Category Archives: Money Laundering

The Versatile Microcap

A microcap is a publicly traded company whose stock might be worth only pennies, which causes its price to be volatile and thus easier for fraudsters to manipulate. Although CFEs like our Central Virginia Chapter members might not regularly come across microcap stock manipulation, it’s important for all of us to be aware of the methods and motivations behind this significant criminal activity. In this scheme, promoters and insiders, after cheaply purchasing a stock, typically pump up its value through embellished or entirely false news. However, as reported recently in the trade press, other fraudsters have successfully employed much more creative strategies in exploiting microcaps. Several articles and books have told of the involvement of organized crime, especially throughout the ’00s and ’10s, in this highly profitable illegal business.

Basic pump and dump schemes, also known as hype and dump manipulation, involve the touting of a company’s stock (typically micro-cap companies) through false or misleading statements to the marketplace. After pumping up the stock, scam artists make huge profits by selling or dumping their cheap stock onto the market. Today, pump and dump schemes have been updated and most frequently occur over the Internet, where it is common to see e-mail and other messages posted that urge consumers to buy a stock quickly or to sell their stocks before the price goes down. In some cases, a spam-call telemarketer contacts potential investors using the same sort of pitch. Often the promoters claim to have inside information about an impending development, or to have employed an infallible combination of economic and stock market data to pick stocks. In reality, they may be company insiders or paid promoters who stand to gain by selling their shares after the stock price is pumped up by the buying frenzy they create. Once these fraudulent promoters dump their shares and stop hyping the stock, the price typically falls and investors lose their money.

In another recent but simple form of the micro-cap scheme, a caller leaves a message on a potential victim’s voice mail under the guise of someone who dialed the wrong number. Sounding as if they didn’t realize they had misdialed, the message contains a hot investment tip for a friend. However, the caller is actually a spammer, someone being paid to tout this stock on hundreds of cell phones. Those behind the scheme generally own some of the stock and hope to profit by pumping up the share price and selling off their investments.

Pump-and-dump schemes can be as relatively simple as the one above, or such as an individual or small group releasing false information in a chat room or insiders publishing inflated company information. Sometimes the business owners themselves are complicit, especially with shell corporations that have little actual operations or value. Occasionally, scammers dupe business owners into participating in schemes through promises of investment support and/or related marketing help. Or fraudsters, unbeknownst to the victim company, hijack their target company’s stock and falsely hype it, which often causes irreparable damage to the owners’ and to their business’ reputations. CFEs whose clients include small or new venture businesses should be especially cautious of unsolicited offers made to their clients to receive loans or to raise capital through microcap stock offerings. Criminals commonly target businesses in the pharmaceutical, energy or technology sectors, attempting to use their names and initial offerings to manipulate stock for profit.

More complex microcap stock manipulation schemes involving organized crime typically employ a number of persons who are instructed to buy in at various points that coincide with a series of false press releases and concurrent investor forum-controlled chat and spam emails. This orchestrated activity provides the illusion of stock movement resulting from large investor interest thus drawing in the required funds of outsider victims. The actual manipulation often resembles a series of smaller pumps and dumps instead of one large event. So the fraudsters can use the same stock over and over with less chance of detection by regulatory authorities. More refined players also employ foreign or off-shore brokerage accounts as a further veil over their illegal activities.

When the organized manipulation plan succeeds, the ringleaders will permit the accomplices to sell and obtain their related profit depending on their hierarchy in the organization. However, the end process is often far from perfect. Occasionally, accomplices don’t follow instructions, at their significant personal risk, and sell too early or late. Even if the manipulation isn’t always successful, organized crime members who have invested in the process expect and demand a certain profit, which places additional pressure on participants who might find they have debt on their hands because of their failures.

Occasionally, outsiders also take large positions either profiting from or destroying the momentum of the criminal group. In the 1990s, when trades were completed through actual brokers, criminals could use threats or actual violence to control such unwanted participants. However, technological trading platforms have made this more difficult.

A less common, yet also profitable, technique is to put downward pressure on a stock (or cause the price to decrease) after buying the equity on loan through a contract, or option, with the hopes of buying the stock or settling the contract once the stock has dropped in price. Fraudsters can initiate this manipulation technique, commonly known as ‘short and distort,’ by promoting rumors such as a bad quarter or failed new drug test.

The ability to manipulate microcap stocks with relative ease also makes the activity an ideal tool to hide payments between parties and launder money. Instead of paying cash or wiring funds to settle a drug debt, one can simply provide a tip relating to a microcap stock that’s about to be manipulated. The party who’s owed the debt then only has to buy the stock cheaply and await for the pump to make the sale and generate the profit.

