Professional Documents
Culture Documents
Visit ACFE.com/CFE to learn how you can earn your CFE credential.
Contents Volume 38, No. 1, January/February 2023
COVER STORY
The Medicare disadvantage —
How insurers game the system
14
and commit fraud
By Paul Kilby
FEATURES
Build it right, and they will come 6 FRAUD IN THE NEWS Jonathan E. Turner, CFE, CII, chair; Jane Amling, CFE, FCA; Em-
manuel A. Appiah, CFE, CPA, CGMA, CFF; Johnnie R. Bejarano,
By Vincent M. Walden, CFE, CPA 8 DBA, CFE, CPA, CGMA; Richard Brody, Ph.D., CFE, CPA; Jeimy J.
Cano, Ph.D., CFE, CAS; Courtney Castelino, CFE, CPA, CA, CBV,
CFF; Franklin Davenport, CFE; Chris Dogas, CFE, CPA; David J.
Clements, CFE; Peter D. Goldmann, CFE; Katya Hirose, J.D., CFE,
FRAUD BASICS CAMS; Robert Holtfreter, Ph.D., CFE; Sezer Bozkus Kahyaoglu,
Preventing fraud through CFE; Thomas Cheney Lawson, CFE, CIA; Philip C. Levi, CFE, CPA,
due diligence
FCA; Robert Loh, CFE, CFCS, CIRA; Larry Marks, CFE, CISA, PMP,
CISSP, CSTE; Dorothy Riggs, CFE; Elisabeth Rossen, MBA, CFE,
MAcc; Daniel Semick, MPA, CFE, CGFM; Katharina Shamai, CFE,
By Mandy Yousif, CFE 10 CIA, CA, IIA; Herbert Snyder, Ph.D., CFE; Stéphane Vuille, CFE, PCI
2022-2023 Board of Regents
Bruce Dorris, J.D., CFE, CVA, CPA; Jeanette LeVie, CFE;
CASE IN POINT
Wendy Evans, CFE; Alexandra Sagaro, MSS, CFE, Collins
Better together Wanderi, CFE; Hannibal “Mike” Ware, CFE; John Warren,
J.D., CFE; Chrysti Ziegler, CFE
By Raina Verma, CFE 58 Fraud Magazine (ISSN 1553-6645) is published bimonthly
65 ACFE NEWS by the Association of Certified Fraud Examiners, 716 West
Avenue, Austin, TX 78701-2727, USA. Periodical postage
CAREER CONNECTION paid at Austin, TX 78701 and at additional mailing offices.
‘The devil made me do it’ Postmaster — Please send address changes to:
Fraud Magazine | ACFE Global Headquarters
and other unethical 716 West Avenue | Austin, TX 78701-2727, USA
behavior rationalizations (800) 245-3321 | +1 (512) 478-9000
Fax: +1 (512) 478-9297
By Donn LeVie Jr., CFE 62 Subscriptions
ACFE members: annual membership dues include a reg-
ular one-year subscription. Printed subscription rates for
ACFE NEWS 65 66 TAKING BACK THE I.D. libraries and organizations are available upon request.
Membership information can be obtained by visiting
ACFE.com, emailing MemberServices@acfe.com or by
calling (800) 245-3321, or +1 (512) 478-9000. Change of
TAKING BACK THE I.D. address notices and subscriptions should be directed to
Fake Geek Squad scams and what Fraud Magazine. Although Fraud Magazine may be quot-
ed with proper attribution, no portion of this publication
to do if you fall victim to credit may be reproduced unless written permission has been
obtained from the editor. The views expressed in Fraud
card fraud Magazine are those of the authors and might not reflect
the official policies of the Association of Certified Fraud
By Robert E. Holtfreter, Ph.D., CFE 66 Examiners. The editors assume no responsibility for
unsolicited manuscripts but will consider all submissions.
Contributors’ guidelines are available at Fraud-Magazine.
com. Fraud Magazine is a double-blind, peer-reviewed
I’M A CFE publication. To order reprints, visit Fraud-Magazine.com/
Kathryn Wilson, CFE reprint or email reprints@fraud-magazine.com.
© 2023 Association of Certified Fraud Examiners, Inc. “ACFE,” “CFE,” “Certified
By Jennifer Liebman 68 Fraud Examiner,” “CFE Exam Prep Course,” “Fraud Magazine,” “Association of
Certified Fraud Examiners,” “Report to the Nations,” the ACFE Seal, the ACFE
Logo and related trademarks, names and logos are the property of the As-
CPE QUIZ 70 68 I’M A CFE - KATHRYN WILSON, CFE sociation of Certified Fraud Examiners, Inc., and are registered and/or used in
the U.S. and countries around the world.
A HOUSE OF CARDS
When Andrew Smith rented a house in
Cambridge, U.K., he immediately set about
trying to sell the three-bedroom property
through a fake online real estate company.
In November, Smith received a 2 1/2-year
VICTIMS SCAMMING VICTIMS jail sentence for his fraudulent scheme.
Police nabbed Smith after neighbors
While many fall victim to fraud scams, to get them to invest in crypto and alerted a prospective buyer that the house
it’s rare that the scammers themselves are trading scams. was rented. The buyer contacted the letting
victims. But that’s what’s been happening In August last year, 40 Vietnamese agents who in turn reported the fraud to
in Southeast Asia, where tech workers workers narrowly escaped a casino in law enforcement.
are being conned into working for Cambodia’s Kandal province, and in To decorate the house, Smith had
cybercrime rings. September, the Indian government rented furniture from a company that
Lured by fake high-paying job issued an advisory against the fake provides furniture for showrooms. The
offers, thousands of young Asian tech job offers targeting young IT workers. unsuspecting buyer almost parted with
workers have arrived on job sites only (See “Cyber criminals hold Asian tech 400,000 pounds in what one police con-
to find crime syndicates confiscating workers captive in scam factories,” by stable described as an “almost unbeliev-
their phones and passports, demanding Anuradha Nagaraj and Nanchanok able and truly brazen crime.” (See “Man
ransom fees and threatening violence. Wongsamuth, Reuters, Nov. 1, 2022, jailed for trying to sell someone else’s
Criminals hold tech workers captive tinyurl.com/37xkjscv; “Inside The house,” by Debbie Luxon, Independent,
in converted casinos in Cambodia, Crypto Human Trafficking Rings In Nov. 9, 2022, tinyurl.com/3r25r2nw.)
and economic zones in Myanmar and Myanmar, Cambodia & Laos,” by Suprita
Laos, and train them in the art of online Anupam, Inc 42, Oct. 24, 2022, tinyurl.
cryptocurrency scams. com/ceymxurf; and “‘I was a slave’:
A favorite scam is “pig butchering,” Up to 100,000 held captive by Chinese
which involves building trust with cybercriminals in Cambodia,” by David
victims over social media apps and Pierson, Los Angeles Times, Nov. 1, 2022,
developing fake romantic relationships tinyurl.com/9jacz4t3.)
DOJ CLOSES BOOK ON ONE A 58-year-old woman received a 10-year prison sentence in October for masterminding
OF U.S.’S BIGGEST-EVER what a Homeland Security agent called one of the biggest marriage fraud conspiracies in
MARRIAGE SCAMS U.S. history — a scam that brought in a total of $15 million for the fraudsters, according
to the U.S. Department of Justice.
Ashley Yen Nguyen was the ringleader of a group that charged Vietnamese nationals
$50,000 to $70,000 to find a spouse in the U.S. and fraudulently obtain permanent resident
status in the country. Operating out of the Southwest Houston area, the group organized
over 500 sham marriages, using fake wedding albums and fabricated details about the
couples’ relationships to appear legitimate during interviews with immigration officials.
Nguyen regularly offered U.S. citizens $15,000 and $20,000 in installments to act
as spouses but rarely paid them the full amount. She also used mass marketing to reach
her audience, advertising the scheme through recruiters and Facebook. (See “Ringleader
sentenced in immigration scam that offered fake marriages for $70,000,” DOJ, Oct. 27,
2022, tinyurl.com/mu5kc84y.)
T
oday’s world is fraught with director at consulting firm J.S. Held
geopolitical sanctions, fraud, COLUMNIST LLC, tells Fraud Magazine.
corruption and cyber warfare, VINCENT M. “However, firms are constantly
and fueled by rapidly emerging tech-
WALDEN, CFE, CPA faced with resource allocation chal-
CEO KONA AI
nologies that continue to change how lenges, wrestling with decisions to hire
we approach business and risk mitiga- more technical experts and/or invest
as the “innovation funnel” to innovate
tion. Companies large and small are in licensing technology solutions that
and create new anti-fraud products. (See
enduring a costly, but necessary, shift will gain them a competitive differen-
tinyurl.com/27b4met9.) The framework
to digital, while transitioning opera- tiator and ROI [return on investment].
walks through six phases summarized
tions to the cloud and scrambling to With the flood of technology companies
as follows:
hitting the market in recent years, the
protect their systems from intrusion.
1. Ideation: Brainstorming market and timeless debate over whether to build
With change comes risks, which is why
client needs and services. your own technology infrastructure or
companies often look to anti-fraud and/
2. Evaluation: Frequent yet short buy/outsource has become more critical
or forensic technology professionals
meetings to narrow down the list of than ever.”
to help them build the preventive and
options. Feinstein says that building soft-
detective anti-fraud controls needed to
3. Acceleration: Selected proof of con- ware solutions from scratch, or “pro-
protect their business and align with
cept is designed and modeled out, ductizing,” can be a dangerous game for
regulatory expectations.
and more research is gathered. professional services firms, which need
In many cases, companies turn
to adapt nimbly to their clients’ chang-
to professional services firms that can 4. Incubation: Solutions are tested in
ing needs. Challenges facing today’s
add additional horsepower (like more a pilot environment in development
companies may quickly become yester-
CFEs) to their risk mitigation objectives sprints, and solutions are compared.
day’s news, leaving what seemed to be
or assist with an internal investigation 5. Iteration: Finalizing activities and
the next big thing collecting dust on the
or litigation matter. This often includes plans to roll out the new service or
proverbial shelf. Take the Cambridge
specialized forensic technology solu- solution.
