Fraud Magazine July - August 2019 PDF

fluid global anti-fraud dark world of oil bad leaders yield worldwide legal medical identity
regulations P. 18 theft and fraud P. 32 increased fraud P. 40 systems P. 46 theft P. 52
VOL. 34 | NO. 4 | JULY/AUGUST 2019

Fraud-Magazine.com
FEAR NOT The Breach
Cybersecurity expert
THERESA PAYTON
says don’t wait until you’re
in the middle of a breach to
formulate plans.
Write your cybersecurity
playbook now.
FROM THE PRESIDENT CONNECT WITH US
FM
Smarter tech necessitates Read more Fraud

Magazine content online
at Fraud-Magazine.com.
smarter fraud examiners

FM
M
odern technology advances quickly.
What’s innovative and fresh one day can Download the Fraud
Magazine app for
be quickly outdated and short-lived in just
iPhone or Android.
a few months.
As smart devices get smarter, business and
industry depend more heavily on them and the data
they store, which makes fraud examinations more
challenging and complex. Like the ACFE on
In college, I recall enduring one semester of Facebook for the latest
news, photos, videos and
BASIC language before I realized that there was noth- exclusive online content.
ing “basic” about it — at least for me. As CFEs, we
don’t necessarily need to be computer scientists to
operate in today’s tech society, but we do need to be
aware of the current methods that fraudsters are using
to steal from our companies and disrupt our lives. Follow @TheACFE
Cybercriminals will keep changing tactics to on Twitter and keep
informed on breaking
bypass security measures and attack our systems. We news and industry trends.
must stay vigilant in our protection and detection
efforts. Many cyberattacks are preventable through awareness, training and education. Even
something as simple as updating software can make all the difference.
Teresa Payton, former White House chief information officer and keynote speaker at the 30th
Annual ACFE Global Fraud Conference in Austin, delivers just such a message in the cover article. Make connections with
fellow fraud fighters in
“Cybercriminals change tactics daily,” Payton says. From sophisticated phishing schemes
the ACFE Community at
to ransomware attacks, these fraudsters exploit vulnerabilities within our information systems. Connect.ACFE.com.
Likewise, CFEs must also stay up to date on these nefarious trends if we want to fight fraud ef-
fectively and successfully in the 21st century.
But it’s not just a data or financial protection issue. The reputational risks we face from a
cyberfraud attack impact our organizations tremendously. Not only must we be watchful for the
attack, we also must have plans in place to remediate quickly should it happen. View stories and photos
on Instagram and never
“Awareness and education shouldn’t be one time a year and solely focused on compliance,” miss exclusive Fraud
Payton says. Amen. Just as proactive data monitoring increases the ability to detect and prevent Magazine content.
fraud, continuously updating your staff — all — your staff on these cyberfraud trends can be
very effective. As we implement anti-fraud training and education more and more in our work-
places, the median life of a fraud declines. The ACFE Report to the Nations proves just that.
Peyton warns us that we need a “[n]ew line of thinking” for our cyber training and to “prac- CONTRIBUTE
tice a digital disaster before you have a breach.” We can’t hide from technology — it’s here to
stay. But just as digital devices get smarter every year, so too must fraud examiners get smarter Share your expertise
and earn up to 10 CPE
by staying on top of the latest schemes and the ways to combat them. n FM
credits annually for your
published work. Visit
Bruce Dorris, J.D., CFE, CPA, is president and CEO of the ACFE. Contact him at Fraud-Magazine.com/
getpublished.
President@ACFE.com.
FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 3

Contents Volume 34, No. 4, July/August 2019
COVER STORY
24
Fear not the breach!
Write your cybersecurity
playbook now
By Dick Carozza, CFE
Cybersecurity expert Theresa Payton

says don’t wait until you’re in the middle
of a breach to formulate plans. Develop
a playbook so everybody knows their
roles. Practice digital disasters. Line
up your external helpers. Devise your
24 an interview with Theresa Payton communication strategy. Then, if you’re
breached, cooler heads will prevail.
FEATURES
40 Bad Leaders? Increased Fraud
18 Global Anti-Fraud Regulations 32 Oil theft and fraud 44 GlobAL LEGAL SYSTEMS
Keep ahead of fluid global Bad leaders? Increased fraud

anti-fraud regulations Hidden consequences of poor leadership
By Mani Padmanabhan, CFE 18 By Donn LeVie Jr., CFE 40
Dark world of oil theft and fraud
By Anastasia Nazarova, CFE
32 Global fraud is the same —
legal systems aren’t
By Dr. Joseph T. Wells, CFE, CPA 46
4 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

Publisher John Gill, J.D., CFE
Editor-in-chief Dick Carozza, CFE
Associate Editor Emily Primeaux, CFE
Contributing Editors
Cora Bullock; Scott H. Patterson; Randi
AR Zimmer, CFE
Legal Editor Ron Cresswell, J.D., CFE
FROM THE PRESIDENT AND CEO RX FOR FRAUD Contributing Writers

Robert Tie, CFE, CFP; Donn LeVie Jr., CFE
Smarter tech necessitates Medical identity theft
Art Director Becky Plante
smarter fraud examiners growing exponentially
Circulation Manager Aimee Jost, CFE
Bruce Dorris, J.D., CFE, CPA 3 By David A. Picard, CFE 52 Advertising Coordinator Travis Kolaja
Contact: (800) 245-3321 | tkolaja@ACFE.com
FRAUD IN THE NEWS FRAUD SPOTLIGHT
Editorial Advisory Committee
Green-card marriage Shutting the lid on Jonathan E. Turner, CFE, CII, chair; Emmanuel A. Ap-
piah, MBA, CPA, CFE; Johnnie R. Bejarano, DBA, CFE,
scheme, ex-beer exec beverage container CPA, CGMA; Richard Brody, Ph.D., CFE, CPA; Jeimy
J. Cano, Ph.D., CFE, CAS; Courtney Castelino, CFE,
found guilty and more. deposit fraud CPA, CA, CBV, CFF; Franklin Davenport, CFE; David J.
Clements, CFE; Peter D. Goldmann, CFE; Katya Hirose,
Compiled by Randi Zimmer, CFE 6 By L. Christopher Knight, CFE, CPA 56 J.D., CFE, CAMS; Robert Holtfreter, Ph.D., CFE; Robert
Kardell, CFE, CPA; Thomas Cheney Lawson, CFE, CIA;
Philip C. Levi, CFE, CPA, FCA; Robert Loh, CFE, CFCS,
CASE IN POINT STARTING OUT CIRA; Larry Marks, CFE, CISA, PMP, CISSP, CSTE; Jim-
my S. Pappas, CFE; Cecily Raiborn, Ph.D., CFE, CMA,
Practice makes imperfect An intern’s front-row seat CPA (Texas); Dorothy Riggs, CFE; Daniel Semick, MPA,
CFE, CGFM; Rob E. Shaff, CFE; Katharina Shamai, CFE,
Charismatic fraudster drains to fraud CIA, CA, IIA; Herbert Snyder, Ph.D., CFE; Stéphane
Vuille, CFE, PCI
physicians’ practice By Bethany Faford 60
2019-2020 Board of Regents
By Judy D. Wright, Ph.D., CFE; and Bruce Dorris, J.D., CFE, CVA, CPA; Eric R. Feldman, CFE;
Jack L. Oliver, CFE, CPA 8 I’M A CFE Ryan C. Hubbs, CFE, CIA, CCEP; Bethmara Kessler, CFE;
Jeanette LeVie, CFE; Tony Prior, MBA, CFE; Elizabeth
Deshietha Partee-Grier, CFE Simon, CFE, CPA; John Warren, J.D., CFE
By Emily Primeaux, CFE 64 Fraud Magazine (ISSN 1553-6645) is published bimonthly

by the Association of Certified Fraud Examiners, 716 West
Avenue, Austin, TX 78701-2727, USA. Periodical postage
paid at Austin, TX 78701 and at additional mailing offices.
Postmaster — Please send address changes to:

Fraud Magazine | ACFE Global Headquarters
716 West Avenue | Austin, TX 78701-2727, USA
(800) 245-3321 | +1 (512) 478-9000
Fax: +1 (512) 478-9297
Subscriptions
ACFE members: annual membership dues include
$45 for a regular one-year subscription; $15 for an
electronic member subscription, and $15 for student,
15 Romance fraud
and retired member subscriptions. Non-member
subscription rates are: $65 in the U.S.; $77 outside the
US. Membership information can be obtained by visit-
ing ACFE.com or by calling (800) 245-3321, or +1 (512)
478-9000. Change of address notices and subscriptions
TAKING BACK THE ID
2018 FTC numbers paint
64 Deshietha Partee-Grier, CFE should be directed to Fraud Magazine. Although Fraud
Magazine may be quoted with proper attribution, no
portion of this publication may be reproduced unless
worsening fraud picture written permission has been obtained from the editor.
The views expressed in Fraud Magazine are those of
By Robert E. Holtfreter, Ph.D., CFE 12 ACFE NEWS 66 the authors and might not reflect the official policies
of the Association of Certified Fraud Examiners. The
editors assume no responsibility for unsolicited manu-
GLOBAL FRAUD FOOTPRINT CPE QUIZ 72 scripts but will consider all submissions. Contributors’
guidelines are available at Fraud-Magazine.com. Fraud
Magazine is a double-blind, peer-reviewed publication.
Romance fraud, crypto-
currency risks and money To order reprints, visit Fraud-Magazine.com/reprint or
email reprints@fraud-magazine.com.
laundering in Asia Pacific © 2019 Association of Certified Fraud Examiners, Inc. “ACFE,” “CFE,” “Certified
By Mason Wilder, CFE 15 Fraud Examiner,” “CFE Exam Prep Course,” “Fraud Magazine,” “Association of
Certified Fraud Examiners,” “Report to the Nations,” the ACFE Seal, the ACFE
Logo and related trademarks, names and logos are the property of the Association
of Certified Fraud Examiners, Inc., and are registered and/or used in the U.S. and
countries around the world.

FRAUD in the news Read more news at Fraud-Magazine.com
Ex-beer exec
Green-card marriage scheme
found guilty
According to the May 15 ABC News article by Julia Jacobo,
“96 people charged in Texas marriage fraud scheme to get After nearly a decade of defraud-
ing one of the largest beer makers
Green Cards,” Houston fraudsters are responsible for grant-
in America, a former executive is
ing citizenship to Vietnamese nationals who paid hefty fees.
heading to jail. According to the
Police say ringleader Ashley Yen Nguyen operated a well- May 17 FOXBusiness article by
organized marriage scam — charging between $50,000 to Kathleen Joyce, “Ex-MillerCoors vice
$70,000 for a marriage license. As a result, nearly 150 people president sentenced to prison over
fraud charges,” David Colletti will
fraudulently obtained green cards to become permanent
spend 42 months in prison. Accord-
U.S. residents. ing to the article, Colletti falsified
The indictment remains sealed, but according to U.S. Im- marketing and promotional invoices
migration and Customs Enforcement (ICE), organizers of the he billed to his company MillerCoors
and pocketed more than $8.6 mil-
scam even created fake wedding
lion. Colletti claimed he was involved
photo albums to further the guise. in the billing scheme to “keep up
The 96 organizers are charged with with the rat race.”
various counts of mail fraud Read the full story at
tinyurl.com/y5hoff4p.
and stand to serve 20 years in
federal prison. Read more at
tinyurl.com/y2t6jfzg.
N.Y. mail scams steals $30 million from elderly

According to the May 15 Nassau Daily Voice article, “Mer- consumer mailing lists of mostly elderly victims and sent
rick Man Admits to Multi-Million Dollar Fraud Scheme,” them notices claiming they won large cash prizes — all
by Zak Failla, elderly victims were scammed out of $30 in exchange for a small fee. However, no prizes were ever
million throughout the U.S. in hopes of winning hand- granted.
some cash prizes. According to the article, Sullivan made more than $30 million off his
Shaun Sullivan pleaded guilty in victims. He’s awaiting sentencing and faces
federal court to conspiracy to up to 20 years in prison. Read the full
commit mail fraud. He obtained story at tinyurl.com/y3vv4myd.
— Compiled by Randi Zimmer, CFE

A Goal on Monday.
An Achievement
on Friday.
CFE Exam Review Course

BENEFITS UPCOMING DATES
FAST TRACK Denver, CO Washington, D.C.
Participate in an intense, 4-day live course. July 29-August 1, 2019 September 16-19, 2019
INSTRUCTOR-LED San Francisco, CA New York, NY

Receive guidance from experienced teachers August 5-8, 2019 October 21-24, 2019
in a structured learning environment.
Chicago, IL Austin, TX
INTERACTIVE SESSIONS August 19-22, 2019 November 4-7, 2019
Participate in discussions on a variety of fraud
prevention topics in a team environment.
ON-SITE TESTING
Take the CFE Exam on-site while the
material is still fresh in your mind. Go home
knowing you’ve passed the CFE Exam.
Get on the fast track to passing the CFE Exam and earning
IT’S AMAZING WHAT your credential with the CFE Exam Review Course, an
YOU CAN ACCOMPLISH intense 4-day seminar designed to give busy working
when you set some time aside professionals the tools to prepare for the CFE Exam.
and clear away the distractions.
Learn more or register online today at ACFE.com/CFEreview.

CASE IN POINT Case history applications
Practice makes imperfect

Charismatic fraudster drains physicians’ practice
Everybody loved Dr. Brian. He appeared to be the perfect professional,
spouse, parent and friend. But he fooled everybody. At least for a while.
Here’s how he, as the lead administrative physician of a once-thriving
practice, skimmed and embezzled more than $25 million in 20 years.
noticed they were losing money, to hire outside help to pursue an audit or
Each of the 2,690 real cases of despite producing substantial rev- take other action.
occupational fraud reported in the enues. Some of the physicians became Most physicians that Brian and his
ACFE’s 2018 Report to the Nations suspicious that something was go- buddies hired to replace those who left
(ACFE.com/RTTN) has a unique ing on. Many were operating at a loss weren’t concerned about the practice’s
story behind it. Here’s one from month after month. Millions of dollars finances because their spouses were suc-
investigating CFEs. (See more at cessful, they had family money, or they
seemed to simply disappear. Some of
tinyurl.com/y6p2ctbk.) — ed. were nonconfrontational. These new
the physicians believed many of the
expenses the practice charged to them physicians were perfect targets for fraud
schemes.
F
seemed exorbitant. Several of them left
raudsters are often able to When the seventh physician, Ewan,
the practice over the years. Eventually,
deceive their victims for long left the practice, he expected the prac-
we discovered that more than $25 mil-
periods of time through gained tice to pay him approximately $50,000
lion had been skimmed and embezzled
trust and personability. These in accounts receivable, but it only paid
in the 20-year period.
cases cut their victims the deepest him a little more than $2,000. He then
Initially, the partners were involved
because they’ve not only lost money, hired our firm to investigate, and we dis-
in making decisions on expansion of
they’ve been personally betrayed. That covered that Ewan’s accounts receivable
the practice and general matters. But as
was the case with a medical practice at the time of his resignation was closer
they increasingly were disturbed about
that housed a charismatic fraudster for to $100,000.
low revenues through the years, Brian
two decades. I (Judy Wright) realized that Brian
transferred decision-making to what
Twelve practitioners established was at least complicit in skimming
were “committees” in name only. He
Total Primary Care Pros with the funds when I met with him to discuss
and his closest allies ran the financial why he hadn’t pursued recall or col-
friendly Dr. Brian (names have been
changed) as the lead administrative committees. lections, which would’ve increased
physician. Charismatic Brian was a Whenever a physician would call revenues for all the physicians. He said
well-liked figure in the community. for accountability, Brian and his friends he was satisfied with things the way they
He appeared to be the perfect profes- would begin to ostracize them from the were. I was shocked because if the finan-
sional, spouse, parent and friend — rest of the group and punish them with cial statements were true, any physician
the type of person you point to as an a reduced schedule and inflated costs for would’ve jumped at the chance to use
example for others. supplies and other expenses. It appeared these easy ways to increase revenues.
The practice buzzed with activity Brian levied these financial penalties to Brian’s body language screamed that he
for nearly 20 years, but the physicians reduce the dissatisfied physician’s ability didn’t want anyone rocking the boat. At

the beginning of the interview, he was also went through a series of untrained,
relaxed but then physically withdrew, COLUMNIST unqualified and overpaid office manag-
and his tone of voice became threaten- JUDY D. WRIGHT, ers and accountants, which appeared to
ing. This was a major turning point in PH.D., CFE be by design.
SENIOR PARTNER,
the investigation. WESTMINSTER INVESTI- Brian used all these tactics to cover
GATIVE CONSULTANTS that he was skimming and embezzling
Purposefully confusing structure millions of dollars in revenue, which he
COLUMNIST
When Brian first set up the practice in JACK L. OLIVER, diverted into his 401K funds and used
1998, he implemented a confusing, over- CFE, CPA to pay state and federal taxes on the
lapping financial records structure with SENIOR PARTNER,
illicit funds. He’d meet with the office
WESTMINSTER INVESTI-
three different software systems, all of GATIVE CONSULTANTS; manager every Friday at noon behind
which were now antiquated. With poor OWNER, OLIVER AND closed doors and tell her how much
ASSOCIATES, CPAS
record keeping and numerous individu- money to transfer to his 401Ks and how
als separately handling the incoming much to pay on state and federal taxes
revenue, no one except Brian knew how double taxation on revenues. We later for himself.
much money was actually coming in to discovered that he did this to reduce He never made the bank statements
the practice. Brian withheld financial the practice’s liability if the fraud was available to the other physicians. He’d un-
information from other physicians. discovered because corporations can’t be derestimate the income and overstate the
He devised the business as a cor- charged criminally, reported losses elim- physicians’ expenses to conceal the fraud.
poration instead of the normal limited inated corporate taxes owed, and Brian The practice paid physicians bi-
partnership, which would’ve avoided could plead ignorance. The practice weekly, but they could choose to forego
RELIABLE INVESTIGATIVE DATA FIND OUT WHO FAST
Targeted Data to Locate Subjects,

Understand Relationships and Verify
On Your Phone - On The Web Identity
No Internet Connection Or Into Your Software
Come By Our Booth to See How It

Works And Enter To Win a $100
Real-time Data Solve Cases Faster Amazon Gift Card
For information contact:

GO TO WHOOSTER.COM
sales@whooster.com & REQUEST A FREE TRIAL
512-419-4200
ONLINE SELF-STUDY COURSE
CASE IN POINT
salaries if their debt to the practice

became too much. Many often went
without a salary for months.
Brian also used company credit
cards for unauthorized purchases, such
BEST as Christmas dinners for his family at
SELLER! restaurants and personal travel. He un-
derreported revenues and grossly over-
inflated expenses to conceal his fraud.
Each year the corporation re-
ported losses when the skimmed profits
would’ve resulted in double taxation.
By fraudulently reporting corporate
losses as a result of the skimming, Brian
defrauded the federal and state govern-
ments of tax revenues on the corporate
income he had stolen in the 20-year
10 Infamous Fraud Cases period.
of the 21st Century Deeper than just lost revenue

for the physicians
Brian exploited the practice’s honest
physicians for two decades. He falsely
In this self-study course, learn from 10 infamous fraud required them to keep paying more and
cases to better protect your clients, employers and the more for expenses that didn’t exist while
general public from similar schemes. Fraud cases in- they stressed about being able to take
care of their families.
clude the WorldCom scandal, Madoff’s Ponzi scheme
Ewan said that whenever any of the
and the Fédération Internationale de Football Associa- physicians asked Brian why they weren’t
tion (FIFA) scandal. making enough money, he told them
to “work harder.” Of course, the harder
they worked, the more money Brian
KEY TAKEAWAYS: stole from them. Many of the physicians
• Introductions and background information even took on part-time jobs to help sup-
for all cases
port their families.
• Insights into how each scheme was perpetrated CPE Credit By the time we discovered the fraud,
and detected 4
Brian had taken total control of the
• Recommendations to prevent future frauds
administrative and financial leadership
• Lessons learned for each case and was making all decisions. Ewan took
the results of our investigation straight
Course Level
Basic to Brian and asked him to reimburse him
for the losses. Brian used the practice’s
legal counsel to file a civil case against
$135.20 Members / $169 Non-Members

Ewan, which was eventually dismissed.
Prerequisite
None
Visit ACFE.com/TIFC to learn more.
Civil and criminal charges are in Lessons from the CFEs
process against Brian, including criminal
We shouldn’t succumb to the charm because these professionals often
tax fraud regarding the fraudulent losses
and charisma of individuals associated don’t have the means to hire qualified
reported for the corporation and embez- with our investigations. This is more financial administrators, the knowledge
zlement. The cases are still pending. n FM difficult than it sounds because it’s hu- to establish internal controls or the
man nature to want to trust someone skepticism to spot charismatic, yet
and have an internal confidant during duplicitous, individuals.
Judy D. Wright, Ph.D., CFE, is senior an investigation. We’ve repeatedly seen this
partner at Westminster Investigative Just because the circumstances pattern at many medical and dental
Consultants. Her doctorate is in indus- of an organization have apparently
practices. We investigated one case
existed for a long time doesn’t mean
trial/organizational business psychology in which the office manager’s control
that it has nothing of importance to
— specializing in fraud behavior. She of the financial data of the practice
investigate. You might assume that if
also holds a master’s in business admin- crippled the physician’s ability to deal
a fraud scheme had been going on for
with the fraud for fear of losing all his
istration. Contact her at drjdwright@ 20 years, somebody would’ve caught
it. This case proves that’s not true. medical records. So, he allowed the
outlook.com.
Most physicians, dentists and office manager’s fraud to continue and
other medical professionals aren’t hoped for the best.
Jack L. Oliver, CFE, CPA, is senior trained during medical or dental school Always make your own financial
partner at Westminster Investigative to handle the business side of their documents from outside sources rather
Consultants and owner of Oliver and practices. Thus, they become prime than relying on those provided inter-
Associates, CPAs. He holds a master’s targets for fraudsters. nally. Assume nothing, take nothing for
Fraud against physicians, dentists granted and approach any investiga-
in public accountancy. Contact him at
and small medical practices is rampant tion objectively.
joliver@oandhcpas.com.
JOIN THE
HFPP
Together we can identify and reduce fraud, waste, and abuse across the healthcare
sector through collaboration, data and information sharing,
and cross-payer research studies.
PARTNER BENEFITS
ENHANCED EXPANDED CONFIDENTIALITY COLLABORATION

ANALYTICS RESEARCH & SECURITY
To learn more about the HFPP, visit go.cms.gov/HFPP

TAKING BACK THE ID Identity theft prevention analysis
2018 FTC numbers paint

worsening fraud picture
Three million fraud complaints in 2018. That’s what the Federal Trade
Commission received — many of them for identity theft. When we look
at the stats since 2001, we see the fraud problem is worsening.
Y ou start receiving col-

lection calls for a loan
you never opened —
much less defaulted on. Your
grandson’s lawyer calls from
Year Fraud
eports by type
Identity Theft Other