Perpetrators also have used the same process to offer bribes to public servants. Troublesome envelopes or bags of cash aren’t required. The profit appears as a simple lucky or astute stock pick, and culprits can even report them as capital gains thus removing the risk of highly feared and powerful tax investigators becoming involved in a possible money-laundering investigation. Police and securities regulatory authorities have observed and reported such suspicious activity. However, it’s often difficult to link those who profit from the manipulation with the culpable manipulators. Also, considering that organized crime elements employ microcap manipulation for debt payments and as profitable crimes, it’s again challenging for authorities to identify the exact goals of their participation without some inside knowledge. Proving all the elements of the crime is nearly impossible without wire taps or a co-conspirator witness.

With all this said, it’s ironic, yet not surprising, that more than one organized-crime figure has said they don’t invest their own criminal earnings in microcap stocks because they deem such markets to be too risky and plagued by manipulators.

So, in summary, if you, as a CFE, come across information relating to a microcap investment involving a case you’re working, you might want to take a closer look.

With regard to preventing investment fraud schemes in general … caution your clients:

• to not invest in anything based upon appearances. Just because an individual or company has a flashy website doesn’t mean it is legitimate. Websites can be created in a matter of hours and taken down even faster. After a short period of taking money, a site can vanish without a trace.
• to not invest in anything about which they are not absolutely sure. Do homework on an investment to ensure it is legitimate.
• to thoroughly investigate the offering individual or company to ensure legitimacy.
• to check out other websites regarding this person or company.
• to be cautious when responding to special investment offers (especially through unsolicited e-mail) by fast talking telemarketers. Know with whom you are dealing!
• to inquire about all the terms and conditions involved with the investors and the investment.
• Rule of thumb: If it sounds too good to be true, it probably is.

Financing Death One BitCoin at a Time

Over the past decade, fanatic religious ideologists have evolved to become hybrid terrorists demonstrating exceptional versatility, innovation, opportunism, ruthlessness, and cruelty. Hybrid terrorists are a new breed of organized criminal. Merriam-Webster defines hybrid as “something that is formed by combining two or more things”. In the twentieth century, the military, intelligence forces, and law enforcement agencies each had a specialized skill-set to employ in response to respective crises involving insurgency, international terrorism, and organized crime. Military forces dealt solely with international insurgent threats to the government; intelligence forces dealt solely with international terrorism; and law enforcement agencies focused on their respective country’s organized crime entities. In the twenty-first century, greed, violence, and vengeance motivate the various groups of hybrid terrorists. Hybrid terrorists rely on organized crime such as money laundering, wire transfer fraud, drug and human trafficking, shell companies, and false identification to finance their organizational operations.

Last week’s horrific terror bombing in Manchester brings to the fore, yet again, the issue of such terrorist financing and the increasing role of forensic accountants in combating it. Two of the main tools of modern terror financing schemes are money laundering and virtual currency.

Law enforcement and government agencies in collaboration with forensic accountants play key roles in tracing the source of terrorist financing to the activities used to inflict terror on local and global citizens. Law enforcement agencies utilize investigative and predictive analytics tools to gather, dissect, and convey data to distinguish patterns leading to future terrorist events. Government agencies employ database inquiries of terrorist-related financial information to evaluate the possibilities of terrorist financing and activities. Forensic accountants review the data for patterns related to previous transactions by utilizing data analysis tools, which assist in tracking the source of the funds.

As we all know, forensic accountants use a combination of accounting knowledge combined with investigative skills in litigation support and investigative accounting settings. Several types of organizations, agencies, and companies frequently employ forensic accountants to provide investigative services. Some of these organizations are public accounting firms, law firms, law enforcement agencies, The Internal Revenue Service (IRS), The Central Intelligence Agency (CIA), and The Federal Bureau of Investigations (FBI).

Locating and halting the source of terrorist financing involves two tactics, following the money and drying up the money. Obstructing terrorist financing requires an understanding of both the original and supply source of the illicit funds. As the financing is derived from both legal and illegal funding sources, terrorists may attempt to evade detection by funneling money through legitimate businesses thus making it difficult to trace. Charitable organizations and reputable companies provide a legitimate source through which terrorists may pass money for illicit activities without drawing the attention of law enforcement agencies. Patrons of legitimate businesses are often unaware that their personal contributions may support terrorist activities. However, terrorists also obtain funds from obvious illegal sources, such as kidnapping, fraud, and drug trafficking. Terrorists often change daily routines to evade law enforcement agencies as predictable patterns create trails that are easy for skilled investigators to follow. Audit trails can be traced from the donor source to the terrorist by forensic accountants and law enforcement agencies tracking specific indicators. Audit trails reveal where the funds originate and whether the funds came from legal or illegal sources. The ACFE tells us that basic money laundering is a specific type of illegal funding source, which provides a clear audit trail.