Analytica scandal from 2018, when re-
tions where professional services firms 6. Launch: New service offering or ports revealed that the political consult-
can really go deep. However, yesterday’s product is launched in the market. ing firm had harvested Facebook data of
innovation is today’s norm. What was While the above framework can be millions of people without their
relevant a few years ago may not have helpful in spurring innovation, there are consent to support the 2016 presiden-
the same market need as today’s fraud still many questions a professional ser- tial campaigns of Ted Cruz and Donald
risk or investigative technologies. vices firm needs to consider, especially Trump. (See “How Cambridge Analytica
That’s why professional services firms, when it comes to technology. Sparked the Great Privacy Awakening,”
especially leading mid-to-large firms by Issie Lapowsky, Wired, March 17,
and the Big Four, are constantly seeking Buy vs. build in-house 2019, tinyurl.com/yc55vu5k.) Executives
to innovate new fraud risk manage- “There’s no disputing the fact that across the globe scrambled to ensure
ment solutions and technologies to stay professional services firms, particularly their customer data was secure from
relevant with their clients. in forensic accounting, need to invest third-party misuse, spurring consulting
In Fraud Magazine’s January/ in technology infrastructure, cutting- firms to respond expeditiously to assess
February 2019 edition of “Innovation edge anti-fraud software, and superior third-party risk and identify data misuse
Update,” I collaborated with my friend talent to be able to provide high-quality through automated solutions. But by
Eric Johnson, managing director at EY, client service and remain ahead of the the time the ink dried on many engage-
to apply a common framework known competition,” Ken Feinstein, managing ment agreements, much of the buzz
organization’s behalf. The vendor especially for databases that feature document to ensure the search was
may be reputable, but some employ- several sections. For instance, Cana- conducted properly.
ees may lack the necessary skills for dian Securities Commission databases Knowing exactly with whom you’re
the job. This is especially problem- vary across all provinces and territo- partnering is not only a good business
atic when the investigation has been ries; some of these databases contain practice, but also a legal and ethical
delegated to junior employees with no over 20 sections with specified search necessity.
oversight from management. criteria. Fraud prevention starts with
• Interview the vendor and inquire • Become familiar with foreign records adequate due diligence procedures and
about its industry knowledge, and and ensure that the vendor provides strategies. Regardless of the jurisdic-
independently verify its credentials. clarification on the purpose of each tion, it’s best to conduct rigorous due
Don’t simply trust all information search. diligence on third-party associates to
found on the vendor’s website. • Request sample reports from multiple ascertain their integrity, financial via-
• Request a proposal prior to engaging vendors for comparison. bility, and legal and ethical compliance.
the vendor. The first red flag is when • Consider retaining a second vendor Knowing that fraud can take many
the vendor immediately accepts a for further verification and com- forms and cause extensive damage, it’s
client’s proposed request without parison. This is highly recommended easier, and less costly, to prevent and
providing any recommendations, ad- when selecting a new vendor. It en- mitigate the risks of fraud than it is to
ditional areas of inquiry, or delivering sures that old vendors are providing detect it. ■ FM
its own proposal. accurate results.
• Ensure that the vendor is trained • Don’t assume that the vendor’s reports Mandy Yousif, CFE, is COO and partner
to use databases and remains up to are always free of error. at consultant Specialty Risk & Intelli-
date with the changes and security • Don’t accept “no record” for an answer gence Services (SRIS). Contact her at
features. This is extremely important, and request a copy of the actual Mandy.Yousif@sris.ca.
ACHIEVING EXCELLENCE
WITH A GLOBAL VISION
OUR OFFERINGS
Forensic Investigation Due Diligence
Hard Disk Imaging Background Checks
Anti Counterfeit operations Physical Security consulting
Cyber Security Dark Web Monitoring
Online Monitoring Training and Certifications
Offices: UA E | S ri L a nk a | Si ng a p or e | I nd i a
OUR PRESENCE { India Offices: Del hi | M um b a i | B eng a l ur u | Chenna i | H y d er a b a d | Kol kat a
2 G / 2023 G CO
More details: info@netrika.com | www.netrika.com | +91 97152 4711713 | +91 98710 93338
Online Self-Study CPE Course
Merchandise
Sling the bag over your shoulder using In this self-study course, learn from 10 infamous
the removable and adjustable shoulder fraud cases to better protect your clients, employers
strap or use the double carrying handles.
and the general public from similar schemes. Fraud
CPE Credit
cases include the WorldCom scandal, Madoff’s Ponzi 4
scheme and the Fédération Internationale de Football
Features Association (FIFA) scandal.
$79.20 Members
$99 Non-Members $135.20 Members / $169 Non-Members
By Paul Kilby
Illustrations by Jonathan Bartlett
BACKGROUND INVESTIGATIONS
EMPLOYEE INTEGRITY DUE DILIGENCE
VENDOR AND 3RD PARTY SCREENING
PERSONNEL VETTING & PRE-EMPLOYMENT SCREENING
COMPLIANCE SOLUTIONS
INVESTIGATIVE DUE DILIGENCE
INTEGRITY DUE DILIGENCE
CORPORATE SECURITY & RESILIENCE
THIRD-PARTY RISK ASSESSMENT
ANTI-MONEY LAUNDERING
Partners to TRUST
BUSINESS
INTELLIGENCE
MARKET RESEARCH & ANALYSIS
COMMERCIAL INVESTIGATIONS
INVESTIGATIVE RESEARCH
ANTI-CORRUPTION & REGULATORY INVESTIGATIONS
ASSET SEARCH AND RECOVERY
FRAUD RISK INVESTIGATIONS
INSURANCE INVESTIGATIONS
IP INFRINGEMENT INVESTIGATIONS
TRAINING
INTERNAL INVESTIGATIONS & CONFLICT OF INTEREST
FINANCIAL INVESTIGATIONS
future health care costs per patient. For “Evaluating Medicare Advantage Value- Fraud,” Whistleblowers International,
example, a person with cancer will get Based Contracts,” American Medical As- 2022, tinyurl.com/ycx5e427; and “What
a higher number than a person who has sociation, 2019, tinyurl.com/2p85fc2x.) Are MACRA and MIPs?” by Max Freed-
some hypertension, qualifying the insurer In contrast, traditional Medicare has man, Business News Daily, updated June
for a higher payment amount for the sicker typically worked on a fee-for-service (FFS) 29, 2022, tinyurl.com/bddtexfs.)
patient. But a patient who has had cancer basis, where a doctor will bill Medicare “Traditionally health care fraud has
and recovered with no need for treatment for separate, unbundled services, such been linked to the (upcoding) of CPT
shouldn’t bump up risk scores for that as an office visit or specific medical pro- codes,” says Jacqueline Bloink, CFE, who
year. Each year the process starts anew. cedures. Doctors use current procedural runs a health care compliance consult-
(See “Hierarchical Condition Category terminology (CPT) and other codes to bill ing firm. “For example, maybe a doctor
Coding,” AAFP, tinyurl.com/2wjku2y5; for a particular medical or surgical service is billing as if they performed the service
“Medicare risk adjustment,” foresee Medi- rendered. Critics say this payment sys- in an ambulatory surgical center when
cal, tinyurl.com/y62tvnrs; and “Managed tem incentivizes physicians to “upcode” they really did it in their office. There is a
Care Fraud,” Whistleblower Law Collabora- — offer as many treatments and services place-of-service code, and the ambulatory
tive, tinyurl.com/2hpevut5.) as possible to garner more fees, often in surgical center pays more money than the
The idea is that the CMS ensures pay- fraudulent ways. And the U.S. Congress office-based setting.”
ments cover the costs of the beneficiaries has endeavored to change this, most re- Cast against FFS, Medicare Advan-
most in need and in theory stop the in- cently through an abstrusely titled piece tage’s reimbursement system certainly
surance companies from profiting by just of 2015 legislation called Medicare Access has its merits. One lump payment per
enrolling the healthiest Americans. The and CHIP Reauthorization Act (MACRA), year with the dollar amount dependent
system is more akin to what the health designed to reward physicians for the qual- on the severity of the diagnosis arguably
industry calls value-based care, which ity rather than the amount of health care eliminates the temptations to commit the
is supposed to encourage higher they provide. (See “What Is CPT®?” AAPC, type of fraud that comes with traditional
quality care through bundled ser- Dec. 15, 2021, tinyurl.com/3ec57dn4; per-service Medicare payments. And, as
vices and smarter spending. (See “Upcoding — Health care and Medicare Bloink points out, it’s arguably also easier
"
a couple of paragraphs on special in- doctors] who are committing fraud
vestigative units (SIUs) and provider There are good arguments for through upcoding; now you have
profit-motivated insurance compa-
investigations.
Rubenstein, who started his
capitated payments [in Medicare nies getting as many capitation fees
as they can,” says Samuel May, J.D.,
career as a senior special agent for Advantage], but suddenly it's not CFE, a research specialist at the ACFE
the U.S. Department of Health and
Human Services Office of Inspector so much the providers who are and a former investigations consul-
tant at UnitedHealth Group. “You are
General, has a similar take. committing fraud through upcoding; adding an extra layer of complexity
“When I was first hired as an between the doctors and those re-
agent in 1997, there was the belief now you have profit-motivated sponsible for oversight.”