Network Data Book (CSNDB) at
tinyurl.com/yyvjozc8.
Forty data contributors —
including the Consumer Financial
Protection Bureau, the U.S. Internal
2001 137,336 86,250 101,963
another nation, saying that the Revenue Service, more than 20
grandson will go to jail unless 2002 241, 783 161,977 146,862 state attorneys general and all
you wire $15,000 immediately. 2003 331,336 215,240 167,051
North American Better Business
Later you find out the grandson Bureaus — contribute reports to the
hadn’t left the country in years. 2004 410,298 246,909 203,176 CSNDB. If your law enforcement
You click on a link in an email, 2005 487,585 255,687 216,042
agency isn’t currently contributing
later to find malware that’s data to the CSNDB, you’re strongly
hijacked your files unless you 2006 423,672 246,214 236,243 encouraged to become members by
pay thousands of dollars. The 2007 505,563 259,314 305,570
visiting FTC.gov/Sentinel.
IRS calls to threaten legal action Consumer data are unveri-
on incorrect returns unless you 2008 620,832 314,587 325,705 fied and classified into 29 different
wire money that same day. 2009 708,781 278,360 441,836
categories. Consumers can file a
As I’ve written in previous complaint report at tinyurl.com/
columns, these are common 2010 820,072 251,074 399,160 obp7mx3 or through the FTC’s call/
identity theft schemes. And 2011 1,041,517 279,191 577,835
response center at 877-FTC-HELP
the latest data indicates the (877-382-4537).
fraud is worsening. Since 1997, 2012 1,112,693 369,958 632,428
the Federal Trade Commission 2013 1,159,115 290,098 685,352
More, more, more
(FTC) has accumulated tens of Except for minor decreases in
millions of complaint data from 2014 1,526,365 332,545 762,021 2017 and 2018, the total complaint
consumers and law enforce- 2015 1,165,625 490,112 1,427,784
reports have shown a marked
ment agencies pertaining to increase from 325,519 in 2001 to
“fraud,” “identity theft” and 2016 1,226,402 398,952 1,423,823 2,994,483 in 2018. (See Table 1:
“other” consumer protection 2017 1,290,636 371,034 1,215,464
Complaints from 2001 through
problems. In 2018, close to 3 2018 at left.)
million complaints were re- 2018 1,427,563 444,602 1,125,354 The number of complaint
ported to the FTC. The data are reports for the “identity theft” type
Table 1: Complaints from 2001 through 2018
stored in the Consumer Sentinel increased from 86,250 to 444,622

over the 18-year period but we see no What’s more revealing is how fraudsters
discernable trend because of erratic in- COLUMNIST use the identities of victims to benefit
creases and decreases from year to year, ROBERT E. HOLT- themselves and commit fraudulent
especially from 2006 through 2018. FRETER, PH.D., CFE activity. (See Table 2: Identity theft types
DISTINGUISHED PRO- and related subtypes at left.)
Identity theft ranked third with FESSOR OF ACCOUNT-
444,602 reported complaints and ac- ING AND RESEARCH AT In Table 2, in the “credit card fraud”
counted for 14.85% of the total com-
CENTRAL WASHINGTON type, the most alarming statistics are in
UNIVERSITY
plaints reported in the 2018 CSNDB. the “new accounts” subtype category,
which ranks first and has in-
Change from creased 24% in 2018 compared
Theft Type Theft subtype Rank No. of reports
previous year to 2017. This indicates that
Credit card New accounts 1 130,928 +24% fraudsters have become more
fraud Existing accounts 5 32,329 -6% successful in stealing identi-
Employment Tax fraud 3 38,967 -38% ties and using them to obtain
or tax-related
fraud Employment or wage-related 6 30,592 +44% new credit cards in the victims’
Mobile telephone - new accounts 4 33,466 +28% names.
Utilities- new accounts 8 21,994 +0%
You can protect yourself
Phone or from becoming a new ac-
utilities Landline telephone - new accounts 17 7,838 +28%
fraud counts identity theft victim
Mobile telephone - existing accounts 23 4,983 +6%
by quickly collecting from
Landline telephone - existing accounts 27 1,423 +25%
your mailbox credit card
Utilities - existing accounts 28 1,322 +20%
solicitations — containing pre-
Debit cards, electronic transfer/ACH 7 23,219 +0%
approved applications — that
Bank fraud New accounts 10 19,639 +12%
fraudsters can steal and apply
Existing accounts 14 12,990 +2%
for new cards in your name.
Business/personal loan 9 20,328 +82% Also, learn to avoid phish-
Auto loan/lease 11 18,815 +89% ing schemes because they ac-
Loan or
lease Non-federal student loan 18 6,327 +78% count for 80% of the malicious
fraud Apartment or house rented 20 5,439 +50% malware that victims inadver-
Real estate loan 21 5,178 +17% tently download on personal
Federal student loan 22 5,082 +119% computers, which thieves use
Government benefits applied for/received 12 16,021 -10% to extract personally identi-
Government Other government documents issued 19 5,645 +5% fiable information (PII) for
documents or
benefits fraud Driver’s license issued/forged 24 4,493 +19% criminal purposes like (again)
Passport issued/forged 29 703 +35% applying for a credit card in
Other 2 87,675 +121% the victim’s name.
Medical Services 13 13,833 +103% What you can’t control,
of course, is theft of your PII
Online shopping or payment account 15 10,294 +18%
Other identity via internal or external data
theft Email or social media 16 9,439 +23%
breaches. For example, if you
Evading the law 24 4,439 +7%
use your credit card when
Insurance 25 3,675 +24%
shopping at a retail store, and
Securities accounts 26 1,837 +15%
the store experiences a data
Table 2: Identity theft types and related subtypes (The data in this table don’t add up to the total breach, then the fraudster can
identity theft complaints for 2018 because, according to the FTC, consumers can report multiple types use your credit card PII (once
of identity theft. In 2018, 17% of identity theft reports included more than one type of identity theft.) again) to apply for a new card.

TAKING BACK THE ID Identity theft prevention analysis
In the “employment or tax-related borrow money for auto, business, per- data in Table 3 don’t reflect that. The FTC
fraud” type, the “tax fraud” subtype sonal or student loans. would’ve more accurately shed light on
decreased 38% while the “employment In the “government documents the group that’s experiencing the most
or wage related” subtype increased 44%. or benefits fraud” category, the “driver problems if it had determined the num-
Tax fraud probably decreased because licenses issued/forged” and “passport ber of complaints per 100,000 individu-
of the IRS’s recent efforts to curb income issued/forged” subtypes are ranked rela- als in each age group.
tax refund fraud by vetting the validity tively low — 24 and 29 respectively
th th
of those requesting refunds. Employ- — but they’ve increased significantly at Share, share, share!
ment or wage-related identity theft 19% and 25%. Please share this information with your
fraud could’ve increased because fraud- Under the “other identity theft” business associates, family, friends and
sters might have used more victims’ type, all the subtypes except “evading clients and include it in your outreach
names as ghost employees, among other the law” have increased significantly. programs. An important takeaway
crimes. Fraudsters are using the identities of from this column is that the number of
The “mobile telephone new ac- others to obtain “medical services” (up a identity theft complaints reported to the
counts” subtype (ranked fourth in the whopping 103%), “insurance” (up 24%), FTC has been on a study upward climb
“phone or utilities fraud” type) and “online shopping or payment account” for the past 18 years, and there’s reason
“landline telephone new accounts” sub- to believe that the trend will continue
type (ranked 17th in the same category) Age group No. of complaint unless we educate the public about
both increased 28%, which mirrors the reports phishing and identity theft schemes.
24% increase in the credit card “new ac- 19 and under 14,251 Many of the identity theft subtypes have
counts” subtype. Based on the signifi- 20-29 76,760 increased significantly from 2017. You’ve
cant increases in all the “new accounts” 30-39 107,367 been forewarned, so tread with care!
subtypes, it’s obvious that fraudsters 40-49 84,165 Please contact me if you have any
are increasing their efforts to target 50-59 63,229 identity theft or cyber-related issues that
industries with weaker defenses. The you’d like me to research and possibly
60-69 42,704
“landline telephone - existing accounts” include in future columns or as feature
70-79 16,462
increased 25%, and the “utilities – exist- articles, or if you have any questions. I
80 and higher 5,989
ing accounts” increased 20%. don’t have all the answers, but I’ll do my
The only significant issue in the Table 3 Identity theft by age best to help. Stay tuned! n FM
“bank fraud” category is with the
subtype, “new accounts,” which ranked (up 18%) and for “email or social media” Robert E. Holtfreter, Ph.D., CFE, is
tenth and increased 12%. A fraudster purposes (up 23%). distinguished professor of accounting
might open a bank account in a vic- As shown in Table 3 above, the 30 and research at Central Washington
tim’s name to launder money, among to 39 age group reported the highest University in Ellensburg, Wash. He’s
other reasons. They typically use a wire number of complaints, but we shouldn’t also on the ACFE’s Advisory Council
transfer to move the money out of the conclude that this age group is having and the Editorial Advisory Committee.
account. relatively more problems with identity Holtfreter was the recipient of the Hub-
All the subtypes of “loan or lease theft than the others. Older-age groups bard Award for the best Fraud Magazine
fraud” have increased significantly. commonly are more susceptible to feature article in 2016. Contact him at
Fraudsters use victims’ identities to identity theft and other frauds, but the doctorh007@gmail.com.

GLOBAL FRAUD FOOTPRINT Examining cross-border issues
Romance fraud, cryptocurrency risks

and money laundering in Asia Pacific
The Asia Pacific region has become a hotbed for cyber romance scams.
Hong Kong cybercrime alone has risen 565% since 2012. The region’s
global financial centers also face increasing concerns about cryptocurrency
and blockchain money laundering fueled by North Korean cybercrime.
H
e said he was an engineer from
Britain who wanted to establish
a relationship with a wealthy,
66-year-old Hong Kong busi-
nesswoman. What he really wanted to do
was rip her off. And he did — to the tune
of $23 million in four years. He claimed on
the online platform Lovestruck that he had
financial problems and repeatedly asked
the woman for money. She transferred
cash to bank accounts in Hong Kong,
mainland China, Malaysia, Japan, Taiwan,
Britain and Germany — in more than 200
transactions. This lonely-heart case set the
record for Hong Kong’s largest romance
scam. (See “Online romance scam record
for Hong Kong as Wan Chai business-
woman loses US$23 million to ‘British
engineer,’ ” by Clifford Lo, South China consisted of romance scams that cost vic-
COLUMNIST tims more than $57 million. (See “Overall
Morning Post, tinyurl.com/ybsh3k4o.)
law and order situation remained stable
According to the Hong Kong Com- CFE in 2018,” The Government of the Hong
puter Emergency Response Team, cyber- ACFE RESEARCH
Kong Special Administrative Region, Jan.
crime cost Hong Kong companies and SPECIALIST
29, 2019, tinyurl.com/y55xz9ln.)
residents more than $250 million in the
During a recent interview with Fraud
first nine months of 2018 (a 565% increase
Simone McCarthy, South China Morning Magazine, Parag Deodhar, CFE, Asia Pa-
from 2012) with businesses sustaining Post, Dec. 8, 2018, tinyurl.com/y5s24trz.) cific director for information security at a
more than 9,000 attacks (a 55% increase Hong Kong police recorded 8,372 multinational corporation, described the
from 2017). The true amount of attacks is cases of deception in 2018, up 18 percent romance fraud phenomenon. “Romance
likely much higher, which justifies Hong from 2017. Among the notable increases fraud is one of the major scams prevalent
Kong’s presence in a LexisNexis Risk were cases of social media deception in Hong Kong and Singapore,” Deodhar
Solutions list of the top five cyberattack (2,064 cases and a 94 percent increase), says. “Scammers target wealthy single
destinations. (See “With financial losses online business fraud (2,717 cases and a women. Similarly, con artists — posing as
of HK$2.2 billion and more than 9,000 36 percent increase), email scams (894 part-time sex workers — target men.”
cyberattacks so far this year, Hong Kong cases and a 29 percent increase). Almost Though romance scams are com-
finds itself a top target of hackers,” by 600 of the social media deception cases mon in Hong Kong and Singapore, they

GLOBAL FRAUD FOOTPRINT Examining cross-border issues
aren’t unique to the region, according spearphishing attacks with tax-themed and London, rounding out the index’s top
to Barry Tong, CFE, advisory partner at lures and then deployed malware linked to five while making it 60 percent Asian.
Grant Thornton Hong Kong and president previous attacks on financial institutions (See “The Global Financial Centres Index
of the ACFE Hong Kong chapter. including the Bangladesh bank heist that 24,” Z/Yen, China Development Institute,
“These kinds of scams are often I covered in a previous column. (See “Why September 2018, tinyurl.com/y3guwo8w.)
cross-border frauds because many of the In January 2018, well before the
is North Korea So Interested in Bitcoin?”
fraudsters are targeting victims from
by Luke McNamara, FireEye, Sept. 11, 2017, UN panel met or the DOJ civil suit, U.S.
outside of Hong Kong,” says Tong.
tinyurl.com/yczoy5e5 and the “Global Treasury officials warned Hong Kong that
In October 2018, authorities in Hong
Kong, Malaysia and Singapore launched a Fraud Footprint” column, Fraud Magazine, it needed to do more to combat North
joint operation targeting a romance scam November/December 2018, tinyurl.com/ Korean smuggling and money launder-
ring that led to the arrests of 52 suspects y2cf3xtk.) ing, including strengthening company
who allegedly conned more than 140 vic- According to a United Nations Secu- formation and registration rules. (See
tims out of $14 million. (See “Hong Kong, rity Council panel of experts convened in “US official warns Hong Kong over North
Malaysian and Singaporean police bust March, North Korea has amassed more Korea smuggling, money laundering,”
US$14 million online romance scam ring,” than $670 million through cybercrime by by Joshua Berlinger, CNN, Jan. 25, 2018,
by Clifford Lo, South China Morning Post, using cryptocurrencies and blockchain tinyurl.com/yyzcg3eh.)
Oct. 26, 2018, tinyurl.com/ybhaunww.) technology to launder the proceeds. The “The Hong Kong Monetary Authority
panel singled out at least five successful at- (HKMA) has been amending the anti-mon-
Crypto risks tacks on crypto exchanges in Asia between ey laundering/counter-terrorism financing
The Asia Pacific region also faces prevalent January 2017 and September 2018, with regime and guidelines to tackle the chang-
risks associated with cryptocurrencies. A losses totaling $571 million. (See “North ing trends of money laundering,” Tong
cryptocurrency promoter staged a particu- Korea stole cryptocurrency via hacking: says. Their efforts include incorporating
larly eye-catching stunt in December when UN panel,” by Kaori Yoshida, Nikkei Asian updates to government statutes.
he threw thousands of Hong Kong dollars Review, March 8, tinyurl.com/y5kvn5hc.) “For example, the Anti-Money
off a rooftop. In an online video, he asked The prospect of North Korea launder- Laundering Ordinance (AMLO) extended
onlookers if they “believe money will fall ing proceeds of crime in the region doesn’t the due diligence and record-keeping
from the sky” as the bills fluttered from lack precedent. In November 2018, the requirements of financial institutions to
buildings. Within months, Hong Kong U.S. Department of Justice (DOJ) filed a designated non-financial businesses and
police arrested the same man for allegedly civil suit alleging that companies in Hong professions (DNFBPs) in March 2018,” says
selling specialized machines that mined Kong, Singapore and China helped launder Tong. “We also notice that the SFC has
his cryptocurrency, which wasn’t yet trade- more than $3 million for sanctioned North been launching more investigation cases
able. (See “Hong Kong cryptocurrency Korean banks. The Singaporean company in 2017 and 2018 than in 2016 and before.”
promoter thought to be behind money- involved agreed to forfeit funds to the U.S. More recently, a London-based think
tossing stunt arrested for fraud over sale of government and claimed a Chinese money tank issued a report pointing out South-
digital coin ‘mining machines,’ ” by Danny remitter directed it to send payments to east Asia’s vulnerability to North Korea’s
Mok, South China Morning Post, March 1, North Korean companies when the Singa- sanction-evading activities, including
tinyurl.com/y2mafbgl.) porean company sought discounted rates those enabled by cryptocurrencies, because
In Singapore, authorities charged for exchanging currency. (See “U.S. Files of North Korea’s proximity and the avail-
two company directors for promoting Suit to Seize Assets Tied to Alleged North ability of sophisticated trade and finance
OneCoin, a fraudulent cryptocurrency, by Korean Money Laundering,” by Samuel infrastructure, plus the wide variations in
using a multi-level marketing scheme. Rubenfeld, The Wall Street Journal, Nov. the nature and scope of regulation from
(See “Two Singaporean company directors 29, 2018, tinyurl.com/y3k373nm.) country to country. (See “Closing the Crypto
charged for promoting ‘fraudulent crypto- “The [North Korean] money launder- Gap,” by David Carlisle and Kayla Izenman,
currency,’ OneCoin,” by Ketaki Dixit, AMB ers in this case chose Hong Kong as the Royal United Services Institute for Defence
Crypto, April 11, tinyurl.com/yxz2pj5c.) destination probably because it is one of and Security Studies, April 2019, tinyurl.
Security researchers linked attacks the closest international financial centers com/y6t3lenh.)
on three South Korean cryptocurrency for North Korea,” Tong says. “The governments in Asia have set up
exchanges to the Lazarus group, which According to the Global Financial task forces,” says Deodhar. “Financial regula-
is believed to be a collective of hackers Centres Index, Hong Kong, Singapore and tors, banks and the police are also doing
sponsored by the Democratic People’s Re- Shanghai together are closing in on the lot of public awareness campaigns. [Hong
public of Korea (North Korea). They used top two financial centers, New York City Kong] police set up the Anti-Deception

Coordination Center (ADCC) and an anti- cryptocurrency risks, fraud examiners proceeds with negative repercussions
scam telephone helpline.” should be proactive in understanding on a global scale awaiting organiza-
Tong said ADCC’s goal “is to step up and combating these fraud risks rather tions that enable the activity. n FM
combat actions against deception and than waiting for new compliance
increase public awareness of various kinds requirements.
of scams.” Mason Wilder, CFE, is a research
• The region is uniquely positioned to
Additionally, the SFC will now oversee face increased risks of North Korean specialist with the ACFE. Contact him at
cryptocurrency exchanges, traders and other money laundering of cybercrime mwilder@ACFE.com.
related companies. The SFC also will require
investment funds with more than 10%
cryptocurrency assets to obtain a license and
only allow initial coin offerings for tokens
that have fulfilled SFC requirements, such as
existence of at least 12 months. (See “Hong
Kong to tighten cryptocurrency rules,” by
Takeshi Kihara, Nikkei Asian Review, Dec. 17,
2018, tinyurl.com/ya9szv8p.)
Authorities also took steps to curb illicit
crypto mining by making such operations
punishable by up to $500,000 fine or five
years in jail. (See “Hong Kong: Illicit Crypto
Mining Operations Are Punishable by Fine
or Imprisonment,” by Ana Berman, Cointele-
graph, April 4, tinyurl.com/y2zutbym.)
A little further to the west, Japan’s
Financial Services Agency will require stron-
ger internal oversight from cryptocurrency
exchanges on their offline “cold wallets”
used to store digital money after restricting
use of online “hot wallets” (where virtual
currencies are stored on platforms directly
connected to the internet) because of a series
of security lapses. (See “Japan to require
crypto exchanges to bolster internal
oversight: source,” by David Dolan and
Takahiko Wada, Reuters, April 16, tinyurl.
com/y6d2mt72.)
Takeaways for fraud examiners

• Increases in cybercrime across the Asia
Pacific region require fraud examiners
to maintain awareness of the threats
and schemes so they can help prevent
their organizations from becoming
victims.
• Although regional governments and
regulatory agencies are adapting to

Keep ahead of
fluid GLOBAL
anti-fraud regulations
The compliance landscape forever shifted after the Enron and

WorldCom debacles, among others. Don’t let accelerating corporate
governance changes leave your organization and clients unprotected.
Here’s how anti-fraud regulations evolve in phases around the globe,
a review of compliance history plus practical action plans.
by
K
umar is a business owner keen on expand-
ing his enterprise. He has his eye on acquiring
another company in his field, Previo Industries.
Kumar didn’t chance upon Previo — he’s already
familiar with it from his experience a few years
back when he worked for another company, Intra-
zio Inc., that also considered acquiring Previo. (All
names have been changed.) At that time, Intrazio
ran proper due diligence checks on Previo. Kumar
was privy to the process and results. In the end,
the company decided to change direction and
didn’t acquire Previo.
But now, Kumar is eager to bring Pre- REGULATOR More reforms and statutory changes
vio into his growing company. Because Y EVOL followed with the 2010 U.S. Dodd-Frank
he’s already familiar with Previo’s busi- Wall Street Reform and Consumer Protec-
ness and its processes, Kumar tells his Kumar should’ve realized that the legal and tion Act. And that year, the U.K. Bribery
analysts to bypass their regular scrutini- regulatory landscape for businesses world- Act updated the nation’s anti-corruption
zation to try to speed up the process and wide is increasingly fluid. He also should’ve laws for the first time in a century. Other
grab Previo before his rivals do. known that organizations’ compliance and countries also started legislating anti-brib-
However, shortly after the acquisi- ery and corruption laws and regulations.
commitment to ethical standards can vary
tion, Kumar realizes he’s made a critical Fraud examiners, in conjunction with
over time.
mistake. His team takes a closer look at compliance managers, must continually
At the turn of the century, high-profile
counsel their managers and clients on
Previo’s inner workings and discovers
fraud cases like Enron, WorldCom and the ever-changing corporate governance
that the company had been convicted
Satyam, for example, shook the economic landscape and best practices. The newest
of some corruption violations, which
world and caused a huge trust deficit for generation of fraud examiners will benefit
it hadn’t remediated. Of course, Kumar
corporations facing similar challenges of from the history of corporate governance.
hadn’t anticipated this, but he should’ve
balancing “profitability at all costs” with
known better. Laws, regulations, enforce-
ethical standards. The resulting clamp- CORPORA
ment measures and penalties are always
PRIMER
changing. Kumar shouldn’t have relied down in the U.S. was the Sarbanes-Oxley
on the due diligence Intrazio conducted a Act of 2002, which mandated an indepen- Let’s examine some of the major gover-
few years earlier as a bulletproof indicator dent management certification of internal nance initiatives, laws and regulations
of Previo’s present standing. controls over financial reporting. from the modern era.

Global anti-fraud regulations
• The U.S. was the first nation to crimi- Meanwhile, the private sector has also All these regulations and standards
nalize the bribery of foreign public of- been working to raise standards and fight were designed to make corporations and
ficials with the passage of the seminal fraud. their leaders more responsible and ac-
1977 U.S. Foreign Corrupt Practices • The Committee of Sponsoring Organi- countable to stakeholders. They raised
Act (FCPA). zations of the Treadway Commission expectations for companies to act with
• The Organisation for Economic Co- (COSO), an independent private-sector ethics and integrity, rather than just deliver
operation and Development (OECD) initiative, began in 1985 to study the numbers at any cost. (See the online ACFE
formed an ad hoc working group in causal factors that can lead to fraudu- Fraud Examiners Manual, Section 2: Law/
1986 to explore corruption in interna- lent financial reporting. In 1992, COSO The Law Related to Fraud/International
tional trade. It published the Recom- issued its initial Internal Control—In- Initiatives Against Fraud and Corruption
mendation on Combating Bribery in tegrated Framework, which quickly plus Section 4: Fraud Prevention and De-
International Business in 1994. Since became the best-practice road map for terrence/Fraud Risk Management/Risk
then the OECD has published several designing, implementing and main- Management Frameworks.)
additional recommendations, includ- taining a system of internal control.
ing the 2010 Good Practice Guidance on COSO revised this original framework
Internal Controls, Ethics, and Compli- in 2013 to include 17 additional prin-
ance (tinyurl.com/y3t7gtaj). Even with emerging laws and regulations,
ciples to assist in creating an effective
some companies still resort to shortcuts
and unethical practices to achieve ambi-
tious growth numbers and targets. Let’s
examine how the regulatory governance
phases have evolved over the last few de-
cades from being merely compliant to
Fraud examiners, in conjunction with being completely committed. While I’m
writing about the phases from a largely
compliance managers, must continually
Indian ecosystem, the same would’ve been
counsel their managers and clients on the true for many countries at some point.
ever-changing corporate
governance landscape and best practices. Prescriptive phase of governance
In this first phase of governance, require-
ments are prescriptive, such as required
approvals (to set up factories, for example),
time frames and fees organizations need to
pay. In this procedure-driven compliance
phase, “permissions” from the government
• The United Nations Convention internal control system.
are important. A typical governmental
Against Corruption (tinyurl.com/ • In 2016, COSO partnered with
body isn’t interested or even knowledge-
y7r228yw), which went into force the ACFE to create the Fraud Risk
able about business norms and practices.
in 2005, is considerably broader in Management Guide (ACFE.com/
Compliance is largely binary in na-
scope than the OECD convention. It fraudrisktools).
ture: You either comply or you don’t. This
establishes a framework to combat all • In 2017, COSO published Enterprise procedure-heavy bureaucratic phase can
forms of corruption, including bribery, Risk Management—Integrating with spawn corruption and a “speed money”
extortion, embezzlement, trading in Strategy and Performance to update its culture (greased payments to hasten pro-
official influence and general abuses original ERM framework and address cesses and services).
of power. This further underscores the evolving needs and landscape While this aspect of governance is
my earlier point that the governance related to risk management. (See important, it just fosters rules-based ad-
landscape is constantly changing. tinyurl.com/y2ovcdla.) herence and doesn’t necessarily promote