Money laundering is the process of obtaining and funneling illicit funds to disguise the connection with the original unlawful activity. Terrorists launder money to spend the unlawfully obtained money without drawing attention to themselves and their activities. To remain undetected by regulatory authorities, the illicit funds being deposited or spent need to be washed to give the impression that the money came from a seemingly reputable source. There are types of unusual transactions that raise red flags associated with money laundering in financial institutions. The more times an unusual transaction occurs, the greater the probability it is the product of an illicit activity. Money laundering may be quite sophisticated depending on the strategies employed to avoid detection. Some identifiers indicating a possible money-laundering scheme are: lack of identification, money wired to new locations, customer closes account after wiring or transferring copious amounts of money, executed out-of-the-ordinary business transactions, executed transactions involving the customer’s own business or occupation, and executed transactions falling just below the threshold trigger requiring the financial institution to file a report.

Money laundering takes place in three stages: placement, layering, and integration. In the placement stage, the cash proceeds from criminal activity enter the financial system by deposit. During the layering stage, the funds transfer into other accounts, usually offshore financial institutions, thus creating greater distance between the source and origin of the funds and its current location. Legitimate purchases help funnel the money back into the economy during the integration stage, the final stage.

Complicating all this is for the investigator is virtual currency. Virtual currency, unlike traditional forms of money, does not leave a clear audit trail for forensic accountants to trace and investigate. Cases involving the use of virtual currency, i.e. Bitcoins and several rival currencies, create anonymity for the perpetrator and create obstacles for investigators. Bitcoins have no physical form and provide a unique opportunity for terrorists to launder money across international borders without detection by law enforcement or government agencies. Bitcoins are long strings of numbers and letters linked by mathematical encryption algorithms. A consumer uses a mobile phone or computer to create an online wallet with one or more Bitcoin addresses before commencing electronic transactions. Bitcoins may also be used to make legitimate purchases through various, established online retailers.

Current international anti-money laundering laws aid in fighting the war against terrorist financing; however, international laws require actual cash shipments between countries and criminal networks (or at the very least funds transfers between banks). International laws are not applicable to virtual currency transactions, as they do not consist of actual cash shipments. According to the website, “Bitcoin uses peer-to-peer technology to operate with no central authority or banks”.

In summary, terrorist organizations find virtual currency to be an effective method for raising illicit funds because, unlike cash transactions, cyber technology offers anonymity with less regulatory oversight. Due to the anonymity factor, Bitcoins are an innovative and convenient way for terrorists to launder money and sell illegal goods. Virtual currencies are appealing for terrorist financiers since funds can be swiftly sent across borders in a secure, cheap, and highly secretive manner. The obscurity of Bitcoin allows international funding sources to conduct exchanges without a trace of evidence. This co-mingling effect is like traditional money laundering but without the regulatory oversight. Government and law enforcement agencies must, as a result, be able to share information with public regulators when they become suspicious of terrorist financing.

Forensic accounting technology is most beneficial when used in conjunction with the analysis tools of law enforcement agencies to predict and analyze future terrorist activity. Even though some of the tools in a forensic accountant’s arsenal are useful in tracking terrorist funds, the ability to identify conceivable terrorist threats is limited. To identify the future activities of terrorist groups, forensic accountants, and law enforcement agencies should cooperate with one another by mutually incorporating the analytical tools utilized by each. Agencies and government officials should become familiar with virtual currency like Bitcoins. Because of the anonymity and lack of regulatory oversight, virtual currency offers terrorist groups a useful means to finance illicit activities on an international scale. In the face of the challenge, new governmental entities may be needed to tie together all the financial forensics efforts of the different stake holder organizations so that information sharing is not compartmentalized.

Financing in the Dark

money-laundering_1A reader of our last blog post on risk assessment, a CFE employed as an internal auditor by a large overseas financial services firm, has been asked, (in light of the Panama Papers), and as a member of an evaluation team, to perform a review of the controls comprising his company’s anti-money laundering program.  I thought his various questions about ACFE guidance on money laundering might furnish interesting matter for a blog post.  The ACFE has long identified money laundering, including terrorist financing, as a global problem.

Due to government concerns globally, laws have been enacted in countries such as the United States (the Bank Secrecy Act (BSA), Canada (Proceeds of Crime, Money Laundering and Terrorist Financing Act), and Australia (Anti-Money Laundering and Counter-Terrorism Financing Act, 2006) to combat money laundering and financing of terrorist activities. Such legislation embodies recommendations from the Financial Action Task Force (FATF), a Paris-based intergovernmental body formed in 1989 by the Group of Seven industrialized nations. As a result, financial institutions in many countries have taken initiatives to implement appropriate policies and infrastructure for ensuring compliance with applicable money laundering requirements and practices. One such step has been to implement anti -money laundering/ counter-terrorist financing programs based on FATF recommendations.  Our reader’s company is to be commended for undertaking the review since independent testing by knowledgeable assurance professionals (including CFE’s) is a critical component in ensuring existing anti-money laundering programs remain robust and fully aligned with regulatory requirements. The testing of these programs should be cohesive and integrated and include a well-defined strategy that takes a risk-based, enterprise wide perspective.