"
that there was no fraud (in what were The process is vulnerable to
then Medicare private plans) because fraud not only because it’s complex
the patients are getting the servic- many capitation fees as they can. but the sheer volumes of data — not
es they need,” Rubenstein says. “It to mention the multitude of Medi-
care Advantage plans — can make it
doesn’t matter if the patient sees the
doctor one time or a hundred times,
- Samuel May, CFE easier to miss wrongdoing. Accord-
ing to KFF, a nonprofit organization
the payment was what it was. But as
focused on U.S. health care, 3,834
time went by the spotlight has great-
Medicare Advantage plans were
ly shifted to the payer side, which is
available for enrollment in 2022 — more than any other previous
where we see the lawsuits with Anthem and Cigna and Kaiser.”
year — with more than 26 million people already enrolled. (See
In reality, experts like Mark Starinsky, CFE, were already “Medicare Advantage 2022 Spotlight: First Look,” by Meredith
seeing problems through the use of so-called Adjusted Commu- Freed, Anthony Damico and Tricia Neuman, KFF, Nov. 2, 2021,
nity Rate Proposals that managed care organizations were using tinyurl.com/2ukaenr8.)
to identify the health services they would provide to Medicare “When it comes to the validity of the claims data that is fed
members and the estimated costs. Plans would enroll a patient back to CMS, I think that is probably where there are problems.
with a risky diagnosis and then disenroll them once CMS had You are dealing with so much data,” says Beach. “Part of the
accepted their proposal, says Starinsky, who used to audit those problem is just the volume of it all, and there are thousands of
plans and is now senior product manager of U.S. health care at different Medicare Advantage plans. Just the oversight of that
Shift Technology. (See “U.S. Targets HMO Fraud In Medicare and is tremendous.”
ways to use technology to bend diagnostic targeting a data miner for this kind of Lareau, Forbes, Innovation, Aug. 19, 2022,
code results in their favor. fraud. [See “The DOJ Says A Data Mining tinyurl.com/2p83k5jw.)
In late 2021, the DOJ accused Kaiser Company Fabricated Medical Diagnoses To “The government has increased its
Permanente, a California-based managed Make Money,” by Fred Schulte, NPR, Sept. oversight in this area and that will con-
care consortium, of defrauding Medicare 14, 2021, tinyurl.com/5dpwsft5 and court tinue to happen,” says Starinsky, a former
of $1 billion by submitting inaccurate diag- document, case no 12-CV-0299(S), Sept. 13, senior auditor for the U.S. Department
nosis codes through the Advantage Plan. 2021, tinyurl.com/ax4vpm69.] of Health and Human Services Office of
The company allegedly used algorithms to Inspector General. (See “Justice Depart-
data mine and identify high-value codes ment’s False Claims Act Settlements and
and “then determined the diagnoses its TURNING THE SPOTLIGHT ON Judgments Exceed $5.6 Billion in Fis-
cal Year 2021,” DOJ, Feb. 1, 2022, tinyurl.
doctors would need to make to support
the [codes] Kaiser wanted to submit for INSURER FRAUD com/4zeecmvz and “Petition for a writ
Medicare reimbursement,” according Governmental and medical experts are of certiorari,” U.S. Supreme Court, Feb. 2,
to the court filing. The company alleg- increasingly sounding the alarm about this 2022, tinyurl.com/54fw6bs8.)
edly used high-pressure tactics. Doctors’ type of fraud, and the DOJ says it has made The DOJ has enjoyed some successes.
compensation was allegedly tied to report investigating and litigating wrongdoing In 2021, Sutter Health agreed to pay $90
cards based in part on their responses to in the Medicare Advantage Program, also million to settle allegations that it had
data-mining results. And Kaiser allegedly known as Medicare Part C, a top priority as knowingly submitted unsupported di-
asked those doctors who disagreed with more whistleblower cases come to light. agnosis codes and failed to correct them.
algorithmically induced diagnoses to meet (See “DOJ and OIG ramp up enforcement Data mining and high-pressure tactics
one-on-one with “data quality trainers” of risk adjustment coding: 5 compliance also allegedly played an important role
and attend mandatory meetings called tips for providers,” by Nicole Jobe and Cath- in this case. (See “Sutter Health and Af-
“coding parties” to reassess their views filiates to Pay $90 Million to Settle False
erine Feorene, Thompson Coburn LLP, Jan.
on diagnostic results, according to court Claims Act Allegations of Mischarging
27, 2022, tinyurl.com/yyk7tx43; “Medicare
documents. (See “United States ex rel. the Medicare Advantage Program,” DOJ,
Advantage Upcoding, Overpayments Re-
Osinek v. Permanente Med. Grp.,” case- Aug. 30, 2021, tinyurl.com/2p9b55uz and
quire Attention,” by Paul N. Van de Water,
text, May 5, 2022, tinyurl.com/2p96e3ue court documents, March 4, 2019, tinyurl.
Center on Budget and Policy Priorities, off
and “Kaiser Permanente Defrauded Medi- com/2p986j7w.)
the charts, Oct. 30, 2018,
care of $1 Billion, DOJ Alleges,” by Lydia
tinyurl.com/3vjme2z5;
Wheeler, Bloomberg Law, last updated Oct.
and “The Coming Ex-
26, 2021, tinyurl.com/2p843bkw.)
plosion Of Medicare
Other health care providers are also
Advantage Fraud And
allegedly using data mining to these ends.
In 2021, the DOJ alleged that New York- Penalties,” by David
based Independent Health, and an affiliat-
ed medical analytics company, DxID, used
unsupported risk codes to scam the Medi-
care Advantage Program. This marked
the first civil suit by the U.S. government
By
Sheryl Goodman
and
Tom Caulfield, CFE
Organizations need to buy goods and services.
Fraudsters love to target faulty procurement
systems because that’s where they can find
fantastic amounts of cash. But you can impede
integrity breaches with dynamic data analytics.
A
s protests raged in Chile in 2020 over the cost of liv- procurement because that’s where the cash is, and safeguards
ing and inequality, the government sought to procure are often lacking.
body cameras for the police to monitor events on the In fiscal year 2020, the U.S. federal government spent more
ground. After going through a public bidding process, than $665 billion on contracts — an increase of over $70 billion
U.S. telecommunications equipment provider Motorola Solutions from fiscal year 2019. Half of this increase, or $35 billion, is at-
won the business to supply 300 cameras at a cost of close to 400 tributed to spending on medical supplies and pharmaceuticals to
million Chilean pesos, or about $340 each at today’s exchange treat COVID-19 patients, among other things related to COVID-19.
rate. Soon thereafter, those involved in the bidding process found [See “A Snapshot of Government-Wide Contracting For FY 2020,”
themselves under investigation for irregularities. According to U.S. Government Accountability Office (GAO), June 22, 2021,
the local press, government officials accepted Motorola’s bid tinyurl.com/22destye.]
even though the company submitted its offer on the electronic In 2018, the U.S. Department of Defense (DOD) reported to
procurement portal outside the hours stipulated by the bid rules.1 Congress that over $6.6 billion had been recovered from defense-
In early 2021, the scandal intensified after Chile Compra, the contracting fraud cases from fiscal years 2013 through 2017. In
entity that runs the electronic procurement portal — known un- 2020, the DOD Office of Inspector General reported that roughly
der its Spanish name Mercado Público — revealed that Motorola’s one in five of its ongoing investigations are related to procure-
cameras had failed to meet some basic requirements — namely ment fraud. (See “DOD Fraud Risk Management: Actions Needed
an ability to keep recording for at least 120 seconds after being to Enhance Department-Wide Approach, Focusing on Procure-
turned off. ment Fraud Risks,” GAO, Sept. 20, 2021, tinyurl.com/ycycz3xu.)
The intense scrutiny over the bidding process (and what may Violators breach procurement integrity — honest, fair, im-
seem like a storm in a teacup for some) reflects Chile’s serious- partial, transparent and legal contracting — by deliberately and
ness in tackling corruption and its efforts to clean up its pro- covertly abusing established contracting procedures, policies
curement process with the help of technology. In the late 1990s, and requirements. Some examples of breaches are the improper
Chile created what was then a first-of-its-kind electronic portal acceptance of late vendor bids, biased technical evaluations dur-
for procurement to improve the efficiency and transparency of ing bid scoring, needlessly long delays in contract negotiation or
public spending. It’s been updating the system ever since. The awards, unnecessary limiting of solicitation periods, approving
electronic public marketplace brings together all those involved uncalled for contract modifications and competitors submitting
in the procurement process onto one easy-to-find platform.2 complementary bids.
This case represents how entities — public or private — Rule breakers who cause breaches don’t always commit con-
can detect and eventually prevent public procurement integrity tract fraud. For example, some internal employees who knowingly
breaches via data analytics and other types of technology. Other violate procurement policies or guidance might believe estab-
countries around the world have also set up systems that use lished requirements are unnecessarily or overly burdensome.
technology to catch procurement fraud. (See sidebar on page 31.) Others might think they’re helping their organizations when they
These breaches, a major risk to organizations worldwide, perform their contract breaches. (See “Five personality faces of
can result in unnecessary financial losses, reputational dam- procurement fraud risk,” by Tom Caulfield, CFE, CIG, CIGI; and
age, contract delays and even contract terminations. Corrupt Sheryl Goodman Steckler, CIG, CIGI, Fraud Magazine, November/
officials and internal and external fraudsters love to target public December 2017, tinyurl.com/skw4crfb.) Of course, these breaches
are inexcusable, but some well-meaning employees might per- web design solicitation with just three bidders could be flagged
form them because of lack of training. as suspicious.
