not the bank played a role.
This establishment of responsibility will be significant, not just in France but in markets throughout the world as regulators try to put in place controls and rules to avoid a replay of the 2008/9 banking crisis. In all countries, there is a wish to establish what is acceptable practice as traders buy and sell telephone number amounts in milliseconds across the globe.
Electronic trading has changed the environment. Now it is necessary to amend working practices to cope. Knowing who is liable when something goes wrong is important. So are systems that ensure the bank knows what is happening on its trading floor so a similar debacle to that at SocGen can be avoided.
The BBC has commented that
the few billion dollars lost by SocGen pale besides the hundreds of
billions of dollars thrown away through risky dealings in America's
sub-prime mortgage market, but the issue of dealer responsibility is
an important one, and needs to be revisited by legislators in the light
of technology advances.
Kerviel said he had got caught up in a “spiral” and admitted he had “committed faults, stupid things . . . I went too far.” But he had maintained he had not been alone. “Without the laissez-faire of my hierarchical superiors, this would not have happened,” he said at the trial.
The bank has sought to rehabilitate itself after the Kerviel crisis by investing €130m in controls. Its new motto – “deliver growth with lower risk” – reflects the bank’s pullback from investment in toxic assets which have led to writedowns or provisions of more than €10bn since the beginning of the financial crisis in 2007.
Further Zeus Trojan
hackers arrested in US
Banks warned that this is by no means the end of the problem
US authorities have charged 37 Russians and Eastern Europeans with using US bank accounts to launder money from hacked accounts using Malware including the Zeus Trojan. In total, over 90 people were arrested.
This follows the arrest by UK police of 19 people connected with the theft of millions of pounds from British bank accounts in similar attacks.
Don Jackson, director of threat intelligence at SecureWorks, said although a connection between the arrests has not been confirmed, several of the money launderers arrested in the US are connected with some of the largest Zeus operations around the world. There are several connections to the Ukraine.
In fact police in the Ukraine arrested five suspects on September 30.
But industry commentators are saying that even 116 arrests will make little difference to the growing international banking fraud being perpetrated via Zeus?
"While these arrests may make some think twice," says Robert Siciliano, an identity theft expert and McAfee consultant, "the vast majority of criminal enterprises will keep pursuing the millions to be made from flawed security systems."
The recent defendants charged in Manhattan federal court include managers of and recruiters for the money mule organization which recruits individuals to move the funds.
Federal prosecutors allege the 37 charged stole over $3 million in 21 separate cases. The Manhattan indictments against the other 36 accuses the defendants of stealing more than $860,000 from 34 separate corporate and individual victims and sending them to mule accounts at JPMorgan Chase and other banks.
And in the UK police officers from several UK police forces raided addresses in London to arrest 15 men and four women aged between 23 and 47.
Those arrested allegedly used the Zeus Trojan software to steal log-ins and personal banking details to draw money from accounts.
Police estimate the criminals stole £6m from UK banks and nearly £2m from US banks.
Dozens of suspects have been arrested on both sides of the Atlantic, with more charges and arrests expected, according to US reports.
Police said the gang specialised
in sending e-mail messages containing links to the Zeus Trojan malware
to specifically targeted finance personnel in small businesses, local
government, churches and non-profit organisations.
Mickey Boodaei, chief executive at Trusteer, said the arrests in the UK and US indicate that financial fraud is not the business of individuals.
"Behind these operations you can find groups of people which in many cases operate for larger organised crime groups that have the money to run large scale criminal online operations," he said.
Other cybercrime gangs are almost certainly operating in other countries in continental Europe, Canada and across the Asia-Pacific region, running parallel criminal operations to the Zeus gangs in the UK and the US, said Boodaei.
The number of users who are
infected with Zeus has increased over the past month due to aggressive
distribution attempts made by fraudsters.
The two leading infection routes, he explained, are compromised website that serve up a Zeus infection to visitors and spammed emails that include Zeus as an attachment or link.
Last week's arrests are part of an international investigation, called "Operation Trident Breach," that began in May 2009, when FBI agents in Omaha, Nebraska, US were alerted to fraudulent ACH payments made to 46 different bank accounts. The FBI agents soon realized the scope of the crime, and the agency partnered with local, state and federal partners, cybercrime task forces, working groups, and foreign authorities in the Netherlands, Ukraine and the United Kingdom.
The cybercriminals' target in the US. were small and medium businesses, municipalities, churches and individuals. They infested their targets' computers using a version of the Zeus botnet. The malware captured the victims' banking credentials, including passwords, account numbers and other data used to log into online banking accounts. This scheme resulted in the attempted theft of $220 million, with actual losses of $70 million from victims' bank accounts.
Expect to see more arrests like these, says David Ostertag, global investigations manager, at Verizon Business Investigative Response. "We're going to see over the next year or so more law enforcement activity and arrests around Zeus," says Ostertag. As a forensic researcher, Ostertag says he has been chasing Zeus since it first appeared in 2004.
Tom Wills, senior analyst at Javelin Strategy and Research, says: "Law enforcement has won an important battle here," Wills says. "But unless the weed was pulled out by the roots (i.e. the capture of the ringleaders), I expect to see them back at work soon."
Shane Sims, PriceWaterhouse Coopers' Forensic Services practice director in the U.S., says arresting the money mules should result in a temporary dip in the upward spike of ACH-related frauds. However, he points out that these international hacker crews are like traditional organized crime groups. "If you don't dismantle the entire crime family, the criminal activities will continue. New money mules will be recruited, bank customers' computers will continue to get compromised, and fraudulent ACH currency movement will continue."
In the international investigation Operation Trident Breach, authorities say they had the widest and most far-reaching cooperation to date with other countries authorities. Javelin's Wills says resources in some countries are limited.
He explained that in the Eastern European and Asian countries where the fraud ringleaders tend to operate, the legal infrastructure is not very conducive to investigating and prosecuting the perpetrators. "We can't count on that changing any time soon, so the best strategy in the victim countries is to practice proactive security," Wills says. "This means a greater focus on adding layers of security where the compromise takes place - in customers' computers and mobile devices."
David Divitt, Fraud & Risk Solutions Consultant for ACI has also warned that the multi-channelled Zeus can use the mobile phone as a forwarding device for one time passwords being delivered to the customer. He explained: “The attack method currently seems to use the mobile phone as a forwarding device for any one time password that is delivered to the customer. It’s unclear whether or not the mobile phone hack would hide the incoming SMS from the customer, however if it doesn’t, then if banks ensure they include relevant transaction details in the SMS - amount, and beneficiary - it could allow the legitimate customer to detect that something has gone wrong prior to money being lost.
Details of a Zeus
Popular IT security site TechCrunch Europe served up a Zeus trojan -installer PDF file to its visitors on Monday of this week and, says leading provider of secure browsing services Trusteer, the infection is down to the rising tide of Zeus attacks.
"The bad news about this infection, which lasted several hours on Monday of this week, is that - as security researcher Rik Ferguson says in his blog (http://bit.ly/bL2Jjx) - just two of 43 IT security applications can detect this malware variant," he said.
And whilst the quantity and hacking quality of these attacks have increased, Trusteer is also seeing a drop in antivirus detection rates for Zeus.
"Trusteer warned a while ago that the newer version of Zeus is very effective in avoiding detection by IT security software and the increased Zeus infection rates demonstrates this," he said.
"We estimate that fraud losses due to Zeus specifically are going to triple in 2011 due to the increase in distribution and lack of coverage by antivirus vendors. This latest infection of the TechCrunch Web portal is just the tip of the iceberg," he added.
The US Securities and Exchange Commission is considering taking action in India’s Satyam Computer Services scandal.
The Indian software giant
said in a regulatory filing that it had received a ‘Wells Notice’
from the US financial regulator warning the SEC is considering filing
a civil lawsuit against it alleging fraud.
Satyam is at the centre of India’s biggest ever corporate fraud case. In January 2009 its former chairman and founder Ramalinga Raju said profits had been overstated and assets falsified in a fraud allegedly involving over US$1.5bn.
It was not immediately clear why news of the SEC’s possible move was being made public now and neither Satyam nor the commission has so far commented.
The Satyam notice said the SEC's Division of Enforcement had tentatively decided to recommend that a civil suit be filed alleging fraud and other violations and seeking permanent injunctions and monetary relief, according to Satyam. The SEC has not yet made a decision, Satyam added.