According to the ACFE, an effective anti-money laundering program includes:

–Appointment of a senior officer responsible for ensuring risks are understood, addressed, and mitigated enterprise-wide;
–Development of formal policies, procedures, and controls that are aligned with Federal and local regulations;
–Implementation of a risk-based approach for identifying risks by client, geography, product, and delivery channels;
–Implementation of a program of dynamic rules-based transaction monitoring for purposes of identifying and reporting suspicious activities;
–Implementation of training programs customized to specific functions and activities;
–Independent, periodic testing of the program.

The ACFE stresses that to be successful it’s necessary that the review team understand the organization’s products and delivery channels as well as its types of clients and their geographic location(s). It’s also necessary to understand the company’s organizational structure, infrastructure, policies, procedures, and controls for mitigating money laundering and terrorist financing risks. Also as part of the audit strategy, auditors should list all anti-money laundering regulatory requirements in the countries in which the organization does business. Once these components are clearly defined and understood, a risk profile can be developed (using the interviewing strategy featured in our last post) to ascertain risk levels and enable the creation of appropriate audit programs, staffing, and overall management of the review assignment. Needless to say, the audit strategy should always be formally approved by the organization’s chief audit executive.

The temptation to use boilerplate or template audit programs should be minimized by the development of tailored audit programs fitted to the specific nature of the business process being audited. One of the biggest challenges in developing such audit programs for money laundering is determining appropriate sampling methodologies for performing the required testing and validation. Inappropriate sampling will lead to incorrect and unsupportable conclusions. Sampling criteria and attributes must be defined clearly and be consistent with audit objectives. Once again, the audit manager should approve the sampling methodology before execution.

Our reader’s audit team will need to verify compliance with local regulations, which is not an easy task due to the high transaction volumes characteristic of industries like his. However, in most financial organizations, transaction-based processes must be automated to work and queries can be developed to create exception reports where deviations from expected outcomes exist. Out reader asked for examples of such automated exception reports and some common ones recommended by the ACFE are:

–Cash deposits of US $10,000 or greater where the required regulatory reporting has not been completed. (This threshold applies to Canada and the United States and may vary in other countries);
–Transactions with countries where trade sanctions exist;
–Industry codes listing clients in high risk industries to assess the level of enhanced due diligence performed;
–List of employees who have not completed required anti-money laundering training;
–List of clients with Post Office box addresses;
–List of clients with missing Taxpayer Identification Numbers;
–List of wire transfers from accounts owned by governments into accounts of private investment companies and politically exposed persons;
–Validating that “know your client” and customer identification requirements are compliant with local regulatory requirements;
–Validating that enhanced due diligence is performed on high-risk businesses.

Business culture has traditionally revolved around management of risks relative to sales, markets, economic trends, and reputation. Only relatively recently has regulatory risk as it relates to money laundering requirements received more intense scrutiny. Regulators have adopted a zero tolerance position, as evidenced by penalties against financial institutions for noncompliance with the ever growing body of legislation.  Financial institutions like our reader’s are considered an integral defense in the fight against money laundering and terrorist financing. It’s thus imperative that these organizations implement effective independent testing programs to assess the quality of controls relative to their anti-money laundering programs.  Sound independent testing by assurance professionals who have in-depth knowledge of fraud and regulation, as well as of risks, controls, and business processes in general is considered a key control within any organization. Fraud risk assessment review work of the anti-money launder business process provides management with the necessary intelligence for proactively managing deficiencies and ensuring that a well-aligned top-to-bottom control environment with appropriate resources and infrastructure is in place for mitigating money laundering risk.

Because fraudsters and criminals are creative and money laundering methods and techniques change constantly in response to evolving countermeasures, a useful reference for CFE’s and for auditors of all kinds is always the ACFE which provides live seminars and on-line training insights into emerging money laundering related threats as well as on-going suggestions for new areas for investigation and testing.

It’s Not Just About Tax Avoidance


Register Today for Investigating on the InternetMay 18-19 2016 RVACFES Seminar!

The ACFE tells us that countries in virtually all parts of the world, but especially those located in the Caribbean and South Pacific, are commonly regarded as tax havens.  A tax haven is a country whose laws, regulations, traditions, and treaty arrangements make it possible for a person to reduce his or her overall tax burden. Secrecy is basically supplied by such countries in two ways.

1) Domestic bank secrecy laws: Laws which bar insight by outsiders;2) Blocking statutes: Statutes which effectively prevent the disclosure, copying, inspection, or removal of documents located in the host country in compliance with orders issued by foreign authorities.

Moreover, in many countries, legal depositions may not be taken on national territory in connection with judicial proceedings being undertaken abroad. Many countries, such as the United Kingdom, France, South Africa, Germany, Australia, Norway, and Canada have comprehensive statutes to guard their sovereignty from the extraterritorial reach of foreign authorities. Although these countries are not generally thought of as tax havens they have laws which can be used by the asset hider. In addition to asset hiding, some foreign countries have a legal, banking, or economic climate that provides an excellent site for laundering money. Historically, places such as Panama, the Cayman Islands, the Bahamas, Switzerland, and the Netherlands Antilles have been associated with hidden bank accounts, fictitious corporations, and money laundering.