Regardless, organizations can greatly reduce procurement
breaches by using robust data analytics and continuous monitor- Triangulation
ing software. Now it’s no longer a question of how technology Triangulation is the use of multiple search conditions to identify
can ensure procurement integrity, but what are the best ways to a single procurement integrity risk. The number of conditions
incorporate data analytics into our procurement integrity control and specific triangulation methods will depend on available
systems? (A procurement integrity control system is the aggregate data and the ability to group procurement integrity risks into
of the people, processes, procedures and management systems similar categories.
that are designed to provide reasonable assurance regarding For example, if your analytics is monitoring the total number
the prevention, detection, reporting and capability to respond of sole-source contracts (also called directed procurements) by
to procurement abuse, procurement fraud or noncompliance procurement departments and it identifies one unit noticeably
higher by percentage than the others, is that in itself a procure-
with procurement policy.)
ment integrity risk? (As the name indicates, a sole-source contract
is procurement through solicitation of a proposal from only one
Ways to perform
source.) What if the same analytics also included an additional
searches for breaches
search requirement for any sole-source contracts containing a
Open Contracting Partnership (OCP) is an independent, not-for-
modification within 30 days after the award — when 30 days is
profit spun out of the World Bank promoting open and transparent
considered abnormal? If these two analytical results are com-
government contracting worldwide.
bined, would it now increase the level of accuracy in identifying
An OCP global literature review showcased a wide and some-
a more accurate procurement integrity risk?
times inconsistent view on the most effective ways to perform
If a third search condition is also added — such as the per-
analytical searches for questionable breaches in procurements.
centage of increase in the dollar value of the sole-source contract
(See “RED FLAGS for integrity: Giving the green light to open over its period of performance — we’d surmise that the higher the
data solutions,” OCP, tinyurl.com/4rzzjwm9.) However, three percentage, the greater the risks. By adding more search condi-
common points of agreement were identified: tions, we increase the ability to identify procurement integrity
• The need to contextualize. risks more effectively.
• The need to incorporate triangulation.
Data quality and quantity
• The importance of data quality and quantity.
The quality and quantity of available data directly impacts the
(See “G7 commits to open and participatory public procure-
ability to contextualize and triangulate. Quality in, quantity out
ment reforms essential to ensure trillions of dollars for recovery
(QIQO) means that the value of data input influences the value of
aren’t wasted,” Open Contracting Partnership, Sept. 10, 2021,
the results’ output. In practice, it means that if the data going into
tinyurl.com/bp7zcvb7.)
an analytical model is clean and of sufficient size, the resulting
work done by the model will be accurate. Creating data analytical
Contextualize searches to identify procurement integrity is challenging enough;
Organizations need to develop effective procurement integrity doing so with a data sample that’s limited in scale and scope could
data analytics in the right context. To illustrate, what’s a “short” exacerbate miscalculation and identification of false breaches.
or “long” period for a given procurement task or an “abnormally Data availability is also critical. Quick, easy and reliable
high” or “abnormally low” cost? The answer relies on several access to automated data is, of course, the single most relevant
specific factors, such as: (1) the type of procurement method (2) requirement for the successful implementation of procurement
services or goods provided and (3) the provider’s geographical integrity data analytics. The greater the number of datasets, the
location. For example, in a highly specialized profession like more comprehensive and advanced the data analytics technique
aerospace, a typical solicitation for the building of a satellite may will be. For example, if your data is limited to only collecting
only result in two or three bidders, but a contract for a new web vendor information (e.g., a vendor management system) and
design may result in over a dozen bidders. Under these scenarios, human capital information (i.e., employee demographics), your
three bids for a satellite could be considered normal. However, a data analytics may be restricted to existing relationships among
Analytical techniques
Parameter analytics
Parameter analytics is a technique that uses a limited number
of datasets combined in a simple Boolean condition (“true or
false,” “yes or no”) followed by an action. [Boolean conditions are
queries that compare two values with each other, e.g., with == or
Distribution analytics
anal
Distribution analytics rely on accurate historical data, known patterns
and thresholds. This type
t of analytics is looking
g for outliers throughout
g the procurement data,
such as payments by percentage that
h are h
higher
h than
h prior purchases
h for the
h same items or a
greater number of contract
co modifications than that of a similar contract.
These outliers, more
m commonly referred to as anomalies, can be identified when looking
g at
multiple prior procurement
procur occurrences in addition
dd to those
h identifi
d ed
d whenever
h the
h same type off
procurement isn’t consistent.
co For example, identify:
y (1) abnormally
y short periods between invoice
payments (2) a higher
highe number of payments compared to a similar contract or (3)) a higher number of
purchases under a multiple-award
m l l d contract for a product
d compared
d to a judgmental
d l sample.
l
exampl is identifying
Another example g the percentage
g of sole sourcing
g performed by a procurement
official compared to other
o h procurement officials.
l All
ll of these
h are b
based
d on a d
deviation from what’s
h
28 FRAUD MAGAZI
MAGAZINE JANUARY/FEBRUARY 2023 FRAUD-MAGAZINE.COM
M
normal.l As mentioned d previously,l develop
d l effective procurement the risk score up to 10. The predictive analytical model would
integrity
g data analytics in the right
g contexts (i.e.,
e., contextualized). then automatically combine this risk factor with other risks,
again between 1 to 10, such as:
Sociall network
k analytics
l • Number of months for the period of performance: The
Use social network analytics,
U y also called
lled “link analysis,” greater the number, the higher the risk.
t determine
to d relationships
l h among g different entities
• Contract value: The greater the amount, the higher the risk.
and/or individuals. Organizations
g s design link analy-
• Procurement method used: Sole-sourcing and emergency
ses with
h the
h underlying
d l reality
l that
hat most misconduct
purchasing are always assigned a higher risk.
occurs among those h familiar
l with each other and
who have previously y established ed relationships. • Number of follow-on contracts: The higher the number, the
This
h analytical
l l approach h will normally gen- greater the risk.
e
erate web-like
b l k graphic h d displays
lays that visualize • Degree of complexity of the effort: Low complexity, low risk.
andd link
l k theh types and d strengths
gths of connections • Prior incidents with a vendor: Five or more prior incidents of
a
among organizations or individuals. These poor performance indicate a higher risk.
c
connections mightg includeude shared address-
• Number of days from contract award to the first contract
e phone
es, h numbers,b family
mily relationships,
compared to similar contracts: over 40 days, low risk;
company affilliationss and other business
between 20 and 39 days, medium risk; under 20 days, high
connections.
i
risk.
D
Design sociall network analytics
The combined risks will provide a statistical probability of
with a strong g reliance
liance on unstruc-
the contract’s overall degree of risk, which can be displayed to
tured d data,
d such
ch as blogs, video
visually give an “early warning” and an opportunity to determine
s
services, d ssion forums and
discussion
what follow-up may need to occur. The statistical probability can
oh
others. An examplemple could be us-
be visually displayed to identify each of the numerical values for
i
ing public
bl media dia networks like
each risk factor, giving a better understanding of the specific risk
T
Twitter, Facebook ok and/or LinkedIn
condition. The visual display can be configured to perform this
to track k potentially
ally inappropriate
type of analytics across a division of the organization, a region
relationships.
l h
of the country or a specific type of contract.
Predictive analytics
lytics
Predictive analytics is the
P he gold star of tech-
n
niques because
b it can forecastst a potential future
o
occurrence of improper conduct d or noncompliance to These breaches, a major risk
p
policyy or improper payments.
y Predictive analytics
lytics can be one of
to organizations worldwide,
the more effective contract management g techniques.
hniques. However,
predictive analytics isn’t easy because it requires
p quires (1) assigning can result in unnecessary
a numerical value of risk (i.e., risk factor)) to individual pro- financial losses, reputational
c
curement actions (2)) combining the risk k factors together damage, contract delays and
( comparing
(3) g results to historical procurement
rement data of the
organization and (4)) establishing a range nge of low to high
even contract terminations.
risk. The proper assigning
g g of a numeric
meric value to each
risk factor makes this analytical approach
pproach difficult.
To give an example, l let’s
l start
rt with this analyti-
c model: Using
cal g a range
g of 1 to 10,0, with 10 being the
h h
highest risk,
k assign a score b based
sed on the number
o standard
of sta da d deviations
de at o s o on tthee number of contract
modification (mods)) for a similarmilar contract. The
h h the
higher h percentage of deviation the higher
Sheryl
S y Goodman
m and Tom Caulfield, CFE,
CFE, are co-founders off
Procurement Integrity
P g Consulting
g Services, LLC —a woman-owned
ssmall businesss specializing
g in developing,
g assessing
g and structuring
g
sstrategies
g to ensure
n contracting
g integrity.
g The company also assists
both domestic and international clients in identifying
b g and mitigat-
g
iing
g their inherent
r risk to procurement fraud and abuse, developing
g
analytical strategies
a t g and ensuring
g an environment commitment to
procurement integrity.
p g Contact Goodman at sheryl@procurement-
iintegrity.net.
g Contact Caulfield at tom@procurement-integrity.net.
C g
Endnotes
d s
1
“El informe de C
Contraloría
í que complica a Katherine Martorell, la actual vocera de
S
Sichel, por millonaria
n compra de cámaras
á GoPros para Carabineros,” El Mostrador,
O 15, 2021, tinyurl.com/yrrkksc3.