ethical compliance or even regulatory to be absolutely ethically upright. by unethical practices and the power
controls. wielded by enforcement authorities.
Ethics and values phase We’ve seen numerous instances
Regulatory phase of governance of governance in which businesses have paid huge
In the second phase of governance, regula- In probably the most evolved of the three prices for unethical deeds. Mismatches
tory arms of government become stron- phases, governments expect business-
among differing governance standards
ger and become involved in the “how” of es to go beyond mere compliance and
across countries and cultures often cause
business by mandating processes that or- demonstrate the highest levels of ethical
these ethical violations. Most companies
ganizations need to follow in the interests conduct as their core principles while
operating in diverse markets face this
of consumers. This phase has pros and pursuing their goals and mission-driven
challenge.
cons. Some view such governmental ac- priorities. Stakeholder interests are vital
Standards across the globe are fast
tions as meddlesome and invasive. How- to businesses and are key to their sur-
converging to the “ethics and value”
ever, most believe that, for example, the vival. This isn’t to say that businesses
phase of governance.
central bank in India (RBI) has become a will become less competitive and inno-
good regulator and has protected Indian vative. The cost of unethical practices is
currency from much financial turmoil in so high that businesses can’t afford to T
Asia and even globally. disregard the risks anymore. So, the best CORPORA
Developing countries are often way forward is to be innovative with their
products and processes to stay relevant In the ethics and values phase of gov-
in this second phase, but this varies
from country to country. This phase and competitive. ernance (the optimum phase in ethical
of governance brings a focus on cus- This phase underscores the sig- processes), corporations take a proactive
tomer interests, compliance to stan- nificance of staying ethical and morally approach in devising processes to moni-
dards and a fair degree of probity, upright as an organization. Businesses tor business, gauge ethical parameters,
but it doesn’t mandate organizations realize the existential challenges posed identify instances of fraud or corruption,
D O N ’ T J U S T A C C E P T I N N O VAT I O N .
Embrace it.
A helping hand in the face of disruption.
Welcome to Status Go.™
gt.com/cio
Grant Thornton LLP is a member firm of Grant Thornton International Ltd (GTIL). GTIL and the member firms are not a worldwide partnership. Services are delivered by the member firms. GTIL and its member firms are not agents of,
and do not obligate, one another and are not liable for one another’s acts or omissions. Please see gt.com for further details. © 2019 Grant Thornton LLP | All rights reserved | U.S. member firm of Grant Thornton International Ltd
Global anti-fraud regulations
and implement corrective and preventive

actions, among other measures.
As fraud examiners, we know that an
organization must institute a comprehen-
sive program across all levels, so it’ll be- We’re living in the day of high regulatory
come ingrained into the fabric of that or- enforcements and standards.
ganization. Governance processes should
embed values and principles into business
decision-making. It’s not about an overtly
“rules-based culture” where people just
follow regulations without considering gifts and hospitality, codes of conduct and have access to hotlines through which
why; it’s about upholding values and prin- similar topics. Clearly written procedures they can register their concerns and even
ciples in all interactions, especially those
that set boundaries on what’s acceptable suggestions. The most effective report-
that involve ethical dilemmas.
and what’s not are a must. These policies ing systems maintain the anonymity of
Corporate leadership need to fully
and procedures should define situations those reporting.
own a good governance model. Man-
involving ethical dilemmas and explain It’s management’s responsibility to
agement should apply its principles and
the decision-making processes. An orga- evaluate and resolve genuine concerns
processes across the organization with
nization’s policies and procedures should that employees submit through the
the goal of enthusiastic employee par-
be based more on values than on rules reporting process. Ultimately, it’s the
ticipation. The model should have strong
and should promote societal good. board’s responsibility to ensure that
oversight, written policies and standards,
training and development, open lines of each concern is handled in a just and
Training and development
communication, and monitoring and fair manner and that management’s
Organizations should have distinct
corrections. response is unbiased and thoughtful.
training and awareness campaigns for
It’s important to identify concerns
all ethics and values aspects. Regardless
Strong oversight before they become complaints. A com-
of employees’ functions, organizations
A governance model with strong oversight plaint could refer to an incident that
doesn’t require a hierarchical structure. should educate them about subjects such
has happened, while a concern can be
An organization isn’t about one person; as bribery and corruption, sexual ha-
merely an indication that something is
company leaders must be responsible for rassment and conflicts of interest. Such
amiss and needs further investigation.
oversight of governance processes. A chief training should focus on ethical decision
compliance officer or a governance, risk making, in particular.
Monitoring and corrections
management and compliance head can
A good monitoring process (including
manage the program. But the ultimate Open lines of communication
According to the ACFE’s 2018 Report to internal audits, reviews, management
responsibility must be with the CEO and
the Nations, the most common fraud de- walkthroughs) measures the process
board of directors, who have the author-
tection method is tips. (See ACFE.com/ outcomes and offers evidence-based
ity to review the governance framework
and suggest any needed changes or RTTN.) An organization should foster suggestions for improvements and cor-
corrections. a culture of openness in which indi- rections. The monitoring process should
viduals can share their concerns with highlight successes besides identifying
Written policies and standards management if they observe any actual non-compliance, failures and gaps. Orga-
Organizations need written policies and or perceived breaches of ethics without nizations then should identify corrective
standards on ethical subjects such as brib- retaliation. At many large organizations, measures and preventive steps and carry
ery and corruption, conflicts of interest, employees, vendors and other associates out the necessary remediations.

Response mechanism cases of companies doing the right thing
Organizations need to be nimble and more by going well beyond the law and making
than just rules-driven; they should follow ethically sound decisions based on their
core values and principles. For example, Test your organization’s fraud
their core values when they respond to any
health with the ACFE’s free Fraud
kind of ethical issue. This is particularly some companies have taken strong ac-
Prevention Check-Up (tinyurl.com/
true if such issues can affect their reputation in response to cases of harassment y4m94rfx), which includes the
when the incidents weren’t, technically, video, “Fraud and the Tone at the
tions and ethical stances. They then must
criminal in the eyes of the law. However, Top: Ethics in the Executive Suite.”
follow corrective and preventive measures
we’ve seen too many cases of corporations
discussed above in spirit and letter and Check out the free-for-members
still following a culture of “do it until you ACFE’s Fraud Risk Assessment
consider response strategies based on
are caught” philosophy. This dubious ap- Tool (tinyurl.com/y6pnzwfq),
sound judgment and deeply rooted in which consists of 15 modules that
proach might have worked in the past, but
their values. help organizations zoom in on
not any longer. Compliance professionals
areas of risk.
and fraud examiners are laboring to make
sure of that. n FM Read “Winning the risk game,” by
David L. Cotton, CFE, CPA, CGFM;
Sandra Johnigan, CFE, CPA/CFF;
We’re living in the day of high regulatory Mani Padmanabhan, CFE, is co-found- and Leslye Givarz, CPA, Fraud
enforcements and standards. Organiza- er and CFO of Positive Shift Technolo- Magazine, January/February 2017,
tions must act ethically and not just legally. gies in Hyderabad, India. Contact him at tinyurl.com/y5394h65.
On the plus side, we’ve seen countless iammani65@gmail.com.
Guardian Analytics is the pioneer and leading provider of behavioral analytics solutions
for preventing banking fraud. Hundreds of ﬁnancial institutions rely on us to stop the
criminal attacks targeting their clients. Visit our website to learn more about our Digital
Banking, Real-time Wire, ACH ODFI & RDFI, and Zelle P2P Real-time solutions.
FEAR NOT
THE
BREACH
by Dick Carozza, CFE / Photos by Jason Miczek, AP Images
Write your cybersecurity playbook now

Cybersecurity expert
Theresa Payton says don’t wait until you’re

in the middle of a breach to formu l ate p lans .
Develop a playbook so everybody knows their roles. Practice digital disasters.

Line up your external helpers. Devise your communication strategy.
Then, if you’re breached, c o o l e r h e a d s w i l l p r e va i l .
In June 2015, the U.S. Office of Personnel Manage-

ment — the federal agency that manages the government’s
civilian workforce — reported that hackers had stolen
personally identifiable information (PII) of 21.5 million
individuals, including Social Security numbers, from its
background investigation databases.1 According to The
Washington Post, the Chinese government was responsible
for the OPM breach.2 Payton, a former chief information officer during the
“Organizations are doing a horrible job at cyberse- second President Bush Administration, was a keynote
curity and privacy protections,” says cybersecurity expert speaker at the 30th Annual ACFE Global Fraud Conference
Theresa Payton. “The security company, RSA, released in June. “We’ll never be able to build security that will
a Cyber Security Poverty Index that stated that 72% of stop all bad things from happening because we’ll always
large enterprises, which are the ones with the security have bad people in the world,” she says during a recent
budget and resources, are unprepared for all aspects of Fraud Magazine interview. “It would be a great day if
a data breach, including identifying the scope, recovery, cybercriminals hit a brick wall in trying to hack into a
and notification.”3 company and they said, ‘Wow, this is so hard. Maybe I
should go be a good person now and bake pies for the sick
and the elderly.’ They won’t do that. They’ll either move
on to the next victim and hope they’re more vulnerable, or they’ll find another way to
attack. The adversaries are engaging newer technologies such as artificial intelligence,
machine learning and big data to step up their own evasion capabilities,” says Payton,
the founder, president and CEO of a cybersecurity consulting firm.

Fear not the breach
“For example, we’re now seeing malware that’s designed to evade most
of today’s detection techniques. We see attacks hiding in encrypted com-
munications and traffic,” she says.
“There’s also a new playbook that Russia perfected during the 2016
U.S. presidential election, which nation states and cybercriminal groups
are using. That playbook is the evolution of hacking social sentiments and
using misinformation campaigns,” Payton says. “Russia used it to create
public unrest around the globe and provoke arguments on both sides of
issues. In the future, cybercriminals could use it to defame individuals,
industries and organizations.
“Cybercriminals change tactics daily. Most of them are dynamic and
evolve their tradecraft of tools, tactics
and procedures — TTPs — often to de-
velop new attack methods and to attempt
to remain undetected,” Payton says. “Ad-
ditionally, new technologies introduced
daily into the workplace add to the po- Theresa Payton
tential attack surface. Cybercriminals
use an ‘all of the above’ strategy. They BLAZES TRAILS in
deploy social-engineering emails with CYBERSECURITY
poisoned links and attachments. They
surf password databases and retry them
on company emails and networks. They
take advantage of software flaws to insert
themselves into technology processes.”
The situation might be dire but Theresa Payton was the first female to serve
not hopeless, Payton says. “We have to as White House chief information officer
continue to up our game, too. Defenders Payton: We do talk where she oversaw IT operations for the
must leverage emerging technologies to about the same cyber- second President Bush administration during
architect better and more security strate- security problems, and a period of unprecedented technological
gies while also removing more burden it’s maddening, isn’t change and escalating threats.
and friction on the user.” it? We keep focusing IFSEC Global ranked her fourth among
on the user being the the top 50 of the world’s cybersecurity profes-
FM: In many ways, we seem to be weakest link, and that’s sionals. Security Magazine has placed her in
talking about the same cyberse- the absolute wrong the top 25 Most Influential People in Security.
curity problems that have existed way to design an effec- Payton co-authored two books: “Pro-
for decades, such as user IDs and tive cybersecurity protecting Your Internet Identity: Are You Naked
passwords, failure to patch systems, gram. The threat land- Online?” and “Privacy in the Age of Big Data:
lack of reliable backups and more. scape evolves as we add Recognizing Threats, Defending Your Rights,
But now in a much more sophisti- new technologies that and Protecting Your Family.” She’s been a
cated and complicated technology are incorporated into repeat guest on the “Today Show,” “Good
environment, what needs to change our transactions and Morning America,” Fox business shows, Fox
news shows, “CBS This Morning” and “CBS
to make our cybersecurity more how we interact with
Evening News,” BBC TV news and radio,
effective? What are some common the internet but also
CBSN, CNN, NBC News, MSNBC and NPR.
denominators of successful, innov- as we find ways to stop
Payton is the founder, president and CEO
tive cybersecurity programs? the adversary.
of the cybersecurity consulting company,
Fortalice Solutions, LLC, and co-founder of
Dark3, a cybersecurity product company.

“When you’re in the middle of a breach, WHAT YOU DO WILL
A cybersecurity program should have the basics, such as benchmarking
against the industry best practices provided by the National Institute of Stan-
DEFINE YOUR REPUTATION
dards and Technology [NIST], but it also needs a focus on these questions: 1)
What are your top three most critical assets that if they were destroyed, held
FOR YEARS TO COME.”
for ransom or leaked would cause major disruption to your business? 2) Who
touches or accesses those assets and what safeguards are in place to make
sure the assets are safe? 3) What creative solutions are in place that can out-
FM: Employees, of course, aren’t automa-
think and outmaneuver the adversary? 4) Have we designed a multi-layered
tons. They can be thoughtful, emotional,
strategy that incorporates a wide variety of solutions that can stop or detect
studious, lazy, loyal, cunning, brilliant and
and recover from an issue?
dumb — sometimes all in one day. How do
The layers could be strict user-authorization controls for transactions fraud examiners and cybersecurity per-
outside the norm, user-access controls appropriate to data sensitivity, regular sonnel treat employees as multi-faceted
and emergency patching, conducting a red team — bringing in an independent humans when protecting organizations?
team to challenge your applications — and application whitelisting — telling You’ve said that many organizations’
your network the list of what’s “trusted” — plus behavioral-based analytics cybersecurity briefings sound similar: 1)
that look at logins, access, and data ingress and egress points. The sky is falling 2) Our data is at risk 3)
Attacks are worsening and 4) Users are
FM: Can you give a brief list of mandatory responses when organiza- still the problem. How do organizations get
tions find themselves in the middle of breaches? beyond these suppositions?
Payton: When you’re in the middle of a breach, what you do will define your Payton: Have some fun with education. To most
reputation for years to come. The best approach is to practice a digital disaster employees, cybersecurity training is so boring.
before you have a breach. You need to develop a playbook so that everyone They snooze, and you lose! Focus on the digital
knows their roles and will highlight any gaps that exist in your cybersecurity assets and operations that matter most to the
plans. Determine what role you want external helpers to play for incident re- organization. Talk to your employees about what
sponse, forensics, legal advice and cybersecurity fixes. Hopefully, you’ll never it would mean if those digital assets were under
need the playbook, but if you do, it should include your communication plan. attack and stolen. Then talk about tips to safe-
A communication plan needs to focus on when you need to disclose pub-
guard those assets.
licly to your employees, board, third-party vendors, regulators and — most
Consider instituting contests, such as, “The
importantly — your customers. Make sure you know how you’ll communicate.
person who forwards the most spam messages to
For example, for employees, will it be an internal web portal or a phone blast?
For customers, will you post a notice on your website and in social media, or our organization spam alert account wins a free
do direct mailers? Know who your friendly press outlets might be. Have the lunch this month.” Awareness and education
phone number handy for your local FBI cyber unit. shouldn’t be one time a year and solely focused
Here’s what your playbook should emphasize: on compliance. Consider a curriculum that lever-
ages many mediums throughout the year. Keep
• Assemble: Now’s the time to pull together the trained incident response
most of the messaging short and focused on one
team. Incident response requires co-locating the team even if via video con-
topic for easier retention.
ferences. Discuss the disaster, review possible remedies, discuss how this
Mediums you can use include delivering
group will get alerts and how the escalation process and approval process
in person, video conferences, posters and inter-
for ongoing internal and external communications will work.
nal memos. You can train them on: 1) your most
• Transparency: Both internally and externally, communicate what you know,
important assets and how to safeguard them 2)
what you don’t know and when future updates will occur.
how to protect yourself and your loved ones from
• Dig deep into details: Provide details when and where possible. The where online fraud (transferrable skills that will help
and when might depend upon forensics and ongoing case work. Explain protect the organization) 3) local and federal
how you plan to avoid similar issues in the future. obligations if you have a breach 4) reminding
• Feedback loop: Design and implement an incident response [IR] feedback everyone that the security team is a small and
loop. Tell customers how best to reach you — possibly via a toll-free number mighty team so security is everyone’s job 5) train,
or social media. Walk them through the best way to be heard. explain, test and repeat!

Fear not the breach
enablers and safety nets, rather than by rules that become restrictive
for people to gain access to do their jobs.
According to a recent Experian report, “Managing Insider Risk
FM: What else can organizations do to train Through Training and Culture Report,” [tinyurl.com/y4ux9pb2] security
their employees? and privacy training professionals stated that just over 65% of their
organizations’ employees are still the “weakest link” in cybersecurity.
Payton: Cybercriminals can hack your employees’ I realized that wasn’t really true when I worked at the White House.
devices — whether they belong to the individuals or The pivotal moment for me was when I shifted the design of a
the organizations. All of them have open platforms security strategy. We knew we had to address the hearts and minds
so they can upload operating system updates and of the staff at 1600 Pennsylvania if we wanted to protect their privacy
security patches. However, their devices are emi- and security. After all, if solving cybersecurity and privacy issues were
as simple as following security best practices, we’d all be safe. It’s not
nently hackable. Their latest apps can spell trouble
that simple.
for your organizations.
Two key questions came to me the first 90 days at the White House,
What are we doing wrong with these devices?
and I had to answer them, or we would have had a major calamity: 1)
We provide very arcane rules for employees to fol- Why, in spite of talented security teams and investments on security,
low, such as having them devise 12-character pass- do breaches still happen? 2) Why is it, that despite hours and hours of
words of non-repeating numbers or letters, etc. boring computer-based training and security campaigns, we still make
The complicated passwords actually feel designed mistakes and click on links?
to keep the owner of the account out because they We need a new line of thinking. It’s the one that kills boring com-
puter-based training courses. It’s the path that bans buying the latest
can’t remember them, and only the bad guy with a
fancy security tool if you haven’t used innovation to combat the hu-
password cracking tool can get in. We must work
man element. The new path is driven by a core principle: “Design for
harder to design security systems that act more as the human.”
I compare this line of thinking to installing childproof or safety
items in your house for toddlers or pets. You still tell them, “don’t touch
a SURYS company
Keesing Documentchecker FRE

Your online source for checking international TRIAE
and North American IDs L
Over 106,736 reference images.

keesingdocumentchecker.com
Making and breaking rules
Theresa Payton says we should commit to break some cybersecurity
rules and write new ones.
this,” but just in case they do,

you designed safety into your
New rules Old rules to break
house for them in mind.
1 Segmentation is key 1 We can protect it all
Design for your employ-
ees and for yourself. Just know Just as you segment client files from each No, you can’t. Cybercriminals will always
they’ll use free Wi-Fi, they’ll re- other or lock away valuables in a safe with- have time to be creative and break in.
cycle passwords, they’ll respond in a room, segmentation is a strategy to Always.
to emails that are tricking them build a digital wall around your informa-
tion. You must design ways to segment 2 Don’t integrate new tech; it’s
into giving up information.
off your top two most-critical digital assets buggy and causes security problems
They’ll break all the security
to save them. Not always true. New tech is your new
rules because they aren’t secu-
rity employees. By the way, I am best friend forever. Big data, new tech-
2 Install “kill switches” nologies and the “internet of things“
going to let you in on a little se-
cret: Security employees break Insist that your organization install these in don’t have to be the enemies of security.
your technology so you can turn off seg- Make them work for you not against you.
the rules, too!
ments to protect, but you still can function
without compromising security or privacy. 3
FM: Our members — fraud
examiners — work hard to Not always true. Chances are you’ve
prevent and deter fraud in 3 Security and technology innova- been breached or one of your third-party
all sectors. What’s the best tion will be on equal footing vendors have.
advice you can give them The security team must be involved as
as they fight daily in the much as possible at the earliest stages of
trenches? technology purchases and designs.
Payton: First off, remember

that you picked a very noble
profession! You’re helping
fight fraud and reduce crime.
Be a student of your job and FM: Dr. Joseph T. Wells, CFE, CPA, began the ACFE in 1988 to
keep up on the latest advancements that you can preach the message of detection, deterrence and prevention of
deploy to help improve your organization’s anti- fraud. How do you see the association doing in its cybersecurity
fraud posture. deterrence and prevention efforts? What can the ACFE do to fur-
Your job is fascinating and interesting. Don’t ther help its members in cybersecurity?
forget to use storytelling to help your customers
and clients know why you implement certain rules Payton: I love the work that the ACFE has done for decades now in the
or controls and how these rules and controls pro- detection, deterrence and prevention of fraud. I also love seeing the ACFE
tect them. focus on the intersection of fraud-fighting discussions with cybercrime-
fighting discussions. It would be great to see ACFE push the industry to
look for just-in-time methods to push fraud indicators to the cybercrime-
fighting side and vice versa. Additionally, how can we create new models
for fighting fraud when interactions are now machine-to-machine, and
See a longer version of this article, with how can we more quickly detect a rogue machine committing fraudulent
even more valuable information, at
transactions? Actionable threat intelligence in real time is key to winning
Fraud-Magazine.com.
the cybercrime war.

Fear not the breach Three tips for
health care
organizations
from Theresa Payton
FM: For years, cybercriminals had tar- The biggest risks aren’t so obvi-
geted financial institutions. Now they ous. They hide in the least obvious
seemed to have moved on to health places. Like in “smart” light bulbs
care. Why is that? How are health care installed for energy efficiency or
organizations ramping up their preven- sensors installed under the chairs
tion faculties? at the workplace!
While the chatty IoT devices
Payton: Criminals go where the action is,
talk to each other while creating
where victims are easy to find and where
treasure troves of data every mil-
there’s value. They focused heavily on the
Disconnect Social Security numbers lisecond to save money, improve
financial services industry for decades. As
You often use it to open bank accounts, buy safety, service and well-being,
the financial service industry hardened their
homes and pay taxes. You’ve been carrying that’s all new data that needs pro-
defenses, cybercriminals looked for new tar- around that nine-digit code since birth. And tection. And those chatty little sen-
gets and hit pay dirt by targeting food, retail that’s the problem. As an alternative, hospi-
tals could create unique, temporary patient sors seem innocent enough. What
and healthcare.
identifiers that they can use and retire. harm could a seat or light sensor
When WannaCry hit, people heading
do? But if you’re not careful in
into U.K. hospitals who were scheduled for
design, the IoT could be the new
surgery were told, “We can’t operate today
unlocked door spilling the keys to
because we’re in the middle of a ransomware
your secret stash of what you be-
attack.” This is where cybercrime gets real. Segment networks and then lieve to be secured digital assets.
A ransomware attack could endanger lives. trust but verify
Yet security protocols can’t stand in the way
When a “smart” thermostat can be an entry FM: Switching gears, after
of patient care. Health care institutions once way for hackers, segregating it from your
graduate school, what attract-
used old-school rules; you could develop guest Wi-Fi just makes sense. And yet, I
can’t tell you how many times I’ve gone to ed you to the cybersecurity
your firewall and hide the data behind it.
a health care organization, and they say, field?
The devices that are part of the “internet of “Yeah, we’ve got physical and logical sepa-
everything” [IoE] or the “internet of things” ration.” When we conduct our red-teaming
exercise, we often find that’s not the case. Payton: I was fortunate to begin
[IoT] have broken that rule. [See sidebar,
The exercise — basically a white-hat hack my career at Barnett Bank — now
“Three tips for fighting fraud and cybercrime — exposes connections in “segregated” part of Bank of America — on the
at health care organizations” at right.] networks. Will separating them be too ex-
cutting edge of technology and
pensive or cumbersome? If so, that’s where
your kill switches need to be. customer delivery, which allowed
FM: What are some of the best ways
us to also be on the cutting edge of
for organizations to protect their IoT
the methods of fraudsters, money
devices?
launderers and more. I then be-
Payton: The IoT and the IoE are upon us. came a senior vice president at
Flip the “kill switch,” Wachovia Bank in Charlotte, North
Businesses and the security industry were
save the world Carolina. After 9/11, U.S. agencies
struggling to beat cybercriminals before
these technologies were introduced, and Flipping a technology kill switch can be came knocking on the bank’s door
the best way to cordon off contagion. asking for help finding terrorist
this just adds more new points of presence
Imagine fighting off zombies by shutting a
to worry about. We love the convenience, steel door and then using that to buy time financing that could be hiding
but the data the new technology creates and to figure out how to survive. It’s the same among legitimate transactions.
the complexity it adds to the workplace is with a kill switch. If you design it correctly, That was a life-changing moment
creating a domino effect of security and you can flip the switch during an attack or for me. Having been raised in a
suspected attack to make sure you have military family, married to a Na-
privacy issues.
limited functionality while preventing the
This new technology doesn’t follow old- criminals from moving laterally through val Academy graduate and being
school rules. Now is the time to break all the your network. This is vital to allow your asked to help law enforcement
security rules and try a different approach. health care systems to function to serve with something so monumental
practitioners and patients.

was humbling. The on-the-job investigative experience
helped formulate my desire to focus the rest of my ca-
reer to protect nations, citizens and businesses, and to
combat fraud, cyberterrorism and cybercrime. I realized
that cybercriminals will use whatever means necessary
to achieve their goals. And I learned how much help
companies large and small need to defend against these
criminals.
FM: How did you become part of the CBS program

“Hunted” team? What did you learn from that
experience that you use in your firm’s work (or
vice versa)?
Payton: Some of my amazing milestones in life are God

moments. Something happened that led me down a
path I didn’t know existed. “Hunted” was no different.
The show’s premise was that a bunch of everyday
people play fugitives on the run. Our command center
investigators worked with the boots on the ground, the
“Hunters.” Team members had backgrounds from the U.S.
Marshals, U.S. military, the White House, CIA, FBI and the
National Security Agency. Even though it was a contest,
we took the manhunting seriously as if we were tracking
child traffickers or deadly criminals. Each fugitive would
have their lives compiled into a “target package,” and we would mine the profiles of
their families, friends, coworkers and their online presences for clues. Everyone,
including organizations, leaves cyber footprints. How you interact with the internet “This is my gift — to
determines how public and how large that footprint is.
defend, protect and
FM: What’s your motivation in con- I am my brother’s keeper. This is my gift help victims seek
tinuing in the cybersecurity field? — to defend, protect and help victims
seek justice. If not me, then who? n FM justice.”
Payton: Righting the wrongs of the digital
age with our skills and creativity. Protect- 1
Office of Personnel Management, Cyber-
ing our nation and our allies. Protecting security Resource Center, tinyurl.com/
pfdfvjj
companies and helping them recover when 2
“The Daily 202: How the nature of cyber-
bad things happen. Helping individuals war is changing,” by James Hohmann, The
get their lives back. Doing pro bono work Washington Post, April 15, tinyurl.com/
yxdnhz2w
to end child trafficking and exploitation.
3
RSA Cybersecurity Poverty Index 2016,
tinyurl.com/y32m2ew6
Thanks to ACFE Faculty member
Walter Manning, CFE, president
Dick Carozza, CFE, is editor-in-chief of
of Techno-Crime Institute, for his
Fraud Magazine. Contact him at
input in this article. — ed.
dcarozza@ACFE.com.