The most popular off-shore jurisdictions in the news recently are:

–Cayman Islands
–Netherlands Antilles

Countries like Panama with relatively small, open economies have often embraced the financial secrecy business as a way of promoting economic development. With some notable exceptions, these countries are geographically isolated with a narrow production concentrated on a few major commodities, usually for export. This tends to make them vulnerable to adverse climatic conditions and international market development. It also limits their ability to produce an adequate domestic market, invest in an infrastructure, attract foreign direct investment, and gain access to a diversified mix of importers and exporters.

It’s important for CFE’s to understand the general concept of a financial center with regard to financial havens.  Financial centers are of two types:

–A functional center is defined as country where transactions are actually undertaken and the value added is created in the design and delivery of financial services. Examples of functional centers include New York, London, Singapore, Bahrain, and Hong Kong.
–A booking center is defined as a country where transactions are recorded but the value added involved is actually created elsewhere. Examples in this category include Panama, the Bahamas, Cayman Islands, Seychelles, and Vanuatu.

Accordingly, the ACFE classifies the tax havens of the world into four broad categories:

No Tax Havens – these countries have no income, capital gains or wealth taxes. It’s legal to incorporate and/or form a trust. The governments of these countries do earn revenue from corporate registration fees, annual fees and a charge on the value of corporate shares. Examples of “no tax” havens are the Bahamas, Bermuda, the Cayman Islands, Nauru, the Turks, Caicos and Vanuatu.

No Tax on Foreign Income Havens – These countries impose income taxes, but only on locally derived income. Any income earned from foreign sources that involves no local business activity (apart from simple housekeeping and bookkeeping matters) is exempt from taxation. There are two types of “no tax on foreign income” havens. Those that:

–allow corporations to conduct both internal and external business, taxing only the income from internal sources;
–require a decision at the time of incorporation as to whether the company will conduct local business or will act only as a foreign corporation. If the company elects the latter option, it will be exempt from taxation. If it chooses to conduct local business, it incurs the appropriate tax liabilities. Examples are Panama, Liberia, Jersey, Guernsey, the Isle of Man, Gibraltar, Costa Rica and Hong Kong.

Low Tax Havens – These are countries that impose some income tax on company income, wherever it is earned. However, most have double taxation agreements with “high tax” countries. This agreement can reduce the withholding tax on the income derived from a high tax country by local corporations. Examples of “low tax” havens are Cypress, the British Virgin Islands and the Netherlands Antilles.

Special Tax Havens – Special tax havens are countries that impose all or most of the usual taxes, but either allow concessions to certain types of companies, or allow specialized types of corporate organizations such as the flexible corporate arrangements offered by Liechtenstein. Tax havens offering special privileges for holding companies are Liechtenstein, Luxembourg, the Netherlands and Austria.

Understanding the role of tax havens, involves distinguishing between two basic sources of income:

–Return on labor
–Return on capital

The return on labor refers to earnings from salary, wages, and professional services – your work. Return on capital describes the return from investments such as dividends from shares of stocks; interest on bank deposits, loans or bonds; rental income; and royalties on patents. Placing “return on capital” income in certain tax havens can benefit the secrecy seeker. By forming a corporation or trust in a tax haven this income may become tax-free or be taxed at such a low rate that the taxation is hardly noticeable.

In the case of Panama, for example, off-shore banking and incorporation are a major source of revenue. It’s also a good country for laundering drug money through its banks. It was reported by the financial trade press some years ago that at one time $200-$300 million a month was laundered through Panamanian banks. Panama is one of the most effective off-shore havens for money-launderers, offering tremendous secrecy. As the Panama papers seem to bear out, its banking haven business has always been regarded as supplemental to its status as a tax haven.

Before asset hiders and money launderers can utilize off-shore secrecy havens, they must first establish secret off-shore bank accounts. The off-shore account provides asset protection because the existence of such an account will not readily be known by someone seeking to collect against assets. Foreign banks, regulated by their own authorities, are under no obligation to inform the fraudster’s home country bank examiners of the ownership of the accounts they hold. Even if the existence of an off-shore account does come to light, judgments from home country courts are generally invalid in foreign countries, so creditors normally have to get a judgment in the country where the account is located. This allows time for the individual to fight the action or, unless the court immediately issues an order prohibiting the transfer of assets, simply move the assets out of the account.

So why do fraudsters and others secretly move money off-shore?  Not just tax avoidance. There are many additional benefits of doing so, extending well beyond simple tax avoidance:

–Off-shore bank accounts allow an individual to invest in foreign stocks and mutual funds that are not registered with home country government agencies;
–In some instances, off-shore bank accounts offer more flexible customer options than home country accounts;
–The account can be used to profit from currency fluctuations, buy stocks from mutual funds, purchase foreign real estate, and earn the high interest rates available in many foreign countries;
–Foreign accounts are used to trade precious metals and other assets through the banking system;
–For U.S. citizens, off-shore banking income is not presently considered “subpart F income” on U.S. tax returns. The profits accumulate in the off-shore bank and are compounded free of U.S. taxes;
–Most off-shore banks allow transactions to be conducted by mail, fax, or telex.