Oct. y /
2
“Martorell en p
problemas: informe de Chile Compra
p revela q
que Subsecretaría
incumplió
ó basess de licitación
ó para adquisición
ó de cámaras
á para Carabineros,”
El Mostrador, Jan.
n 6, 2021, tinyurl.com/yjm4tnk8; “Cámaras policiales: testigos
g
r
revelan presiones
e para favorecer a Motorola en licitación
ó de Martorell,” Nicolás
á
P
Parra a Montero, BioBioChile, March 23, 2022, tinyurl.com/2fsr5zwa;
y Felipe Díaz /
a d “Martorell
and ll in
n trouble:
bl Chile
h l Compra report reveals
l that
h Undersecretariat
d failed
l d
to comply
l with
hbbidding
dd rules
l for the
h acquisition of cameras for Carabineros,”
b
A
Archyde, Jan. 6, 2021, tinyurl.com/3km7m5dx. Also see “Chilecompra: Using
g
T h l
Technology to Deliver
el Better Value
l for Public
bl Money,” b
by Rachel
h l Lipson, Harvard,
d
T
Technology and Operations Management, Nov. 18, 2016, tinyurl.com/4ufy3cb7.
30 FRAUD M
MAGAZINE JANUARY/FEBRUARY 2023 FRAUD-MAGAZINE.COM
M
International examples of
data analytics systems
Brazil authorities) are better equipped to make public contracts awarded in 2012, won
informed procurement evaluation and over 32% in 2016.
The Office of the Comptroller General These drastic statistical changes
contract award decisions. Cartelogy is
of Brazil launched the Public Spending are suspicious because IMCO found
configured to reduce the probability of
Observatory (Observatório da Despesa
contracts being awarded to phantom, that most public procurement markets
Pública) to enable the continuous
crony or colluding companies, and typically maintain a certain range of
identification of potential misconduct
expose conflicts of interests or personal stability in public contract awards — never
and fraud in public procurements. (See
relationships among public officials and in inflated numbers, such as these. The
“Country case: Public Spending Obser-
companies. (See “Cartelogy: A tool for IMCO’s findings were provided to the
vatory in Brazil,” OECD, 2016, tinyurl.
fair competition and corruption-free pub- Mexican National Anti-Corruption System
com/2ppnt2tr.) The Observatory cross-
lic procurement in Malaysia,” by Zulkfli for further investigation. (We can’t further
checks procurement data with other
Ahmad, Open Contracting Partnership, report on any investigation conducted
government databases and identifies
Aug. 23, 2019, tinyurl.com/3wpuym8h.) by this system because of the lack of
possible misconduct by color coding in
publicly available information.)
orange or red flags for follow-up reviews.
The system looks for 20 indicators of
potential wrongdoing, including: Mexico
U.S. Postal Service
• Conflicts of interest by procurement The Instituto Mexicano para la Competi-
personnel. Some U.S. government agencies utilize
tividad (IMCO), a Mexican NGO, used
• Contract splitting to avoid competitive data analytics to enhance procurement
analytics to spot suspicious patterns in
bidding. integrity. For example, the U.S. Postal
contract awards. The IMCO wanted to
• Unusual bid patterns in amounts or Service (USPS) inspector general's office
number of bidders. identify any patterns related to which
built the Risk Assessment Data Reposi-
• Bidders with the same address. vendors had historically won a specific
tory (RADR) to help identify high-risk
• Rotation of winning bidders. percentage of public contracts; namely
contracts for follow-up audits and
• Contract amendments within one who the awarding government organiza-
investigations.
month of contract award. tions were; how much was being paid;
At its core, RADR is a suite of analyti-
and the dates and periods of perfor-
cal models that merge data from a vari-
Malaysia mance. (See “Corruption Risk Index: the
ety of internal sources and scores it on
Mexican Public Procurement System,”
The Malaysian Administrative and Mod- the likelihood — or probability — of fraud.
IMCO, Investigation, March 5, 2018, The resulting analytics are displayed
ernization Unit, an agency within the
tinyurl.com/fwrnv338.) on a geographic interface allowing for
Prime Minister’s Department, developed
The IMCO analytics project clearly proactive actions rather than waiting to
“Cartelogy,” a proactive and preventive
identified a pattern of contract awards receive reports of wrongdoing. The USPS
tool to help the ministry of finance and
after various presidential elections. Spe- developed RADR with inspectors general
other procurement agencies identify po-
cifically, after Mexico’s 2012 presidential offices’ subject-matter and technical ex-
tential bid-rigging and corruption risks in
public procurement at the tender stages election, 73 companies had won 29% of perts along with a contractor to develop
before contracts are even awarded. the Mexican public contracts awarded tailored algorithms. The analytical tool
Cartelogy combines data about that year. However, after the 2016 elec- was first built to identify potential health
procurements, company profiles and tion and a change of administration, the care fraud, expanded to contracts and
political persons. The tool is designed to same 73 companies were awarded less financial fraud, and eventually to mail
analyze, evaluate, and detect potential than 1% of all public contracts. The data theft. (See “In-house analytics tool maps
breaches so that decision-makers (as well also revealed that a second group of fraud at USPS,” by William Jackson, GCN,
as oversight committees and relevant companies who had won only 2% of all May 20, 2014, tinyurl.com/2wbdwzxc.)
F
FRAUD-MAGAZINE.COM
E.COM JANUARY/FEBRUARY 2023 FRAUD MAGAZINE 31
BATTLING
fraudulent product
substitution
By Stewart Thompson, CFE
I
magine for a minute that you’re controls the timing of the ejection — con- counterfeit components/product substitu-
an Air Force pilot flying the tributed to the pilot’s death. Not only that, tion — which is really a category of pro-
fighter jet F-16CM Falcon and but the electronic components inside the curement fraud all on its own — remains
you’re returning to base after sequencer were reportedly counterfeit, an ongoing problem.
a nighttime training mission. even though the F-16 manufacturer main- With the U.S. government looking
While attempting to touch tained the strictest quality controls over to replenish billions of dollars in military
down on the runway, you discover that its subcontractors that built the ejection aid to Ukraine on the back of supply chain
your landing gear is damaged. You execute seat and the DRS. woes, fraud fighters are once again on high
a go-around and try to land again, this time This incident is based on the true alert for signs of fraud and abuse. In fact,
by having the plane’s tailhook catch an ar- story of First Lt. David Schmitz, an F-16 there are even more pressures and oppor-
resting cable. That fails too, and the wing Fighting Falcon pilot, who died in June tunities to commit this type of fraud, as
touches the runway. As the plane starts to 2020 in a botched landing after his ejection people seek illicit sources for parts amid a
crash, you reach down and pull the ejec- seat failed to deploy its parachute. It un- global supply chain crisis that has created
tion handle, which releases the canopy. derscores the need for strict enforcement a rich environment for fraud and made
An explosive cartridge launches your seat of U.S. Department of Defense (DOD) stan- the U.S. more vulnerable to threats from
over a hundred feet into the air. But your dards for military parts. And an important foreign adversaries.
parachute fails to deploy, and you realize part of that is the aggressive investigation Concerns about the use of Chinese
you’re about to slam into the ground, still of anyone suspected of prioritizing profits components in U.S. military equipment
strapped into your seat, with only a frac- over safety by substituting subpar com- are on the rise not only because they might
tion of a second to go before your death. ponents to meet contract demands and be counterfeit but also for their potential
How could a scenario like this happen? passing them off as parts that meet the use in sabotage and spying as military and
Once an ejection handle is pulled, it trig- standards. (See “An F-16 pilot died when economic competition between the two
gers an almost instantaneous sequence his ejection seat failed. Was it counterfeit?” superpowers intensifies. Earlier this year,
of events aimed at getting the pilot safely by Rachel S. Cohen, Air Force Times, Sept. FBI Director Christopher Wray warned that
to the ground. But in this real-life exam- 13, 2022, tinyurl.com/5n9amjba.) the Chinese government “poses the big-
ple of the potential dangers of product Because of the enormous amount gest long-term threat” to the economic
substitution, an Air Force investigation of government funding that goes into and national security of the U.S. and its
later revealed that the failure of the seat’s the defense sector, the U.S. military has allies. (See “Heads of MI5, FBI give joint
digital recovery sequencer (DRS) — which long suffered its fair share of fraud. And warning of growing threat from China,”
by Juby Babu, Reuters, updated July 7, 2022, Program at major U.S. Navy commands to in prison and fined $50,000 after
tinyurl.com/ywr9prmk.) supplement its more traditional, reactive years of falsifying the results of tests
Just last September, the Pentagon and role. He also helped procure funding so to measure the strength and tough-
Lockheed Martin suspended deliveries of that NCIS agents could obtain their CFE ness of steel used in Navy submarines.
F-35 fighter jets after discovering that a credential, realizing they needed the train- Bradken is the Navy’s leading sup-
subcontractor had used a magnet made of ing the ACFE offers. [See “I’m a CFE - Nancy plier of high-yield steel castings for
cobalt and samarium alloy that came from Rich, CFE, Special Agent at the Naval Crimi- submarines, which can’t fail during a
China. Lockheed described the supplier nal Investigative Service (NCIS),” by Emily collision. But for 30 years, Thomas fal-
of the alloy as a “fifth-tier” supplier amid Primeaux, Fraud Magazine, September/Oc- sified test results to hide that its cast-
concerns that the Chinese-sourced materi- tober 2014 issue, tinyurl.com/2xxbhcvw.] ings failed to meet the Navy’s rigorous
als might have violated the Defense Federal Lockwood envisioned that agents standards. Bradken agreed to pay a
Acquisition Regulation Supplement — re- would embed themselves in major Navy nearly $11 million civil settlement
quirements and regulations designed to command headquarters to develop close related to the case. In all, the fraud
maintain the integrity of sensitive govern- relationships and promote fraud aware- affected 30 submarines, and the Navy
ment information that third parties might ness through briefings. This proactive has had to spend nearly $14 million to
hold or use. [See “Pentagon suspends F-35 approach would help agents better un- assess the risks to the vessels.
