Wednesday, 26 November 2008

"Underground" online economy is flourishing

While growth in the real economy is being hit hard by the global credit crisis, there appear to be no signs of a recession in the "underground" online economy, which is flourishing with millions of pounds being exchanged to buy stolen goods and "fraud-related services".

These are the findings of online security firm, Symantec's Report on the Underground Economy, which it compiled based on data gathered by its Security Technology and Response (STAR) organisation, from underground economy servers between July 1, 2007 and June 30, 2008.

According to Symantec, the potential value of total goods advertised in the "underground" online world was more than £184 million ($276 million). No prizes for guessing what was the most popular item for sale, and no it was not a Nintendo Wii or an iPhone but stolen credit card details.

Symantec said that credit card information accounted for 31% of the total goods for sale and that the potential worth of all credit cards advertised during the reporting period was £3.53 billion ($5.3 billion).

"The popularity of credit card information is likely due to the many ways this information can be obtained and used for fraud; credit cards are easy to use for online shopping and it’s often difficult for merchants or credit providers to identify and address fraudulent transactions before fraudsters complete these transactions and receive their goods," said Symantec. "Also, credit card information is often sold to fraudsters in bulk, with discounts or free numbers provided with larger purchases."


Stolen bank account information (20% of total goods advertised) was the second most popular item for sale with prices ranging from £6.50 ($10) to £650 ($1,000). According to Symantec's report, most of the underground activity was hosted by North American (45% of the total) servers, followed by EMEA on 38%. Asia Pacific was only 12% and Latin America 5%. "The geographical locations of underground economy servers are constantly changing to evade detection," said Symantec.

Friday, 21 November 2008

Tips for avoiding mortgage fraud

In the third part of our series on mortgage fraud, Anthony Riem, a specialist in multi-jurisdictional frauds and asset recovery with PCB Litigation, outlines the warning signs brokers should look for to detect mortgage fraud.

Some of the more obvious warning signs include the following:

  • Documents provided in support of an application such as bank statements, utility bills and passports that appear to be forgeries.

  • Income or employment details which are not supported by documentation supplied by the customer.

  • Inconsistent information provided by the same customer, i.e. various applications made with different incomes/details either to the same lender or lenders within a group.

  • Links with other applicants where fraud is suspected, for example shared addresses, purchases on same development, identical loan amounts etc.

  • Links between different mortgage applicants, for example shared bank accounts, and addresses.
  • Applications cancelled when further information/verification is requested.

The Law Society’s Practice Note on Mortgage Fraud also suggests the following warning signs:

  • The customer or the property being purchased is located a long distance from your firm. If bulk long distance instructions are not in your normal work, you may ask why they chose your firm, especially if they are a new customer.

  • The customer seems unusually uninterested in their purchase. You should look for other warning signs suggesting they are not the real purchaser

  • The seller is a private company or they have recently purchased the property from a private company. You should consider whether the office holders or shareholders of the private company are otherwise connected with the transaction you are undertaking, and whether this is an arms length commercial transaction.

  • The customer does not usually engage in property investment of this scale. You should ask why they are undertaking this new venture and where they are getting the financial backing from.

  • The current owner has owned the property for less than six months. You should ask them to explain why they are selling so quickly.

  • The customer's credit history is shorter than you would expect for their age, when you run a credit check. Fraudsters will often run a fake identity for a few months to give it legitimacy. You should ask your customer about this.
  • There are plans for a sub-sale or back-to-back transactions. You should ask your customer why they are structuring the transaction this way and seek information on the identities of the second purchaser, their solicitor and the lender.
  • The property value has significantly increased in a short period of time out of line with the market in the area.
  • The mortgage is for the full property value. While this is less likely in tighter credit conditions, you should consider it in light of the other warning signs.
  • The seller or developer has provided incentives, allowances or discounts. These may include cash back, free holidays, household fittings, payment of legal fees, help with mortgage repayments or rental guarantees, among others. You should consider whether this information has been properly disclosed to the lender.
  • The deposit is being paid by someone other than the purchaser. You should ask why, where the money is coming from, and whether this information has been properly disclosed to the lender.
  • The purchaser has paid the deposit directly to the seller. You should ask for evidence of the payment and consider whether this information has been properly disclosed to the lender.
  • There is money left over from the mortgage after the purchase price has been paid, and you are asked to pay this money to the account of someone you do not know, or to the introducer. You should ask why, and remember that you must not use your customer account as a mere banking facility.
  • You are asked to enter a price on the title that is greater than you know was paid for the property. You should ask why the prices are different.
What else can a Broker do?

