Friday, 30 January 2009

AIG in the spotlight again

US insurance company, AIG, one of the high profile victims of the credit crunch, is in the spotlight again with one of its former vice presidents being jailed for four years for falsely inflating the company's share price and reserves.

According to reports, Christian Milton, who was convicted back in 2008 of conspiracy, mail fraud, securities fraud and making false statements to the Securities and Exchange Commission, participated in a scheme whereby AIG "secretly paid" General Reinsurance to take out reinsurance policies with the company in 2000 and 2001. The scheme reportedly cost investors up to $597 million.

It is not the first time that AIG has been implicated in fraud. According to Wikipedia, an accounting scandal resulted in former CEO Maurice R. Greenberg being ousted in 2005. The allegations made at the time included fraudulent business practice, securities fraud, common law fraud, and other violations of insurance and securities laws. All criminal charges were later dropped however and Greenberg was not held responsible.

AIG, and other victims of the credit crunch are also being investigated by the FBI. The investigation is believed to be looking at whether these firms unduly influenced agencies to "inflate" their ratings and misled investors about the true state of their assets.

Card fraud stats - who do you believe?

Various organisations produce statistics on the incidence of credit card fraud, but the UK payments association, APACS, has hit back at a recent survey published by "life assistance" group CPP, which claims that 12 million people were victims of card fraud in 2008 and that the average loss was £650.

APACS says CPP's stats are "spurious" and that according to its own data, which is drawn from stats provided by its member banks, 2007 figures indicate there were just over a million reported cases of card fraud; and although card fraud increased in 2008 (APACS will publish figures in March), APACS says CPP’s suggestion that there were 12 million victims in 2008 is "wildly out of line".

Is it a case of CPP, which provides protection and insurance against identity theft and card fraud, talking up the incidence of card fraud in order to scare consumers into thinking the problem is much bigger than it really is? There is no question that some organisations may be talking up fraud to benefit their own cause, which is not helpful as card fraud remains a persistent problem for online merchants and exaggerating the levels of fraud, only serves to suggest that none of the solutions deployed so far to combat it are actually working.

Having said that more certainly needs to be done, as CHIP and PIN may have reduced "over-the-counter" fraud, but most reports indicate card-not-present fraud is on the increase, particularly online. Some providers have suggested the use of one-time PINs and passwords to "toughen up" existing security.

Thursday, 29 January 2009

Regulatory loopholes may have helped Madoff

Members of the US Senate Committee on Banking, Housing and Urban Affairs expressed disbelief and amazement at how regulators did not uncover the alleged Madoff Investment Securities Ponzi scheme. On Tuesday the committee listened to witnesses' testimony regarding regulatory and oversight concerns and the need for reform in light of the alleged Ponzi scheme.

Senators expressed disbelief that securities regulators, the Securities & Exchange Commission (SEC) and the Financial Industry Regulatory Authority (Finra), missed numerous "red flags" pertaining to Madoff, including the fact that he did not use a separate custodian for his investment advisory business, and that his accountant was not registered with The Public Company Accounting Oversight Board (PCAOB).
During the hearing one senator remarked: "... it is inexplicable how the SEC missed it (Madoff's alleged Ponzi scheme). It is as if there was a giant elephant standing next to the SEC in a rather small room for 25 years and the SEC never noticed the elephant or even smelt the peanuts on its breath. And it is not as if the SEC were not looking around the room."
The SEC is conducting its own investigation into its handling of the alleged Madoff Ponzi scheme. During Tuesday's testimony senior SEC officials stressed that their past examinations of Madoff were restricted to his broker dealer activities and did not include his investment advisory business which was registered in 2006.

The SEC said 10% of registered investment advisors were examined every three years, and that these examinations were limited in their scope and targeted specific activities. The other regulator in the spotlight regarding the alleged Ponzi scheme, Finra, said its jurisdiction was limited to Madoff's broker dealer operations and that this meant it could not be an "extra set of eyes".

However, during Tuesday's hearing, Professor John Coffee, Professor of Law at Columbia University, said Finra did have jurisdiction over Madoff Investment Securities. He also stated that registered investment advisors are required to use a "qualified" custodian. However, he said Madoff used himself and that he was able to do this because the SEC gave us an "illusory" rule which allows investment advisors, where it has a broker dealer affiliate, to use its own broker dealer to be its custodian.

Following the implementation of Sarbanes-Oxley, Coffee said broker dealers were supposed to use accountants registered with the PCAOB. However, he said on three occasions, the SEC adopted and extended an exemptive rule that said privately-held broker dealers did not have to use such a PCAOB registered accountant.