deliveries over Chinese alloy in magnet,” by derstand and assess command vulner- • From 2012 to 2019, Brighton Cromwell,
Stephen Losey, Defense News, Air Warfare, abilities and concerns. It was during this LLC, a military vehicle parts supplier,
Sept. 7, 2022, tinyurl.com/yydbz6fx and time that Admiral Walter Massenburg took allegedly provided the DOD with non-
“Defense Federal Acquisition Regulation over the reins as Commander of Naval Air conforming materials and knowingly
Supplement (DFARS),” Security Encyclo- (NAVAIR) Systems Command in Patuxent violated the Defense Federal Acquisi-
pedia, tinyurl.com/4m9we9m9.] River, Maryland. tion Regulation Supplement by selling
As a retired special agent for the Na- In 2005, members of the NCIS Eco- items without determining whether
val Criminal Investigative Service (NCIS), nomic Crimes Division, Washington, D.C., they were manufactured according
I spent many years investigating product went down to NAVAIR to brief Massenburg to the Buy American Act or the Trade
substitution cases for the Navy. Here I look on the Integrated Agent Program. Debbie Agreements Act. Brighton Cromwell
back on how the NCIS took a renewed in- Winslow, NCIS assistant special agent-in- also allegedly breached its contracts
terest in counterfeit parts, the latest cases charge, told me that when Massenburg with the government after selling it
of wrongdoing in this corner of the fraud was asked to identify his major concern, items manufactured or assembled in
world and how NCIS’s proactive approach he replied, “What keeps me up at night prohibited countries. In 2021, it agreed
can make all the difference in detecting are potential safety mishaps involving our to pay $850,000 to resolve these
and preventing product substitution. aircraft.” allegations.
That philosophy continues to this day
A renewed focus on as NCIS works alongside other government Dangers lurking in the
product substitution agencies to prevent this type of fraud and gray market
After the 2000 USS Cole bombing and the accidents it causes. Here are some re- Historically, the DOD has relied on compa-
the Sept. 11 terrorist attacks in 2001, the cent cases of product substitution, involv- nies like Bradken and Brighton Cromwell
NCIS’s fraud program was overshadowed ing NCIS and the Defense Criminal Inves- to manufacture or sell parts for military
by those events and became extinct ... al- tigative Service (DCIS) — the investigative aircraft and weapon system applications.
most. The NCIS resurrected it, largely due arm of the Office of Inspector General, U.S. However, as the cases above illustrate, un-
to the efforts of former Special Agent Louis Department of Defense (DOD). (See “Semi- scrupulous companies have used various
Lockwood, who in 2005 became NCIS’s di- annual Report to the Congress,” Inspector methods to introduce counterfeit or non-
vision chief, economic crimes, which is the General, DOD, Oct. 1, 2021, through March conforming parts into the DOD procure-
department responsible for safeguarding 31, 2022, tinyurl.com/4mkww6h3.) ment chain. This is worrisome because
the Navy’s acquisition programs from fraud • In February 2022, Elaine Thomas, the counterfeit parts imported from abroad
and corruption. Lockwood developed and former director of metallurgy at Brad- and sold to DOD distributors can poten-
implemented the Integrated Agent Fraud ken Inc., was sentenced to 30 months tially compromise U.S. national security.
These items can contain malicious com- Against this backdrop, major prime investigating counterfeit parts — Op-
puter code and create a back door into DOD contractors at NAVAIR were reporting in eration Chain Reaction — Stephanie A.
networks, enabling a foreign adversary to the Government-Industry Data Exchange McCloskey was sent to prison in 2011 for
access sensitive information to commit Programs (GIDEP) increasing procure- importing counterfeit integrated circuits
espionage. And the gray markets — where ments of counterfeit integrated circuits from China and Hong Kong and selling
items are sold outside the manufacturer’s (ICs) from multiple independent dis- them to the U.S. Navy and defense con-
authorized channels — have been a par- tributors. (See “Counterfeit Part Report- tractors. McCloskey and others had run
ticular concern. (See “Brand Protection ing Trends,” by Henry Livingston, Feb. 11, their operation from a Florida-based firm
Insights from Industry Leaders in Gray 2014, tinyurl.com/4fw23bf6.) GIDEP is an called VisionTech Components, generat-
Market, Counterfeit and IP Fraud Mitiga- information-sharing program between the ing $15.8 million from those sales. I was
tion,” by Sherri Erickson, De La Rue and U.S. government and industry. GIDEP’s da- the case agent at NCIS, which conducted
John Solheim, FiveBy Solutions, December tabase receives and disseminates informa- the investigation jointly with U.S. Immi-
2020, tinyurl.com/4b6zade8.) tion about nonconforming products and gration and Customs Enforcement’s (ICE)
Gray markets aren’t new. Nor is their materials. The DOD has also designated Homeland Security Investigations (HSI).
use to game the U.S. military procure- GIDEP as its central database on obsolete (See “VisionTech administrator sentenced
ment system. In 2006, a U.S. district court military parts and those parts with a di- to prison for role in sales of counterfeit cir-
charged the owners of eGlobe Solutions minishing number of manufacturers. (See cuits destined to US military,” U.S. Depart-
Inc, an authorized seller of Cisco Systems www.gidep.org.) ment of Homeland Security, Oct. 25, 2011,
products, with defrauding the government tinyurl.com/ytbehkhf.)
on computer equipment contracts worth Clamping down on BAE Systems Electronic Solutions had
$788,000. They allegedly sold gray-market counterfeit parts reported that it and NAVAIR had jointly
and counterfeit products from China to By the early 2000s, the rise in this type of procured suspected counterfeit microcir-
the Navy. Unauthorized vendors also al- fraud helped spur a series of investigations cuits from a parts broker; this broker had
tered that equipment to appear as if the by law enforcement into the distribution purchased the discrepant devices from a
product met the contract specifications. of counterfeit network hardware, bring- second tiered subcontractor based in Flor-
(See “Edmonds Brothers Charged With De- ing together various agencies including ida, which we now know was VisionTech.
frauding The Government on Computer the NCIS and DCIS. (See “Departments of NAVAIR and BAE had procured these parts
Equipment Contracts,” DOJ, press release, Justice and Homeland Security Announce for the purpose of installing them in ship
Nov. 16, 2006, tinyurl.com/4rs9npu4 and International Initiative Against Traffickers and land-based antenna equipment related
“Inspector General United States Depart- in Counterfeit Network Hardware,” DOJ, to the identification friend foe (IFF) sys-
ment of Defense Semiannual Report to the Feb. 28, 2008, tinyurl.com/wtv6wzsh.) tem, which enables the military to identify
Congress, Oct. 1, 2006 – March 31, 2007,” In the case that laid the foundation whether incoming aircraft or vehicles are
tinyurl.com/m9kewsyp.) for the creation of the largest task force friendly or hostile.
defraud without compelling evidence. The A review of the pertinent DCMA file Queries of product quality deficiency
DOD normally administers each problem and witness interviews revealed the QARs reports (PQDRs) revealed that the compa-
as a separate instance and rarely conducts had issued these companies numerous nies provided nonconforming parts to the
an analysis of the overall practices of the corrective action requests (CARs), docu- DOD. PQDRs are part of the Navy’s product
vendor for possible referral for criminal menting the contractors’ quality deficien- data reporting and evaluation program
investigation. Law enforcement agen- cies, including repeated testing failures. (PDREP), which is useful in locating com-
cies have traditionally investigated bogus CARs provide written notification to a panies selling nonconforming products/
parts cases reactively. This investigative contractor that the parts inspected were services to the government. (See tinyurl.
rejected and inform the contractor of the com/z92n83a3.)
approach of addressing the problem and
reason for the failure. These companies For example, one of the companies in-
of developing and prosecuting bogus parts
also had a lengthy history of failing first volved in this case was issued a PQDR after
cases has had only limited success.
article testing (FAT) inspections witnessed supplying defective cables associated with
by QARs or independently performed by the AIM-9 missile’s guidance system. The
Proactive prevention NAVAIR engineers to ensure a contractor cable was classified as a CAI. The PQDR
A proactive approach provides a more ef-
can correctly make the part. concluded that the parts didn’t pass cali-
fective and efficient means of obtaining
The investigation revealed that one of bration tests. Had they been installed, the
evidence to prosecute suspects, who are the companies failed a FAT inspection for missile system would’ve likely been ren-
predisposed to supplying nonconforming a motor cable, part of the weapons system dered inoperable. The AIM-9 (Sidewinder)
parts to the DOD. This starts with monitor- for a U.S. Marine Corps amphibious ve- is a supersonic heat-seeking missile car-
ing suppliers for red flags. A disproportion- hicle. The cable was classified as a critical ried by U.S. fighter aircraft. This is an es-
ate percentage of deficiency reports, failed application item (CAI), meaning if it failed pecially effective weapon as the pilot can
tests or inspections, and terminations for it would likely impact the ability or perfor- fire the missile and immediately exit the
convenience or default are good indica- mance of a weapon system to carry out a area to get out of harm’s way. The DCMA
tors of chronically unreliable suppliers, required mission. After the testing failure, had previously rejected the parts after they
whether they’re careless, unscrupulous the contract was terminated for default. failed in-house testing, resulting in the is-
or possibly both. Despite that the company subsequently suance of a CAR. But the contractor then
Here’s one case that underscores the provided motor cable assemblies with the sold the parts, accompanied by a CoC, to
importance of paying attention to these same part number, including a CoC, under a commercial distributor, which in turn,
warning signs. In 2006, the DCIS and NCIS a destination acceptance DOD contract. sold them to the DOD.
initiated an investigation, implicating the Another one of the companies sup-
plied serialized wiring harnesses for Seal
owner of four companies in knowingly
Team 1’s submersible Seal Delivery Vehi-
providing nonconforming parts to NA-
cles (SDV). These serialized parts had been
VAIR. For example, the companies failed
rejected under an earlier contract after
to conduct contractually required testing
failing an in-plant insulation resistance
and falsified CoCs.