The first and perhaps most important step in combating mortgage fraud is to ensure that you verify the identity of your customers in accordance with the Money Laundering Regulations 2007. This is particularly important in relation to applications received over the internet. Brokers should not act for customers who are unable or unwilling to produce sufficient proof of identity.

Thursday, 20 November 2008

The implications of mortgage fraud for brokers

In the second of our third-part series on mortgage fraud, Anthony Riem, a specialist in multi-jurisdictional frauds and asset recovery with PCB Litigation, outlines the implications for brokers who can easily get caught up in fraudulent applications.

An individual who intends to commit a mortgage fraud will generally seek to involve one or more professionals in the fraud to provide the transaction with an air of legitimacy in the eyes of the lender. Brokers may therefore find themselves targets of the fraudster.

Fraud is defined in the UK Fraud Act 2006 as including fraud by false representation and by failure to disclose information where there is a legal duty to disclose. A broker who makes representations to a lender on behalf of a customer may therefore find himself unwittingly committing a criminal offence if he has reason to believe that the representations being made might be misleading or untrue.

Proceeds of mortgage fraud are criminal property. Under Section 328 of the Proceeds of Crime Act 2002, a broker may commit a money laundering offence by being involved in an arrangement that facilitates the acquisition of criminal property. Where a broker has knowledge or suspicion that a customer intends to use him to perpetrate a mortgage fraud on a lender he may avoid liability by refusing to undertake the work.


Alternatively, if the broker decides to proceed with the application in such circumstances, his only defence to a money laundering offence (under s.338) would be to make the appropriate disclosure to the Serious Organised Crime Agency (‘SOCA’). If nothing further is heard from SOCA within seven days of making the disclosure then the broker may proceed with the transaction safe in the knowledge that he has a defence to any possible money laundering offence.

If, however, consent is withheld within the initial seven day period, then the authorities will have a further 31 days in which to take further action. No further steps may be taken by the broker during this period. If upon the expiry of the 31 day period nothing further has been heard, then the broker may proceed with the transaction once again safe in the knowledge that he has a defence to any possible money laundering offence.

The broker must not tell the customer (or any other person for that matter) that a disclosure concerning them has been made to SOCA. This may be difficult whilst applications are delayed pending SOCA’s consent, but to do otherwise will result in the broker committing a ‘tipping off’ offence under Section 333.

The Financial Services Authority operates a system with lenders under which they can confidentially pass to a Mortgage Intelligence helpline at the FSA details of loan applications received from brokers which they suspect to be fraudulent. The information received may be the catalyst for an investigation by the FSA. This is turn may result in proceedings of the nature of those brought against Mr Fawole and Oasis.

Finally, a broker may face the prospect of civil proceedings being brought against him by a defrauded lender.

In our next installment on mortgage fraud we will tackle the warning signs brokers should look out for.

Wednesday, 19 November 2008

Regulators clamp down on mortgage fraud


In the first of a three part series, Anthony Riem, a specialist in multi-jurisdictional frauds and asset recovery with PCB Litigation, lifts the lid on mortgage fraud, a common problem that the regulators are increasingly taking a dim view of.

On 11 August 2008, the Financial Services Authority (FSA) banned a mortgage broker and fined him £100,000 for submitting false mortgage applications. Omotayo Fawole was an FSA approved broker and the sole controller of Oasis Mortgage and Financial Services Limited (Oasis).

He had obtained a mortgage after submitting an application which significantly overstated the profits of Oasis and his own income; and had submitted another mortgage application on behalf of an Oasis employee which significantly overstated their earnings.

Mr Fawole was the eighteenth broker to be banned by the FSA this year as a result of involvement in submitting false mortgage applications. Although he had been the central figure in the fraud, the severity of the penalty nonetheless serves as a timely reminder of the seriousness with which mortgage fraud is viewed by law enforcement agencies and regulators.