BY ANASTASIA NAZAROVA, CFE
Oil theft and fraud affects everybody — not just

those in far-away nations — because it enables
everything from terrorist attacks to human traffick-
ing. The author outlines thieves’ techniques and
what countries are doing to battle this multibillion-
dollar scourge.
It starts with the donkeys. Unaccompanied once they reach

a border, they carry their loads of oil from Algeria to Morocco
and Tunisia and return with empty containers. They make their
journey twice a day — every day — to power an estimated 660,000
cars on illegal fuel.1
According to a report presented by the Nigeria Natural Re-
source Charter (NNRC), Nigeria lost about $4.4 billion in 2016 and
$2.8 billion in 2017 to crude oil theft. This translates to a loss of
about $8.9 million daily and a combined loss of $7.2 billion over
the two-year period.2
In Mexico, fuel thieves drilled 2,274 illegal taps in the com-
pany’s pipelines during the first two months of 2018 — 38% more
than during the same period in 2017 and 352% more than were
discovered in the first two months of 2014.3

Oil theft and fraud
Ernst and Young estimates that Tackling these crimes is particularly criminal activity is a global phenomenon.
thieves steal, adulterate or defraud about difficult when stakeholders, whose intent During an interview I had with Ralby, he
$133 billion worth of fuels from legitimate should be to fight crime, become criminals said oil theft happens everywhere, so sin-
themselves. gling out key countries can be misleading.
oil and gas enterprises. The Eurocontrol
4
I.R. Consilium, a research and analy- However, certain states are hotbeds for
Technics Group noted that these num-
sis firm in maritime security, oil and fuel fuel theft.
bers are likely to be understated because
Mexico experiences widespread and
crimes, international law and the blue
of corruption, government involvement rampant fuel theft. The profits are large
economy, conducted the first compre-
and the nature of the crime, which is hard and growing (even the most conservative
hensive study of refined oil products theft
to detect.5 estimates suggest criminals stole $3 billion
in 2016, which the Atlantic Council pub-
Oil theft is a widespread problem that of fuel in just the last two years), and gangs
lished in 2017.6 The study continues with
harms countries around the world. The and organized-crime groups are the main
another report expected later this year. perpetrators.7
scale of the issue, however, remains widely
The report provides insights into modali- Mexico transports large amounts of
unknown. When we hear about oil theft,
ties and trends in oil theft plus respon- refined product throughout thousands of
we tend to think about Nigeria or Mexico, sible parties, affected stakeholders and miles of pipelines in areas that are difficult
but it goes far beyond these countries. recommendations that could change the to monitor. Pipeline tapping, or “milking”
Oil theft could also involve various dynamics of the issue. as it’s known there, is a major enterprise.
illicit activities, including smuggling, In some ways it’s more profitable than traf-
adulteration, fueling terrorist groups and THE SCALE OF THE PROBLEM ficking drugs because oil theft involves less
drug cartels, tax avoidance and money According to Dr. Ian Ralby, founder and risk. According to Reuters data, thieves are
laundering. CEO of I.R. Consilium, downstream oil stealing roughly one-fifth of total national
SAVE
THE
DATE
September 25-27, 2019
MARINA BAY SANDS | SINGAPORE
Visit
34 FraudConference.com/AsiaPac
FRAUD MAGAZINE JULY/AUGUST 2019 to learn more.
FRAUD-MAGAZINE.COM
gasoline consumption (about 150,000 bar- which results in less processing and refin- are legal documents issued by a carrier
rels per day) from pipelines.8 They hijack ing.) The main categories are: to a shipper that details the type, quan-
tanker trucks or steal directly from the tity and destination of the goods being
1. LARGE-SCALE THEFT
country’s refineries, too, with the willing carried.
in which thieves pump stolen oil —
or coerced collusion of petroleum com-
often tapped from pipelines or taken 4. HIJACKING OF TANKER TRUCKS
pany employees, though it’s much easier
from storage facilities — into barges, with or without collusion of the driver.
to steal oil via taps than tankers.
boats and ships and export it, either
Mexico’s current government recent- 5. PIRACY AND ARMED ROBBERY OF
under the guise of legitimacy or mixed SEAGOING TANKERS.12
ly implemented new reforms to combat
with legitimate product.
fuel theft, including using tankers instead The U.S. government investigated
of pipelines to move fuel and shutting 2. SMALL-SCALE THEFT and broke the story that thieves routinely
down the most heavily targeted pipelines. in which stolen oil is either sold back mixed stolen Nigerian crude with Gha-
However, these new initiatives have led into the supply chain or refined and naian crude at an offshore facility before
to shortages at gas stations across several then sold on the streets as fuel. exporting it into the supply chain as legiti-
states.9 Less than four months later, the mate oil.13 According to the I.R. Consilium
3. THEFT AT EXPORT TERMINALS
report, a major concern involves crooks
government had announced that the oil via the manipulation of meters and the
laundering and releasing ship-to-ship
theft was down by 95%, but many forging of bills of lading; bills of lading
transfers of stolen crude into the global
suspect that this sudden change
market.
is temporary and won’t last
Also, according to the I.R. Consilium
long.10 As Ralby said, chang-
report, apart from the extensive array of
ing the mode of moving fuel
upstream oil theft, Nigeria also suffers
will only change the method of
from massive downstream crimi-
stealing it unless entities address
nality, mostly involving thieves
the underlying dynamics.
misdirecting and smuggling im-
Nigeria also experiences oil theft
on a large scale. This has been a problem ported fuel into neighboring coun-
for years, mainly because of widespread tries. Perpetrators smuggle about 80
corruption and the direct involvement of percent of Benin’s fuel, for instance,
security forces, terminal workers, regula- from Nigeria. It’s believed that culprits
tory authorities and government officials. pay the majority of the proceeds of this
Despite efforts to combat oil theft, the smuggling activity to members of the
problem continues unabated at consis- Nigerian political elite.
tently high levels. The U.S. deputy am-
ASIA, LIBYA AND THE
bassador for the United Nations, Michele
EUROPEAN MARKET
Sison, said that Nigeria loses $1.5 billion
in revenues every month because of the Fuel theft is also rampant in Southeast
extensive nature of the oil-laundering Asia. Last year, investigations revealed
game across the nation. 11 that thieves siphoned and smuggled
Nigerian crude, which is among thousands of tons of fuel out of a major
the lightest and sweetest in the world, Singapore refinery. The working routes
is physically stolen in a variety of ways. in this region formed a triangle between
(Light and sweet oil is the most valuable Thailand, Vietnam and Singapore, and
oil because it’s easier and less expensive also included oil facilities in Malaysia.
into refine to products. Light oil also has a Smugglers took advantage of the dif-
higher percentage of light hydrocarbons, ficult-to-patrol sea (difficult because of

Oil theft and fraud
the vastness of the Thailand and Vietnam are others.15 Smugglers transport Russian (including ships). Thieves then transport
coasts) and attractive black-market prices. fuel into the EU by a few routes, including the oil elsewhere to be sold or refined.
Also, pricing differentials that arise from Kaliningrad and Belarus; Poland, for in-
6
TAPPING PIPELINES
some countries’ fuel subsidies drive a re- stance, is one of the main sources of fuel “Hot tapping” or “pressure tapping” is the
gional dynamic. For example, Malaysia, for smugglers into the U.K. and Ireland.16 most common method of oil theft in plac-
Indonesia and Bangladesh are particularly Other examples from around the es with extensive pipeline networks. The
vulnerable to losses because of their low world include Ecuador, the Philippines, method involves accessing a high-pres-
fuel prices.14 Turkey, Morocco and Azerbaijan, among sure operational pipeline and diverting a
According to the I.R. Consilium re- many others. percentage of the oil flow. This allows the
port, Libya, a destabilized state struggling According to the I.R. Consilium re- theft to remain undetected as the pipeline
to control its prime source of revenue, also port, the most concerning aspect of this continues to operate at full functionality.
suffers from fuel theft. The nation faces large-scale problem is that profits from The complexity of the hot-tapping meth-
coordinated criminality from militias, downstream fuel end up in the hands of od usually means that it often requires
corrupt officials and transnational crimi- transnational criminal organizations, ter- technical support from former or current
petroleum company
employees, who can
also advise on securi-
ty patrols and inspec-
tion schedules.
Illegal bunkering Smuggling
Illicit networks
Tapping pipelines also employ “cold
Laundering
tapping” to pilfer
Ship-to-ship transfers crude oil by cutting
Adulteration or even blowing up
Piracy and armed and stretching
robbery at sea a section of pipeline,
which disables the
White-collar theft
Bribing corrupt officials pipeline for several
weeks. During this
time, offenders set
up an underground
nal organizations out of Italy, Malta and rorist groups and insurgent outfits, all of
tap to divert a continuous supply of oil to
other locales. Recent U.N. investigations whom use those profits to finance even
their storage facilities. After workers fix
have discovered that crooks routinely fer- more nefarious activities.
the pipeline, the constant flow of oil into
ried huge quantities of stolen fuel from
the illegal pipeline won’t cause any fluc-
coastal facilities to waiting tankers affili- HOW OIL THEFT HAPPENS
tuation in overall pressure, and therefore
ated with Malta-based companies. The Here’s a list of the most common ways
no one will likely detect the tap.
criminals then offloaded the fuel at the criminals steal oil and refined petroleum
Augusta refinery in Sicily, sold it at below- products.17 SHIP-TO-SHIP TRANSFERS
market rates, mixed it with existing stock ILLEGAL BUNKERING Thieves transfer illegal fuel from their
and distributed it in Italy, France and Spain While the term “bunkering” describes the vessels to more reputable ships, i.e.,
by various companies, including an Italian process of loading oil onto a ship, it’s be- those from well-known companies.
trading firm. come synonymous with oil theft. Illegal This way, they can pass off the illegal
Libya illustrates one way smuggled bunkering means illicit removal of oil from fuel as legitimate and sell it on an open
fuel enters the European market, but there a pipeline or other distribution system market. Often traders use purpose-built

ships, some disguised as fishing trawl- WHITE-COLLAR THEFT While dye markers have proved largely in-
ers, to take in and distribute illegal fuel Various forms of corrupt and fraudulent effective because criminals launder them
without drawing too much attention behavior can — at a high level — make a out, entities have successfully started us-
during the process. range of oil and fuel products disappear via ing molecular markers — unique chemi-
forged documents. This usually involves cals that don’t affect the oil but are im-
PIRACY AND ARMED ROBBERY AT SEA
crooks funneling huge amounts of money possible to remove — to mark legitimate
Piracy is an attack against a vessel commit-
to individuals and entities even when no fuel and assist in detecting any attempts
ted outside a territorial sea; armed robbery
fuel or oil is produced, traded or provided. to adulterate or commingle fuel.
at sea is an attack against a vessel inside a
territorial sea. In both cases, the culprits For example, Albania’s fuel-marking
HOW TO STOP IT? program has yielded $100 million in re-
board the ship with the intent to commit
theft by using force. Dealing with pirates According to Ralby, the first and most claimed governmental revenues for sever-
often requires an international, coordi- pivotal step in tackling the problem of al consecutive years. Similarly, in Tanzania,
nated effort involving nearby countries. downstream oil theft is to recognize how the government saw a $143 million benefit
BRIBING CORRUPT OFFICIALS pervasive and pernicious the problem its first year of using molecular markers.18
Criminals often bribe politicians, security is. It’s important to develop and imple- And in Uganda, the rate of adulteration
forces, militants, oil-industry staff, oil trad- ment a mix of concrete countermeasures dropped from around 30 percent to less
ers and members of local communities, so to reduce the scale of this issue. These than 1 percent in six months.6
they can continue to steal oil without any countermeasures involve collecting data PIPELINE MONITORING
interruption. from a range of sources and coordinat- The most widely used methods for pipe-
SMUGGLING ing action within and among states and line monitoring are foot and car patrols
Thieves smuggle oil products into another international bodies. They also include and aerial surveillance using helicopters
country to obtain profit through arbitrage more extensive, sophisticated and reliable or light aircraft. However, these methods
because of price differences. have several limitations and are expen-
metering and monitoring along the sup-
sive. Many companies are now looking
LAUNDERING ply chain, GPS tracking of tanker trucks,
Laundering involves moving stolen or il- for more cost-effective solutions, such as
automatic identification system (AIS) and
licit oil or fuel through mechanisms that drones or aerostat balloons. For example,
other vessel-tracking measures, digitized
appear legitimate in an effort to hide the Brazil has recently started using aerostat
documentation and molecular marking. I
criminal origin of the product. Such opera- balloons that provide video and thermal
describe these below. surveillance of their pipelines, which pre-
tions often involve counterfeit certificates
of origin and layering intermediary com- FUEL-MARKING PROGRAMS viously have been susceptible to tapping.
panies between suppli-
ers and final purchasers.
ADULTERATION AND HOW TO STOP IT?

STRETCHING
Perpetrators add un-
wanted chemicals to fuel-marking gps monitioring of
programs tanker trucks, ais
petroleum products but
tracking of vessels
sell them at the full price
of a pure product. Adul- pipeline
monitoring
terated products often focus on supply-
cause engines of cars or chain integrity
Installation of meters at
vessels to develop vari-
oil wells, export terminals
ous faults or even break
and oil-tank farms
down completely.

Oil theft and fraud
Importantly, the company providing the sites, too. For example, Nigeria lost about NOT JUST LOST DOLLARS
technology also worked to make sure that $64 million between 2015 and the first Governments and companies are in-
their data could be admitted in court to aid quarter of 2017 to poor metering of its creasingly aware of the extent of oil and
prosecutions by equipping their balloons oil wells.20 fuel crimes around the world and their
with high-sensitivity thermal cameras GPS TRACKING OF TANKER TRUCKS, AIS worrying implications. While the eco-
with zoom capability.19 TRACKING OF VESSELS nomic losses are huge, it’s also critical to
Other electronic forms of monitoring Tracking vessels and vehicles promotes understand the connection between il-
pipelines have also proved effective but do
safety and security. These solutions pro- licit hydrocarbons activities and a serious
come with the risk of being susceptible to
vide a real-time picture of the vessel or array of security problems. “We all need
cyberattacks.
tanker truck movements, and companies fuel, and we all want it at a discount,”
INSTALLATION OF METERS AT OIL WELLS, can use the data in legal cases, investiga- Ralby says. “But we can’t allow that de-
EXPORT TERMINALS AND OIL-TANK FARMS
tions and negotiations. sire for less expensive fuel to cause us to
Accurate metering makes a big difference.
FOCUS ON SUPPLY-CHAIN INTEGRITY turn a blind eye to this global problem.
It’s more common to install meters at the
Transparency in the supply chain ensures We’re all stakeholders in this issue, so
export terminals and oil tank farms but
accurate and consistent information on we must all be stakeholders in resolving
not at the oil wells. This is because com-
petroleum products from production to it.” n FM
panies mix oil collected at the produc-
tion fields with water, sand and other consumption, thus reducing the possibil-
residual matters, which makes it difficult ity of fraud along the way. Partnering with Anastasia Nazarova, CFE, is a cor-
to determine the volume of oil accurately. counter-parties to share data and good porate auditor at Chevron Products
However, this practice is often necessary, practices could aid in developing effec- UK Limited in London. Contact her at
because thieves steal oil at production tive strategies. anastasia_wish@yahoo.com.
Detecting Fraud Through Vendor Audits +

Bribery and Corruption
NEW YORK, NY | AUGUST 5-7, 2019
Part One of this combo seminar explains how to develop

a solid foundation for vendor audits; how to identify which
vendors to target; how to prepare for a vendor audit; how
to identify, gather and audit relevant vendor documentation;
and what common vendor fraud schemes to look for.
In Part Two, you will learn how to protect your organization

by effectively incorporating anti-bribery and corruption
compliance policies, as well as effective detection and
investigation procedures, into your anti-fraud strategy.
LIVE EVENT CPE: 16
ACFE.com/NewYorkComboAugust REGISTER BY JULY 5 TO SAVE!

1
“Algeria turns off tap on Morocco’s smug- 8
“Fuel Theft — The Costs & Effects,” West- 15
“Malta ‘fuelling Libya instability’ by
gled petrol trade,” by Isabelle Mandraud, ern Global, June 11, 2018, tinyurl.com/ failing to tackle oil smuggling,” by Carlo
The Guardian, tinyurl.com/y2vg7f4u, Oct. y34lcmpq Bonini, Giuliano Foschini, Fabio Tonacci,
15, 2013 9
“Mexican oil theft even reached drilling Giulio Rubino, Cecilia Anesi and Lorenzo
2
“Nigeria loses N2.6trn to crude oil theft rigs, president says,” by Adriana Barrera Bagnoli, May 9, 2018, The Guardian,
in 2 years – NNRC,” by Michael Eboh, Van- and Michael O’Boyle Reuters, Jan. 15, 2019, tinyurl.com/y36jjouc
guard, Aug. 1, 2018, tinyurl.com/yyjgu4sf tinyurl.com/ybk6w5cb “Launderers turn to fuel smuggling after
16
3
“Mexico’s oil company is losing more 10
“Mexico Declares Victory Over Fuel diesel marker stumps them,” by Deborah
than a billion dollars a year to cartels - and Thieves. But Is It Lasting?” by Kirk Sem- McAleese, Belfast Telegraph, March 28,
its own employees are helping them out,” ple, The New York Times, May 5, tinyurl. 2016, tinyurl.com/y6pe8bsl
by Christopher Woody, Business Insider, com/y577omd3 17
“Fuel theft is a big problem,” by Jeff
April 13, 2018, tinyurl.com/yyryc7yw
“Massive Oil Theft By Pirates Costs
11 Desjardins, Business Insider, May 7, 2017,
4
“Fuel theft is a big problem,” by Jeff Nigeria $1.5 Billion Every Month,” by Irina tinyurl.com/y66nldcw
Desjardins, Business Insider, May 7, 2017, Slav, Oil Price, April 27, 2016, tinyurl.com/ 18
Source for both Albania and Tanzania is
tinyurl.com/y66nldcw y3ad8n6z a presentation by Gadi Gonen of SICPA at
5
“Fuel Theft — The Costs & Effects,” West- 12
“Nigeria’s Oil Theft Epidemic,” by the conference “Technology for Maritime
ern Global, June 11, 2018, tinyurl.com/ Shadow Governance Intel, Oil Price, June Security, Governance and Development
y34lcmpq 6, 2017, tinyurl.com/y24xvcfh in the Gulf of Guinea,” Freetown, Sierra
Leone, Nov. 16, 2018
6
“Downstream Oil Theft,” by Ian M. Ralby, 13
“Oil Theft Around the World: Cartels
Atlantic Council, Jan. 6, 2017, tinyurl.com/ And Exploding Donkeys,” by Zainab Cal- 19
“Balloons for Internet access,” by Yuri
yxv57g6g cuttawala, May 31, 2017, Huffington Post, Vasconcelos, Pesquisa FAPESP, July 2017,
tinyurl.com/y3rwo5nv tinyurl.com/y4ymm29l
7
“Explainer: Mexico’s fuel woes rooted
in chronic theft, troubled refineries,” by 14
“Shady triangle: Southeast Asia’s il- 20
“How Nigeria ‘lost N2 trillion to poor
David Alire Garcia and Marianna Par- legal fuel market,” by Henning Gloystein metering of oil wells’ in two years,” by Ed-
raga, Reuters, Jan. 20, 2019, tinyurl.com/ and John Geddie, Reuters, Jan. 18, 2018, iri Ejoh, Vanguard, May 14, 2017, tinyurl.
y58r2ao5 tinyurl.com/y6mvxqyr com/yysnogd8
Integrated Risk Management Solutions

Software Capabilities eLearning
Internal Audit Financial Crime
Incident Management Anti-money Laundering
Cyber Threat Intelligence GDPR/Data Privacy
Vendor Risk Code of Conduct
GDPR/Data Privacy Competition Law
Operational Risk
Compliance & Regulatory Risk
Contact SAI Global

Tel: +971 4 5687941 | info.emea@saiglobal.com
www.saiglobal.com/risk
Bad
leaders?
I ncre a sed fraud

By Donn LeVie Jr., CFE

R
ebecca is frustrated. She’s Cup. Worry instead about the daily rev- contributor of employee disengagement
been a fraud examiner and enue leakage from disengagement and lost and lost productivity. Gallup, through ex-
internal auditor in a large productivity that’s costing U.S. companies tensive research documented in its “State
corporation for four years. $350 billion annually in lost revenue be- of the American Workplace Report,” found
Rebecca enjoys every aspect cause of ongoing ineffective leadership that, on average, 17.2% of an organization’s
of the evidence hunt, includ- (See “2018 Gallup State of the American workforce is actively disengaged — they’ve
ing working with sources, re- Workplace Report,” tinyurl.com/y5agsedb.) unplugged and checked out. Gallup also
sponse teams and counsel; interviews; ana- We’ve all worked for people with dif- found that an actively disengaged employ-
lyzing documents; data analysis and digital fering leadership styles: from the autocrat ee costs an organization $3,400 for every
forensics. She abhors only one part of her (“do it my way”) or the bureaucrat (“this is $10,000 of salary, or 34% of pay.
job: collaborating with her boss, Jennifer, the policy”) to the laissez-faire proponent According to that Gallup report:
the vice president of accounting. Jennifer (“let them do it”) and every other style in
• Two-thirds of U.S. employees admit to
can be — alternatively — overcautious, between. Regardless of the dominant lead-
not being engaged in their work and
obstinate, dismissive and overbearing. ership style, ineffective leaders — those
workplace, whereas 18% are “actively
Rebecca feels that Jennifer often inappro- who are abusive or incompetent on several
disengaged,” and could be impeding
priately puts the brakes on Rebecca’s fraud levels — are a financial and intellectual
not only their own performance but
examinations, which often wastes her time capital drain for companies everywhere.
also the work of colleagues.
and occasionally allows fraud to acceler- That can translate into botched fraud ex-
aminations and more opportunities to • Only one-fifth state that their perfor-
ate unabated. Rebecca is losing interest
commit fraud. mance is managed in a way that moti-
and creeping toward job disengagement.
vates them to do outstanding work.
The corporation is losing out because of
Jennifer’s poor leadership skills. Employee disengagement • 78% of employees strongly do not agree
• is widespread and costly with the statement: “Leadership has a
Forget about lost job productivity because Far too many organizations suffer from clear direction for the organization.”
of solar eclipse day, Super Bowl Monday, poor or ineffective leadership, which • 85% of employees strongly do not agree
March Madness, Black Friday or the World the Gallup organization cites as a major with the statement: “Leadership of the
Hidden consequences of poor leadership
DO YOU WANT TO MAKE SURE YOU HAVE

MORE FRAUD IN YOUR ORGANIZATION?
Then hire bad leaders and poorly train them
with outdated methods. Here’s how to avoid
employee disengagement by changing atti-
tudes and behaviors.