Keeping money in off-shore bank accounts is generally considered to be a safe move. On the rare occasion when a bank fails, in most developed countries the major banks in the country will take over its business to ensure that depositors do not lose any money. Some countries even have stronger capital requirements for banks than the United States.

The off-shore financial safe haven sector constantly evolves and adds more attractive customer services over time, just like every other dynamic market place that wants to retain and grow its customer base.  To effectively investigate the role off-shoring plays in many high profile frauds, CFE’s need to realize that tax avoidance is often just the tip of the concealment iceberg.

Folding Client Business Partners into the Fraud Risk Assessment

SeattleAs regular readers of the InnerAuditor blog know, out of town members of our RVA ACFE Chapter are encouraged to submit speaker questions via e-mail for use during our live training sessions. A reader asked a series of questions related to ethical practice for our August 28, 2014 event, Ethics 2014 for CPA’s and Fraud Examiners that we’re co-sponsoring with the Virginia State Police and the President of the Tidewater Virginia Chapter of the Institute of Internal Auditors. One of the questions concerned various ethical exposures involving compliance with the U.S. Foreign Corrupt Practices Act and extending to the business partners of the CPA’s audit client. Should a CFE’s fraud risk assessment include due diligence performed on the business partners of the fraud examiner’s client? Turns out there are a number of interesting ethical and due-diligence considerations.

There is certainly such a thing as third party risk, traditionally represented only by a few key suppliers and agents, and now significantly expanded in today’s global market place by technology firms, joint venture partners, foreign stakeholders, consultants and co-marketers and a whole host of others. Joining with every one of these partner types can expose our clients to significant categories of collateral risk. An overseas consultant can pay a bribe on our client corporation’s behalf to a foreign corporation without our client even knowing it; foreign joint venture partners of one of our client’s domestic suppliers can engage in unethical behavior thereby exposing the client to significant corruption accusations and reputational risk; the client’s law firm can pay for expensive vacations for foreign officials during off-shore tax negotiations; and the list of risks and exposures can go on and on, limited only by our imaginations.

Clearly, then, the net of the CFE’s fraud risk assessment has to be cast widely enough to encompass a thorough understanding of the histories and practices of all the business partners conducting business on our client’s behalf. The recent Target corporation example of on-going data breaches facilitated by hacker use of an infrastructure and maintenance supplier to penetrate Target’s customer systems should be enough to convince any practitioner of the degree of fraud risk represented by business partners, whether ethically challenged or not. The idea that customers, agents, resellers and other parties are not part of a client’s operating or risk profile is no longer a defensible position; a new era of corporate and social responsibility (and the stepped up number of prosecutions recently undertaken under legislation like the Foreign Corrupt Act) has changed that notion forever.

I’m sure all our readers are familiar with the basic mechanics of conducting a fraud (or any type) of risk assessment by now. Although criteria may vary from one assessment to the next, each risk assessment requires the steps of information gathering, analysis and interpretation. In the case of the assessment of the degree of risk represented by third party business partners, the first step is critical; that is to schedule up a list of just who those third parties are (sometimes, in the case of medium to large companies, a daunting task in itself). After your list is complete, for each of the partners you’ve identified, see if you can document an answer for a set of questions like these:

–does your risk assessment client have a formal business contract with this partner? If so, read the contract carefully and make a copy for your work paper file;
–what requirements and rights regarding ethical compliance and anti-corruption are contained in the contract or (absent a contract) in any documentation you can obtain bearing on the exact relationship between the parties;
–does the contract include an audit clause;
–try to find out exactly who owns each listed business partner;
–as far as you can determine, has the partner disclosed to your client all the partner’s relevant third party relationships;
–have all the partner’s operating locations, foreign and domestic, been disclosed;
–does this partner have on-going litigation or governmental relationships that might create an adverse impression among the existing customers of your client or among external regulators?

Following the information gathering phase, the examiner should look for and resolve any apparent red flags involving individual and/or combined partners during the analysis and interpretation phases. Red flags can include limited information about one or more partners, inconsistent or contradictory data, and operations in politically charged locales, prior regulatory sanctions as well as connection to or ownership by politically exposed individuals. Look especially for involvement in non-domestic environments with uncertain economic or commercial requirements. The due diligence process involves fraud examiner/management evaluation of each of the key business partner risk factors identified. A table can be prepared of potential identified risks localized by partner and a remediation plan for management consideration of recommended steps management can take to address potential threats should be written.

Lastly, try to get client management to commit to performance of a formal approval process before engaging with any new, significant business partner and then for on-going review of existing partnerships as a component part of the annual Enterprise Risk Management (ERM) process.