What is Mortgage Fraud?
Mortgage fraud occurs where a borrower defrauds a financial institution or private lender through the mortgage process. Such frauds are typically perpetrated in one of two ways:

The borrower provides untrue or misleading information (as in the above case) or fails to disclose relevant information that bears upon his ability to repay the loan. For instance, the borrower may provide false information about his level of income, employment or other liabilities. He may also provide misleading information about the source of funds to be used in the purchase other than the mortgage or not disclose the fact that more than one lender is financing the purchase price; or

The borrower misrepresents the true value of the property. To give the proposed transaction an air of legitimacy he may conspire with a corrupt surveyor in order to obtain a false valuation. Another typical scam used is known as ‘flipping’. Flipping usually involves back to back sales in which the property is to be sold on to an often fictitious sub-purchaser so as to give the appearance of the property being sold very quickly for a substantially increased price. The fraudster then absconds with the difference between the mortgage advance and the initial purchase price, leaving the lender with inadequate security.

In the next installment we will look at the implications of mortgage fraud for brokers.

Friday, 14 November 2008

Personal data loss an "alarming" problem

High profile instances of accidental leakages of sensitive customer information show no signs of abating. This time last year the media was having a field day with the revelation that the UK's HM Revenue & Customs (HMRC) had lost two discs containing the personal details of 25 million people. According to Symantec, not much has improved since then.

Symantec says an additional nine million personal records have been lost since the HMRC incident by private companies and third party data handlers. The total loss of 34 million people's records means that more than half of the UK's 61 million population have had their data lost in the last year, which when you put it like that sounds alarming.

While UK Prime Minister Gordon Brown has made it abundantly clear that the government cannot guarantee the protection of personal data by bumbling bureaucrats who appear to have a penchant for leaving laptops and USB sticks lying around on trains or in pubs, Symantec's Data Loss Prevention survey, does not show much hope for the private sector either.

Almost half of UK companies surveyed admitted that one or more incidents of data loss had taken place, and another 25% had no strategy for dealing with data loss, which is concerning given the reputational risks and increasingly hefty fines.

Symantec's survey suggests that companies are not taking data protection seriously enough or that they don't know where to start.

It has provided companies with some useful pointers as to measures that can be taken to prevent data loss:

One of the big ones is to educate employees about the importance of data loss avoidance and procedures

Secondly, Symantec recommends "locking down" computers, mobile devices and other removable media using either software or physical locks. The big problem seems to be stopping employees from taking personal information outside the corporate firewall.)

Network access controls should mean that employees can only access "relevant" systems and information.

Data should also be monitored to prevent leakages (although with so much data residing in firms, data classification in terms of which data needs to be secured or classified 'top secret' is an essential first step).


AML on-demand search facility targets smaller firms

With anti-money laundering regulatory compliance costing firms millions to implement, smaller companies are at risk of non-compliance because of the upfront costs and investment typically required to implement the correct assessment and risk management procedures.

“Many firms have responded to the new anti-money laundering regulations but there are still some – particularly smaller firms - that, due to financial constraints, are failing to do so. The outcome could be very serious for those who choose to ignore these regulations resulting in heavy fines and as we have seen recently, prison sentences,” says James Sherwood-Rogers, managing director of Landmark Legal and Financial.

ASP solutions for AML are slowly starting to gain traction in the market and are more likely to appeal to smaller firms that don't want to make the upfront and ongoing investment required to implement and maintain a dedicated AML solution.

Landmark has just announced a new electronic on-demand AML search facility www.landmarkaml.co.uk, for solicitors, which provides a pay-as-you-go type model for undertaking due diligence checks on new clients (companies or individuals). The electronic information service scans data sources such as government databases, databases of Politically Exposed Persons and terrorist sanction files.

Wednesday, 12 November 2008

Insurers fight fraud by sharing information

Any fraud officer is only too familiar with the challenges of detecting and reducing fraud; whether it is online banking fraud, identity theft or anti-money laundering. However, one industry appears to be having some success in fighting fraudsters, and it puts its achievements down to good old-fashioned information sharing.