Bad leaders? Increased fraud
acceptable for success. They might lack focus on strategies, tactics and analytical
challenging work, suffer from boredom, approaches for employees. But disengaged
work long hours or just lack any personal employees are a symptom of poor, inef-
initiative. When left unchecked, these ele- fective leadership. That’s focusing on the
ments can cascade through the workforce wrong end of the problem! To quote a line
like an epidemic. It becomes difficult to from the movie, “Indiana Jones and the
shield those not yet influenced by such Raiders of the Lost Ark”: “They’re digging
widespread detachment. in the wrong place.” To work on the cause,
Let’s take employee disengagement we must look further upstream.
one step further. This workplace detach-
ment can reveal itself in more costly issues Two subtle but significant conse-
over months and years, leading to: quences of ineffective leadership
• Lost market share (competitors gain- Organizations need to change attitudes,
ing market share). behaviors and — sometimes — people
• Revenue loss. in leadership positions well before they
• Higher overall employee turnover. contribute to the creation of a toxic work
2/3
environment. These interventions require
• Higher incidence of on-the-job safety
an understanding of two subtle — and rare-
problems.
ly addressed — influential psychological
• Lost shareholder value (lower stock
factors: how poor leadership contributes
price, lower analyst expectations/
to the psychological depletion of “shared
forecasts).
resources” (financial resources, inventory,
• Loss of key employees. human skills, production resources, and
• Quality and customer service issues. information technology and natural re-
of U.S. employees admit to • Internal fraud and abuse. sources) and how it destroys workplace
not being engaged in their • Higher absenteeism (legitimate and
“psychological empowerment” (emotional
belief that leaders fully empower their
work and workplace. otherwise; poor leadership affects
workforces to apply their talents and ex-
workplace stress and can lead to
perience to accomplish the objectives of
depression and cardiovascular health
the organization).
issues for employees. See “Workplace
bullying and the risk of cardiovascular
organization makes them enthusiastic disease and depression,” by M. Kivi-
Psychological depletion of shared
resources by poor leadership
about the future.” maki et. al., Sept. 22, 2003, tinyurl.
com/y4wplfjd). In 1968, evolutionary biologist Garrett
• 87% of employees strongly do not
In extreme cases of disengagement, Hardin coined the phrase, “tragedy of the
agree with the statement: “Leader-
employees can sabotage financial records commons,” to explain various types of en-
ship of their organization communi-
and capital equipment or even become vironmental over-exploitation. Examples
cates effectively with the rest of the
violent. These dangerous scenarios are include the ocean garbage “gyres” (See “The
organization.”
bigger issues than poor leadership; they Great Pacific Garbage Patch,” by the Ocean
now become a corporate culture problem. Cleanup Group, tinyurl.com/yc3q4o9l),
What does employee overfishing of cod in the Grand Banks (see
Losses from employee disengage-
disengagement look like?
ment tempt organizations to implement “Cod: A Biography of the Fish that Changed
Disengaged employees (doing just about programs for boosting employee morale, the World,” by Mark Kurlansky, tinyurl.
anything other than real work) are those motivation, communication, team build- com/y56yphya), demise of passenger pi-
whose performance, attitudes and perhaps ing, etc. Such programs designed to correct geons (see “Why the Passenger Pigeon
behavior have decreased to levels less than disengagement and productivity issues Went Extinct,” by Barry Yeoman, Audubon

Four dimensions
OF WORKPLACE PSYCHOLOGICAL EMPOWERMENT
magazine, May/June 2014, tinyurl.com/

zul64so) and the Gulf of Mexico dead zone
The four dimensions of workplace psychological empowerment — competence,
(see “Gulf of Mexico Dead Zone is Largest self-determination, meaning and impact — help drive employee engagement
Ever Measured,” in NOAA blog post, Aug. and productivity, especially when employees believe they have the freedom
2, 2017, tinyurl.com/ycugwofq). to fully deploy their expertise and value in the work environment. When poor
Any shared resource in a population or ineffective leaders invoke behaviors, attitudes or policies that threaten that
is subject to the same pressures of self-in- employees’ beliefs in any of the empowerment dimensions, they can create an
terest, unconstrained consumption and atmosphere that’s ripe for the negative cascading effects of disengagement and
exploitation that ultimately lead to scar- productivity issues. (See “Psychological Empowerment in the Workplace: Dimen-
city, depletion, destruction or extinction sions, Measurement, and Validation,” by Gretchen M. Spreitzer, The Academy of
— even with shared values and corporate Management Journal, October 1995, tinyurl.com/y24ja3tu.)
culture attitudes within company walls.
Self-determination is tied to a person’s
Poor leadership is a contaminant orig- Competence is connected to an
belief about being given the freedom
employee’s belief that they have the
to make decisions about project work,
inating upstream in the work environment. freedom to perform job-related ac-
related processes and effort needed
tivities with their acquired expertise.
Its effects can quickly pollute downstream for success.
in hallways, break rooms and conference SELF-

rooms. It can create a type of psychological COMPETENCE DETERMINATION
depletion of shared resources, such as the
adoption of common corporate values, cul-
ture and mission, which eventually leads
to a “tragedy of the corporate commons.” IMPACT MEANING
Poor or ineffective leadership creates these
Impact is the belief about having the Meaning is related to someone’s belief
and other hidden consequences that erode authority, accountability to impact about having the freedom to perform
the shared workforce bonds that company higher-level strategic direction and work that complements one’s beliefs,
operational results for the organization. behaviors and worth.
values (integrity) and company cultures
create.
Figure 1: Four dimensions of psychological workplace empowerment
Don’t discount the value a culture
of integrity provides to shareholders and
employees. Corporate culture integrity Much of the training aimed at leadership development targets the part of the
has a positive correlation with financial brain (the neocortex) that’s responsible for more “hard skill” expertise, such as logic,
analytics, reasoning and technical abilities. Daniel Goleman’s research has shown
performance and appeal of job openings.
that when training takes a neocortex approach, it can have a negative impact on
(See “The Value of Corporate Culture” by
job performance. Goleman co-directs the Consortium for Research on Emotional
Luigi Guiso et. al, September 2013, tinyurl. Intelligence in Organizations at Rutgers University.
com/y283l4w3.) To effect positive change, Goleman says, old behavioral habits must be ex-
The end result manifests as employee changed for new ones, which takes more time than conventional training, and
disengagement and that training should be individualized. (See “What
lost productivi ty, in Makes a Leader,” Harvard Business Review, January
Many “soft skill” leadership training 2004, by Daniel Goleman, tinyurl.com/kxdnfql.) This
which the needs of programs are misdirected to stimulate
the neocortex where hard skills of type of training would include personal individual
the one or the few logic, analytics and reasoning arise. coaching, periodic hands-on reinforcement and
become a higher pri- Human brain
frequent feedback.
Logic/abstract thought
ority over the needs
of the many — to Figure 2: Illustration shows the brain’s executive
Limbic System
paraphrase and flip Mammalian control (neocortex) and the fight-or-flight control
Emotions/empathy/parental center (limbic system). Daniel Golman (“What Makes
a quote attributed to
a Leader,” Harvard Business Review, January 2004,
Charles Dickens. It’s a tinyurl.com/kxdnfql) writes that leadership training is
Leadership soft skills, such as presence and misdirected to the neocortex when it should focus on
loss of that collective, emotional intelligence, arise in the limbic
the limbic system for emotional intelligence. (Brain
unified commitment system. Leadership training aproaches must
activate the limbic system. illustration modified from tinyurl.com/y52c9ndy.)

Bad leaders? Increased fraud
to company goals and objectives and to or procedures can produce frustrated em- programs teach techniques that appeal to
the tasks at hand that’s replaced with in- ployees. Indefatigable leaders also embrace the neocortex where logic, reasoning, ana-
dividual self-interest. initiative, risk assessment and working with lytics and concepts thrive. However, emo-
uncertainty. (See “Psychological Empower- tional intelligence (the ability to be aware
Poor leadership destroys work- ment in the Workplace: Dimensions, Mea- of, control, and express one’s emotions,
place psychological empowerment surement, and Validation,” by Gretchen M. and to address interpersonal relationships
Spreitzer, The Academy of Management Jour- thoughtfully and compassionately) arises
When we think about our jobs, they’re more
nal, October 1995, tinyurl.com/y24ja3tu.) in the neurotransmitters of the brain’s lim-
than positions that deliver a specific func-
bic system, which directs feelings, impulses
tion; they also provide emotional, social and
Leadership programs fail because and emotions. (See the sidebar on page 43
political currency — the invisible capital
they focus on the wrong part of for details.)
— that we exchange in workplaces every-
the brain Emotional intelligence (EI) training
where. Because of these different value as-
According to the Harvard Business Review: focuses on developing strategies in five
pects that jobs provide, employees are more
“American companies spend enormous major areas: empathy, self-management,
than job titles, job descriptions or promoters
amounts of money on employee training relationship management, social aware-
of products and services.
and education—$160 billion in the United ness and self-awareness. EI training is not
We can further explain this invis-
States and close to $356 billion globally “one and done” but requires frequent re-
ible capital that leaders and employees
in 2015 alone—but they are not getting inforcement of key learning components,
exchange, or workplace psychological em-
a good return on their investment. For individual and small-group activities and
powerment, via four related dimensions:
the most part, the learning doesn’t lead role playing, and individual coaching over
competence (or, as I say, aptitude), meaning
to better organizational performance, be- many months. EI training is more about
(or value), impact (or influence) and self-de-
cause people soon revert to their old ways changing old habits and attitudes and re-
termination (or autonomy). (See the sidebar,
of doing things.” (From “Why Leadership placing them with new ones that enhance
“Four dimensions of workplace psychologi-
Training Fails – and What to Do About It,” employees’ soft-skill inventories.
cal empowerment” on page 43 for details.)
by Michael Beer et. al, paid subscription, What of the psychological depletion
Early signs of ineffective leadership
Harvard Business Review, October 2016, ti- of shared resources and workplace psy-
often appear as fractures in any of these four
nyurl.com/z8j8kmc.) chological empowerment? At first glance,
dimensions because workplace psychological
Organizations often unwittingly pre- they seem to lend themselves to neocortex
empowerment is at its fullest when employees
vent leadership training from taking root processing, but it’s the emotion tied to the
believe that their leaders have given them com-
by thinking that employee events, such as belief of having the freedom to be fully and
plete freedom to do their jobs. Of course, I’m
one-day workshops or seminars, will suf- completely engaged, contributing and add-
not saying that means that employees aren’t
fice instead of slowly building long-term, ing value in a work role that directs limbic
accountable, but they have the autonomy to
continuous-reinforcement processes. And processing.
use and grow their skills to meet and exceed
their work goals. there’s another major problem.
“Unfortunately, far too many training Leadership presence, ‘engage-
When people believe they no longer
mentality’ and ‘connectworking’
have the freedom to engage these four psy- programs that intend to build leadership
chological empowerment components, they skills – including emotional intelligence Organizations want their future C-suite
might feel threatened and begin disengag- – are a waste of time and money,” writes leaders to have presence more than any
ing. Often negative changes in a manag- Daniel Goleman, who co-directs the Con- other soft skill. They want them to have
er’s dominant leadership style (embracing sortium for Research on Emotional Intel- the ability to naturally and comfortably
a more autocratic style, for example) or ligence in Organizations (eiconsortium. engage others, establish personal connec-
even abruptly switching senior executives org) at Rutgers University. “The problem tions and build trust, confidently position
can cause employees’ disengagement and is simple: They focus on the wrong part of their leadership expertise as offering value
corresponding productivity losses as they the brain.” (See “What Makes a Leader,” in for others, and interject wise influence to
adjust to uncertainty. Harvard Business Review, January 2004, by gain acceptance or cooperation of ideas
Because work relationships and Daniel Goleman, tinyurl.com/kxdnfql.) and initiatives. The strength of their pres-
processes are complex, effective leaders According to Goleman, most of these ence is a catalyst for mentoring others or
know that merely following defined roles failed, wrong-part-of-the-brain leadership serving in advocate-protégé arrangements.

If poor, ineffective leadership is a direct for making leadership presence in your Workplace empowerment doesn’t
cause for employee disengagement and lost anti-fraud organization a practice that can mean overloading employees with addition-
productivity, we hear a clarion call for lead- turn into a competitive advantage. Presence- al responsibility and challenges that place
ership presence that prioritizes the power of driven leadership isn’t just for executives them in high-stress mode. Psychological
emotional intelligence. Organizations can in the corner office because being a “leader empowerment is the emotional belief that
teach and reinforce it through proper train- with presence” isn’t a job title; it’s a powerful a person has the authority, freedom, support
ing, coaching, and follow-up that’s not just skill set anyone can master. and confidence of leadership to accomplish
repackaged, repurposed, retitled relics from Ineffective leaders and unproductive objectives under their charge. Employees
decades past. who embrace this type of empowerment
practices ultimately lead to revenue leaks
“Engagementality,” the attitude of al- from leaders in the work environment have
through a variety of channels, not the least
ways being ready to engage others in a man- stronger job performance, greater job satis-
of which are the psychological depletion of
ner that demonstrates interest, becomes a faction and a deeper commitment to orga-
shared corporate resources and the absence
mandatory commodity for leaders. Rather nizations’ objectives. n FM
of psychological workplace empowerment.
than traditional networking, which assumes
In extreme cases, disengagement can de-
a strong quid pro quo relationship, leaders
volve into destructive actions or behaviors Donn LeVie Jr., CFE, a Fraud Magazine
engage in “connectworking,” to further build
relationships for unifying effort, direction that can threaten the safety of work environ- staff writer, has been a presenter and a
and purpose. People don’t follow leaders ments and enable fraud. positioning/ influence strategist at ACFE
without becoming familiar with them, The most effective approaches groom Annual Global Fraud Conferences since
then trust them, and finally believe in their high-potential professionals early in 2010. LeVie says his corporate programs
expertise, experience and knowledge that the leadership development process and help companies plug revenue leaks
accompanies that authority. throughout their advancement into senior because of poor leadership. Visit his
Engagementality and connectworking and executive positions, which helps pre- website at donnleviejrstrategies.com.
will help lay the groundwork (through train- vent “attitudinal sclerosis” — hardening of Contact him at: donn@donnleviejrstrat-
ing, coaching and follow-up reinforcement) the attitudes. egies.com.
SAVE
November 7, 2019 | Washington, D.C.
Join us for the can’t-miss anti-fraud training event
for law enforcement and government professionals.
THE
DATE
Register by
October 7 to
SAVE
Visit ACFE.com/LEGAsummit to learn more. $150!
GLOBAL
FRAUD
is the same -
LEGAL SYSTEMS
aren’t
By Dr. Joseph T. Wells, CFE, CPA
Fraud examiners are increasingly tackling complicated

cases that simultaneously involve several nations.
We must look for legal guidance for our organizations’
cross-border operations. Here’s a start.
onsider this scenario. You judicial precedence, or they utilize it in a
TYPES OF LEGAL SYSTEMS
work as a fraud examiner more limited manner than common-law
At a basic level, legal systems around
for a U.S. multinational cor- jurisdictions. This means that civil-law
the world can be divided into several
poration. You have strong courts don’t shape the law to the same ex-
categories.
evidence that a longtime company pro- tent as their counterparts in common law
curement director, Max, has been tak- countries. Civil law has its roots in ancient
Religious and secular systems
ing kickbacks from a vendor. But you’re Roman law and is by far the most common
scratching your head. Max works for a new Religious systems derive their laws from basis for legal systems worldwide.
subsidiary of your corporation in Germany. interpretations of religious texts and treat
The vendor is based in Belgium, but Max them as divine mandates. However, today
Adversarial and inquisitorial
accepted the kickbacks from the vendor’s few countries rely exclusively on religious proceedings
rep in the Netherlands. And, on top of all law. Instead, it’s often used in conjunc-
A further distinction between common-
that, Max is a citizen of France. What do tion with secular law. For example, some
law and civil-law systems is the process
you do? Don’t waste any time — quickly countries that use religious law restrict
used to settle legal disputes. Most com-
consult reputable legal counsel who are its application to issues such as divorce,
mon-law countries use adversarial proceed-
familiar with laws in all these countries. inheritance and child custody, while using
ings, in which a presiding judge essentially
Like it or not, globalism is increasing. secular law to govern criminal and com-
acts as a referee between the two parties
Many fraud examiners are finding that the mercial law.
to the dispute. Each party presents its case
corporations they work for are acquiring The majority of legal systems are
and has the opportunity to challenge or
businesses in many countries. These con- secular systems. This means they aren’t
rebut arguments advanced by the oppos-
glomerates are inheriting not just firms’ based on any particular religion. Instead,
ing side. Then, a judge, group of judges or
assets but also their monetary and legal relevant governmental authorities design
a jury issues a decision based on the facts
liabilities. CFEs need to know how to trans- and implement them.
presented.
late nations’ laws and regulations to help
Common law and civil law In contrast, civil-law countries fre-
keep their employers above water.
systems quently use inquisitorial proceedings (some-
Here we visit basic and more advanced
times referred to as nonadversarial proceed-
concepts of the law related to fraud from Most legal systems also fall under the
ings) to settle legal disputes. Judges play
around the world, including types of legal umbrella of one of two legal “families”:
much more active roles in inquisitorial
systems, forms of evidence, investigations common law systems and civil law sys-
systems, in which they’re generally tasked
in private actions and more. tems. Common law refers to judge-made
with actively investigating the case. For
law. Countries that incorporate common
example, in adversarial systems the par-
law into their legal systems generally rec-
ties involved in the dispute are generally
This article is excerpted and adapt- ognize the extensive application of judicial
tasked with collecting evidence and ques-
ed from the “International Fraud precedent. In the legal context, precedent
tioning witnesses at trial. In countries that
Handbook,” edited by Dr. Joseph T. refers to an earlier court ruling that applies
use an inquisitorial system the presiding
Wells, CFE, CPA, published by John to a particular dispute. For example, if the
judge might question witnesses and super-
Wiley & Sons Inc. ©2018 Used with highest court in a particular jurisdiction
vise the gathering of evidence. After the
permission. issues a ruling regarding government
completion of an investigation the judge,
searches, lower courts within that juris-
a group of judges or a jury will decide the
diction are obligated to follow that ruling
outcome of the case.
whenever the relevant issue arises.
In contrast, judges play less crucial
roles in civil law systems. In these sys-
Hybrid systems
tems, judge-made law is either a minor There’s significant crossover between
aspect or completely absent. Instead, civil- common-law and civil-law systems, and
law countries formally codify their laws. many countries use hybrid systems that
Civil-law countries often don’t recognize incorporate aspects of both. For example,

Global fraud and legal systems
most countries that use common law don’t

rely exclusively on judicial decisions as
the source of law. Generally, these coun-
tries have legislatures that draft and enact
laws. However, the judiciary generally has
the power to shape those laws (or to strike
them down as unconstitutional) if they
arise during a legal dispute. Additionally,
countries that predominantly use adver-
Rules of evidence affect every aspect of a legal
sarial systems might task judges with more
active responsibilities in certain kinds of case — from filing the complaint to the presentation
cases (e.g., minor traffic violations, admin- of witnesses and exhibits.
istrative decisions).
DEFINITION OF EVIDENCE
These rules often govern not just what counts

In the most general sense, evidence is any-
thing that tends to prove or disprove some
claim or assertion. In the legal sense, evi-
dence refers to the testimony, documents,
as evidence but also how that evidence is
exhibits and other tangible objects offered gathered, handled and presented.
to prove or disprove the existence of an al-
leged fact during court proceedings.
Most legal systems have intricate sets
of principles that govern the admission of
evidence. The purpose of these principles
is to ensure only relevant and probative In contrast, many countries (particu- maintains its own evidence act for provin-
evidence is admitted in court proceedings larly those with civil law legal systems) cial proceedings.
and irrelevant, unreliable and prejudicial don’t have explicit evidentiary rules or
evidence is excluded so that cases can be have less detailed rules. As a result, judg- Three basic forms of evidence
decided fairly and expeditiously. es in these countries are often afforded There are three basic forms that evi-
Rules of evidence affect every aspect greater discretion regarding the admission dence can take: testimonial, real and
of a legal case — from filing the complaint of evidence. demonstrative.
to the presentation of witnesses and exhib- The rules of evidence in a particular
its. These rules often govern not just what jurisdiction are often complex and can Testimonial evidence
counts as evidence but also how that evi- involve not only explicit rules but judi- Testimonial evidence refers to the oral or
dence is gathered, handled and presented. cial interpretations of those rules. As a written statements made by witnesses un-
Of course, the rules of evidence vary result, fraud examiners should consult der oath. In general, there are two types
significantly among countries and legal legal counsel if an important question of of testimonial witnesses: lay witnesses
systems. Some countries maintain ex- evidence arises during a fraud investiga- and expert witnesses. A lay witness (or fact
tensive rules that regulate the admission tion. Additionally, rules of evidence vary by witness) is a nonexpert witness who must
of evidence. For example, in Canada, the jurisdiction, even within the same coun- testify from personal knowledge about a
Canada Evidence Act regulates the rules try. For example, in the U.S., state courts matter at issue. An expert witness is a per-
of evidence in federal cases. Similarly, the maintain their own evidentiary rules that son who, by reason of education, training,
Federal Rules of Evidence (FRE) govern evi- might differ from the Federal Rules of Evi- skill or experience, has the requisite quali-
dence in U.S. federal courts. dence. Likewise, each province of Canada fications to render an opinion or otherwise

testify in areas relevant to resolution of a seldom by direct evidence alone. The most statements about a person that harm that
legal dispute. difficult element to prove in many fraud person’s reputation.
cases — fraudulent intent — is usually Defamation can be a crime or a civil
Real evidence
proved circumstantially, and necessarily violation, depending on the particular ju-
Real evidence refers to physical objects that so, because direct proof of the defendant’s risdiction where the alleged offense oc-
played a part in the issue(s) being litigated. state of mind, absent a confession or the curred. Additionally, some jurisdictions
The term includes both documentary evi- testimony of a co-conspirator, is often treat certain kinds of defamation as civil
dence such as bank statements, invoices, impossible. violations and other types as crimes pun-
ledgers and letters, as well as other types of ishable by incarceration.
physical evidence (e.g., fingerprints, fibers, INVESTIGATIONS In most common-law jurisdictions,
tire tracks). Therefore, a printer in a case IN PRIVATE ACTIONS the law of defamation comes in two forms:
involving questioned documents is clearly
The right for businesses and organizations libel and slander. Libel refers to defama-
real evidence as is an audio recording since
to investigate, examine or audit for fraud tory statements in writing, and slander
members of the court can experience the
is implicit in most countries. Of course, refers to spoken statements, although
sounds firsthand.
investigations in private actions are sub- the distinction often is unclear in cases
Demonstrative Evidence ject to certain legal limitations, some of involving electronic media. Thus, the key
which — such as the laws prohibiting difference between libel and slander is the
Demonstrative evidence is a tangible item
unauthorized electronic surveillance — form in which an individual made the
that illustrates some material proposi-
are enforced with criminal as well as civil defamatory statement. However, not all
tion (e.g., a map, a chart or a summary).
penalties. Overzealous or imprudent acts jurisdictions make a distinction between
Demonstrative evidence differs from real
by private parties (even if technically legal) libel and slander.
evidence because it wasn’t part of the un-
can result in civil suits, complaints and The threat of a defamation lawsuit is
derlying event; it was created specifically
other issues that can delay, disrupt or even always present when there are allegations
for the legal proceeding. For example, a
completely derail an otherwise meritorious of wrongdoing made against employees.
computer-generated video might be used
case. Thus, fraud examiners must keep in For example, a claim of defamation might
to show how a car accident likely occurred.
mind the rights of those involved in any arise in the context of an interview if the in-
The purpose of demonstrative evidence is
private investigation. terviewer makes unfounded accusations or
to provide a visual aid for the fact finder.
The following is a brief discussion statements in the presence of a third party.
As long as it meets the relevant evidentiary
of some legal issues that might arise as If a plaintiff (i.e., the party who initi-
standards, demonstrative evidence can
a result of an investigation, particularly ates a legal action) is successful in a claim
be introduced to assist the fact finder in
one conducted in an irresponsible man- for defamation, that party may recover
reaching a verdict.
ner, carried out without predication, or economic damages (e.g., lost business, lost
Direct versus circumstantial conducted in a way that blatantly violates earning potential), noneconomic damages
evidence the rights of those involved. These issues (e.g., pain and suffering, emotional dis-
There are also two basic types, as distin- are avoidable if fraud examiners employ tress), and punitive damages, which can
guished from forms, of admissible evi- common sense and professional standards be substantial. The types of damages avail-
dence: direct evidence and circumstantial to accomplish legitimate objectives. Fraud able vary across jurisdictions and depend
evidence. Direct evidence is evidence that examiners should always pursue facts, not on the nature of the case.
tends to prove or disprove a fact in issue people; should ask rather than accuse; and
directly, such as eyewitness testimony or should seek to prove rather than allege. Elements of defamation
a confession. Circumstantial evidence is While the treatment of defamation (wheth-
evidence that tends to prove or disprove Defamation er it’s libel or slander) varies by jurisdic-
facts in issue indirectly, by inference. Many Many countries have defamation laws that tion, the following are the most common
fraud cases are proven entirely by circum- provide redress against harm to reputa- elements necessary to support a claim:
stantial evidence or by a combination of tion. Generally speaking, defamation refers • The defendant made an untrue state-
circumstantial and direct evidence but to the unprivileged publication of false ment of fact.