Satyam is already facing a multi-million dollar class action lawsuit filed by around 20 investors in the US over the fraud.
On September 30, Satyam also said the SEC and authorities in India are investigating "round tripping" in periods up to April 2002. Round-tripping is an accounting trick that technology companies use to inflate revenue. The firm agrees to sell an asset to another firm while agreeing to buy a similar product at around the same price.
Ramalinga Raju has recently been released from hospital treatment for Hepatitis C, and is facing further questioning. His brother and former board member Rama Raju, and the ex-Satyam CFO Vadlamani Srinivas are currently in prison.
The Manhattan court ruled that the plaintiffs had failed to establish that the bank’s managers had knowingly made false or misleading statements regarding alleged failings in the bank’s internal control mechanisms or that they may have been aware of alleged failings concerning the asset writedowns announced by the bank in relation to the subprime mortgage crisis. The judge also ruled the insider trading allegations made against those of the bank’s managers cited in the complaint had not been substantiated.
The court also based its decision on the recent decision by the US Supreme Court in Morrison v. National Bank of Australia. In this landmark case decided June 24, 2010, the United States' highest court had in fact ruled that investors who purchase shares in non-American companies listed on non-American exchanges cannot bring suit in the United States to seek compensation under federal securities law.
The FSA said that between
January 2008 and September 2009 De Biase paid £131,000 to Anjam
Ahmad, a hedge-fund trader at AKO Capital, in return for Ahmad giving
him broking business on which Di Biase received a proportion of the
commission as part of his remuneration.
The regulator says that on 20 occasions in 2008 and 2009 Ahmad and Di Biase agreed that a higher level of commission would be charged to AKO to increase the money available to them to split which resulted in AKO being overcharged a total of US$739,000.
The amount of net commission retained by De Biase under this arrangement was £198,000.
Ahmad was subsequently charged for insider dealing and in June was given a 10 months prison sentence suspended for two years, in addition to 300 hours of unpaid work in the community. He was fined £50,000.
The FSA also brought civil charges against Ahmad for placing business with Di Biase in return for cash payments and gifts following which Ahmad agreed to pay the £131,000 profit he had received to the FSA.
The “quality and consistency” of standards surrounding audit reporting is disappointing, the Financial Services Authority (FSA) has claimed.
A review into auditing practices found that many firms and organisations failed to meet the FSA requirements when evaluating their client assets.
The regulator found numerous problem areas including how many auditors were unaware of reporting requirements while a number of reports have been submitted late or contained errors such as incorrect dates or without any signatures.
Richard Sutcliffe, FSA’s client assets sector leader, said: “We have also made clear our disappointment in the quality of auditors’ reports that we have reviewed.
“It is ultimately a firm’s responsibility to ensure that they have adequate systems in place, but they, as we, rely on their auditors to provide the necessary assurance in this regard. Auditors charge a fee for this professional service - it is important that we and firms can rely on the reports they are signing off.”
Following the review, the FSA has issued a consultation paper containing proposals to ensure improvements to auditing sector standards.
Recommendations included ensuring reports are consistent and confirming the standards that firms need to adhere to.
Singapore hit by civil service fraud
Two people are alleged to have conspired to defraud the Singapore Land Authority (SLA) of almost S$12m (Eur6.7m) over a two-year period.
Koh Seah Wee, a former deputy director of SLA's technology and infrastructure department, and former manager Christopher Lim Chai Meng are said to have worked with others to render false invoices for fake IT maintenance services and goods which were not delivered.
Koh has been charged with 249 counts of cheating and other offences, the SLA and the Ministry of Law said in a joint statement.
Lim and other individuals running the businesses that allegedly provided the false invoices are assisting the police with investigations.
"SLA had worked with police to recover the amounts involved. Cash and assets worth about S$10m (out of S$11.8m defrauded) have been located and secured so far," added the statement.
While the authority said it "had in place finance and procurement processes which were in accordance with Government guidelines", Koh and Lim are suspected of working together with the businesses, "thus enabling them to circumvent the checks and balances in the processes".
Among those named in court documents, Ho Yen Teck and his seven companies appeared in 195 cheating charges that Koh is facing.
Koh and Lim were deployed from the Infocomm Development Authority to SLA in March 2007 and July 2006, respectively.
The alleged fraud began in January 2008 when Koh was said to have conspired with Lim in placing and awarding several IT contracts on a Government procurement website to CSM Technology, which Koh is accused of knowing that CSM "never intended to fulfill".
Between Janaury 2008 and March this year, amounts paid by SLA for fictitious IT services ranged from S$2,600 to S$60,000. As an SLA deputy director, Koh's level of approval allowed payments to be made to these supposed shell companies.
Koh was posted back to IDA in March. He resigned on June 1.
Meanwhile, Lim left SLA on May 1, returned to IDA and then went on no-pay leave. He has been suspended from duty.
The alleged fraud was detected during a review of contracts in June, when SLA's finance department generated a listing of expenditure for review by the department heads. The new department head who replaced Koh detected the irregular payments, and SLA reported the matter to the Police.
Prosecutors have filed 12 charges of concealing criminal proceeds against Koh, who has been in remand since June 25, as he has been unable to post bail of S$1.5m. His case will next be heard on October 19.
If convicted, he could face a jail term up to 10 years and fined on each count. For concealing criminal proceeds, he could be jailed up to seven years and fined up to S$500,000 for each charge.
Plans to introduce pan-European financial watchdogs have been given final approval by the European Parliament.
A pan-European financial supervision architecture will be introduced in 2011 after a plenary session of lawmakers in Strasbourg voted heavily in favour of the plans, finalising an informal agreement reached earlier this month.
The move brings a long negotiating battle within the EU to a close. Britain and Germany had expressed concerns that the new regulatory bodies would undermine their national supervisory authorities.
Under the supervision framework, three new pan-European financial watchdogs called European Supervisory Authorities (ESAs) will be created by the start of 2011 to oversee banks, insurance companies and trading on markets. The plans will also create a European Systemic Risk Board (ESRB) to put in place a common set of indicators to permit fair and open comparisons between cross-border financial institutions and send out appropriate warnings.
National regulators at the fore
The plans will keep national regulators at the fore whilst ensuring a common rule book to prevent future economic crises, according to Dr Kay Swinburne MEP, European Conservatives and Reformists group economics spokesman.
The ESAs will have the ability to mediate disputes between national supervisors, to guide national regulators, and to monitor how national authorities implement EU legislation.
Dr Swinburne said: "This deal ensures that cross-border markets can be supervised by cross-border institutions who coordinate the work of national regulators. It provides the markets with a common rule book and greater certainty over the key questions of who will regulate what and where.
"Instead of handing over the keys to the City of London, this deal places it in a kind of European Neighbourhood Watch programme. Peer oversight will provide us all with loudhailer warnings when there are macro systemic or particular risks.”
Much of the debate in creating the watchdogs has focused on whether the EU bodies will supercede the powers of national regulators. The plans basically mean that the day-to-day running of banks will rest with the national regulators, whereas the EU body will take over when there is a dispute, an emergency or a breach of EU law.
"The European Supervisory Authorities will be able to address decisions directly to national authorities when they are arbitrating between national authorities involved in a cross-border group, when a national authority is incorrectly applying EU regulations and lastly in an emergency situation declared by the Council," a European Commission paper states.
The new ESAs will have powers to settle disputes among national financial supervisors and to impose temporary bans on risky financial products and activities. The European Commission says the watchdogs will also strengthen the Single European Payments Area and provide better protections for investors.
Europe’s new regulatory plans also impose decisions directly on financial institutions, such as banks, so as to remedy breaches of EU law when national supervisors fail to act.
On the macro-level, a European Systemic Risk Board (ESRB) will be set up to monitor and warn about the general build-up of risk in Europe's economy.
The ESRB will develop a common set of indicators to permit uniform ratings of the riskiness of specific cross-border financial institutions and make it easier to identify the types of risks they carry.
It will also be responsible for establishing color-coded grades to reflect different risk levels. When making warnings or recommendations on risk build-up, the ESRB is to use the color- grade to indicate the level of risk.
The ESRB will be attached to the European Central Bank and chaired by ECB President Jean-Claude Trichet for the first five years.