Coffee said Ponzi schemes were increasing in regulatory and frequency and tended to occur in unregulated hedge funds or alternative investments put together by investment advisors.

Online fraud continues to rise despite countermeasures

Despite ongoing investment in tackling fraud, online merchants continue to see their losses from fraud increase, according to a survey of 150 online retailers conducted by Cybersource Ltd.

The overall rate of fraud increased 2.6%, which does not sound like much, however, Cybersource says for approximately 13% of merchants, the rate of fraud increased by more than 20% and 37% of merchants experience losses due to fraud of 1% or more. These increases are in spite of the fact that in the UK at least, approximately 60% of merchants now deploy Verified by Visa and MasterCard SecureCard schemes, which require the purchaser to type in a private code known only to them and their bank.

But it is perhaps the indirect costs of fraud that are more telling. According to the survey, 20% of merchants reject more than 5% of orders because they suspect fraud, although some of these orders may be authentic.

Despite the increasing sophistication of automated fraud screening software, Cybersource's survey indicates that 10% of merchants still reviewed every order manually, which is deemed costly and inefficient. It begs the question, do merchants see automated fraud screening as too costly or difficult to implement?

How did "India's Enron" come about?

"We will see a significant increase in
[ financial accounting scandals], however the jurisdiction is shifting from the more regulated markets where Sarbanes-Oxley, independent audit committees and the significant level of oversight make it more difficult to get away with, to emerging markets where supervision and broad oversight is not as advanced," said Richard Abbey, managing director, Financial Investigations for risk consulting company, Kroll.

I have reported these comments from Abbey before in an earlier posting, but I wanted to highlight them again in light of the Financial Times publishing its account of B. Ramalinga Raju, the former chairman of Indian IT firm, Satyam Computers and how "India's Enron" unfolded.

According to the newspaper report, Mr Raju became "obsessed with market capitalisation", which is what Abbey is alluding to in his statement above.

The report goes on to say that Mr Raju also appeared to benefit from the silliness that prevailed during the boom when the market cap of companies was wildly overinflated and no one, including those financing companies, really paid any attention to a company's earnings or P&L .

According to the FT, Mr Raju listed Satyam Infoway on the Nasdaq in 1999, and was able to immediately raise money despite the fact that the company had lost money. But once the bubble burst, according to the police the accounting fraud began in 2001 when the share price deflated.

Friday, 23 January 2009

Fund heaped praise on Madoff

As more details come to light about the alleged Madoff Ponzi scheme, lawyers representing those investors that lost millions are pointing the finger at the apparent lack of due diligence conducted by the banks and the funds that invested money with Madoff.

According to a report in the Financial Times, Santander's Swiss-based alternative investment arm, Optimal, "heaped praise" on Madoff before his arrest, for his ability “to find great entry and exit points to benefit investors”.

With parent bank, Banco Santander admitting losses of up to €2.33 billion as a result of the alleged Ponzi scheme, lawyers will be clambering all over this latest revelation.

Thursday, 22 January 2009

Another Ponzi scheme?

Bloomberg is carrying news of the latest alleged Ponzi scheme coming out of Japan. Japanese housewives have reportedly been hit by the alleged currency trading scam.

Recession - the mother of invention

A recession is the mother of invention, and never one to miss an opportunity, fraudsters are reportedly targeting investors whose money is trapped in Icelandic bank, Kaupthing Singer & Friedlander.

According to Citywire, depositors with money trapped in Kaupthing Singer & Friedlander, on the Isle of Man, which went into administration late last year, have been approached by a company calling itself Kristen Heather Investments (Isle of Man). The company claimed it could return depositors' funds in Kaupthing Singer & Friedlander for a fee.

The Isle of Man Financial Services Commission says the firm has a fake address and had copied the real bank’s website. PricewaterhouseCoopers, which is liquidating Kaupthing, says it appeared to be "an entirely fraudulent endeavour".

As I mentioned in my previous post, Madoff - who is culpable?, with irate investors and shareholders having lost substantial sums of money, there is likely to be a raft of legal action in the wake of the credit crisis. Some of the big class action suits may be some time in coming, but meanwhile, according to The Press & Journal, an 83-year-old QC is suing Royal Bank of Scotland claiming that the bank was "insolvent" when it "fraudulently" sold him shares in a rights issue.

As part of his small claims action, the QC is trying to prove that the bank was "technically insolvent" when it sold him stock valued at £1,282 as part of a rights issue. If the case is successful, it could lead to similar action being taken by other bank shareholders.

Wednesday, 21 January 2009

Madoff - Who is culpable?