WHAT CAN
FRAUD
EXAMINERS
LEARN FROM
PIS?
Some Certified Fraud Examiners, who are
also licensed private investigators, say their
PI skills have helped them become better
practitioners. Here’s what they can teach us.
By Dick Carozza, CFE
T
here’s a good Intelligence and OSINT Investigations questions or ease concerns,” says Will-
possibility (2021)," Maltego, tutorial, Oct. 31, 2021, ingham. “I just happen to be a private
you’re a Certi- tinyurl.com/mwka9sr8.] investigator.”
fied Fraud Ex- “I never got to look at the original Marcy Phelps, CFE, PI, is owner of
aminer. But you’re prob- subcontractor’s invoices and time sheets Marcy Phelps & Associates Inc., a firm
ably not a licensed private like I would in a financial investigation, focused on due diligence, financial as-
investigator. Are you missing but through my PI work I was able to write set investigations and training services.
out?
t? Not necessarily, but some a report for the client so they could end She says, “I see private investigators as
C s believe their hard-won PI
CFEs the subcontractor engagement and turn it unbiased third parties — those with no
sk s burnish their fraud exam-
skills over to law enforcement,” Wietholter says. stake in the outcomes of investigations.”
iner careers
areers and make them bet- “I was able to get the job done successfully The PI-finder site PInow (pinow.com)
fessionals.
ter professionals. without looking at one spreadsheet!” says clients might hire PIs for investigat-
L ah Wietholter, a licensed
Leah ing suspicions of infidelity, performing
P
PI, is one e of those CFEs. In a case What’s a private investigator? background checks on potential employ-
sshe worked, ed, an engineering busi- As we all know, the CFE Exam tests pro- ees, investigating the validity of an insur-
n
ness came to her firm, Workman Fo- spective CFEs on four areas: financial ance claim or finding a missing person.
rensics, afterr its managers suspected a transactions and fraud schemes, law, Most of the CFEs/PIs interviewed here
s b
subcontractor or was stealing from them fraud prevention and deterrence, and also conduct in-depth due diligence for
v overbilling.
via b ll g. The subcontractor had investigation. The investigation section their clients.
b
burned through gh the budget granted by of the ACFE Fraud Examiners Manual (FEM) PInow says PIs use several tactics, in-
the
h engineering ing firm, then requested is exhaustive. But we thought it might be cluding surveillance, computer forensics,
m
more money from the engineers, spent useful to get some input from CFEs who skip tracing, background checks and asset
that
h and d requested
uested even more. And he also wear PI hats. Fraud Magazine recently searches.
wasn’t d delivering
l ing adequate work. interviewed several CFEs/PIs who empha-
The engineers
gineers invoked the audit sized they’re better fraud examiners be- PI areas that enhance fraud
cclause
ause in tthe e subcontractor’s contract. cause they’ve attained PI skills that help examiners’ capabilities
Wietholter
h l sent
ent him a letter asking for them move FEM concepts off the page and CFE and PI skills, of course, aren’t mutual-
e l
explanations and records, but the subcon- into action. First, here are some of their ly exclusive; they overlap and sometimes
t
tractor never responded.
esponded. “Some fraud ex- thoughts on what a PI does and the dif- merge as fraud examiners move through
aminers at thiss point might have thought, ferent roles they can play. their careers. But here are some areas,
‘ can’t get much
‘I ch further because I have no “A private investigator conducts in- among many others, that the CFEs/PIs
financiall records,’”
rds,’” Wietholter says. “But vestigations on behalf of various clients, interviewed say PI education and experi-
my PI instinctss kicked in, and I began an such as corporations, insurance agencies, ence have enhanced:
open-source intelligence [OSINT] investi- law firms, private individuals or other • Skeptical and investigative mindset.
gation. We found that the subcontractor entities. Depending on the jurisdiction • Cognizance of personal risks and
in turn subcontracted to a guy in India and the situation, the PI may require li- liabilities.
who was charging only $30 an hour, but censure in their jurisdiction,” says Beth
• Open-source intelligence (OSINT)
the original subcontractor was billing the Mohr, CFE, PI, managing partner at The
proficiency.
engineering firm $150 an hour.” McHard Firm, which specializes in foren-
Wietholter then discovered through sic accounting. (See sidebar on page 47 • Evidence collection.
OSINT that the original subcontractor for more details on the possible need to • Ethical challenges solidifying
wasn’t even a licensed engineer but had become a licensed PI.) convictions.
been using the stolen licensing number of Brian Willingham, CFE, PI, is found-
an actual engineer. OSINT is the process er and president of investigative firm Skeptical and investigative mindset
of obtaining intelligence in an investiga- Diligentia Group. “I believe in ethically Phelps says that in her years of investiga-
tion through publicly available informa- sourced information to help clients make tive research she’s learned that she must
tion. [See “Everything about Open Source educated decisions, answer complex let the facts speak for themselves and not
CO
COMPUTER FORENSICS,
O S CS, troduced as a special agent for the U.S. National
Security Agency. “This episode about Tasha’s
ASSET SEARCHES.
An accounting d
degree followed,
ll d then
h a b for you. So, your work product should
bat
c
coveted FBI internship and two years with a include any exculpatory evidence and
also
the agency.
g y After an MBA and a few years
y at not indicate judgment. Again, just present
a public accounting firm, “An accounting the facts.”
headhunter suggested, ‘What would hap- When Dunhill managed his private in-
pen if you started your own investigation vestigations business, he says the personal
and forensic accounting business?’” she risks gave him additional energy and mo-
writes in her book. She opened her firm mentum to ensure the integrity of evidence
in November 2010 and then earned her and findings he presented to his clientele.
Oklahoma private investigator’s license. “That energy has crossed over into the cor-
porate realm, where I now work,” he says.
Cognizance of personal risks
and liabilities OSINT proficiency
PIs generally own their businesses, so, un-
Investigators and researchers of all stripes
like CFEs who might work in the corporate
and in all sectors — military and state
world, they must protect themselves be-
intelligence, marketing, IT — search for
cause clients’ and organizational struc-
information in published or otherwise
tures won’t shield them. “PIs must review
publicly available sources. OSINT, and
their jurisdictions’ laws and regulations to
research through subscription software,
ensure they’re in compliance,” says Dun-
is a major component of PIs’ workdays. “I
hill. “Companies normally have policies
work with law firms, private-equity firms,
requiring employees to communicate with
hedge funds and investors to conduct due
their internal investigators. PIs don’t have
diligence,” says Willingham.
that. No one is required to talk with them.
“There’s a big difference between what
They’re on their own. So, PIs have to be
I do and what Certified Fraud Examiners
overly cautious because their reputations
do. CFEs usually have a collection of doc-
are on the line. That cautious attitude has
helped me as a fraud examiner.” uments they have access to — normally
For the first 10 years or so of his career, through their employers that they use to
Dunhill worked for a PI. “He taught me to analyze situations. I typically don’t start
make sure my documentation was clean, with any access.”
consistent and repeatable, and to pay at- Willingham is working on a case
tention to detail — principles that have where his client sued a financial advisor
assisted me in every investigative role I’ve for several hundreds of thousands of dol-
ever had,” he says. lars. Willingham and his team believe the
Other skills critical to success and financial advisor is lying, but they aren’t
avoiding liability, Dunhill says, are to con- analyzing all the financial statements to
duct quality interviews, assess subjects’ prove this. “Although the financial state-
credibility and leave no stone unturned. ments may provide some clues, I’m trying
“As a private investigator, you don’t have to find information that suggests that the
any additional support. No one will go to financial advisor might be a serial liar,
used his clients’ asset for personal use or has a history of toxic re-
lationships,” says Willingham. “I’m also looking up lawsuits that
the financial advisor has been involved with to determine whether
others have accused him of fraud — finding fact witnesses that can
speak to his character or can impeach his credibility in civil court.”
In a 2013 ACFE Insights article, Willingham encouraged fraud
examiners to make use of public sources in their examinations. (See
tinyurl.com/5a32vdcm.) “What I have come to learn is that many
people take public records for granted,” he wrote. “Because they are
‘public,’ people assume that they can’t be all that valuable. … Our
vast system of public records in the U.S. is one of the most unique
investigative assets we have.
“Most people don’t realize how public records can serve as re-
sources to help connect the dots, develop a complete picture, fill in
the blanks, and find supporting documentation, hidden clues or just
plain old dirt,” Willingham writes. “As an investigator, your job is to
collect information and facts. And if part of collecting information
doesn’t include using the vast resources found in public records, you
are definitely missing out.”
One advantage for private investigators, Willingham says, is
that as professional practitioners of their craft they invest in some
powerful and pricey resources, such as Maltego, TLO, IDI, IRB, Trac-
ers and Delvepoint. “Maltego, for example, is a platform that helps
you sort and analyze massive datasets,” Willingham says. “For
example, it’s good for establishing some links or connections
among dozens or hundreds of Twitter accounts.”
Phelps, who holds a master’s degree in library and
information science, uses OSINT resources to help
mitigate risk and to prevent and deter fraud for
asset management firms, funds of funds and
other investment organizations; private
equity firms; mergers and acquisitions
advisors; attorneys; senior execu-
tives and others. In addition to
specialized investigative
databases, she also uses
IN A 2013 ACFE other subscription
services, such as
INSIGHTS ARTICLE, LexisNexis,
Dow Jones
WILLINGHAM ENCOUR- Factiva
and
AGED FRAUD EXAMINERS
TO USE PUBLIC SOURCES IN
THEIR EXAMINATIONS.