The lawmakers said that this new system should be able to provide better protection from events such as the Fortis bank crisis weekend, Germany's unilateral naked short-selling ban and the financial losses suffered by life insurance policyholders in the UK, Ireland and Germany with the collapse of Equitable Life.
President of the European Commission Jose Manuel Barroso, commented on the new framework: " With this reform, Europe is the first region in the world to put in place top-notch supervision that is up to the challenges of the future."
European Commissioner for Economic and Monetary Affairs Olli Rehn said: "Macro-prudential supervision was clearly the weakest link of the pre-crisis framework. The creation of the ESRB is a decisive and innovative step towards a stronger and more stable financial system."
Obiamaka Madubuko, a partner at McDermott Will & Emery LLP (which advises on due diligence issues), said that companies currently need to be reassessing their compliance programmes overall.
“My advice for companies is to make sure you have a strong, clear message on anti-bribery that is widely disseminated,” she said, adding that intermediaries and business partners should receive it as well.
issues guidelines to mitigate skimming attacks
Visa Europe has issued guidelines to protect on system vulnerabilities at retailers against card skimming attacks.
The card network says that the ‘Device Skimming: Attacks and Defence’ guidleines are based on industry best practices to help retailers protect payment systems and limit the likelihood that they will be the victim of skimming attacks.
Skimming attacks involve criminal gangs who attempt to modify POS terminals by fitting them with equipment that captures card information and potentially customer’s PIN numbers whilst the card is being processed.
Visa Europe says that that all of the guidelines should be followed to form a layered approach to system defence. Retailers should:
- Examine payment
acceptance devices on a regular basis to identify whether the device
has been altered or tampered with. This examination should include the
retailer looking for: missing seals or screws, extraneous wiring, holes
in the device or additional labels used to mask damages.
- Familiarise themselves with the environment in which payments systems are operating and be aware of any additional or unknown items that appear in the vicinity of the device. Many criminals use the areas surrounding PoS devices to install cameras to record customer PIN entry details. Retailers can use CCTV to deter criminals and help to protect the security of PoS devices. Cameras should be positioned to monitor the location of devices and not record PIN entry at the device.
- Secure their devices to prevent their substitution and protect against tampering. Where possible, cables connecting to terminals should be protected using a conduit or held within a physically secure structure. This should be carried out in accordance with relevant disability legislation for the country in which the device is deployed.
- Implement employment policies to ensure that appropriate background checks are carried out on employees who will be handling the devices. Employees should also be made aware of their responsibilities to protect PoS devices and be vigilant to possible attacks.
- Develop and implement policies and procedures to train staff to validate the identity of all payment systems repair technicians or any other entity who tries to either remove or install a PoS device.
- Use PCI Security Standards Council (PCI SSC) approved devices.
Stanley Skoglund, senior VP payment system risk at Visa Europe, commented: “Skimming attacks are becoming increasingly sophisticated. Fraudsters operate in organised groups around the world and attacks are often difficult to detect. Visa Europe does not tolerate activities that undermine the integrity of the payment system as this has an impact on the trust that consumers have in your business. By taking an active stance, Visa Europe’s guidelines highlight pro-active steps that retailers can take to ensure acceptance of card payments take place in a safe and secure environment and reinforce consumer trust.”
Over the past year, Visa Europe has introduced a number of guidelines for retailers including advice on emerging technologies such as data encryption, tokenisation, and industry-specific whitepapers to help participants in the payment chain better understand their responsibilities related to securing cardholder data as well as providing simply guidance on how retailers can protect themselves from common attacks.
More former executives of Allen Stanford’s business
empire are likely to be charged as investigations into the fallen tycoon’s
alleged US$8bn fraud continue.
US financial regulator the Securities and Exchange Commission (SEC) said that it has recommended charges be laid against several unnamed senior ex-employees of Stanford Financial Group.
The disclosure came on September 22 from Rose Romero, director of the SEC’s Fort Worth Regional Office, as she testified before a US Senate committee hearing on the commission’s investigation into 60-year-old Stanford.
Romero said that over the past year, the SEC has been continuing investigations to determine if other executives and employees at Stanford Financial Group deceived US investors in the sale of fraudulent certificates of deposit (CDs) through the Stanford International Bank (SIB).
She said other people face prosecution now that the commission has collected and reviewed tens of thousands of documents, reviewed email communications of more than 150 former employees, interviewed and taken sworn statements from over 60 former employees and other witnesses, and interviewed around 200 victims of the Stanford fraud.
“We have…notified several former Stanford executives that we intend to recommend fraud charges against them. These persons include former high level executives and financial advisors,” said Romero.
“Our investigation of these matters is continuing, as are our efforts to maximize the recovery for the Stanford victims.
In addition to Stanford who faces 21 counts of fraud, the SEC has previously named SIB chief financial officer James Davis – who pleaded guilty to charges including fraud in August – and Laura Pendergest-Holt, the chief investment officer of Stanford Financial Group who has denied allegations of fraud and conspiracy to commit money-laundering, in its action.
Former head of Antigua and Barbuda’s Financial Services Regulatory Commission (FSRC) Leroy King, along with Stanford accountants Mark Kuhrt and Gilberto Lopez are also facing charges.
Seized ATM video shows how to get cardholder
Footage shows how easy it can be for cardholders to stop fraudsters
Criminal video footage that shows fraudsters how to get cardholders PINs at ATMs has been put on the website of the European ATM Security Team (EAST).
The seized video, provided courtesy of the UK’s LINK ATM scheme, shows criminals installing a micro camera above an ATM PIN pad and then placing a skimming device over the card reader throat. The scenes that follow show cardholders conducting transactions at the ATM.
co-ordinator Lachlan Gunn said it shows how criminals can steal the
four-digit PINs, but also how easy it is for cardholders to stop criminals
obtaining their PIN by covering their hand when entering it. The video
can be seen at:
Gunn said that, although ATMs are generally secure, criminals do occasionally target cash machines to try to either steal cards (card trapping) or to copy cards to create counterfeits (card skimming). In both cases the criminals need to obtain the 4-digit cardholder PIN to allow for fraudulent cash withdrawal.
Graham Mott, head of external relations and development at the LINK ATM scheme and a director of EAST, added: “While micro cameras are not the only way that criminals can attempt to get PIN information, it is a common method.”
He added that by seeing what the criminals can see, he hoped that the video will encourage more people to routinely cover their PIN when entering it.
EAST reports on crime at ATMs within the 31 countries of the Single Euro Payments Area (SEPA), publishing two reports each year, which are available through its website. The next one is due for publication in October 2010.
Eleven major French banks have been charged a total of Eur385m (£321m) for illegally fixing the price for cheque clearing services between 2002 and 2007.
France’s competition regulator, the Autorité de la Concurrence, said the banks charged an unjustified fee of 4.3 cents on 80% of cheques exchanged in France from January 2002 to July 2007.
The authority added that the banks were still charging two additional fees for "related services" that were not proportionate to the costs incurred.
The banks fined are Banque de France, BNP Paribas, BPCE, Banque Postale, Confederation Nationale du Credit Mutual, HSBC, Credit Agricole, Credit du Nord, CIC, LCL and Societe Generale.
BNP Paribas was given a Eur63.3m fine, while Société Générale and its Crédit du Nord affiliate were fined Eur60.5m.
The smallest fine of Eur350,000 was given to the state bank, Banque de France, in relation to its retail activities as the state’s banker.
The competition authority said the banks put up their fees during the transition towards the new computersised system for processing cheques.
The banks claimed that they had to make up for reduced revenue, as they were losing out on interest payments by having to release the funds for the cheques sooner than under the previous system.
However, the authority said there was no evidence that the transition to the new system had resulted in net losses for the banks involved.
"When the new digital system for processing and clearing interbank cheques was set up, the main French banks met and colluded so as to define together the functioning details of the new system," it said.
The regulator added that the banks stopped charging the 4.3 cent commission which is paid by the remitting bank to the drawee bank in 2007 "under the pressure of the ongoing proceedings".
BNP Paribas said it was surprised by the ruling and had not yet decided whether to appeal. Credit Agricole said it “deplored” the fines, claiming that the interbank commission had helped establish a successful reform against cheque fraud.
Card not present crime is soaring to unprecedented levels in the US, according to newly published figures.
There has been a 32% rise in the amount of fraudulent attempts to buy goods on the internet, by mail order or by telephone in H1, according to the figures from fraud prevention and payment processing company Retail Decisions (ReD).