Global fraud and legal systems
Australia
• The statement was communicated • Statements made in preparation of COU RT R ECORDS
(published) to third parties. judicial proceedings. Generally, civil and criminal court re-
cords aren’t available to the public.
• The statement was made on an un- • Statements made between a legal However, some civil court records
privileged occasion. professional (e.g., solicitor or attor- are available via the Australasian
ney) and client. Legal Information Institute’s online
• The statement caused injury to the
database (austlii.edu.au). Criminal
subject. • Good faith statements made to records and convictions generally
protect a legitimate interest of the can’t be accessed without the sub-
speaker or recipient, such as a com- ject’s consent, but court schedules
Untrue statement of fact
and attendance lists might be avail-
munication between an employee able online and can contain useful
To be defamatory, a statement must
and employer regarding an impor- information. Court transcripts can
be a statement of fact (not opin-
tant business matter or the results of sometimes be obtained by making a
ion) and be untrue. Thus, truth is freedom of information request.
an examination into suspected fraud.
an absolute defense to defamation.
Accordingly, in many jurisdictions, MAJOR DATA PRIVACY LAWS
a number of privileges protect prudent • Australian Privacy Act 1988.
Communicated to third parties • Local laws governing surveillance
fraud examiners from defamation claims.
devices, workplace surveillance
To be defamatory, a statement must be
or similar issues.
conveyed, either orally or in writing, to Injury
one or more third parties. Defamation
Additionally, to be considered defama- OF F RAU D- RELATED
doesn’t occur when one accuses another L EGISL A
tory, a statement must cause some kind
directly and in the presence of no other Criminal Code Act 1995 and the
of injury. This often takes the form of
parties; to be defamatory, a statement criminal laws in states and territories
damage to reputations. For example, a that prohibit fraud.
must be heard or read by a third party. plaintiff might argue that he lost busi-
-
ness opportunities and income because
A -
Unprivileged occasion the statement damaged his professional TORS FROM OUTSIDE AUSTRA-
For a statement to qualify as defamatory, reputation. LIA SHOULD BE AWARE
the occasion in which the statement is Generally, any person who conducts
investigations (including surveil-
made must be an unprivileged one. Many JUST THE BEGINNING lance) in any state or territory of
jurisdictions recognize that there are The information in this article is a start Australia must hold an Investigator
some circumstances in which the need or Inquiry Agent License. Australia’s
in learning what you need as you conduct
National Privacy Principles govern
to share information is so important that fraud examinations that cross global ju- the collection, use, disclosure and
people should be free to make mistakes risdictions. See chapter 2 in my “Inter- storage of personal information.
without having to worry about being sued national Fraud Handbook,” and the rest
for defamation. Statements made in these of the book, to learn from CFE nationals
circumstances are said to be privileged. around the world about the legal specif-
Assuming that an employee can ics of their countries. (See the sidebar at
Anti-fraud professionals from around
establish that an individual made and right.) And, of course, consult with your
the world contributed this informa-
communicated defamatory statements legal counsel before tackling any fraud tion, contained in the 2018 “Interna-
about the employee to a third party, some investigations outside your borders. n FM tional Fraud Handbook,” on some
of the most common recognized privi- legal topics in just four dissimilar
countries. It’s just a taste. The book
leges include: Dr. Joseph T. Wells, CFE, CPA, is the contains much more material from
• Statements made during a judicial founder and Chairman of the ACFE. many more regions and nations.
proceeding. Contact him at jwells@ACFE.com. Consult with your legal counsel
when working in other countries.

Legal information about fighting fraud in four disparate countries
China Czech Republic United Arab Emirates

CO URT RE C O RD S C O U RT RECO RDS COU RT RECORDS
For civil cases, most national-, provin- Criminal records are maintained at the Not all court records are available to the
cial- and municipal-level court records Criminal Records Office in Prague, which public. Lawyers and legal professionals
are available online, but they’re usu- is part of the Ministry of Justice. Individu- must make official requests to the court
ally incomplete. Criminal records aren’t als can request copies of their criminal for access to particular records. There’s
available to be searched, but they’re records from the Penal Register. Corpo- no central database for all cases in the
frequently published in the media. rate criminal records are accessible by United Arab Emirates. To determine
the general public. The decisions of the whether there’s current litigation against
MA JO R D ATA P R IVA C Y L AW S Constitutional Court, Supreme Court an individual, an investigator must
China’s Cybersecurity Law, which took ef- and Supreme Administrative Court are proceed through a law firm or public
fect on June 1, 2017, is now the country’s published periodically in official reports. prosecution. In some cases, local influ-
primary data privacy law. Before this law, These decisions are also available for ence with the police or an immigration
the legal protection of personal data was free on each court’s website, but most of department can help. The collection/re-
spread among a vast number of laws and them aren’t available in English. covery departments of banks often have
regulations relating to different types of strong influence.
M A J OR DATA PRIVAC Y LAW S
personal data, such as real estate owner- MA JOR DATA PR IVA C Y LAW S
Until May 25, 2018, EU Directive 95/46/
ship records, business information, tele-
EC and Czech Act No. 101/2000 Coll., on There’s no general data protection law.
communications data, and data concern-
the Protection of Personal Data, restrict- However, Article 378 of the Penal Code
ing personal identity and cross-border
ed the collection and transfer of personal (Federal Law3 of 1987) prohibits the pub-
movements. These laws and regulations
information. Now the more restrictive lication of any personal data that relates
are still in force, but some of their provi- to an individual’s private or family life.
EU General Data Protection Regulation
sions have been subsumed by the Cy- Disclosing secrets relating to someone’s
replaced them.
bersecurity Law when data is obtained or private life without that person’s consent
stored by electronic means. (See pages can result in liability. Similarly, disclosure
219 – 220 of the “International Fraud F R A UD- REL ATED LEGI SL A of confidential information, such as infor-
Handbook” for a more complete list of Investigators conduct investigations into mation belonging to an employer, can
major data privacy laws in China. – ed.) alleged breaches of, among others, the result in liability. Federal Decree Law No.
Civil and Criminal Codes; Codes of Crimi- 5 of 2012 on Combatting Cybercrimes
nal, Civil, and Administrative Procedure; (Cybercrime Law) prohibits the invasion
F RAU D- RE LAT E D LE G I SL A
Labor Law; Intellectual Property Law; of an individual’s privacy by means of a
• Criminal law. Act on Criminal Liability of Legal Entities computer network, electronic informa-
• Anti-unfair competition law. and Their Prosecution; Tax Law; bank tion system, or information technology
• Anti-money laundering law. regulations under the Czech Anti-Money without the individual’s consent.
• Contract law. Laundering Act; Act on Capital Markets;
and Public Procurement Act.
• Law on tendering and bidding. FR AU D- RELAT ED L EGI SLA
• Securities law. • Federal Law No. 3 of 1987.
TORS FROM
• Federal Law No. 19 of 2016.
OUTSIDE THE CZECH REPUBLIC
TORS FROM Enforcement of established anti-corrup-
SHOULD BE AWARE
tion laws received a boost with the Abu
Private fraud investigators don’t need a Dhabi Executive Council announcing the
AWARE license or special training in the Czech establishment of an Anti-Corruption Unit
Because of the ongoing anti-corruption Republic. The CFE designation can be an in May 2015. The decision to establish
campaign in China, sources might be re- advantage in some cases. Data privacy a specialized department to combat
luctant to accept interviews, and it might laws restrict the transmission of personal corruption is considered one of the
be necessary to explain that the investi- data outside the country. main cornerstones that will assist in the
gation is not being conducted on behalf continuing development of the country,
of any government body. Interviewees limiting the chances of corrupt individu-
might be more comfortable working with als hindering such growth. The anti-cor-
investigators who can speak Chinese. ruption unit is established with the Abu
Dhabi Accountability Authority.
RX FOR FRAUD Heath care fraud issues
Medical identity theft

growing exponentially
Medical identity theft is the fastest-growing form of identity fraud.
Crooks use a myriad of ways to defraud federal governments and vulnerable
patients. Here are the schemes and ways to avoid becoming a victim.
B
abubhai Bhurabhai Rathod, of — and the physician’s bank account was
Okemos, Michigan, said he was COLUMNIST
frozen.
addicted to drugs. But he was DAVID A. PICARD, CFE Rathod was sentenced to 10 years in
lying. He was really addicted to INVESTIGATIONS MAN- prison for health care fraud and an addi-
AGER, NC DEPARTMENT OF
medical identity theft. tional two years for aggravated identity
HEALTH & HUMAN
In 2013, Rathod was sentenced to SERVICES, DIVISION OF theft. He pleaded guilty to both charges
four years in prison after a conviction of HEALTH BENEFITS, in August 2018. U.S. District Judge
NC MEDICAID
paying practitioners illegal kickbacks Janet T. Neff also ordered Rathod to pay
in exchange for patient referrals to his $939,795.89 in restitution to Medicare
health care companies, according to the and Medicaid.1
U.S. Department of Justice (DOJ). And he In 2016, there were nine
was further excluded from participating times more medical Medical identity theft
in Medicare and Medicaid. compounded by breaches
Apparently, he had no desire to than financial records Medical identity theft is derivative of
reform. While in prison, Rathod faked a
drug and alcohol use disorder to qualify
breached — 27 million. identity theft. The number of medical
identity theft victims has increased from
for admission into the Residential Drug an estimated 1.42 million in 2010 to 1.85
Abuse Program (RDAP). Rathod com- million in 2012 to 2.32 million in 2014 with
pleted the RDAP and was released early As part of his scheme, Rathod used 500,000 more victims in 2014 alone.2
from custody. Within days of his release the name, address, date of birth, Social The estimated economic impact of
in 2016, he began violating his exclusion Security number (SSN) and driver’s medical identity theft has increased from
and supervised release conditions by op- license of a physician colleague to obtain $30.9 billion in 2011 to $41.3 billion in
erating four health care providers across 2012, which makes medical identity theft
working capital loans for one of Rathod’s
the State of Michigan. the fastest-growing form of identity theft
businesses, Advanced Medical Services.
To conceal his ownership of these in the world.3
Rathod also used the physician’s identity,
providers from Medicare and Medicaid, Compounding the threat of medical
without the physician’s knowledge, to
Rathod used a variety of aliases, straw identity fraud are the increased numbers
owners and shell holding companies that personally guarantee those loans. When of data breaches of health care provider
were registered to other people. Rathod’s Advanced Medical Services defaulted on and insurance company medical records
scheme netted nearly a million dollars in one of these loans, a state-court judg- such as the Anthem Health Care data
Medicare and Medicaid reimbursements ment was entered against the physician breach in 2015, which exposed 78 mil-
to which his providers weren’t entitled. — without the physician’s knowledge lion member’s personally identifiable

information (PII).4 In 2015, the U.S. De- unsuspecting medical providers and • Don’t provide personal health informa-
partment of Health and Human Services patients.9 tion or other PII to those who might
reported 253 health care breaches, which Health care providers also lose pri- be posing as your health care provider.
affected 500 individuals or more with a vate patient information from employee Contact your provider to verify.13
combined loss of more than 112 million theft and loss of laptops, flash drives and • Be cautious of free health services or
records in 2015. According to Bitglass, one other data sources.10 products that require PII.
in three Americans were affected by health • Don’t provide personal health infor-
care breaches in 2015.5 Warning signs mation or other PII to someone who
Fraudsters sell stolen health records Medical identity victims: contacts you about a “recent breach.”
on the underground black market, known • Receive paperwork about medical proce- • Don’t be afraid to ask questions of your
as the dark web. In 2016, there were nine dures or services they haven’t received. health provider as to how they protect
times more medical than financial records
• Find incorrect information in medical personal health information or other
breached — 27 million, which represents
records. PII.
nearly 10% of the U.S. population alone.6
• Discover their medical benefits on • Don’t post health personal health infor-
Medical identity theft can have
private insurance and/or government mation or other PII on social networks.
devastating effects for patients, providers,
insurance companies and governmental programs have been maxed out. • Treat and protect your health care
programs. Medical identity theft generates • Are contacted by debt collectors about identities as you would your financial
losses to the health care industry of more bogus medical debt. information.14
than $30 billion each year, and patients on • See that their credit reports show collec-
the average pay $13,500 to resolve issues. How providers can prevent
tion notices and/or other debt activities.
Providers also incur significant costs to
medical identity fraud
• Are denied insurance coverage because Health care providers can take proac-
clear their names, and if their data is sto-
of incorrect information in medical tive steps by integrating their health
len they have a high risk of a malpractice
records.11 care organizations’ broader information
claims when erroneous information has
security and privacy programs and a com-
been added to patient charts. The costs
How to protect yourself prehensive incident response plans for PII
for patients aren’t just monetary but often
• Review the Explanations of Benefits compromises.
result in delays of treatment, misdiagnosis
(EOB) statement or Medicare/Medicaid Here are some important parts of a
and inappropriate care for patients. 7
Summary Notice that your health plan health care provider security program for
sends after your treatment. medical identity information:
Let’s define it
• Background checks, including criminal
Medical identity theft occurs when some- • Annually request a listing of benefits
and credit histories on any provider
one steals or uses a person’s name and from your health insurers and review
employees with access to private health
sometimes other parts of their identity them for accuracy.
care information.
such as Social Security or Medicare or • Request and review copies of current
Medicaid numbers plus insurance infor- • Employee training on importance of
medical files from all health care pro-
mation without the person’s knowledge security and protection of private health
viders. Monitor your credit report for
or consent to obtain medical treatment, care PII.
inaccuracies.12
services and/or goods. It frequently results • Latest encryption technology to secure
• Check with your medical providers to
in erroneous entries into existing medi- all IT resources, including laptops and
ensure your records are accurate.
cal records and can involve the creation mobile devices. Where employees are
of false medical records in the victim’s • Don’t share your medical and/or insur- allowed to bring their devices to work,
name.8 ance information with others. maintain remote data wiping capability.
Perpetrators also include hackers who • Read the privacy policies on health care • Policies and procedures for protec-
use social engineering to obtain SSNs websites before providing personal tion of personal healthcare PII that
and health insurance information from health information or other PII. include access to information on a strict

RX FOR FRAUD Health care fraud issues
need-to-know basis, robust password Equifax (tinyurl.com/ychfpnvx) or Tran-

management and guidance in the use of sunion (tinyurl.com/y6a3jaxp). The contents of this article repre-
cloud technology. • File a complaint with the Federal Trade sent the opinion and views of the
author and not of any other entity or
• Formal protocol to manage all vendors Commission (FTC) about medical
organization.
with access to organizations network identity theft at tinyurl.com/jlzpfqh.
that include security reviews, U.S. FTC identity Theft Toll Free Hotline:
Health Insurance Portability and 877-IDTHEFT (877-438-4338). Aggravated Identity Theft,” U.S. Attor-
ney’s Office, Western District of Michigan,
March 28, 2019, tinyurl.com/yxb97v3k
Global medical identity theft is active and growing. 2

“A Call to Action,” Medical Identity Fraud
Alliance, tinyurl.com/yy8arlt9
Health care providers, private insurance companies, 3
“The Real Threat of identity Theft Is in
government health benefit beneficiary programs Your Medical Records, Not Credit Cards,”
by Robert Lord, Dec. 15, 2017, Forbes,
and individual consumers should be taking proactive tinyurl.com/y5wb7smw
steps to prevent fraud. 4
“Judge Approves Anthem’s $115M Data
Breach Settlement,” by Julie Spitzer,
Becker’s Hospital Review, Aug. 20, 2018,
Accountability Act/U.S. Health In- • If you’re a victim of Medicare fraud, call tinyurl.com/y2ql9582
formation Technology for Economic 800-MEDICARE (800-633-4227). 5
“Medical ID theft,” Fraud.Org, National
Consumers League, tinyurl.com/y3qafrqu
and Clinical Health Act compliance • If you’re a victim of Medicaid fraud,
requirements and contractual protec-
6
Forbes et al., 2017
call 800-HHS-TIPS (800-447-8477).
tions, including maintenance of cyber
7
“Medical Identity Theft: Problems and
• Report private insurance fraud to your Prevention,” Healthcare IT News, Feb. 20,
insurance.
company hotline.16 2017, tinyurl.com/y2ro4ex2
• Incident response plan, including 8
“Medical Identity Theft,” U.S. Department
management responsibility for reported An ever-present of Health and Human Services Office of
breaches and the identification of legal, Inspector General, tinyurl.com/ppzag9n
and growing danger
forensic and other technical resources Global medical identity theft is active
9
“6th Annual HIMSS Security Survey,” 2014,
Healthcare Information and Management
that are equipped to respond in a timely and growing. Health care providers, pri-
Systems Society, tinyurl.com/y6p966ot
and professional manner.15 vate insurance companies, government 10
“6th Annual HIMSS Security Survey”
health benefit beneficiary programs
“Medical ID theft,” Fraud.Org National
11
What to do if you’re a victim and individual consumers should be
Consumers League, tinyurl.com/y3qafrqu
• File a police report with your local law taking proactive steps to prevent fraud.
“Medical Identity Theft,” World Privacy
12
enforcement agency. You might need If they’re victimized they should take Forum, https://tinyurl.com/y3ev64d2
to provide a police report to collection corrective actions and report incidents “Medical identity theft,” Coalition
13
agencies, health care providers, and to authorities. n FM Against Insurance Fraud, tinyurl.com/
y4zzsmvg
government and private insurance
“The Rise of Medical Identity Theft,” by
14
providers. David A. Picard, CFE, is investigations
Michelle Andrews, Consumer Reports, Aug.
• Correct erroneous and false information manager, NC Department of Health & 25, 2016, tinyurl.com/yclnvpj4
Human Services, Division of Health
in medical payment files with health 15
“Medical Identity Theft: Fighting and
Benefits, NC Medicaid. Contact him at Epidemic,” by Brad Gow, Sompro Interna-
providers.
David.Picard@dhhs.nc.gov. tional, 2018, tinyurl.com/y3e6tmdz
• Contact one of the three credit bureaus 16
“Recovering from Identity Theft,” Fed-
to place a fraud alert on your account: 1
“Excluded Felon Sentenced to Twelve eral Trade Commission, September 2018,
Experian (tinyurl.com/yl6hk84), Years For Health Care Fraud And tinyurl.com/jlzpfqh

Sharpen your skills with world-
Professional class training opportunities
Development and become a Certified Fraud
Examiner.
Networking Connect with more than 85,000

anti-fraud professionals through
Opportunities events and online communities.
Career Use members-only Job Board,

online career center and free
Support career webinars.
Knowledge Get exclusive resources like

Fraud Magazine®, newsletters
and Tools and free webinars.
Visit ACFE.com/Membership to learn more.

FRAUD SPOTLIGHT Analyses of lesser-known frauds
Shutting the lid on beverage

container deposit fraud
Container deposit fraud is more than just buddies transporting some
empty soda bottles across state lines. We’re talking about
multimillion-dollar tax fraud schemes. Here’s how to prevent them.
A
s a grade-school-aged boy the 5,000 container units totaling an ad-
growing up in southwest COLUMNIST ditional $500. So, the total payment the
lower-Michigan, I remember L. CHRISTOPHER retailer pays to the distributor is $5,500.
helping load up the car with , CFE, CPA The retailer then passes along the
emptied glass pop bottles that we’d take FORENSIC ACCOUNTANT 10-cent deposit on top of the retail mark-
IN INDIANAPOLIS, INDIANA,
to our neighborhood grocery store in ex- AND ADJUNCT FACULTY up to each end customer. For example,
change for a few dollars. In the Midwest MEMBER AT INDIANA UNI- the retail will charge each end customer
VERSITY’S KELLEY SCHOOL
U.S., “pop” is the vernacular term for soft OF BUSINESS AND INDIANA
a retail price of $1.50 for each container
drinks made by such producers as Coca- UNIVERSITY-EAST unit purchased plus 10 cents per contain-
Cola, PepsiCo, Dr Pepper and National er unit for a total of $1.60. The customer
Beverage. If you’re from the Northeast can then return the empty container to a
Purpose of beverage
U.S., it’s simply “soda.” Southerners collection center — typically a retailer —
container deposit laws
for redemption and retrieve their 10-cent
often call them all “Coke” even if they’re The primary purpose for beverage
container deposit laws is to prevent deposit. Finally, the retailer will ship the
not brown. I still remember the clinking
littering. Requiring deposits provides empty container to the distributor for
and clanking of those bottles in the car
an economic incentive for consumers their return of the 10-cent deposit. This
as we drove to the grocery store.
to properly dispose of containers for is how it should work every time in a
Michigan passed a bottle bill, or
recycling rather than dispose of them in perfect world.
beverage container deposit law, in 1976.
trash receptacles that will then end up in However, we must consider what
Even though it wasn’t the first state to a landfill or, worse, dumped on the side happens when a customer doesn’t re-
do so (Oregon passed the first in 1971) of roads to pollute the environment. deem their container deposit but throws
at the time Michigan had the highest
it in the trash or on the side of the road,
deposit — ten cents on airtight contain- Beverage container deposit or takes it to an alternate recycling center.
ers under one gallon composed of metal, refund scenario Depending on state law, the distributor
glass, paper or plastic. Today, 10 states Here’s how most common beverage will keep that ten-cent deposit, return it
and one U.S. territory have container container deposit law processes work. A to the state authority or a hybrid of both.
deposit laws. distributor sells beverage products to a (See “General flow-chart of beverage con-
Like any well-intentioned laws, retailer. As part of this transaction, the tainer deposit process” on page 57.)
some fraudsters will exploit them for distributor collects a deposit payment for Even though the underlying process
nefarious purposes. Here I’ll explore the each beverage container — let’s say 10 seems simple, the flow of transactions as-
general mechanics of beverage contain- cents for each container. For example, a sociated with the return of containers and
er deposit laws, perpetrators’ fraudulent distributor sells 5,000 container units at deposits can become complex. Further
schemes and the greatest risk factors $1 each for a total of $5,000. The distribu- adding to the complexity is that states
associated with these programs. tor will also charge a 10-cent deposit on regulate beverage container deposit laws.