Testing the Key to a Strong AML Program

KitchenSinkOur RVACFES Chapter virtual meeting lecture topic for July-August 2014 is ‘Money Laundering 101’.  Although the lecture (good for two CPE credits), represents a solid overview of the money laundering phenomena from the point of view of the practicing fraud examiner confronted with a real world case for investigation, one of our members has asked if we might provide a little additional guidance on CFE conducted reviews of the quality of organizational Anti-Money Laundering (AML) programs as a supplement to the lecture material.

Money laundering is the process of making dirty money look clean; it’s the conversion or transfer of property knowing it is derived from a criminal offense, for the purpose of concealing or disguising its illicit origin, or assisting any person who is involved in the commission of the crime to evade the legal consequences of his or her action.  Why is it necessary for criminals to launder their gains?  Crimes such as smuggling human beings, embezzlement, insurance fraud, bribery and drug trafficking can produce large volumes of profits and create a strong incentive to legitimize the proceeds through laundering using financial institutions.  As this month’s lecture points out, criminals attempt to use financial institutions and other legitimate conduits for disguising the source(s) of their income.

According to our parent organization, the Association of Certified Fraud Examiners (ACFE), any effective AML program should feature the appointment of a senior corporate officer responsible for ensuring that the specific risks associated with money laundering are understood, addressed and mitigated enterprise-wide.    Mitigation implies that formal policies, procedures and controls have been developed that address local anti-money laundering regulations as well as the laundering recommendations made by the Financial Action Task Force (FATF), a Paris-based intergovernmental body formed in 1989 by the Group of Seven Industrialized Nations.  In keeping with the FATF recommendations, as a fraud examiner, you should expect that the enterprise you’re reviewing has implemented a risk based approach to identify the particular laundering risks associated specifically with its clients, geography, products and delivery channels.  There should also be evidence of the client’s implementation of dynamic, rules-based transaction monitoring for purposes of identifying and reporting suspicious funds flow activity.  Finally, it’s essential that a staff training program be fully operational and that it’s been fully customized to the specific functions and activities of the business.

If the client appears to have a functioning AML program but you can’t find evidence of any program testing, you need to recommend prompt corrective action to address the deficiency.  What types of AML tests would the fraud examiner typically expect to see the client perform?  Some examples:

–The identification of cash deposits of US $10,000 or more where the required regulatory reporting has not been completed (as our July-August 2014 lecture material points out, this threshold applies to Canada and the United States but may vary in other countries);

–The AML program should test to identify transactions with countries where trade sanctions exist;

–It’s a good idea for the fraud examiner to apply some published system of industry codes (Dunn & Bradstreet, for example) to list the client’s customers operating in industries with a high association with known money laundering schemes to assess the level of enhanced due diligence performed by the AML program under review with regard to those customers/industries;

–What percentage of the client’s staff hasn’t completed AML training?

–List of client customers with missing Taxpayer Identification Numbers;

–Clients operating from P.O. boxes;

–List of wire transfers from accounts owned by governments into accounts of private investment companies and politically exposed persons;

–Are there transactions processed for clients who reside in sanctioned countries like Cuba or Iran?

But the performance of actual tests is only half the battle.  Testing should be repeated according to a defined schedule and the results included, by severity level, in a formal report distributed to the business owners and senior management.  The most material of findings would represent test results representing issues where there are no present compensating controls in place for deficiencies that directly contravene local, State or Federal laws.  Medium level findings would encompass those issues that management feels are material, but some contravening controls are presently in place.  Low level risk test findings are minor control weaknesses whose correction may or may not be considered.  The test results severity levels are useful for assigning an overall performance rating to the organization’s AML program.

As with all such risk based approaches, the AML program should include a defined process to ensure that corrective action plans are expeditiously implemented in accordance with management committed completion dates.  As with all deficiency findings, responsibility for ensuring that corrective action is undertaken timely rests with the business or process owner.

Fraud examiners are strong candidates to conduct functional analysis of AML systems; our work can provide client management with the necessary intelligence to proactively manage identified AML system deficiencies and control the associated risks.  For more information, Chapter members should see this month’s virtual lecture.

Deep in the Bitcoin Soap Suds

Washing-MachinesChatting with Laura Marshall, the money laundering expert from Hunton & Williams who spoke at our Fraud & Technology Seminar last week (Bitcoin: The Liberty Reserve Indictment), brought home to me, once again, the fact that money launders are among the most innovative and resourceful of fraudsters, ceaselessly searching for novel ways (like employing the laundering potential of new on-line currencies like Bitcoin) to practice their trade.  Compounding the problem of the technological creativity of this category of fraudster is the remote likelihood of indicia of money laundering even showing up in the course of a routine financial statement audit.  I thought it might be helpful to our Chapter members and to readers of this blog to indicate some of the unique skills and perspectives necessary to successfully investigate money laundering and identify some of the potential red flags a financial or other auditor may encounter if money laundering transactions are taking place.