It found that attempted ecommerce payment fraud reached an estimated value of US$1.14bn in the first six months of 2010. The report predicts this could reach US$2.83bn by the end of the year – increasing by 32% compared to the US$2.14bn total recorded in 2009.”
ReD says that the continuing rise in unemployment and the increasing ingenuity of fraudsters is partly responsible. With the unemployment rate approaching 10%, there are almost 15 million people in the US now out of work.
There have long been predictions that card crime will migrate to the US due to its not having migrated to EMV standards.
The ReD report says thieves with stolen or cloned cards prefer to use them invisibly, where they do not have to be physically handed over. Consequently e-commerce channels are constantly under threat from scammers, and the number of attacks is rising sharply in the US.
UK fraud reduction
The CNP rise in the US is a significant contrast to the improving situation in the UK, where the market is predicted to see a 9% fall in the value of attempted e-commerce fraud this year. This has been largely due to combined forces of industry initiatives such as chip and PIN and the increasing use of sophisticated fraud detection tools by retailers and banks.
RED’s CEO Carl Clump comments: “This is a stark warning for US merchants and consumers to protect themselves against payment fraud.”
He added that not only are fraudsters becoming more aggressive, attempting attacks more frequently, it also appears that they are aiming higher and targeting increasingly expensive items. In the first six months of 2010 the average transaction value for attempted fraud went up by an estimated 34% compared to the same period last year, from US$111 to an estimated US$149.
The inquiry into Ettore Gotti Tedeschi was launched after two suspicious transactions were reported to tax police in Rome.
Police are looking into whether Mr Gotti Tedeschi and the bank's chief executive Paolo Cipriani contravened laws that require banks to disclose information on financial operations.
Prosecutors have frozen Eur23m (£19m) from the bank's accounts with another smaller institution.
Speaking to financial newspaper Il Sole 24 Ore, Gotti
Tedeschi he felt humiliated and that it was centred on a mistake.
“An error of procedure is being used as an excuse to attack the institute, its president and the Vatican in general,” he said.
He said the transaction under suspicion was a normal treasury operation which involved a transfer “from accounts of the Vatican bank to other accounts of the Vatican Bank.”
The Vatican said in a statement it is "perplexed and astonished" about the investigation, and added that it has full confidence in Tedeschi.
The Vatican Bank, which is officially called the Institute for Religious Works (IOR), was created during World War II to administer accounts held by religious orders, cardinals, bishops and priests.
Ex-French president to stand trial on embezzlement charges
Former French president Jacques Chirac is to stand trial on embezzlement charges later this year.
He faces a maximum ten-year prison sentence and a fine of up to £120,000 if he is convicted.
Chirac, 78, is accused of paying salaries out of public money to 21 members of his RPR party for fictitious jobs when he was Mayor of Paris. He is alleged to have claimed they were City Hall employees.
The alleged offences took place between 1992 and 1995, the last three years of his 18-year term as Paris mayor.
He has agreed to pay the city of Paris Eur550,000 to drop a civil case against him for misusing public funds, improving his chances of avoiding the conviction on the criminal charges of creating fake jobs.
Despite the deal on the civil charges, the criminal lawsuit still stands, Chirac’s lawyer Jean Veil has confirmed. The trial is likely to start at the beginning of November and Chirac would be the first modern day French leader to appear in the dock.
He denies any wrongdoing.
Following an investigation by the UK’s Dedicated Cheque and Plastic Crime Unit (DCPCU) and the Westminster Police Chinese Unit, a factory manufacturing counterfeit payment cards was discovered at a flat in Hornsey Road, Haringey.
Items recovered included thermal printers to produce counterfeit cards, plastic cards and holograms. In addition, over £10,000 in cash, gold ingots and other gold jewellery valued at between £8,000 and £10,000 was seized. A list of a number of stolen account numbers was also found at the address - 250 of them were already encoded onto the counterfeit cards and police recovered a further 450 compromised card details.
Southwark Crown Court heard how officers launched an investigation into 28-year-old Cheng Chee Weng and 39-year-old Gabriel Yew, in March this year following their arrest by Westminster Police's Chinese Unit.
In Yew's flat, police found a locked room downstairs, where a fully working counterfeit credit card factory was housed.
Further searches by the DCPCU on 1 April revealed that Yew was the mastermind behind the factory and that he had been using the counterfeit cards to purchase luxurious goods such as computer handsets, iPhones, expensive whisky, jewellery and other items up to the value of £300,000. Weng was responsible for running errands as instructed by Yew.
Any assets or cash obtained through their criminal activity will now be subject to confiscation proceedings under the Proceeds of Crime Act 2002 (POCA).
Detective Inspector Dee Bain, from the DCPCU, said: "During the past eight years the DCPCU has prevented an estimated £340 million of card and cheque fraud, and has been integral to the reduction in overall card fraud losses, which fell by 28 per cent last year."
Gabriel Yew, a bar manager of Eagle House, Hornsey Road, Haringey pleaded guilty on 14 July to conspiracy to defraud, supplying articles for use in fraud and money laundering. He was sentenced to 4 years in prison.
Cheng Chee Weng, a chef of no fixed abode pleaded guilty on 14 July to conspiracy to defraud and supplying articles for use in fraud. He was sentenced to 15 months in prison.
The bankrupt 27-year-old was arrested in April and had been facing 75 years in jail on charges of bank fraud, money laundering and conspiracy to operate and finance an illegal gambling business. He was accused of processing gambling proceeds and making them appear legal to banks, starting in early 2008.
He is reported to have entered a plea in August to a serious criminal charge, and it is thought he may be cooperating with US authorities who are staging a crackdown on financial crime in the internet gambling industry.
In mid-April US federal enforcement officials charged Tzvetkoff with processing more than US$500m in transactions for US online gaming sites between February 2008 and March 2009. He was subsequently moved from Las Vegas to a remand holding centre in New York pending trial.
He hadpleaded not guilty to multiple charges of bank fraud, money laundering and conspiracy in relation to a A$593m (US$500m) web-based gambling scheme.
Tzvetkoff was originally denied bail in New York because a US judge feared he had hidden money to finance an escape from the US once free. His trial is set for June 2011.
In 2009, internet gambling company Kolyma Corporation had filed an A$52m lawsuit against Intabill. The total purportedly consisted of $25m owed to Full Tilt and PokerStars and $30m owed to the CEREUS Network sites UB.com and Absolute Poker. The lawsuit was filed in Australia and, at one point, it was reported that Intabill took in as much as $1m per day.
Rather than report what his financial transactions were for, Tzvetkoff is alleged to have told banks they represented “repayments of short-term loans, transfer of funds to prepaid debit cards, and e-commerce purchases.”
He filed for bankruptcy in January following credit card charge back issues and the deteriorating global economy.
Credit lenders and estate agents warned of fines for laundering non-compliance
The UK Office of Fair Trading has outlined the financial penalties it will impose on estate agents and certain credit lenders who have failed to register under its money laundering registration scheme.
The OFT has published the Anti-Money Laundering Interim Penalties Policy which says that if such estate agents and certain credit lenders fail to register with the OFT but continue to carry on a supervised activity, they will be subject to fines that start at £2,000 and increase by £1,000 for each additional unregistered premise.
The regulator says that, where it believes estate agents and certain credit lenders are not registered but are carrying on a supervised activity, it will give them 21 days to apply for registration or to explain why they are exempt from registration, before notifying them of the intention to apply a financial penalty.
Mario Tsavellas, OFT director of anti-money laundering, said: "Estate agents and certain credit lenders have an obligation to comply with statutory obligations under the Money Laundering Regulations 2007, which includes registration with the OFT.
"Where businesses choose to ignore OFT warnings and do not register, we will impose civil financial penalties.
"It is vital that the OFT continues to identify those who should register, so that the OFT can supervise them effectively and reduce the risk of money laundering and terrorist financing in these sectors."
Taiwan-based China Development Industrial Bank (CDIB) has sued Morgan Stanley for fraud damages in a sub-prime mortgage investment case.
The bank is looking to recover millions of dollars losses in incurred from a residential mortgage-backed securities investment it made through the US-based global financial services firm.
The case was filed by CDIB in the New York County Supreme Court in July, but CDIB only went public with the case on September 14. Morgan Stanley has issued a statement vigorously denying the charges.