Given the amount of corporate fraud cases and lack of due diligence that has been brought to light as as a result of the current financial crisis, litigators will be clambering all over it trying to find some means of recourse for their clients who have suffered substantial financial losses.

In the case of the alleged Madoff $50 billion Ponzi scheme, there could be a number of potential targets in the firing line for litigators to take action against. Investors whose money ended up in Madoff's scheme are likely to turn to the managers of the "feeder funds" who earned commissions from feeding funds into the alleged Ponzi scheme. Questions also remain over the due diligence conducted further down the line by those banks that have revealed exposure to the Ponzi scheme.

Some experts also question whether the US securities regulator, the Securities Exchange Commission (SEC) is culpable. According to the latest newspaper reports, the SEC missed "red flags" regarding Madoff's alleged Ponzi scheme when it investigated an accountancy firm with ties to Madoff back in 1992. The New York Times claims that the SEC's probe found that the accountancy firm kept "almost no records", and that one of the partners told investigators that the $441 million it controlled was managed by Mr Madoff.

Forensic accountants currently working on the Madoff case in New York and London, say there appeared to be a “patent lack of segregation of duties” as the management, administration and custody of the fund in question was conducted either by Madoff or associated parties. However, standards of due diligence in this area are still developing and there was no apparent legal onus on Madoff to separate these duties.

One source I spoke to involved in the Madoff investigation recalled the BCCI scandal in the UK in 1991 when the Middle Eastern bank collapsed with £7 billion of undeclared debts. The financial regulator at the time was the Bank of England and victims of BCCI, led by the liquidator Deloitte & Touche, later brought a lawsuit against the Bank of England claiming up to £1 billion in damages. The victims alleged the Bank of England was "guilty of negligence amounting to 'misfeasance', or wilful misconduct." The case later collapsed.

Questions now remain about whether the SEC could have done more to uncover the alleged Madoff Ponzi scheme. As to whether it could face its day in court is debatable as the SEC may be able to declare immunity from being sued. As the BCCI lawsuit also demonstrated it may also be difficult to prove that the SEC "deliberately" failed in its duties.

Tuesday, 20 January 2009

Learning old lessons about fraud

With "Ponzi" schemes and "rocketing levels of discovery" of insider fraud that has gone undetected for years finally being exposed by the credit crisis, corporate fraud will be an area of renewed focus this year as companies go back to basics to defend themselves against malicious and non-malicious attacks perpetrated by insiders.

With so much press and industry focus on the multitude of threats looming outside the corporate firewall, until recently insider fraud attracted few column inches. Given the impact exposure of corporate fraud has on a company's brand and reputation, it is not surprising perhaps that most incidences of insider fraud (50% in the case of insider fraud in banks, according to Celent) goes unreported.

Yet, with figures published by analyst firm Celent indicating that insider fraud accounts for 60% of all bank fraud cases involving a data breach or theft of funds, corporate fraud is an endemic problem and fraud experts anticipate it will be ratcheted up a notch or two by the recession.

Richard Abbey, managing director, Financial Investigations, for risk consulting company, Kroll, says the recession could give rise to the "non-malicious" corporate fraudster - those that commit fraud not for personal gain, but to save their company and employees' jobs. "It's misplaced loyalty if you like as they do not really think they are committing fraud," says Abbey. While anti-fraud measures tend to be focused on new employees, Abbey says the typical fraudster is the long-serving, loyal employee that knows their way around a company's systems.

Despite the introduction of Sarbanes-Oxley in the US, which placed more rigorous reporting requirements on a company's financials in the wake of the Enron and WorldCom corporate accounting scandals, Abbey expects to see more financial accounting scandals in the wake of the recession as corporate executives falsely inflate profits and cover up debts in an effort to maintain core ratios or to protect themselves from breaching banking covenants.

"We will see a significant increase in that type of fraud, however the jurisdiction is shifting from the more regulated markets where Sarbanes-Oxley, independent audit committees and the significant level of oversight make it more difficult to get away with, to emerging markets where supervision and broad oversight is not as advanced," says Abbey.
No surprises then that the latest accounting scandal has rocked Indian IT outsourcing firm, Satyam Computers, where the company's chairman has admitted to a $1 billion fraud, which is being billed as "India's Enron". Kroll is also seeing more companies reporting allegations of corporate bribery and corruption, which if proved true can attract hefty fines far in excess of the original bribe.

Given the threat landscape, it may be tempting for corporate executives and chief risk officers to reach for the latest gadgets: biometrics; enterprise anti-fraud systems; software that detects the potential for fraud in emails; however, fraud experts caution that brandishing the sword of technology is not necessarily the answer.