By sharing claims data, the Association of British Insurers says that in the last three years, motor insurers alone have identified 70% more fraud equating to £5 million worth of claims per week. The Insurance Fraud Bureau (IFB) was established in July 2006 and uses a central computer system containing claims data from a number of insurers across the UK. Details of insurance policies and claims records are analyzed to identify suspicious activity.

Bogus and inflated insurance claims cost the UK insurance industry more than £1.6 billion a year. Insurance fraud ranges from policyholders exaggerating claims to organized criminal gangs inducing “innocent” motorists to crash into the backs of fraudsters’ vehicles. In a number of cases criminal gangs may have submitted bogus insurance claims to a number of insurers at the same time, so by sharing claims data, the hope is that it can be more easily detected.

While the insurance industry has enjoyed some success in combating fraud, Simon Evans, a partner at Cardiff-based law firm, Dolmans, warns that "fraudulent" insurance claims are still excessive.

"We have previously dealt with a case where a lady accidentally scratched a car door in a car park and, motivated by honesty, left her details to be contacted in order to arrange a repair of the minimal damage," says Evans. "However, when the claim came through it was for thousands of pounds of repairs. The lady has been dragged through the court system as a result, but without photographic evidence taken at the time, she has had little ability to defend her case.

“On the other side of the coin, I have been told about a recent occurrence when an intermediary tried to create a personal injury case to pass on to a solicitor. The intermediary had tried to encourage the victim of a car crash to make a claim for whiplash, even though no injury was suffered."


Evans said that charges, including perjury, contempt of court and obtaining monies by deception, were being used to deal with contrived and induced accidents. He pointed to the example of a claimant that was awarded £9,200 in compensation from a local Council after claiming he broke his ankle in a pothole. Further investigation found the claimant was injured playing football. The claimant was jailed for nine months after pleading guilty to obtaining property by deception and perjury.

The courts are also discarding evidence of a claimant if it is "tainted" by fraud and Evans said witnesses who give fraudulent supporting evidence are also likely to have any claim dismissed by the courts. However, the challenge for most firms is detecting fraud in the first place, and trying to prevent it before it even gets to the courts.

Tuesday, 4 November 2008

Individuals in the firing line for AML

A landmark case which saw the UK's financial regulator, the Financial Services Authority (FSA) fine a money laundering reporting officer for the first time, is a sign regulators are taking a no-nonsense approach towards AML.

The FSA fined Sindicatum Holdings Limited, a corporate advisory firm, £49,000 for failing to implement effective systems and controls for verifying client identities. It also fined the company's
Money Laundering Reporting Officer (Mr Michael Wheelhouse) £17,500. The fines imposed would have been 30% higher if Sindicatum had not agreed to an early settlement with the FSA.

"This fine is a warning to firms and individuals about the importance of complying with our rules in this area and we will not hesitate to clamp down on failures, where necessary," said William Amos, head of retail enforcement at the FSA.

Mark Dunn, manager, Risk & Compliance Services at LexisNexis said, “This is the latest indicator that the FSA is toughening up its approach to anti-money laundering compliance. Firms have had almost a year to update their systems and controls since the
Money Laundering Regulations 2007 came into force last December. Dunn said that record keeping in particular was important in order to demonstrate that the MLRO has taken reasonable steps to verify the identity of all clients.

Tim Dolan, a financial services partner in Pinsent Masons' Corporate Group and a former member of the FSA's Enforcement Division remarked that:

"This case is significant as it is the first time that the FSA has fined an individual Money Laundering Reporting Officer ("MLRO"). It serves as a timely reminder that individuals who hold the MLRO function have responsibilities and can be personally liable for their firm's failings."

Dolan said the case was also significant as it demonstrated that the FSA is prepared to take action in the case of corporate advisory firms' anti-money laundering systems failing. In Sindicatum's case, Dolan said a number of shortfalls in their AML measures were highlighted:

- clients were not being identified at the time of take-on by the firm
- no attempt was made to verify which particular individuals were directors or controllers of clients;
- documents were in foreign languages, but the documents and their translations were not reviewed by the MLRO;
- photocopies of documents were not properly certified;
- relevant documents (including in one case copies of passports) were lost;
- client acceptance checklists were not complete or had not been reviewed by the account executives and the MLRO.