The mortgage product that is the subject of the case is STACK 2006-1 collateralized debt obligation. This was a synthetic derivative product linked to the performance of residential mortgage-backed securities.
The complaint alleges Morgan Stanley made bad investments tied to US subprime mortgage bonds and then dumped its toxic investments on the plaintiff, enriching Morgan Stanley at the expense of its client CDIB.
Morgan Stanley is alleged to have taken what it knew to be toxic and unsafe investments and falsely portrayed the investments as safe in order to avoid losses and instead transfer them to the plaintiff. The scale of these allegedly fraudulent practices led CDIB to file its first U.S. lawsuit in its nearly 50-year existence.
"Morgan Stanley structured and sold CDIB a security that was a house of cards built on a shoddy foundation of fraudulently manipulated credit ratings," said Samuel Rudman of legal firm Robbins Geller, lead counsel for CDIB.
In addition to Morgan Stanley, CDIB’s action also names TCW Asset Management Company, Jeffrey Gundlach, and Louis Lucido with violations of New York law, including fraud.
The complaint alleges that the STACK CDO was initially created in August 2006 by Morgan Stanley, which held the Supersenior Swap component of the CDO. In early 2007, Morgan Stanley sales representatives approached CDIB about transferring Morgan Stanley's Supersenior Swap position.
In April 2007, CDIB accepted Morgan Stanley's representations and agreed to enter into a transaction in which CDIB committed to fund the Supersenior Swap.
The complaint alleges that representations made to CDIB during the solicitation process were materially false and misleading and that soon after CDIB entered into the transaction, Morgan Stanley began making collateral calls seeking millions of dollars in payments from CDIB.
57,000 fake websites a week
eBay and Western Union are most targeted brand names
Hackers are creating 57,000 new websites a week according research from anti-malware company Panda Security.
The fake websites exploit approximately 375 high-profile brand names worldwide at any time. The findings are based on a three-month long study conducted by PandaLabs of its global malware database. Notably, eBay and Western Union-related URLs comprise 44% of all malicious sites, with Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals.
The 10 most beleaguered brands, along with the percentage they are targeted among all fake websites tracked by PandaLabs, are as follows:
eBay - 23.21 percent
Western Union - 21.15 percent
Visa - 9.51 percent
United Services Automobile Association - 6.85 percent
HSBC - 5.98 percent
Amazon - 2.42 percent
Bank of America - 2.29 percent
PayPal - 1.77 percent
Internal Revenue Service - 1.69 percent
Bendigo Bank - 1.38 percent
In the investigation, PandaLabs found that banks by far comprise the majority of fake websites with 65 percent of the total. Online stores and auction sites are also popular at 27 percent, with eBay taking the spot as the No. 1 most targeted brand on the Web today. Other financial institutions, such as investment funds and stockbrokers, and government organizations encompass 2.3 percent and 1.9 percent, respectively. Payment platforms, led by PayPal, and ISPs are in fifth and sixth place.
Cybercriminals create fake websites related to well-known brands and organizations so that the URLs appear in phishing campaigns and in search results. When unwary users click on them thinking they are the real company, their computers will either be infected or they will be directed to a landing page that appears legitimate. When they enter personal information on these malicious pages, that data will fall into the hands of criminals, who will then use it to commit financial fraud and other crimes.
Luis Corrons, technical director of PandaLabs, comments: "The problem is that when you visit a website through e-mail or search engines, it can be difficult for users to know whether it is genuine or not. Given the proliferation of this technique, we advise consumers to visit banking sites or online stores by typing in the address in the browser directly rather than using search engines or links in an e-mail. Although search engines are making an effort to mitigate the situation by changing indexing algorithms, they have so far been unable to offset the avalanche of new websites being created by hackers every day."
US accountant Frank Castaldi has been given a 23-year prison sentence after pleading guilty to fraud charges in connection with a Ponzi scheme he operated for over 20 years.
The sentence ordered by Judge John Darrah was nearly double the 12 years recommended by prosecutors for Illinois-based Castaldi.
“This is an offense of huge magnitude,” the judge said after hearing from victims of the scheme. “It involved hundreds of victims. It involved millions of dollars.”
Castaldi, 57, raised US$77m over 22 years from a pool of mostly lower class investors in the Chicago area that included the parents of his godchildren, longtime employees, relatives and friends, including first-generation Italian immigrants who had known him since he was an infant.
Frank Cesare, 73, testified that he is homeless, suffers from prostate cancer and has no money since losing his life savings to Castaldi's scheme.
In an August 2009 plea agreement, Castaldi said he had raised over US$77m from 473 groups and individuals. First charged in January 2009, he admitted to mail fraud and to trying to thwart a US Internal Revenue Service investigation.
Castaldi was also ordered to pay US$31m in restitution to his victims and US$8.8m to the IRS.
Randall Samborn, a spokesman for the US attorney's office, said prosecutors do not believe Castaldi has any significant cash or assets. Defence lawyer Michael Monico said Castaldi did not live a lavish lifestyle, and used some of the invested money to fund unprofitable businesses, including a banquet hall, restaurant, travel agency, real estate company and insurance company.
"He was not your typical scam artist," said Judy Milazzo, the wife of a construction worker who invested with Castaldi. "He was not a Madoff. He was family."
PayPal creates new
chief compliance officer post
Appointment comes after regulatory problems in Australia, India and Japan
PayPal has created the new post of compliance officer, who will be responsible for ensure that the online payment provider complies with regulatory requirements in the countries where it operates.
The eBay-owned company has appointed Leonard Shen, formerly of American Express, to the position.
The move follows problems PayPal has experienced this year with the regulator in Australia over anti-money laundering rules, in addition to licensing problems in India and Japan which have forced it to suspend personal payments.
Writing on the company’s blog, PayPal president Scott Thomson said of the appointment: “The payments business is uniquely local in nature. To be successful managing a payments business on a global scale, you have to have a deep understanding of the rules governing each market where you operate, and a global framework for managing operational and compliance risks. PayPal is committed to building our business in this model, while being in full compliance with the rules that govern our business around the globe.”
Shen was previously the chief compliance and ethics officer at American Express. He has also worked for the US Senate, the Environmental Protection Agency, the Department of Justice and the Ninth Circuit Court of Appeals.
The former CEO of military contractor DHB Industries has been found found guilty of committing a US$185m fraud and looting the company to pay for personal expenses.
David Brooks, 55, and former COO Sandra Hatfield, 56, were convicted in Central Islip, New York, of insider trading, fraud and obstruction of justice in manipulating financial records to increase DHB’s reported earnings. Brooks was also convicted of lying to auditors.
DHB is the largest supplier of body armour to the US military.
The jury in the case had deliberated for more than two months in a trial that lasted eight months. They also found Hatfield guilty of fraud, insider trading and obstruction of justice, the office of the US Attorney for the Eastern District of New York said in a statement.
The jury heard that Brooks
and Hatfield had manipulated financial records to increase company earnings
and profit margins, thereby inflating stock prices.
Brooks was alleged to have charged over US$6m in personal expenses to the company. From a United States flag belt buckle to plastic surgery for his wife, veterinary pills for his 100 racing horses, luxury cars and use of the company jet to ferry his children to and from college or to parties, Brooks was spending DHB money, prosecutors said.
Both Brooks and Hatfield face jail terms of up to 25 years.
In November 2004, several days after DHB filed a financial report with the SEC and sent shareholders a statement containing many of the misrepresentations and omissions prosecutors say that Brooks and Hatfield sold more than US$72m of their DHB stock. In December 2004, they sold approximately $118 million of their DHB stock. These sales occurred when DHB’s stock price rose to over $20 per share in late 2004. In total, Brooks realized more than $185 million and Hatfield more than $5m from the insider trading. Since these insider sales, DHB stock price fell to pennies on the dollar and the stock was de-listed from the American Stock Exchange.
Brooks was removed as DHB’s CEO in July 2006 and Hatfield resigned from DHB in November 2005.
FBI assistant director-in-charge Janice Fedarcyk commented: “To commit the theft and reap the insider trading windfall, and to conceal it all, Brooks and Hatfield lied to shareholders, lied to auditors, lied to regulators. The FBI is committed to policing and preventing this sort of brazen corporate misconduct.”
demands and ambiguity are greatest AML challenges
Research reveals major challenges for professionals in Europe and North and South America
Increased regulatory demands or the rise of organised financial crime are the biggest challenges for banks in Europe, and North and South America.