According to Abbey most corporate fraud is detected not as a result of controls companies put in place, but by accident or whistle blowers. There are, however, more immediate measures firms can put in place to protect themselves against insider fraud, segregation of duties being the main one, to ensure that no single person, regardless of how long they have been with the company, has "end-to-end" control over a business processes or processes.

In its latest Global Fraud Report, Kroll concludes that the financial crisis will lead to more fraud claims, legal disputes and regulatory action. Greater due diligence and levels of corporate governance will also be required and cross-border transactions are likely to increase exposure to "complex fraud and corruption".

“There are some wonderful technologies that can help solve fraud,” says David Porter, head of security and risk at consultancy, Detica, “but it is not just about wielding the sword of technology. It is about con artists scamming people. There is a soft human element to combating fraud. This year, companies are going to be learning a lot of old lessons about fraud.”

Monday, 12 January 2009

Corporate fraud - The revelations keep coming

As I mentioned in my previous post with the tide well and truly out as the credit crisis deepens, some unsightly corporate 'flotsam' is being washed up on our shores. But can we extrapolate from the increased disclosure of high profile corporate fraud cases in recent weeks and months that corporate fraud and the credit crunch go hand in hand?

Well the answer to that is yes and no. David Porter, head of security and risk at consultancy, Detica says corporate fraud was a major problem before the credit crisis began and that we are unlikely to see rocketing levels of fraud as a result of the crisis. "But we will see rocketing levels of discovery," he says. "When things are going well, people don't bother looking at fraud. Now that times are hard, what was previously non-pressing has become more pressing.”

In other words the scarcity of capital and renewed focus on corporate governance is helping shine the light on incidences of fraud that were less likely to be uncovered when everyone was drowning in liquidity and economic conditions were perhaps more conducive to inflating profits in financial statements.

Kroll's 2008-2009 Global Fraud Report says that 85% of companies were affected by at least one fraud in the past three years, up from 80% in its previous survey. The most common forms of corporate fraud according to Kroll's survey were theft of physical assets, which impacted 37% of companies, compared to 34% in the previous survey. Information theft also increased from 22% to 27%; and regulatory and compliance breaches from 19% to 25%.

In its 2008 Financial Risk Outlook, UK financial services regulator, the Financial Services Authority (FSA) identified financial crime as one of the key priority risks stating that “tighter economic conditions may lead to an increase in the incidence or discovery of some types of financial crime.”

Kroll anticipates that as a result of the credit crunch there is likely to be an increase in "non-malicious" corporate fraud committed by those "misguided" employers or employees who are not out for personal gain, but to save their company and employee's jobs. It also expects to see an increase in false accounting practices as companies look to inflate profits in order to maintain their core ratios or protect themselves from breaching banking covenants. We also understand that corporate bribery and corruption where business contracts are awarded on the basis of financial rewards and employees being coerced into collusion with outside gangs are also on the rise.
Below I have compiled a rough list of frauds or alleged frauds that have come to light since the credit crisis began 18 months ago. While these frauds are not necessarily the direct result of the credit crisis, the scarceness of capital has perhaps helped bring them to light or resulted in more exposure and heftier fines or closer regulatory scrutiny:

  • January 2008: Trader Jerome Kerviel incurred $7 billion in losses as a result of "rogue trades" at French bank Société Générale.
  • Also in March 2008, the now defunct Lehman Brothers suspended two London equity traders after "issues" were discovered on share valuations.
  • May 2008: Merrill Lynch suspends a trader for "overstating the value" of some equity derivatives.
  • Also in June 2008: Two former Bear Stearns hedge fund managers were arrested on charges of securities fraud pertaining to allegations of misleading investors regarding two funds they ran that were exposed to subprime mortgages.
  • October 2008: The US Federal Bureau of Investigation launches an investigation into Lehman Brothers, insurer AIG and mortgage providers Fannie Mae and Freddie Mac as they fall victim to the credit crisis. The investigation is believed to be looking at whether these firms unduly influenced agencies to "inflate" their ratings and misled investors about the true state of their assets.
  • December 2008: European banks reveal their exposure to ex-Nasdaq chairman Bernard Madoff's alleged $50 billion Ponzi scheme
  • January 2009: B.Ramalinga Raju chairman of Indian IT outsourcing firm, Satyam Computers, admits fiddling the books to the tune of $1 billion. It has since been described as "India's Enron".
  • 8, January, 2009: In the largest financial crime related fine, the FSA in the UK fines Aon Ltd, £5.25 million for failing to take reasonable care to establish and maintain effective systems and controls to counter the risks of bribery and corruption associated with making payments to overseas firms and individuals.
  • Also in January of this year: Police reveal they have arrested Kabir Mulchandani, the chairman of Dynasty Zarooni, a Dubai real estate company, on allegations of fraud.
This is by no means an exhaustive list and does not take into account the myriad of fines imposed against individuals and firms for fraudulent activity such as insider trading and mortgage-related fraud.