As Laura emphasized in her excellent presentation, money laundering is the crime or activity of moving funds of illicit origin; anti-money laundering (AMI) refers to formal  and informal systems and controls designed to  prevent or frustrate attempts to launder money and to report incidents of money laundering when they are suspected or detected; it follows from this that for institutions like banks, which are in the business of holding and facilitating the flow of funds, AMI constitutes a primary  focus of attention.  Even though fraud and money laundering are both crimes based on deception, they shouldn’t be confused; money laundering is a process undertaken by or on behalf of criminals with the object of hiding or disguising their criminal activities and the origin of their illicit proceeds.  The goals of the money launderer are achieved through a series of financial transactions, sometimes involving a number of countries and institutions and typically through a variety of financial products; it’s historically so hard to detect because so many auditors (financial and otherwise) know so little about its actual mechanics and, therefore, don’t really know what to look for when they suspect its presence.

The typical scheme unfolds in three distinct stages; placement, layering and integration.  Of these three, the first is the riskiest for the fraudster as she tries to introduce the proceeds of crime into the wider financial system;  banks have been the traditional vehicles for this introduction but in recent years, under the impact of intense governmental regulation,  banks have hardened their controls to the point where fraudsters now concentrate their efforts on the infiltration of cash-intensive businesses  like restaurants or sports clubs which provide plausible cover for the constant movement of large amounts of cash. The contrast with financial fraud is clear in that a financial fraud may not have a placement stage since the funds targeted by the financial fraudster may already be on deposit somewhere in the financial system, for example, in the case of an embezzlement scheme perpetrated by a corporate financial executive.

Assuming that the cash is successfully introduced into the financial system, the second step,  layering, can take place which is a series of related transactions undertaken for the purpose of obscuring the origin of the funds by obliterating any audit trail; the way to accomplish this (and something a fraud examiner or financial auditor can readily test for) is to move the funds between financial products, between institutions and even jurisdictions.  Account and fluctuation analysis can be used by the auditor to identify the type of continuous account churning associated with a suspected money laundering scenario.   Once the layering process is completed, integration begins; the funds now have a veneer or respectability and can be integrated back into the economy by being invested, loaned or spent.   In a typical fraud, the scenario applied by the fraudster usually results in the loss or disappearance of assets or revenue; as a result of layering activity, however, significant revenue may be generated for the business because the company can charge fees for the transactions that permit the illicit proceeds to be distanced from their sources.

So, if you suspect money laundering may be occurring, as an auditor or fraud examiner, what do you look for?  Certainly, such red flags as, unusual cash transactions, excessive cash transfers into and out of bank accounts, and frequent deposits or withdrawals just below bank reporting thresholds.

More specifically, regarding tone-at-the-top, does the operation generally lack a strong control environment; generally this is frequently coupled with a lack of a compliance function of any kind (there is no one the management answers to).  Also, if there’s no evidence of a formal, enterprise-wide ethical charter or employee  standard of conduct accompanied by staff training and, if there’s no internal audit compliance program, you could have an environment ripe for this type of abuse.

Take a look at previous examiner’s or auditor’s reports citing compliance problems, control deficiencies, or concerns over management’s competence or integrity.  Very telling for this type of review is significant revenue stemming from or assets and liabilities associated with high risk jurisdictions like the Cayman Islands and other venues associated by the public  with the concealment of assets.  Also look for abnormally high electronic funds transfer activity from and to these types of venues.  I’ve personally found that a lack of background checks on new employees is a telling measure coupled with infrequent or non-existent reviews of security software and related systems.

The mechanics of conducting a money laundering investigation are beyond the scope of this post, but data-mining software is often used in fraud investigations generally to identify relationships or anomalous transactions within any data under review.  Data mining can be used in money laundering investigations as well to uncover suspicious transactions, suspicious relationships between accounts and questionable entities.

Richmond ACFE Chapter Meeting Lecture – 1/15 2013 – Understanding Money Laundering

BaldEagle2Every two weeks the Central Virginia Chapter of the Association  of Certified Fraud Examiners (ACFE) presents a lecture on a topic related to the practice of fraud examination and/or forensic accounting.  These lectures are presented primarily for the benefit of Chapter members but are open to all with a general interest in improving the practice of auditing and fraud examination.

Members of the Central Virginia Chapter will have received an e-mail notifying them that the bi-weekly lecture is available at this site; the e-mail contains three questions which must be answered and returned for the award of one hour of continuing education credit.

If you are an audit professional or a student and would like to listen to these lectures as a Richmond Chapter member for continuing education credit, please visit our website at  and join our Chapter on-line by clicking on the first picture of a set of scales, registering as a site user and paying $15.00 annual dues.  We offer at least 20 hours of continuing education credit on fraud related topics for the one time annual fee.  You don’t have to be a resident of the Richmond area or even of Virginia to join… we have members all across North America.

This week’s lecture is fifty-five minutes in length, on the topic of Understanding Money Laundering.