That os one of the main findings in new research from business technology firm into the challenges facing anti-money laundering (AML) experts in the regions.
87% of compliance professionals agreed that either increased regulatory demands or the rise of organised financial crime are the biggest challenges for banks in these regions. In North and South America, more than half of respondents found increased regulatory demands a significant challenge. In Europe however, the most commonly cited challenge was the ambiguity of sanctions regulations, which 73% agreed or strongly agreed should be more straightforward.
45% of respondents from Europe also claimed that the US Treasury's Office of Foreign Assets Control (OFAC) bared the sharpest teeth when it comes to AML regulation. 62% found the Americas the hardest region to govern in terms of sanctions compliance.
John Evans, director of financial crime solutions at Logica, said: "What's interesting here is that so many compliance professionals in Europe are more concerned about OFAC than by their domestic regulators and the United Nations (UN). It's clear that OFAC's wide geographical reach and heavy penalties are a continuing challenge for banks. Unfortunately, as domestic regulators clamp down further, the compliance headache - and potentially the regulatory ambiguity - looks set to remain a challenge."
A major regional contrast highlighted by the survey is concern over managing multiple sanctions lists. In North America, only 11% of respondents found this challenging. In Europe, on the other hand, 28% cited this as an issue.
Evans added: "Banks focusing on North America probably only need to scan payments against the OFAC sanctions lists. Banks in Europe, however, are likely to have to factor in more sanctions lists, such as those from the European Union, the UN and domestic ones. Large global banks may have up to 25 lists to manage, so it's easy to understand why this is such an issue."
The European survey results also highlighted that 30% of compliance professionals felt their bank could not scale effectively to handle foreign domestic payments traffic.
Evans added: "Clearly many banks are not equipped for what could be a vast increase in payments to scan. The payments landscape is changing, however, and simply filtering cross-border traffic will not suffice. Banks around the globe are going to have to address their scanning operations to ensure they can scale both efficiently and cost-effectively."
US firm Trillium Brokerage Services has been fined a total of US$2.26m for using an illicit high frequency trading strategy to manipulate stock prices
The Financial Industry Regulatory Authority (Finra) imposed the fine for Trillium’s use of the “layering” technique. The firm used nine proprietary traders in the practice and entered layered "non-bona fide" market moving orders in specific stocks on the Nasdaq exchange, creating a false appearance of buy or sell pressure.
Finra, the self-regulatory body founded by the US financial industry, says these orders were then immediately cancelled, enabling Trillium to benefit from advantageous prices that otherwise would not have been available to them on 46,000 separate occasions.
“By entering the non-bona fide orders, often in substantial size relative to a stock’s overall legitimate pending order volume, Trillium traders created a false appearance of buy- or sell-side pressure,” said Finra said, which did not name the stocks in question.
Trillium's director of trading, its chief compliance officer, and the nine traders under their supervision, were fined a total of US$802,500. They were also all suspended from the securities industry for periods between six months and two years. The traders have also been ordered to pay out disgorgements totalling about US$292,000.
Thomas Gira, EVP, market regulation, Finra, commented: "Trillium's trading conduct was designed to improperly bait unsuspecting market participants into executing trades at illegitimately high or low prices for the advantage of Trillium's traders. Finra will continue to aggressively pursue disciplinary action for illegal conduct, including abusive momentum ignition strategies and high frequency trading activity that inappropriately undermines legitimate trading activity, in addition to related supervisory failures."
Neither Trillium or the 11 individuals involved admitted or denied the charges, but they consented to Finra's findings.
Finra’s fine appears to indicate there will be greater scrutiny on high frequency trading activity, as part of its crackdown on market abuse in the wake of the “flash crash” on May 6 this year – which many observers blamed on high frequency trading.
US state financial industry regulatory body the Securities and Exchange Commission is investigating the causes of the May 6 crash, in which shares of dozens of big companies plummeted for a brief spell in the afternoon before recovering. Investors who had entered market orders for some stocks ended up selling the shares at prices well below the market's trading range for the rest of the day.
The most high profile case was the shares of Accenture which fell down to one cent from around US$42 before recovering
sets up unit to bring more civil fraud actions
Move responds to criticism of lack of financial crisis prosecutions
A senior US prosecutor has set up a unit to complement existing criminal fraud prosecutions with civil actions.
The move by Preet Bharara, US attorney for the southern district of New York, came in response to criticism of the limited number of criminalprosecutions brought after the financial crisis.
The six-person unit is being headed by Heidi Wendel, a former New York state deputy attorney-general, and will take on more civil enforcement actions.
The burden of proof is lower in civil cases, and this may provide a vehicle for bringing more cases related to misbehaviour during the financial crisis. Civil cases also have a greater ability to gather evidence and freeze assets than criminal ones.
Since April 2007, Wendel has worked in the office of
New York Attorney General Andrew Cuomo as deputy attorney general and
chief of the Medicaid fraud control unit.
The civil fraud unit will specialize in large-scale and sophisticated financial cases, such as healthcare fraud, mortgage fraud or procurement fraud.
One of the men behind the November 2008 attack on the systems of payment processor RBS WorldPay's computer network in the US has avoided prison after agreeing to inform on his fellow conspirators
Russian national Viktor Pleshchuk was one of eight Eastern Europeans named in a US federal grand jury indictment last year, relating to the theft of debit card data from RBS WorldPay.
US authorities called the hack “perhaps the most sophisticated and organized computer fraud attack ever conducted.”
Pleashchuk, 29, was arrested in Russia in March. The country has no extradition agreement with the US, so his trial took place in Russia. He was given a six year suspended sentence and four years of probation, after pleading guilty and agreeing to provide prosecutors with information on his accomplices. He was also ordered to pay RBS WorldPay US8.9m in compensation.
US authorities suspect Pleshchuk and Estonian Sergei Tsurikov of being the ringleaders behind the cyber-attack, which compromised the encryption used by RBS WorldPay to protect customer data on payroll debit cards.
This allowed the gang to raise the limits on accounts before handing over 44 counterfeit payroll debit cards to a network of "cashers" who withdrew $9.4m in less than 12 hours from more than 2,100 ATMs in at least 280 cities worldwide, including in the US, Russia, Ukraine, Estonia, Italy, Hong Kong, Japan and Canada.
In August Tsurikov was extradited from Estonia to the US to face charges which, if found guilty carry a maximum sentence of 35 years and a maximum fine of US$3.5m.
Afghan president seeks to limit international influence in corruption investigations
Afghan President Hamid Karzai is planning rules to limit international involvement in anti-corruption investigations.
US officials claim the move will seriously damage efforts to address the endemic official corruption that threatens support for Karzai’s administration in Afghanistan and the United States.
Karzai wants to control the role of US and other foreign law-enforcement specialists in two major anti-corruption organizations that have been set up in the Interior Ministry, by preventing them from direct involvement in investigations.
Mohammed Umer Daudzai, Karzai’s chief of staff, said that the investigators, management and decision makers in the organsiations will be Afghan.
The US and its allies have in the past 18 months established several Afghan units to investigate and prosecute graft, providing everything from sophisticated wiretap technology to training in forensic accounting. Using these resources Afghan investigators have uncovered a huge amount of corruption. A US official said that to pursue it all would mean going after almost every senior member of the government.
In July one of President Karzai's aides, who was allegedly negotiating bribes to squelch a pair of major corruption probes, was arrested. He was quickly released and remains free, with his case in limbo, said US and Afghan officials.
The report shows e.g. that the economic incentives are much more important for practitioners than what academic literature indicate.
The importance of information sharing for the Critical Information Infrastructure Protection – CIIP - is widely acknowledged by policy-makers, technical and practitioner communities alike. The Agency has researched peer-to-peer groups, e.g. Information Exchanges (IEs) and Information Sharing Analysis Centres (ISACs). The report identifies the most important barriers and incentives in day-to-day practice in IEs and ISACs for CIIP. This research differs from other reports by being focused on the practitioners' experiences. The material stems from three sources, literature analysis, interviews, and a two-round 'Delphi' exercise with security professionals.
ENISA says many of the barriers and incentives identified in literature are of low importance to practitioners and security officials working in IEs. The 'real' list of incentives for practitioners is instead: economic incentives (i.e. cost savings), incentives of quality, value, and use of information shared. Main barriers to sharing information are poor quality information, poor management, and/or reputational risks.