However, the list does appear to support Kroll's view that in worsening economic conditions, employees or company executives, particularly in beleaguered industry sectors such as the financial services industry, may be tempted to falsely inflate profits, mismark the value of securities, or attempt to cover up substantial losses.

These incidences also appear to highlight a range of motivational factors ranging from personal gain in the form of seeking generous end of year bonuses by falsely inflating figures to making more money for the company concerned, or in the case of the alleged Madoff Ponzi scheme, the attainment of personal kudos through the accumulation of wealth.

Wednesday, 7 January 2009

Who has been swimming naked?

As celebrated financier Warren Buffett once said, "Only when the tide goes out, do you discover who has been swimming naked." Thanks to the so-called credit crunch, a handful of high-flying financiers, traders and company executives have been caught with their pants down.

There were the former Bear Stearns hedge fund managers arrested on securities fraud, the exposure of Bernard Madoff's alleged Ponzi scheme, and now the chairman of Indian IT outsourcing firm, Satyam Computer Services has admitted to "fixing the books" for the past several years.

While these frauds are not the direct result of the credit crunch; as capital has become scarcer, frauds perpetrated some years ago have become more difficult to cover up. Quoted in the Financial Times explaining how the fraud had spiraled out of control, Satyam's chairman, B. Ramalinga Raju said: "It was like riding a tiger, not knowing when to get off without being eaten."

While corporate fraud is not a new phenomenon, it is difficult to determine how endemic it is as it can go undetected for years. However, according to analyst firm Celent, internal fraud accounts for 60% of bank fraud cases involving a data breach or theft of funds. While malicious insider fraud, as opposed to accidental fraud caused through employee negligence or error, accounts for a much smaller percentage(9%)of all data breaches in financial services, Celent estimates that up to 50% of all insider fraud incidents go unreported.

With capital scarce and a high number of employee redundancies on the cards, most fraud experts anticipate the credit crunch will provide the perfect breeding ground for some employees to try and defraud the company they work for. But what is more likely to emerge is that tight availability of credit will expose those frauds that have been going on for some time. Madoff and Satyam Computers are only the tip of the iceberg.

"The general rule of thumb is that 20% of fraud companies know about, the other 40% they are aware of but don't know how to deal with and the remaining 40% they know is happening, but they are unsure where it is happening," says Bart Patrick, head of risk at business intelligence firm, SAS UK.
According to Patrick in the wake of the credit crunch, more and more companies are waking up to the threat corporate and insider fraud poses, and with capital scarcer than ever before, no company can afford to let criminal gangs or employees walk off with a few million.

More importantly perhaps, customers are likely to take an even dimmer view of those firms that do nothing to prevent internal fraud, as it is ultimately the customer that ends up paying for the higher incidence of fraud in the form of increased margins on insurance policies, for example.

Tuesday, 6 January 2009

AML programs should be tailored to business models

"Brokerage firms' AML programs must be tailored to their business models," said Susan L. Merrill, executive vice president and chief of enforcement at US-based regulatory agency, FINRA (Financial Industry Regulatory Authority). Merrill was commenting on the $1 million fine it recently imposed against E*Trade Securities, LLC and E*Trade Clearing, LLC, collectively, for failing to establish and implement anti-money laundering (AML) policies and procedures that could reasonably be expected to detect and cause the reporting of suspicious securities transactions.

While E*Trade provided trading customers with online electronic access to the securities markets, according to FINRA, it did not apply the same levels of automation when it came to monitoring trading acccounts for suspicious or "manipulative" trading activity.

According to FINRA, E*Trade relied on its analysts and other employees to manually monitor for and detect suspicious trading activity without providing them with sufficient automated tools, which was deemed to be insufficient given E*Trade's online business model, which requires "computerized surveillance of account activity to detect suspicious transactions and activity."

Financial service providers have invested millions in automated solutions for detecting suspicious account activity, but AML is still largely viewed as a 'box ticking' exercise, with some academics questioning the large number of Suspicious Activity Reports that have been generated, with few resulting in actual prosecutions.

The British Bankers Association has previously said that law enforcement officials need to take AML more seriously by following up on reports and information gathered by banks whilst monitoring account activity.