Each jurisdiction has unique program im- container deposit from certified redemp- $4.3 million settlement
plementation and accounting regulations, tion centers. Under state regulation, these On May 24, 2018, New York State At-
so it’s important to research states’ specific redemption centers are responsible for torney General Barbara D. Underwood
requirements. (See “Unwrapping the Pros ensuring that only eligible beverage con- and Rockland County District Attorney
and Cons of a Bottle Deposit Program,” tainers sold in California where the CRV Thomas Zugibe announced a $4.3 million
The Abell Report, March 2012, Volume 25, deposits were paid can be redeemed. settlement with Oak Beverages Inc. for
Number 2, tinyurl.com/y5dcd77g.) falsely inflating the number of empty bev-
In this case, the state alleged that
erage container returns it received, which
the defendants received out-of-state
‘The Bottle Deposit’ episode resulted in the company’s failure to turn
material from various recycling centers over approximately $1,859,000 in unpaid
on ‘Seinfeld’
and engaged in illegal activity to claim deposits to New York State — a violation
This column’s title might conjure up
CRV refunds to the tune of $80.3 million. of New York’s bottle bill. (See the New
images of a famous two-part “Seinfeld”
They perpetrated the scheme by submit- York state release, tinyurl.com/y4bouc9f.)
episode. The story arc tells the saga of
ting CRV claims containing fraudulent Per the New York state beverage
Kramer and Newman conspiring to col-
information. The collected documentary container deposit program, distributors
lect beverage containers in New York,
evidence collected included inaccurate, each quarter must turn over 80% of any
transport them to Michigan and collect
unredeemed deposits to the state, which
the 10-cent refunds. altered and falsified weight ticket claims.
Oak Beverages failed to do. Distributors
Newman performs a thorough cost/ Various players would’ve been
are allowed to keep the remaining 20%
benefit analysis to determine how to best involved in collecting, transporting and of any unredeemed deposits.
transport the containers interstate — by dropping off of containers at the redemp- Oak Beverages systematically and
far the greatest cost associated with the tion center; falsifying of documents; falsely inflated the amount of empty
scheme. Newman, a U.S. mail postal submission of false claims; and collection containers it received and reported those
carrier, learns of the extra Mother’s of CRV refunds. falsely inflated numbers in quarterly
Day mail that has to be shipped from
New York to Michigan for sorting. He
excitedly volunteers to take the delivery Container and deposit Container and deposit
route. They can’t complete the scheme cost passed to retailer cost passed to consumer
because of other shenanigans that occur
on the drive to Michigan. While their
machinations are indeed fraudulent, Distributor Retailer Consumer
they pale in comparison to some of the
more organized schemes. Beverage container purchase cycle (downstream)
$80.3 million recycling fraud

On April 19, 2018, California Attorney
Container and deposit Container and deposit
General Xavier Becerra announced return passed back to return passed back to
criminal charges against five individuals distributor retailer
for defrauding the state’s beverage con-
tainer recycling program. (See the state
release, tinyurl.com/y6dyplcr.) Distributor Retailer Consumer
The 166-count indictment alleges
that the defendants conspired to manu-
Greatest Fraud Risks:
facture fraudulent weight tickets (printed
1. Unredeemed deposits not being remitted back to state
records of large amounts of bottles for through falsified records
redemption) through a certified redemp-
.
2. Underreporting of actual beverage containers received

tion center to obtain California Redemp- State authority in order to not remit deposits back to state authorities
tion Value (CRV) refunds. In California,
consumers can redeem their beverage Beverage container return cycle (upstream)

FRAUD SPOTLIGHT Analyses of lesser-known frauds
reports to the state. The company’s general certified redemption centers and lack of Bottling up these fraudsters
manager, who initiated and directed the adequate controls to monitor the accuracy Beverage container deposit fraud is a real
scheme, would modify customer invoices and completeness of the information they concern within jurisdictions that require
from drivers’ daily route records to exag- provide. such programs. The cases here involve
gerate the number of empty containers They simply file inaccurate informa- more than just a couple of buddies haul-
they collected. tion to receive increased refunds or not ing a garbage bag of containers over state
In one instance, the general man- remit taxes due similar to how individu- lines. The most logical answer to this issue
ager indicated on an invoice that a store als or organizations might evade other is for state authorities to develop vigor-
in Queens returned 80 bags of assorted tax payments. Distributors and certified ous enforcement components to ensure
empty cans and bottles — although drivers redemption centers committing beverage compliance with beverage container
deposit programs policies and procedures.
hadn’t picked up any empty containers. container deposit frauds might file false
This might be a tall task for officials to
Oak Beverages retained the $1,264.80 ad- or fictitious documentation with state
implement because of state jurisdictions
justment to the invoice. The general man- regulatory authorities to receive increased
facing shrinking revenues and cost-cutting
ager also instructed lower-level employees container deposit refunds. Or they might
budgets. The overall integrity and future of
to modify sales records to reflect these understate the amount of unreturned
beverage container deposit programs could
alterations and not inform anyone else at containers to reduce deposits they pay to
be in jeopardy because of fraud. n FM
the company about the adjustments. state coffers.
The greatest risk for malfeasance ex-
Greatest risk factor: self-reporting ists at the distributor’s stage because they L. Christopher Knight, CFE, CPA,
An audit of the state of Hawaii’s deposit might have the incentive to under-report is a forensic accountant in Indianapolis,
sales/distributions of deposit beverage Indiana, and an adjunct faculty member at
beverage container program has analyzed
Indiana University’s Kelley School of Busi-
the risks of self-reporting. (See tinyurl. containers to retailers plus collected con-
ness in Bloomington and Indiana Universi-
com/yyb4md2k.) The primary audit find- tainer deposit refunds from retailers and ty-East in Richmond. The views expressed
ings center around the program’s reliance not remit them to state authorities by in this article are his own. Contact him at
on self-reported data from distributors and falsifying paperwork. lchristopherknight@yahoo.com.
KEYNOTE SPEAKER
OCTOBER 17, 2019 | NEW YORK, NY

PREET BHARARA
CONVENE - ONE LIBERTY PLAZA Host, Stay Tuned with Preet
Former U.S. Attorney,
Southern District of New York
The 2019 ACFE Fraud Risk Management Summit

will bring together more than 100 executives, senior-
level professionals and other anti-fraud leaders to
explore the latest issues affecting fraud in business.
Attend and learn more about:

• Best practices in fraud risk management and
anti-corruption programs
• Emerging trends and tools in the fight
against fraud
• How your peers are addressing challenges Register by
in their anti-fraud programs September 17, 2019

and SAVE
58
Visit ACFE.com/FRMSummit
FRAUD MAGAZINE
to learn
JULY/AUGUST 2019
more.
FRAUD-MAGAZINE.COM $100
Prepare to Pass the CFE Exam
The CFE Exam Prep Course® software gives you flexibility to prepare for the
CFE Exam on your schedule. Including study questions and practice exams, the
CFE Exam Prep Course will help you prepare to pass the rigorous CFE Exam.
Includes a two-year subscription to the

new online Fraud Examiners Manual!
1400+ STUDY QUESTIONS TIMED PRACTICE EXAMS FRAUD EXAMINERS MANUAL MONEY-BACK PASS GUARANTEE
Review sample exam questions Simulate the CFE Exam environment Explore topics in-depth with the Prepare with confidence — the
with explanations of the correct by taking timed practice exams. Fraud Examiners Manual. CFE Exam Prep Course is backed by
answers. our Money-Back Pass Guarantee.
Visit ACFE.com/CFEPrep to learn more.

STARTING OUT By and for budding fraud examiners
An intern’s front-row
seat to fraud
This former intern learned firsthand about fraud when her boss and
mentor, the senior accountant, was arrested for embezzlement and
credit card fraud. The author helped discover the crimes at the nonprofit
business.
“Starting Out,” a periodic column

written by and for budding fraud
examiners, provides lessons and
encouragement inside and outside
the classroom. — ed.
O n March 5, 2018, I walked

into my office at a nonprofit
company expecting a normal
day. I wasn’t prepared for what would
transpire. I’d arrived at a crime scene
and saw my coworkers shedding tears
of anger and betrayal. I learned my
supervisor, the senior accountant, had
been committing fraud for more than
four years.
I had been with this nonprofit
In 2012, the company hired Sarah ound checks
since April 2017. My official job title was
Sharp (not her real name). She began When the temporary staffing agency
“junior accountant,” but I really was just
in a temporary accounting position placed Sharp at the nonprofit, it wasn’t
the intern as I completed my account-
through a staffing agency. However, in aware of her record. The organization
ing and criminal justice studies. My didn’t require that temporary employ-
job responsibilities included reviewing one previous job she’d stolen $14,000
ees undergo background checks and
journal entries and small-business cash from one client and in another job
normally relied on a staffing agency to
receipts, and reconciling the company’s misappropriated funds with that
screen its clients. However, when the
credit card monthly. I reported directly company’s credit card. So, why did the human resources department eventually
to the senior accountant whom I consid- company hire her? This is where the issued mandatory “CORI-checks,” we
ered my mentor. story really begins. uncovered serious red flags in Sharp’s

background. (Massachusetts, the state in All charges on credit card state-
which the organization resides, com- COLUMNIST ments had to be entered into the
piles Criminal Offender Record Informa- AFORD accounting software so the company
STAFF ACCOUNTANT
tion — CORI — a record of all criminal could write manual check payments to
AT AAFCPAs AND
court appearances in the state, including GRADUATE STUDENT pay those bills. It didn’t enter charges
arrests, convictions, dismissals and seri- AT NICHOLS COLLEGE into the system unless it had signed
ous violations.) physical copies. Sharp would bypass this
The company discovered Sharp had process by entering the charges into the
larceny charges of more than $250 in
Our business was faced system and allocating them to different
both 2010 and 2012 at other businesses. with a decision: let her accounts. She also entered the receipts
The staffing agency never ran back- under wrong vendors, so if anyone
ground checks on her, so it didn’t know
go or give her a second checked up on the accounts, they’d be
about these infractions. The business chance. As a nonprofit sent through a tailspin of erroneous
was faced with a decision: Let her go, or accounts.
give her a second chance. As a non-
company built on sec- Only Sharp reconciled the credit
profit company built on second chances, ond chances, it decided card accounts, and then her son would
it decided to keep her as the senior immediately file them away. No one else
accountant.
to keep her as the signed off on her reconciliations. She’d
Sharp had major responsibili- senior accountant. hide the charges by debiting the credit
ties at the company. She managed the card clearing account and crediting
payroll and four company credit cards, cash. They’d appear wrongly on the sub-
reconciled balance sheets and journal ledger, and the accounts never balanced.
entries, performed human resources her to see them. The company later But that didn’t matter because no one
tasks and was the No. 1 go-to person for discovered that Sharp had been mak- ever checked them.
all payroll-related questions. Although ing personal charges on its cards for a Because Sharp was always covering
Sharp reviewed other employees’ work, Hulu account, a snowblower, an Xbox her tracks, she never filed the payroll
no one reviewed hers. She signed off One, her cable and Verizon phone bills, taxes. The company owed more than
on her statements and posted them to Intuit payroll for a private company she $20,000 just in taxes alone during the
the accounting database. Her son even was forming, and family vacations to the three years she was in charge.
helped file away the paperwork. No one Great Wolf Lodge and Hampton Beach,
questioned anything she did. among others. She even purchased a Sharp should never
Despite the company’s lack of book on the company card to help her have gotten sick
controls with its financial statements, study for the CPA exam. Sharp didn’t The company eventually caught Sharp
it didn’t allow Sharp access to the ac- make large one-time purchases to avoid when she went on medical leave. In her
counting safe that contained petty cash absence, the company appointed the
red flags but instead used cash advance-
and cash deposits. But she found other accounts payable department and me
ments on the cards to pay for things
creative ways to steal from the company. to be responsible for all credit card ac-
such as her monthly car payment. In the
counts. When we discovered the alarm-
end, we discovered almost $45,000 total
Getting around the ing charges for Hulu, Verizon and her
worth of charges on company cards.
credit card system cable company — among others — we
Sharp had the sole responsibility of When auditors performed the notified our supervisors, and they began
managing credit card statements. No year-end audits, they never looked at the investigating.
one else saw what was on those state- credit card statements. They also never The accounts payable clerk also
ments or what was getting paid. When matched up the charges to receipts that noticed some weird receipts in Sharp’s
the accounts payable supervisor would the company had signed and filed away. mailbox, such as one for a GEICO state-
ask to look at the statements, Sharp So, Sharp was able to get away with ment. The company didn’t use this
would get very defensive and not allow these charges for four years. insurance company. Because she was

STARTING OUT By and for budding fraud examiners
on medical leave, she couldn’t intercept

the fraudulent receipts before they got Personal purchases with company funds
into the hands of the other company
accountants.
Dishonest employees often use
About three weeks after the compa-
company accounts to buy items
ny discovered the red flags it fired Sharp.
for employees, their businesses or
And the next day, March 6, 2018, police
themselves, such as Sarah Sharp,
and the assistant COO showed up at the head accountant of the Mas-
her door to recover any documents she sachusetts nonprofit business.
had brought home from the company. The heart of a fraudulent
During the investigation, the company billing scheme isn’t the theft of
discovered its errors. The biggest mis- the items but rather the purchase
take, of course, was the lack of internal of them. The perpetrator causes
controls and supervision. No one saw the victim company to purchase
the obvious red flags. “Talk about red something it didn’t actually need, but controls prevent
flags? It’s more like we’re sending up so the damage to the company is them from initiating purchase
flares!” the accounts payable clerk said. the money lost in purchasing the requests. Unfortunately, those
As of press time, the investigation item. with authority to approve pur-
was ongoing. The company filed charges chases often have a good deal of
against Sharp, but no court date was Personal purchases through
control over their subordinates and
set. I hope justice will be served. As an false invoicing
can force them to assist in purchas-
intern, I learned that fraud can happen Employees who undertake pur-
ing schemes.
anywhere, and the guilty party could chases schemes might run fraudu-
be anyone. Organizations of all types lent invoices through the accounts
Personal purchases on credits cards
— especially small businesses — heed payable system. The perpetrator
or other company accounts
the mistakes. I’ve now learned lessons buys an item and submits the bill to
As we saw in Sarah Sharp’s case,
outside of the classroom that I’ll carry their employer because it seemed
prior approval for credit card pur-
with me throughout my career. to represent a legitimate company
expense. chases isn’t required. An employee
with a company credit card can buy
Bethany Faford is a staff accountant
The fraudster as authorizer an item merely by signing their
at AAFCPAs in Westborough, Massa-
of invoices name (or forging another name) at
chusetts, and a Master’s of Science in
The person who engages in a per- the time of purchase. Many high-
Accounting student at Nichols College
sonal purchases scheme is often the level employees approve their credit
in Dudley, Massachusetts. Contact her at
very person in the company whose card expenses.
bethany.faford@nichols.edu.
duties include authorizing purchas-
es. Fraud arises in part because of a Adapted from the online ACFE Fraud Examin-
ers Manual, Section 1: Financial Transactions
A version of this column was perceived opportunity.
and Fraud Schemes/Asset Misappropriation:
published in the Feb. 14 edition of Sometimes the perpetrator is Fraudulent Disbursements/Billing Schemes,
Accounting Today.— ed. authorized to approve purchases, tinyurl.com/yxgwgmm5.

Light the Way.
31st annual ACFE global fraud conference

JUNE 21-26, 2020 • HYNES CONVENTION CENTER • BOSTON, MA
Register now at FraudConference.com/BOSTON

I’M A CFE
Deshietha Partee-Grier, CFE
Assistant Vice President -

Financial Crime Investigations
Unit at Deutsche Bank
Deshietha Partee-Grier, CFE,

says she lives by an Eleanor
Roosevelt quote: “Great minds
discuss ideas. Average minds
discuss events. Small minds
discuss people.” Deshietha
loves discussing ideas and the
interplay among her colleagues
as they fight money launder-
ing and other types of financial
crime. But work isn’t sufficient
for her. She mentors high school
girls when she’s not nurturing
her five children with her hus-
band and working on an MBA.
Interview by Emily Primeaux, CFE

Photo by Treymane Grier/Trey Grier
Signature Media
I was born in Chicago, Illinois,

and raised in Columbus, Ohio. I started my undergraduate relationships and an understand-
Growing up I enjoyed drawing, studies at Spelman College in ing of my obligation to be an
playing sports — basketball, vol- Atlanta, Georgia, and went on intellectual, creative and ethical
leyball and track — acting, writing to finish my degree in econom- leader. At The Ohio State Uni-
plays and poetry, and volunteer- ics at The Ohio State University. versity there was a strong sense
ing for youth programs. I wanted Spelman College embodied a of community and diversity that
to be a mathematician, I also sisterhood as an all-female HBCU I loved as well. The school spirit
wanted to start my own school [Historically Black College and brings everyone together regard-
and own a business. Universities]. I developed strong less of differences.

In my position at Deutsche Bank,
I lead a team of anti-money
laundering analysts and associ- When I started working in the industry,
ates in conducting investigations of I immediately sought resources that
international correspondent bank-
would help me build onto my knowledge
ing transactions — those between
banks globally. about how to detect and mitigate fraud
in banking. The ACFE was the first
I was seeking an opportunity resource that I found.
within banking that would have
a greater impact on the business
and our clients, after working in
the mortgage line of business, to detect and mitigate fraud in learn industry trends and tech-
when I discovered an excellent, banking. The ACFE was the first re- niques to fight fraud and help other
intriguing opportunity in Bank source that I found. Once I learned fraud-fighting professionals do
Secrecy Act/anti-money launder- about the resources that the ACFE the same. Educated professionals
ing [AML] regulatory review for U.S. offered, including the CFE creden- provide prevention and protection
Bank. I championed a variety of tial, I knew I needed to study to for our communities. I love observ-
business-critical initiatives for the become a CFE to have the neces- ing the sparks in our members’ eyes
prepaid cards’ business line while sary knowledge to do the best job during our training sessions when
leading a team of fraud and AML possible in fighting fraud. they learn new information and they
analysts in Jacksonville, Florida, become excited about putting what
and Minneapolis, Minnesota. The The CFE credential has allowed they have learned into action.
impact that we had on fighting me to be identified as someone
fraud and protecting the business, who takes fighting fraud seriously I remain very passionate about
our clients and external victims of and has the appropriate knowledge youth and the community. I
crime was more than fulfilling — it to lead others in the fight. mentor young high school ladies
was truly rewarding. What we were through two programs: Take Stock
doing in our investigations helped If you’re a budding fraud examin Children and The United Way.
to fight negative macroeconomic iner — and even if you’re not One of my mentees graduated as
impacts on our society, terrorist — join your local ACFE chapter the valedictorian of her class, and
financing and human trafficking. to gain up-to-date knowledge and another was the first in her family to
From there, I was locked in to training in the industry. You’ll also attend college after graduation. All
fighting fraud for life. I went on have the opportunity to network of my remaining time is dedicated
to lead teams in fighting fraud at with professionals who’ll help you to my lovely husband and our exu-
VyStar Credit Union and now within get off to a great start. Plan to berant five children — all of whom
financial crime investigations at obtain your CFE credential early on are my greatest rewards in life and
Deutsche Bank. and stay current on industry trends who I continue to strive to be the
and techniques.
best for. n FM
When I started working in the
industry, I immediately sought re- Being the president of, and being
Emily Primeaux, CFE, is assistant
sources that would help me build involved with, the Jacksonville editor of Fraud Magazine. Her email ad-
onto my knowledge about how Chapter of the ACFE helps me dress is: eprimeaux@ACFE.com.

ACFE NEWS
ACFE Foundation awards scholarships in 25th year

of Ritchie-Jennings Memorial Scholarship Program
The ACFE Foundation has awarded $55,000 “Thanks to my fellow committee For more information about the
to college and university students through members for their hard work in consider- Ritchie-Jennings Memorial Scholarship
the Ritchie-Jennings Memorial Scholarship ing all the applicants — Sharad Kumar, Program, visit ACFE.com/scholarship.
Program for the 2019-2020 school year. CFE, CQA; Mark F. Lukens, CFE, CFI; Nata- Students may apply for the 2020-2021
Each recipient also will receive a one-year sha Novikov, CFE, CPA, CFF; and Robert N. academic year in September of this year.
ACFE student membership. Sinclair, CFE. The ACFE presented these students
The ACFE Foundation, a nonprofit “And I thank Dinora Soto, the ACFE’s with the top seven awards:
entity, raises funds to support the schol- higher education program coordinator,”
arship program for the education of says Schwoebel. “We couldn’t have done $10,000:
Yelesina
students worldwide who have an interest our work without her great organizational Hernandez,
in pursuing a career in fraud examina- skills.” University of
tion or similar fields. Candidates must be ACFE President and CEO Bruce Dor- Houston
enrolled in accounting, business adminis- ris, J.D., CFE, CPA, says the ACFE Foun- Yelesina Hernan-
tration, finance or criminal justice higher- dation is grateful to the members and dez’s passion to
pursue a career
education programs. ACFE chapters and generous ACFE chapters who contribute
in fraud exami-
ACFE members also help underwrite the to the scholarship program. “As we enter
nation began,
scholarships with donations. Also, royal- our 26th year of this amazing scholarship she says, when she attended a workshop
ties from books written by ACFE founder program, we’re so thankful to our gener- hosted by the CIA that discussed the im-
and Chairman Dr. Joseph T. Wells, CFE, ous members and chapters who want to portance of forensic accounting and fraud
CPA, help fund the scholarships. make sure that we support budding fraud examination in many CIA assignments.
An independent board of direc- examiners for decades to come. Dur- Since the workshop, Hernandez has
ing that time, contributions from ACFE worked hard to find opportunities to learn
tors manages the ACFE Foundation. Its
about fraud examination from profession-
members include: Vincent Walden, CFE, members have enabled the Foundation
als in the field.
CPA, chairman; Charles Washington, CFE, to distribute approximately $800,000 to She co-founded the University of
CICA, CPP, vice chairman; Vice President nearly 600 deserving students. Houston (UH) ACFE student chapter (of
and General Counsel John Warren, J.D., “Dr. Joseph T. Wells, CFE, CPA, the which she is the IT and communications
CFE, secretary; ACFE Controller Jeannie ACFE’s founder and Chairman, knew the officer), has attended Houston ACFE
Kwong, CFE, CPA, treasurer; and Vice Pres- ACFE and its members had to heartily Chapter luncheons and volunteered at the
ident and Chief Operating Officer Jeanette support prospective CFEs to ensure the chapter’s annual convention.
Hernandez maintains a 4.0 GPA as
LeVie, CFE, assistant treasurer. profession would thrive. So, he began
she earns bachelor’s and master’s degrees
The ACFE Scholarship Committee the Foundation and the Ritchie-Jennings
in the UH Professional Program in Ac-
reviews scholarship applications and rec- Memorial Scholarship to not only help countancy. She’s active in the Hispanic
ommends recipients to the ACFE Founda- replace retiring CFEs but multiply their Business Student Association at UH. Fol-
tion Board of Directors. numbers. Communities around the world lowing her studies, Hernandez says she’s
“We’re glad that the Ritchie-Jennings have been the benefactors,” Dorris says. interested in pursuing opportunities in
Memorial Scholarship Program has been The ACFE’s Board of Regents voted Ernst and Young’s Forensic and Integrity
Services group. She then would like to
so helpful to scores of students in the last to name the scholarship program the
move into a position at CIA headquarters
quarter century,” says Ryan Schwoebel, Ritchie-Jennings Memorial Scholarship
fighting fraud as a forensic accountant.
CFE, chair of the ACFE Scholarship Com- in 1998. Tracy Ritchie, CFE, and Larry Jen- Hernandez’s recommendations for the
mittee at the time of the judging. “Our ap- nings, CFE, CPA, were killed Nov. 12, 1997, Ritchie-Jennings scholarship laud her
plicant pool was outstanding. The future in Karachi, Pakistan, when terrorists fired initiative, leadership, advocacy and
of the profession is bright. on their vehicle during a business trip. commitment.