The Agency has produced 20 recommendations to different target audiences, e.g.:
- Member States should establish a national information sharing platform and co-operate with other Member States.
- Private sector should be more transparent in sharing information, improve preparedness measures based on information exchanged
- Research and Academia should quantify the benefits and costs of participating in platforms; undertaking case-study research into where attacks might have been prevented, or their impact lessened.
- The EU Institutions and ENISA should establish a pan European information sharing platform for Member States and private stakeholders.
The EU Commission's European Public Private Partnership for Resilience (EP3R) is the main policy initiative in this area.
The executive director of ENISA, Dr Udo Helmbrecht, says: "Information sharing is a corner stone to improve the protection of critical information infrastructure-CIIP, which is vital for Europe's economy and communications within Europe".
For full report, including all recommendations: http://www.enisa.europa.eu/act/res/policies/good-practices-1/information-sharing-exchange
Investment bank Goldman Sachs has been fined £17.5m by the UK’s Financial Services Authority for failing to tell the regulator it was under investigation by US authorities.
The FSA said the fine – the third largest it has ever given - relates to Goldman’s failure to ensure that it had adequate systems and controls in place to comply with UK regulatory reporting obligations.
This resulted in a failure by Goldman to notify the FSA of the Securities and Exchange Commission (SEC) investigation into subprime mortgage products marketed by its US affiliate Abacus.
The FSA said Goldman had known about the investigation since September 2008, but had failed to notify its compliance department of the situation.
The regulator added that Goldman did not deliberately withhold any information from the FSA, and that it co-operated fully and agreed to settle at an early stage.
Goldman also failed to inform the FSA that its employee Fabrice Tourre, who was part of the team that structured Abacus while working at Goldman’s US arm Goldman Sachs & Co (GSC), was also under SEC investigation and, along with the company, was facing possible civil charges. He later transferred to Goldman in London November 2008 where he worked in a function requiring FSA approval.
Goldman’s compliance department only became aware of the SEC investigation when, on April 16 this year, the SEC announced that it had commenced the enforcement proceedings in the US courts against GSC and Tourre alleging that they had committed serious violations of US securities law by making misleading statements and omissions in connection with the Abacus transaction.
The SEC subsequently settled with Goldman for US$550m on July 15. Tourre is still facing allegations of misleading investors over the Abacus case.
The FSA says Goldman did not tell it that a Wells Notice warning of potential US charges had been issued to Tourre in September 2009, although several senior managers at GSI were aware of the fact. As a consequence of the failure to notify, Tourre remained approved in the UK and able to perform a controlled function for several months without further enquiry or challenge from the regulator.
Goldman has received a discount for settling the case at an early stage, otherwise it would have been fined £25m.
Margaret Cole, the
FSA’s managing director of enforcement and financial crime, said
that GSI did not set out to hide anything, but its defective systems
and controls meant that the level and quality of its communications
with the FSA fell far below what we expect of an authorised firm.
She added: “The fact that senior business people at GSI in London knew about Mr Tourre’s Wells Notice, but did not consider the obvious regulatory implications for GSI is very disappointing. Had GSI complied with its UK obligations, the outcome for it would have been very different.
Online customers ‘less at risk’ finds survey
UK consumers are at less risk of online card fraud thanks to strategies put in place by retailers.
That is one of the findings in a new survey by payment fraud prevention group Retail Decisions (ReD).
ReD forecasts that there will be fewer attempts by criminals to fraudulently buy items from card not present (CNP) channels (websites, mail order and phone) in the UK this year, compared with 2009.
The prediction is based on ReD figures for the first six months of 2010 from the which show that CNP fraud reached an estimated £122m, a reduction of approximately 9% compared with the first six months of 2009 when CNP fraud losses (according to national payments body the UK Payments Administration) totalled £134m.
The ReD report said: “Thieves with a hot piece of cloned or stolen plastic in their hand prefer to use it invisibly, where a card does not have to be physically handed over. These CNP channels are constantly under threat from scammers.”
But the report says that more fraud is being foiled and that CNP fraud could reach an estimated value of £242m by the end of 2010. This is around 9% less than the total last year, when CNP fraud was valued at £266m, according to ReD’s figures.
Carl Clump, CEO of ReD, says: “If merchants in the UK are not seeing a reduction in their fraud levels, they should be reviewing their fraud prevention tactics.”
He added that the current picture in the UK is not a cause for complacency, and that in the larger US market ReD estimates there has been a 32% increase in attempted CNP fraud this year.
The improved situation in the UK is attributed not just to increasingly sophisticated fraud prevention technology thwarting more scams, but also to UK consumers becoming more aware of fraudsters’ tactics, and so better at protecting themselves and aware of fraudsters’ tactics to get card details such as using https web addresses, phishing or invasive Trojan links, which once clicked on means the fraudster can monitor keyboard strokes and discover important, personal information such as passwords.
Clump added: “Our figures show that the average transaction value of fraud for the first six months of this year was £76. This is a 24% increase over the same time period last year, when this figure was much lower at £61.”
New legislation providing greater financial incentives is leading to an increase in whistleblower tip-offs on securities fraud, according to US financial regulator the Securities and Exchange Commission.
The Dodd-Frank Wall Street Reform and Consumer Protection Act was passed by the US Congress and signed by President Obama earlier this summer and contains some very attractive incentives for securities fraud whistleblowers.
The law enables the SEC and the Commodities Futures Trading Commission (CFTC) to award between 10 and 30% of any monetary sanctions that exceed US$1m to whistleblowers providing information leading to a successful enforcement. The law is intended to help head off future massive financial scandals such as Bernard Madoff’s Ponzi scheme. Given the size of the settlements in several recent cases this represents an attractive incentive.
The SEC says that awyers representing whistleblowers are passing such information along to the authorities. “We’ve gotten some very high-quality tips,” SEC official Stephen Cohen told the Wall Street Journal. “The goal is not just to get more tips; we want to get more high-quality tips,” Cohen said, adding that the law is meant to speed information delivery, but to also close cases, minimize loss, and recover victim funds.
The “Wall Street Tip-Off Law” is predictably not prving popular with defence lawyers who say it could lead to the reporting of meaningless cases and stop employees from working through these issues internally.
To qualify for a financial reward a whistleblower must meet two conditions:
- They must provide the federal government with "original information” consisting of independent "knowledge or analysis" that was not previously known to the federal government. This implies they will have learn of a financial fraud through independent investigation, in addition to the more typical scenario of a whistleblowing employee with inside information.
- The original information must lead to a judicial or administrative action under the Securities Exchange Act or the Commodity Exchange Act with monetary sanctions exceeding US$1m. The definition of monetary sanctions includes civil penalties, disgorgement, and interest.
Credit fraud down,
debit fraud up in Canada
Fraud figures issued after Chip & PIN rollout
Payment card fraud is falling slowly in Canada as Chip & PIN technology makes its way into the market, according to a new report from Canada's Criminal Intelligence Service.
The Criminal Intelligence Service Canada 2010 Report on Organised Crime said that combined 2009 losses from payment card fraud slipped 2.2 percent to C$500.7m from $512.2m in 2008. However, the reduction has been mostly on the credit card side. Debit card losses soared 26% to $142.3m.
CISC said this could be largely down to the relatively gradual rollout of Chip & PIN via Interac, the popular Canadian debit card system. The network only began rolling out the technology after a pilot scheme in 2008.
ATMs will still be allowed to accept magnetic stripe transactions by Interac until the end of 2012, while point of sale sytems will be allowed to take them until the end of 2015. Even if a card is chip-equipped, its magstripe could still be cloned and used in such a machine.
According to the CAFC, reported dollar loss for identify theft claims has jumped from C$6.5m in 2007 to $10.9m in 2009. People between the ages of 50-59 reported the greatest dollar loss.
number of Canadian identity theft complaints and victims has decreased
from 2008 to 2009; however the total reported dollar loss has increased,"
the CAFC report said.
The report also found increasing sophistication in securities fraud. The frauds, generally carried out by organised crime groups in urban centres, are often short-term and internationally distributed to help reduce visibility.
The report said: “In the past several years, law enforcement has observed ‘hybrid market manipulations.' These frauds combine elements from several schemes and involve multiple nominees, layered trust funds, and numerous domestic and offshore facilitators, the report stated, adding that crooks would often use disposable cell phones and VoIP tools to target investors anonymously.”
Boiler room operations are increasingy using social networking tools and online classified advertising sites, such as Craigslist and Kijiji, to target gullible investors, the report concluded.
De La Rue, one of the world’s biggest bank not printers, is being investigated for an alleged fraud by employees at a UK factory
The company has sent a file on some workers at its Overton factory in Hampshire to the Serious Fraud Office.
The investigation follwos allegations that some of the factory’s 600 employees faked certificates which verified the quality of the notes.
CEO James Hussey
has resigned after the company said that sales would be affected and
it would lose £35m, sending its shares down 10%.
Nicholas Brookes, the company's chairman, commented: "The behaviour of some of our employees in this matter was totally unacceptable and contravened De La Rue's rigorous standards.
"We do not tolerate such behaviour. The company has reported its findings to the relevant law enforcement agencies."
His statement did not refer to work De La Rue carries out for the Reserve Bank of India (RBI), one of the group’s biggest clients. There have been persistent rumours that the errors are related to the work the company does for RBI.
The company is the world's biggest supplier of bank notes, and paper to print it on, and has customers in 150 countries. It was forced to temporarily halt production at the Overton factory on July 21 over concerns about the quality of notes.
The company said
some employees had “deliberately falsified certain paper specification
test certificates for a limited number of customers”.
De La Rue says the irregularities have been sorted out and it is ready to start shipping again to the customers concerned.
Last year the company made profits of £103m and was forecast to make £95m in 2010.
A US investment adviser has been accused of heading a Ponzi scheme that stole US$11m stolen from clients.
Financial regulator the Securities and Exchange Commission (SEC), alleges that Sandra Venetis misled investors through fake promissory notes issued via three associated firms.
The regulator also alleges that Venetis, from New Jersey, promised investors that their capital would be used to fund loans to doctors.
Instead, she gave the money to her relatives as well as using it to pay off a range of travelling and gambling debts.
The SEC claims Venetis told some of her clients that phony promissory notes were guaranteed by the Federal Deposit Insurance Corporation and would earn 6-11 percent tax-free interest per year, due to a loophole in the tax code.
Bruce Karpati, co-chief of the SEC's Asset Management Unit, said: “Venetis abused her position of trust to target older investors who were the most vulnerable to her egregious lies and misrepresentations.
“The SEC's enforcement action and the settlement reached ensure that she will never work in the securities industry again."
Venetis and her firms, which include Systematic Financial of Branchburg, have agreed to settle the SEC’s charges.
Her assets have been frozen by court order, the SEC said, and she must make monetary payments, including financial penalties yet to be determined. The SEC has also barred her from future work as an investment adviser.
CA Technologies to acquire fraud prevention provider
CA Technologies has signed a definitive agreement to acquire privately-held Arcot Systems, Inc in an all-cash transaction valued at US$200m.
Arcot provides advanced authentication and fraud prevention solutions via on-premises software or cloud services. Founded in 1997, Arcot has 35 patents awarded and pending, It co-invented with Visa the 3-D Secure protocol for online payment security.
CA says the acquisition of Arcot will add technology for fraud prevention and advanced authentication to its Identity and Access Management (IAM) offerings and improve its cloud services offerings.
Arcot's solutions are designed to help prevent fraudulent transactions for about one million online credit card transactions each day.
"Arcot brings to CA Technologies a strong business in fraud prevention and unique capabilities in advanced authentication using a software-only approach," said Dave Hansen, general manager for the Security business at CA Technologies. "This acquisition adds industry-leading technology that extends the breadth and depth of our strong IAM portfolio and gives our customers more first-class options for securing their Web-based business."
CA Technologies says the acquisition builds on its cloud security strategy, providing the on-ramp to accelerate its delivery of IAM solutions as a comprehensive service from the cloud. The CA Technologies cloud security strategy is a three-fold approach: enable organizations to extend existing on-premises IAM systems to support cloud applications and services; provide IAM technology to cloud providers to secure their services - whether public, private or hybrid; and enable IAM services from the cloud.
Arcot's business features a subscription-based model, with almost 90 percent of revenue recurring and nearly 100 percent customer retention rates. Arcot has been cash-flow positive since the second quarter of 2009, which ended June 30, 2009.
The all-cash transaction is expected to be dilutive in fiscal 2011 to CA Technologies GAAP earnings per share and slightly accretive to non-GAAP earnings per share. The transaction is expected to close by the end of CA Technologies second fiscal quarter, ending September 30, 2010, and is subject to certain regulatory approvals and customary closing conditions.
Arcot's operations and its approximately 165 employees will become part of the Security business at CA.
Quantum crypto security falls to the hackers
In security terms, the news that quantum crypto systems have been hacked is on a par with being told your favourite sci-fi film has become reality.
Everyone knows there was a small possibility it may happen, but the implications change everything.
To recap, quantum cryptography borrows the fundamental properties of quantum physics to produce ultra-secure key exchange. It is ultra-secure because any attempt to monitor or alter the transaction is reported as such by interrogation of the photons – and photons don’t lie.
Theoretically therefore it should be impossible for
a transaction to be hacked without the two parties knowing about it.
The latest crypto-busting technique, by a group of Norwegian and German academic computer scientists managed to get round the security by manipulating a photon detector at the receiver's end of a supposedly secure link. Commercial systems from MagiQ Technology's QPN 5505 and ID Quantique Clavis2 systems were demonstrated as potentially vulnerable by the scientists.
“Unlike previously published attempts, this attack is implementable with current off-the-shelf components,” explained Dr Vadim Makarov, a researcher in the Quantum Hacking group at the Norwegian University of Science and Technology (NTNU). “Our eavesdropping method worked both against MagiQ Technology's QPN 5505 and ID Quantique Clavis2 systems.”
The hack pulled off by the team is complex and might involve an initial outlay of US$50,000 or more. But this is potentially within the reach of industrial spies and certainly in the scope of intelligence agencies.
Quantum key distribution systems became commercially available around five or six years ago and are used for the secure exchange of highly sensitive material by banks and governments, so the implications of this long expected security hack are considerable.
The researchers have published their preliminary findings in a letter to the August 29 edition of academic journal Nature Photonics.
Japanaese police have arrested six people - three Nigerians,
one Ghanaian and two Japanese - in connection with a money-laundering
The six, arrested after a request to Japanese police from the US Federal Bureau of Investigation, are suspected of having received funds that were the proceeds of a crime, wired to them from a New York Citibank account in the name of the National Bank of Ethiopia.
Police said they had arrested a Nigerian citizen, Nyeche Obeneme, 36, living in Saitama, north of Tokyo, and two other Nigerian men as well as a Ghanaian man, and a Japanese man and woman.
The six are suspected of receiving up to 200 million yen (US$2.4m) between them in October 2008, allowing the money to be wired into their bank accounts in return for commissions.
The money is thought to be part of around US$33m that were wired to accounts in seven countries, also including China, South Korea and Australia, Kyodo News reported.
"With the help of the FBI, we made the arrests on alleged violations of the organised crime law," a police spokesman said.
Niger ex-finance minister charged with graft
A court in Niger has charged former finance minister Ali Lamine Zene with corruption for suspected embezzlement and has released him on bail, according to the politician's lawyer.
Lamine Zene, who was finance minister under the ousted president Mamadou Tandja, was arrested by detectives in Niamey last Thursday and held until Monday, lawyer Moussa Coulibaly told a press briefing.
According to the local press, the ex-minister was arrested after a case was made against him by the Commission to Fight Against Economic and Financial Deliquency, which was set up by the junta that seized power on February 18.
Coulibaly told the press that his client has been asked to "refund 97 million CFA francs (about 148,000 euros / 188,000 dollars)" paid out in "expenses and gifts offered to Niger's financial partners".
The case is one of about 30 before the anti-fraud commission, which was set up by General Salou Djibo's junta to help recover money that was embezzled while Tandja was president.
The junta, which is known as the Supreme Council for the Restoration of Democracy, overthrew Tandja after a constitutional crisis in which he tried to extend his hold on power beyond his elected mandate.
The military regime pledged to take action over financial crimes and the work of the anti-fraud commission has already led to the arrest of former prime minister Seini Oumarou and three other people for alleged embezzlement.
These four men have also been freed on bail.
Tandja and his interior minister Albade Abouba have been held under house arrest since the coup in February.