A network of
$5,000: Marie Rice, CFE,
West Virginia University
Marie Rice maintains a 3.77 GPA
industry peers,
as she pursues her doctorate in
accounting. Her participation
training their teams to
at Gonzaga University’s Justice
for Fraud Victims Project (JFVP)
influenced her decision to earn a Ph.D. and teach
future anti-fraud professionals in higher education.
fight fraud.
Rice received multiple awards for her work with the
JFVP, including the Chief’s Citizen Award from the CollaboratinG
Spokane Police Department.
She was a 2010 recipient of the ACFE’s Out-
with each other to share
standing Achievement in Outreach/Community
Service Award. Rice also helped form the ACFE
Spokane chapter.
best practiceS.
B u i l d i n g s o l u t i o n s.
T o g e t h e r.
$5,000: Daniel Luna, George
Mason University
Daniel Luna says he’s had a
strong interest in accounting
long before college, where he’s
earning a master’s degree in the
field. He maintains a 3.93 GPA
while also volunteering as a student member of the
Virginia Society of CPAs (VSCPA). He’s also a mem-
ber of Tau Sigma National Honor Society.
After graduation, Luna says wants to earn the
CFE credential and CPA license and work in forensic
accounting with a public accounting firm.
$5,000: Ethan Howard,

University of Tennessee at
Chattanooga
Ethan Howard says he’s been
interested in fraud fighting and
forensics since he was 15. His
involvement in the Sumner
County Teen Court during high school helped nur-
Group Membership.
ture and cultivate his interest to learn more about Discounted Anti-Fraud Training.
the legal system and pursue an anti-fraud career, he Executive Roundtables.
says. He’s a junior with a major in accounting and
ACFE.COM/CORPORATE
ACFE NEWS
a minor in criminal justice. A mid-size been interested in how financial institu- Steven Shannon works as a special agent
public accounting firm has offered him tions help prevent or end illicit activities, with the U.S. Secret Service and maintains
a litigation support/fraud and forensics such as human trafficking. a 3.98 GPA as he pursues a master’s degree
internship. She works as a financial intelligence in criminal justice at the University of
Howard is a crime analyst intern with analyst with Lone Star National Bank in Wisconsin-Platteville. At the Secret Ser-
the Chattanooga Police Department. He Texas along the southwest border. Her vice, Shannon has investigated complex
says he’s developed connections within role requires her to do extensive research wire, bank and credit card fraud cases. He
on high-risk accounts to identify any previously worked as a municipal police
law enforcement and the legal system
questionable patterns or trends that could officer for more than a decade.
while learning about various crimes.
point to illegal activity. Shannon says he derives professional
Howard says his ultimate career goal
Algasem has interned with the fulfillment from ensuring justice for ev-
is to work for the FBI as a forensic accoun-
U.S. federal probation office where she eryday citizens and businesses. His duties
tant and eventually become the FBI direc- assisted in writing pre-sentence investiga- are split between investigative work and
tor. After graduation, he says he plans to tion reports and follow-up evaluations on protective duties. He says his goal is to
work in public accounting in the forensics offenders who committed offenses rang- become a CFE and pursue a full-time fraud
field or go straight to the FBI while obtain- ing from white-collar crimes to sexual investigation position. Shannon says he’d
ing his CPA license and CFE credential. assault. Her investigative training during also like to teach future law enforcement
her internship, she says, helped her obtain professionals part time.
$5,000: Hannah her current position as a financial intelli-
Algasem, Boston gence analyst and set her on a career path $2,500: Alison Parker, Met-
University in white-collar crime and cybersecurity.
ropolitan State University
Hannah Algasem’s
Alison Parker says a former
academic background $2,500: Steven Shannon,
professor’s “contagious”
is in criminology, but University of Wisconsin-
she says she’s always passion for fighting fraud led to her anti-
Platteville fraud career interests. She’s pursuing a
FRAUD
CONFERENCE
SAVE C A N A D A
October 20-23, 2019 | Montreal
THE
DATE
Visit68 FraudConference.com/Canada
FRAUD MAGAZINE JULY/AUGUST 2019 to learn more.
FRAUD-MAGAZINE.COM
master’s degree in accounting and is a stu- The ACFE presented each of these Stephen Cox, Texas A&M
dent member of the ACFE and the ACFE students with a $1,000 scholarship: University-Corpus Christi
Colorado Chapter. Parker maintains a 3.69 Stephen Cox works as a detective
GPA and has received awards, including Samantha Brooks, with the narcotics division of a municipal
the National Engaged Leader Award from ork University police department. He maintains a 4.0
the National Society of Leadership & Samantha Brooks is pursuing GPA as he pursues a master’s degree in
Success. a master’s degree in accounting. She’s accounting. He says he’s planning to retire
After graduation, Parker says she interned for the FBI and is interning this from police work and transition to a career
plans to pursue the CFE credential in the summer for PricewaterhouseCoopers as in private-industry forensic accounting or
a forensic consultant. Brooks maintains fraud investigation.
fall of 2021. Her career goal, she says, is to
work as a forensic accountant with Colo- a 3.57 GPA. She says her ultimate goal is Colin Haynes, Western Gover-
to be a forensic accountant for the U.S.
rado’s Office of the Attorney General.
federal government. Colin Haynes is pursuing a
Stafford Baum, bachelor’s degree in accounting. He’s
$2,500: Matthew Mitchell,
Georgia Southern University worked for the Las Vegas Metropolitan
Old Dominion University Police Department as a senior finan-
Stafford Baum is pursuing bach-
Matthew Mitchell maintains elor’s and master’s degrees in accounting. cial intelligence analyst. He says he’ll
a 3.63 GPA as he pursues a He’s an officer for his university’s ACFE be earning his CPA license. He has a
master’s degree in accounting. He was student chapter. He maintains a 3.51 GPA. 3.0 GPA.
an audit intern with BDO in Norfolk, Vir- He says he hopes to work at a local CPA Claudia Munoz, Florida Atlantic
ginia, which hired him as an audit associ- firm with a forensic accounting practice. University
ate. He’s a member of the ACFE Hampton Annissa Steiner, Embry-Riddle Claudia Munoz is studying
Roads Chapter and the IIA Tidewater Aeronautical University forensic accounting and business valua-
Chapter. Annissa Steiner is studying fo- tion with a 3.94 GPA. She says she plans
Mitchell also served as the vice rensic accounting and fraud examination. to earn the CFE credential and the CPA
president of the Managerial Auditing She says she plans to pursue a master’s in license, become a forensic accountant in
and Accounting Club, plus the ACFE accounting, the CFE credential and CPA the private sector and eventually open a
and IIA student chapters. He’s pursuing license, and then a career in internal audit public accounting and fraud examination
the CFE credential, CPA license and CIA in the aeronautical industry. Steiner has a practice.
4.0 GPA. Trent Williams, Penn State
designation.
Rashae Hart, University
St. Mary’s University Trent Williams is earning a mas-
$2,500: Emily Taylor,
Embry-Riddle Aeronautical Rashae Hart is pursuing a ter’s degree in accounting and maintains
University bachelor’s degree in commerce with an a 3.9 GPA. He interned for the Office
intended declared major in finance. She of the County Controller of Schuylkill
Emily Taylor’s job as a U.S.
says she intends to pursue a master’s de- County, where he worked on internal
Army intelligence analyst inspired
gree in either forensic accounting or fraud audits, the first “simple pension” form
her to pursue forensic accounting and
examination. She has a 4.0 GPA and has report and the 2017 “friendly understand-
fraud examination. She’s studying made the dean’s list. able financial statement.” Williams is a
accounting and has maintained a 3.58 Jaron Patterson, University of member of the Beta Gamma Sigma Honor
GPA. Taylor’s goal is to be an internal Tennessee at Chattanooga Society and treasurer of Penn State Uni-
auditor for a major corporation such as versity’s Corporate Control and Analysis
Jaron Patterson, CFE, is earning
Amazon or Google. After graduation, Club. He says he plans to earn the CFE
an MBA. He has a 4.0 GPA. Patterson
Taylor wants to earn an MBA, the CFE credential and the CPA license, and work
works in the University of Tennessee
crednetial and the CPA license. She’s a for a government agency.
Police Department’s FBI Cyber Task Force.
member of the ACFE and the student
He says his goal is to be an FBI special agent.
chapter at Embry-Riddle.

BOOKS AND MANUALS
Build your anti-fraud library with books and manuals written by
anti-fraud experts. Visit ACFE.com/books.
NEW ONLINE FORMAT!

NEW!
FRAUD EXAMINERS MANUAL
Your Essential Resource as an Anti-Fraud Professional. The Fraud Examiners
Manual is the definitive body of knowledge for the anti-fraud profession, providing
comprehensive guidance for anti-fraud professionals that no other work can match.
The Fraud Examiners Manual is now available online. With online access,
the Fraud Examiners Manual is more accessible and useful than ever.
Benefits of Online Access Include:
• Real-Time, Ongoing Content Updates — Access the most up-to-date
anti-fraud information available.
• Access to Both U.S. and International Editions — View the content that is pertinent to your situation, but have the option to
change editions when your needs change.
• Optimized for Multiple Devices — Access the Fraud Examiners Manual on all your internet-connected devices.
The Fraud Examiners Manual:

• Describes hundreds of fraud schemes
• Reviews legal principles involved with prosecuting fraudsters
• Provides tools and techniques for gathering information and evidence when investigating fraud
• Explores why people commit fraud and what can be done to prevent it
• Contains a sample fraud examination report, a fraud examination checklist, and sample engagement and advisory letters
$ 119.20 - $ 239.20
$149-$299 Non-Members
NEW! BEST SELLER! BEST SELLER!

International Fraud Handbook Fraud Risk Management Guide The Manual to Online Public
By Dr. Joseph T. Wells, CFE, CPA Research commissioned by the Committee of Records, Fourth Edition
Hardcover, 389 pages Sponsoring Organizations of the Treadway By Cynthia Hetherington, CFE, and Michael
Commission (COSO) and Co-Sponsored by Sankey
Discover anti-fraud strategies that will help the ACFE
you navigate the complexities of transnational Paperback, 130 pages Paperback, 650 pages
activities. Learn how to create a comprehensive fraud risk Discover techniques to find detailed information
management program for your organization. on people and businesses.
$ 59.20 /$74 Non-Members 16.00 /$20 Non-Members
$ 59.20 /$74 Non-Members $
ACFE.com/books
SELF-STUDY COURSES
Expand your anti-fraud knowledge with our comprehensive,
NASBA-compliant self-study CPE courses. Visit ACFE.com/selfstudy.
WORKBOOK SELF-STUDY Anti-fraud training in digital or print editions

BEST SELLER!
Consumer Fraud Fighting Fraud in the Introduction to Fraud
Consumer Fraud will provide you Government Examination
with resources and remedies to Government entities fall victim This course covers the basics of
detect, deter, report and prevent to every conceivable kind of fraud examination by focusing on
consumer fraud schemes— scheme. This course focuses on the major areas including criminol-
enabling you to better protect strategies to prevent, detect and ogy and ethics, legal elements of
yourself and your community investigate government fraud, fraudulent financial transac-
CPE from becoming victims. CPE fraud schemes. CPE tions and fraud investigation.
10 20 24
$ 159.20 $ 199.20 $ 216.96
$199 Non-Members $249 Non-Members $269 Non-Members
ONLINE SELF-STUDY Get immediate, 24/7 access to premier anti-fraud training
CPE CPE CPE

4 4 2
BEST SELLER! BEST SELLER!

Data Analysis Techniques for Interviewing Witnesses and Alternative Currencies and Fraud
Fraud Examiners Suspects In this course, you will learn about the rapidly
Using interactive examples to illustrate This course offers an introduction to interviewing expanding world of alternative currencies and
simple analysis techniques, this course will by examining the entire interview process and their associated fraud schemes. Topics include
teach you the basics of using data analysis provides helpful tips to make your next interview cryptocurrencies, blockchain, ransomware and
to uncover fraud. successful. many others.
$ 135.20 /$169 Non-Members $ 159.20 /$169 Non-Members $ 71.20 /$169 Non-Members
NANO LEARNING 10-minute explorations of anti-fraud topics
CPE CPE CPE

0.2 0.2 0.2
NEW! NEW! NEW!

Interviewing Dos and Don’ts What is Blockchain? Signs of Deception
In this course, you will learn several basic strat- In this course, you will gain a basic understand- In this course, you will learn indicators of decep-
egies that can enhance the effectiveness of an ing of what blockchain is and discover some of tion in written or verbal statements that you can
interview, as well as pitfalls to avoid. its possible business and anti-fraud applications. use when evaluating statements.
$ 8.80 /$11 Non-Members $ 8.80 /$11 Non-Members $ 8.80 /$11 Non-Members
= This course fulfills the annual ethics CPE requirement for CFEs. For more information on ACFE self-study courses including refund and ordering policies,
fields of study, learning objectives and course levels visit ACFE.com/selfstudy.
CPE QUIZ No. 145 (July/August 2019, Vol. 34, No. 4)
The Fraud Magazine CPE quizzes are now available 5. According to the article, “Dark world of oil theft and fraud”:
online only. Please visit ACFE.com/FMQuiz or view A. “Oil theft is a widespread problem that harms countries
around the world. The scale of the issue, however, remains
the CPE Quiz form on the next page for more widely unknown.”
information on how to earn your 10 CPE. B. “Oil fraudsters commit their crimes primarily in South
Africa.”
C. “Most oil theft results from bribery of officials.”
1. According to the opening case in the article, “Keep ahead D. “Oil fraud and theft decreases world GDP by $22 billion
of fluid global anti-fraud regulations,” Kumar: each year.”
A. Successfully completed his due diligence and acquired Pre-
vio Industries with no problems. 6. According to the article, “Dark world of oil theft and fraud,”
the first and most pivotal step in tackling the problem of
B. Acquired Previo Industries and commenced to devise an downstream oil theft is to recognize how pervasive and
embezzlement plan.
pernicious the problem is.
C. Shouldn’t have relied on the due diligence Intrazio conduct-
A. True.
ed a few years earlier as a bulletproof indicator of Previo’s
present standing. B. False.
D. Didn’t acquire Previo Industries because he discovered
7. According to the article, “Bad leaders? Increased fraud,”
numerous red flags. workplace detachment can lead to:
2. According to the article, “Keep ahead of fluid global anti- A. Lost market share.
fraud regulations,” standards across the globe are fast B. Revenue loss.
converging to the “ethics and value” phase of governance. C. Higher overall employee turnover.
A. True. D. All of the above.
B. False.
8. According to the article, “Bad leaders? Increased fraud”:
3. According to the article, “Fear not the breach!” Theresa A. A Workplace Foundation survey reports an 18% increase in
Payton said: organization pilfering in 2018.
A. “Organizations aren’t bulletproof. They have to assume B. Bad Tone at the Top alone can’t explain workplace dis-
that cybercriminals will breach them.” sonance.
B. “As CIO at the White House, I had to protect data on C. Poor leadership is a contaminant originating upstream in
multiple fronts.” the work environment.
C. “Here’s the challenge: lock down gaps in your organization D. Emotional intelligence arises in the neocortex.
but don’t devalue your employees.”
D. “When you’re in the middle of a breach, what you do will 9. According to the article, “Global fraud is the same — legal
define your reputation for years to come.” systems aren’t”:
A. The majority of legal systems aren’t secular systems.
4. According to the article, “Fear not the breach!” Theresa
Payton said: B. Common law has its roots in ancient Roman law.
A. “A communication plan needs to focus on when you need to C. Most common-law countries use adversarial proceedings.
disclose publicly to your employees, board, third-party ven- D. Judges play extremely crucial roles in civil law systems.
dors, regulators and — most importantly — your customers.”
B. “Your cybersecurity playbook is only as good as the latest 10. According to the article, “Global fraud is the same — legal
ransomware fix this week.” systems aren’t,” evidence is anything that tends to prove or
C. “You have to maintain close daily relationships with your disprove some claim or assertion.
IT crew.” A. True.
D. “Devise a breach response team now and make sure it B. False.
meets weekly with a robust agenda.”
DO NOT SUBMIT THIS FORM. Log in to your My Transactions page after purchasing the Fraud Magazine Quiz
! set to submit your answers or record your answers on the answer sheet and submit online when you are ready.

CPE QUIZ
Kylie Ting, University of Texas at Austin The Fraud Magazine CPE Quiz has moved to an online self-
Kylie Ting plans to graduate with bachelor’s study format, making it easier for CFEs to earn 10 ACFE
and master’s degrees in accounting and earn- (non-NASBA) CPE. CFEs can earn 10 CPE by taking quizzes
ing the CFE credential and the CPA license. She has a online after reading featured articles in Fraud Magazine.
3.84 GPA. Ting says she wants to be a forensic auditor
with the U.S. Government Accountability Office.
Michael Gillen, Villanova University
Michael Gillen is a finance and accounting
Visit ACFE.com/FMQuiz and follow the steps below:
double major with a 3.8 GPA. He says anti-
fraud professionals, including professors and his fa- 1. Select the Online Fraud Magazine CPE Quizzes by year
ther, have influenced him. He serves on the executive from the dropdown*.
board and is an ambassador at the Villanova School
of Business, and is an active member of the Villanova 2. Click the “Add to Cart” button and complete the
Mergers and Acquisitions Society. Gillen says he plans checkout process.
on pursuing the CFE credential, the CPA license and
the Certified Financial Planner certification. 3. Read featured articles in Fraud Magazine that corre-
Haley West, Wake Forest Business School spond to the year of the quiz set you purchased.
Haley West is pursuing an MBA and main-
tains a 3.7 GPA. She says she plans to focus on 4. Access your quiz set by logging into your ACFE.com
developing business theory as it relates to organiza- account, clicking on the “My Transactions” tab and
tional psychology and its effects on employee fraud. clicking on the quiz set you purchased.
West is a member of SynerG, a young professional’s
group; the ACFE; AICPA; and the North Carolina Asso- 5. Pass 5 of 6 quizzes with a score of 70% or higher and
ciation of CPAs. West says she’d like to earn a doctor- receive your CPE certificate instantly via email.
ate in a management program and work for the FBI.
Claire O’Brien,
The Catholic University of America
For more information, please review the “CPE Info”
Claire O’Brien is pursuing a bachelor’s in
accounting with a minor in finance. After graduation, and “FAQs” tabs or contact a representative:
she says she plans on earning the CPA license, becom-
MemberServices@ACFE.com
ing a forensic accountant and working at one of the
Big Four accounting firms. O’Brien has a 3.41 GPA. (800) 245-3321 / +1 (512) 478-9000
Eric Ingwerson, Montana State University Secure online chat service
Eric Ingwerson is studying accounting. He
says he plans to pursue a career in internal
audit, a master’s degree in professional accounting,
the CFE credential and the Certified Internal Auditor
*Quizzes will be added to the current year’s set as issues of Fraud Magazine are published.
certification. Eric has a 3.15 GPA. CPE can only be obtained from the current year’s quizzes after the fifth quiz is made available
Crystal Balderas, in September.
Texas A&M University-Kingsville Please Note: The Fraud Magazine CPE Service CPE credits apply only to the CFE status and
not to any other professional designations. Fraud Magazine CPE is not registered with the
Crystal Balderas is studying accounting. She National Association of State Board of Accountancy (NASBA).
says she wants to pursue the CPA license and be an
The ACFE collects and stores your personal data in the U.S. to provide member services and
FBI special agent. After college, Balderas says she fulfill transactions requested by you. For a full explanation of your rights regarding how we
store and use your data, visit ACFE.com/privacy-policy.aspx.
plans on working at a bank. She has a 3.03 GPA. n FM
Calendar of Events
ADVANCE YOUR CAREER WITH

TRAINING FROM THE GLOBAL LEADER
IN ANTI-FRAUD EDUCATION.
ACFE.COM/TRAINING
JULY 2019 AUG CFE EXAM REVIEW COURSE SEP CFE EXAM REVIEW COURSE
5 San Francisco, CA 16 Washington, D.C.
JUL DETECTING FRAUD WITH DATA August 5-8 | CPE: 32 September 16-19 | CPE: 32
22 ANALYTICS WORKSHOP
Minneapolis, MN BRIBERY AND CORRUPTION
AUG CFE EXAM REVIEW COURSE SEP
July 22-24 | CPE: 24
19 Chicago, IL 19 London, U.K.
August 19-22 | CPE: 32 September 19-20 | CPE: 16
+ COMBO COURSE
JUL BUILDING YOUR FRAUD FRAUD RISK MANAGEMENT
SEP
29 EXAMINATION PRACTICE 23 Los Angeles, CA
Philadelphia, PA September 23-24 | CPE: 16
July 29 | CPE: 8
SEP
2019 ACFE FRAUD CONFERENCE
CONTROLLING THE RISK OF
JUL + COMBO COURSE 25 ASIA-PACIFIC
30 ASSET MISAPPROPRIATION
DETECTING FRAUD THROUGH Singapore
Philadelphia, PA AUG
September 25-27 | CPE: 4-20
July 30-31 | CPE: 16 26 VENDOR AUDITS
Washington, D.C.
August 26 | CPE: 8
JUL CFE EXAM REVIEW COURSE
29 Denver, CO AUG UNCOVERING FRAUD WITH
July 29-August 1 | CPE: 32 27 FINANCIAL AND RATIO ANALYSIS
Washington, D.C.
August 27-28 | CPE: 16
AUGUST 2019 OCTOBER 2019
AUG CONDUCTING INTERNAL + COMBO COURSE
1 INVESTIGATIONS SEPTEMBER 2019
OCT UNDERSTANDING THE MINDSET
Columbia, SC + COMBO COURSE 2 OF A FRAUDSTER
August 1-2 | CPE: 16 CONTRACT AND PROCUREMENT
SEP Tampa, FL
9 FRAUD October 2 | CPE: 8
+ COMBO COURSE Chicago, IL
AUG DETECTING FRAUD THROUGH September 9-10 | CPE: 16 OCT TRACING AND RECOVERING
5 VENDOR AUDITS 3 FRAUD LOSSES
New York, NY SEP CONTRACT AND PROCUREMENT Tampa, FL
August 5 | CPE: 8 11 FRAUD WORKSHOP October 3-4 | CPE: 16
Chicago, IL
AUG BRIBERY AND CORRUPTION September 11 | CPE: 8
6 New York, NY
August 6-7 | CPE: 16
For information or to register, visit ACFE.com/training

2019 ACFE FRAUD CONFERENCE CANADA
October 20-23, 2019 | Montreal, QC
Join more then 250 leading anti-fraud professionals for the 2019 ACFE Fraud
Conference Canada taking place in Montreal, October 20-23.
Register by September 20 to SAVE CAD 150!
FraudConference.com/Canada
OCT FRAUD RISK MANAGEMENT + COMBO COURSE NOV BRIBERY AND CORRUPTION
7 Cleveland, OH OCT LEGAL ELEMENTS OF FRAUD 21 Sacramento, CA
October 7-8 | CPE: 16 30 EXAMINATION November 21-22 | CPE: 16
Baltimore, MD
+ COMBO COURSE October 30 | CPE: 8
OCT INFLUENTIAL AND PERSUASIVE
16 PRESENTATION TECHNIQUES OCT PROFESSIONAL INTERVIEWING
Dallas, TX 31 SKILLS
October 16 | CPE: 8 Baltimore, MD
October 31-November 1 | CPE: 16
OCT AUDITING FOR INTERNAL FRAUD DECEMBER 2019
17 Dallas, TX
October 17-18 | CPE: 16 + COMBO COURSE
NOVEMBER 2019 DEC INVESTIGATING CONFLICTS OF
OCT FRAUD RISK MANAGEMENT NOV CFE EXAM REVIEW COURSE 9 INTEREST
17 SUMMIT 4 Austin, TX Las Vegas, NV
New York, NY November 4-7 | CPE: 32 December 9 | CPE: 8
October 17 | CPE: 8
NOV 2019 ACFE LAW ENFORCEMENT DEC CYBERFRAUD AND DATA
7 AND GOVERNMENT ANTI-FRAUD 10 BREACHES
SUMMIT Las Vegas, NV
Washington, D.C. December 10-11 | CPE: 16
November 7 | CPE: 8
DEC ADVANCED FRAUD EXAMINATION
OCT 2019 ACFE FRAUD CONFERENCE NOV CONDUCTING INTERNAL 9 TECHNIQUES
20 CANADA 7 INVESTIGATIONS Austin, TX
Amsterdam, Netherlands December 9-11 | CPE: 24
Montreal, QC
October 20-23 | CPE: 4-24 November 7-8 | CPE: 16
CFE EXAM REVIEW COURSE

+ COMBO COURSE
OCT
21 New York, NY NOV CONTRACT AND PROCUREMENT
October 21-24 | CPE: 32 18 FRAUD
Nashville, TN
OCT INVESTIGATING ON THE INTERNET November 18-19 | CPE: 16
28 Seattle, WA
October 28-29 | CPE: 16 NOV CONTRACT AND PROCUREMENT
20 FRAUD WORKSHOP
Nashville, TN
November 20 | CPE: 8
+ COMBO COURSE Register for both events and SAVE!
For information or to register, visit ACFE.com/training

BACK COVER

Fraud Magazine July - August 2019 PDF

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Fraud Magazine July - August 2019 PDF

Загружено:

Авторское право:

Доступные форматы

fluid global anti-fraud dark world of oil bad leaders yield worldwide legal medical identity

regulations P. 18 theft and fraud P. 32 increased fraud P. 40 systems P. 46 theft P. 52

VOL. 34 | NO. 4 | JULY/AUGUST 2019

FEAR NOT The Breach

Smarter tech necessitates Read more Fraud

smarter fraud examiners

FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 3

Cybersecurity expert Theresa Payton

40 Bad Leaders? Increased Fraud

Keep ahead of fluid global Bad leaders? Increased fraud

4 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

FROM THE PRESIDENT AND CEO RX FOR FRAUD Contributing Writers

By Emily Primeaux, CFE 64 Fraud Magazine (ISSN 1553-6645) is published bimonthly

Postmaster — Please send address changes to:

FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 5

N.Y. mail scams steals $30 million from elderly

— Compiled by Randi Zimmer, CFE

6 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

CFE Exam Review Course

INSTRUCTOR-LED San Francisco, CA New York, NY

and clear away the distractions.

Learn more or register online today at ACFE.com/CFEreview.

Practice makes imperfect

8 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

RELIABLE INVESTIGATIVE DATA FIND OUT WHO FAST

Targeted Data to Locate Subjects,

Come By Our Booth to See How It

For information contact:

salaries if their debt to the practice

of the 21st Century Deeper than just lost revenue

$135.20 Members / $169 Non-Members

ENHANCED EXPANDED CONFIDENTIALITY COLLABORATION

To learn more about the HFPP, visit go.cms.gov/HFPP

2018 FTC numbers paint

Y ou start receiving col-

Identity Theft Other

12 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 13

14 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

Romance fraud, cryptocurrency risks

FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 15

16 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

Takeaways for fraud examiners

FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 17

The compliance landscape forever shifted after the Enron and

FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 19

20 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

A helping hand in the face of disruption.

Welcome to Status Go.™

and implement corrective and preventive

22 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

Write your cybersecurity playbook now

Theresa Payton says don’t wait until you’re

Develop a playbook so everybody knows their roles. Practice digital disasters.

In June 2015, the U.S. Office of Personnel Manage-

FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 25

26 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 27

Keesing Documentchecker FRE

28 FRAUD MAGAZINE JULY/AUGUST 2019 FRAUD-MAGAZINE.COM

this,” but just in case they do,

Payton: First off, remember

FRAUD-MAGAZINE.COM JULY/AUGUST 2019 FRAUD MAGAZINE 29