Evidence collection
“Auditors who find evidence are trained to make copies and return
the original documents to the client,” says Mohr. “But as an investi-
gator, if you run across something that may have evidentiary value
you’re obligated to collect the original as evidence, and you have
to preserve it in a way that allows it to be admissible as evidence
in court, which means having it in a secure spot with a chain-of-
custody log that proves to the court who’s handled it and that it
hasn’t been altered.” Mohr’s PI experience heavily influences her
evidence collection and preservation plus her interviewing. She
teaches on the subjects to auditor and accounting groups, and
the ACFE. A former officer with the San Diego Police Department,
Mohr is credentialed as a Nationally Certified Law Enforcement
Instructor by the International Association of Directors of Law
Enforcement Standards and Training.
Of course, CFEs are trained in evidence collection and preser-
vation. But Mohr says her PI and law enforcement experience has
accentuated the seriousness of protecting anything that could be
considered evidence. “Fraud examiners might just have cursory
experience of investigatory techniques and evidence collection.
Some of the attendees at one recent workshop I taught had little
knowledge in this area. I always tell any attendees, ‘When in doubt
— bag and tag!’” she says.
PIs know that when they must collect digital evidence, they
need to call in digital forensics experts so they don’t risk contami-
con
nating computers and devices, Mohr says. She provides these digital
d l
evidence collection guides from her PI experience:
• “Best Practices for Seizing Electronic Evidence: A pocket guide
d
Departme off
for First Responders v. 4.2,” U.S. Secret Service, Department
Homeland Security (tinyurl.com/5n93u9a8).
• “First Responder Guide to Mobile Forensics,” by Amber
Schroader, Paraben Corporation (paraben.com).
• “Electronic Crime Scene Investigation: A Guide for First
Departme off
Responders,” National Institute of Justice, U.S. Department
Justice (tinyurl.com/4h8ubvrs).
• “Seize First, Search Later: The Hunt for Digital Evidence,”
by Paige Bartholomew, Touro Law Review, volume 30, No. No 4
(tinyurl.com/rpzu6wby).
fraud cases
of 2 0 2 2
By Jennifer Liebman
I
t’s hard to believe, but it’s been al-
most three years since the start of the
COVID-19 pandemic, and fraud fight-
ers are still grappling with the fallout of
frauds tied to government-relief funds.
Yet, despite the massive scale of pan-
demic frauds and the staggering loss of
5 m o s t s c a n d a l o u s f r a u d c a s e s of 2 0 2 2
5 MOST SCANDALOUS FRAUDS OF 2022
were able to crack the case and expose the pair’s attempts at ano- in my career have I seen such a complete fail-
nymity. “They demonstrated just how advanced cryptocurrency ure of corporate controls and such a complete
tracing has become — potentially even for coins once believed to absence of trustworthy financial information
be practically untraceable,” wrote Greenberg. (See “$3.6 billion as occurred here,” he said. (See “8 Days in No-
bitcoin seizure shows how hard it is to launder cryptocurrency,” vember: What Led to FTX’s Sudden Collapse,”
Ars Technica, Feb. 12, 2022, tinyurl.com/3wjnrdkc.)
by David Z. Morris, CoinDesk, Nov. 9, 2022,
According to David Utzke, Ph.D., CFE, who worked with
tinyurl.com/yceb2mpj and “The crypto melt-
the IRS-CI when Lichtenstein and Morgan were arrested, fraud
down, explained,” by Allison Morrow, CNN,
examiners must know the technologies criminals are using to
launder cryptocurrency. Utzke is now senior director of crypto-
Nov. 18, 2022, tinyurl.com/mr4yda89.) /01
economic technology for MasterCard. “Coming from a decades-
long career in technology and civil/criminal cybercrimes federal
enforcement and being engaged in this investigation as it evolved
in mid-2016, whether we’re talking about digital assets, art, 0 2 / U n h e a lt h y
choices
drugs, or some other asset — digital or physical — laundering,
traditional AML and sanction methods are not addressing the
technology methods criminals utilized,” Utzke says.
However, federal investigators eventually tied Lichtenstein
and Morgan to the stolen crypto in a much more ordinary way From suits against large U.S. health insurers
by linking a $500 Walmart gift card to their emails and cloud- for allegedly defrauding the Medicare Advan-
service providers. (See “A Crucial Clue in the $4.5 Billion Bitcoin tage program to pharmaceutical giant Biogen’s
Heist: A $500 Walmart Gift Card,” by James Fanelli, Ben Foldy eye-popping settlement, 2022 turned out to be
and Dustin Volz, The Wall Street Journal, Feb. 15, 2022, tinyurl. quite a shameful year for health care.
com/ysduy2ws.) In July, Biogen agreed to a $900 million
Lichtenstein and Morgan’s futures are uncertain as they settlement with the U.S. government over al-
await plea deals and sentences, but one thing is for sure: Crypto- legations that it gave kickbacks to doctors for
currency and fraud will still be hot topics in 2023, especially in the promoting its multiple sclerosis (MS) drugs.
wake of crypto exchange FTX’s extraordinary crash in November. A former Biogen employee, Michael Baw-
The Securities and Exchange Commission is investigating if FTX duniak, originally sued the company in 2012
mishandled customer funds. Investors filed a lawsuit alleging under the U.S. False Claims Act as a whistle-
that FTX founder Sam Bankman-Fried and celebrities like Tom blower. In Bawduniak’s lawsuit, he accused his
Brady and Larry David engaged in deceptive practices to sell FTX
yield-bearing digital currency accounts. (See “Sam Bankman-
Fried’s FTX Empire Faces U.S. Probe Into Client Funds, Lending,”
by Lydia Beyoud, Yueqi Yang and Olga Kharif, Bloomberg, Nov.
9, 2022, tinyurl.com/358yh7nh and “FTX’s Bankman-Fried, Tom
Brady and other celebrity promoters sued by crypto investors,”
by Jody Godoy, Reuters, Nov. 17, 2022, tinyurl.com/bdd6teav.)
Reports that Bankman-Fried had inappropriately been using
FTX’s customers’ funds to prop up his crypto hedge fund Alameda
Research sparked a rush for the exits and the overnight collapse
of the exchange. Creditors are now looking to recoup billions
of dollars from the company. Bankman-Fried’s high standing
not only in the crypto community but among regulators and
politicians has made the bankruptcy particularly shocking and
has the potential to be one of the biggest fraud cases of 2023.
FTX’s new CEO John J. Ray III, better known for overseeing the
collapse of Enron more than 20 years ago, has been scathing in
his assessment of the inner workings of the exchange. “Never
Watch
sessions
online or
on-demand.
earn
20 CPE.
05
most
SCANDALOUS
fraud cases
of 2 0 2 2
ex-employer of enticing doctors with sham consulting deals, Insatiable’: How Insurers Exploited Medicare for Billions,”
speaker engagements and fancy dinners so they’d prescribe by Reed Abelson and Margot Sanger-Katz, The New York
Biogen’s MS drugs to their patients. As Reuters explained, Times, Oct. 8, 2022, tinyurl.com/mr2ua3mu.)
MS drugs are expensive, and only a small number of drugs The DOJ has sued some of the biggest health insurance
are approved to treat the autoimmune disease affecting the companies in the country — UnitedHealth, Humana and Kai-
central nervous system. The alleged kickbacks were meant ser Permanente, to name a few — for submitting inflated bills
to help the Cambridge, Massachusetts-biotech company, and overdiagnosing patients. The DOJ has joined several suits
which specializes in treatments for neurological diseases,
that were originally filed by whistleblowers, signaling that
corner the market and boost sales of its MS drugs.
law enforcement believes the fraud allegations have merit.
The DOJ claimed the alleged kickbacks resulted in false
The suits suggest that incredibly profitable insurance
claims to Medicare and Medicaid for prescriptions of Biogen’s
companies are gaming a system that pays them higher rates
MS drugs. Biogen denies any wrongdoing. (See “Biogen
for sicker patients. The lawsuits describe how the companies
agrees to $900 million drug kickback settlement on eve
have “developed elaborate systems to make their patients ap-
of trial,” by Nate Raymond, Reuters, July 20, 2022, tinyurl.
pear as sick as possible, often without providing additional
com/2swajs6t and “Biogen Inc. Agrees to Pay $900 Million to
treatment” to collect more from the government, The New
Settle Allegations Related to Improper Physician Payments,”
DOJ press release, Sept. 26, 2022, tinyurl.com/yc2e2nva.) York Times wrote. California-based Kaiser Permanente alleg-
In October, The New York Times highlighted the ex- edly urged doctors to add extra illnesses to patients’ medi-
tent to which U.S. health insurers have allegedly exploited cal records, incentivizing them with bottles of Champagne
Medicare Advantage — the arm of the U.S. national health or pay bonuses. The U.S. Congressional watchdog group
system for older Americans managed by private entities — MedPAC has estimated that additional diagnoses led to $12
by fraudulently inflating diagnostic codes and making bil- billion in overpayments in 2020. (See “‘The Cash Monster
lions of dollars in the process. (See “‘The Cash Monster Was Was Insatiable,’” tinyurl.com/mr2ua3mu.) /02
03/ Scam-to-scam
banking
The company Zelle makes sending money
to someone a cinch. It’s a person-to-person
payment service controlled by many of
the largest U.S. banks. You only need to
connect the app to your bank account
and voila: The recipient gets your money
instantly with no need to wait for a bank
transfer or a payment to clear. But the im-
mediacy of the service is also what makes
it popular with fraudsters.
In 2021, people sent $490 billion
through Zelle, but all those billions in trans-
and claim financial institutions haven’t we have an enormous amount of systems to
actions also include plenty of fraud, and
done enough to warn customers about stop. And the amount of fraud relatively is
the service has become a favorite hunting
these scams. (See “TD Bank, Capital One very small for this free-of-charge service.”
ground for the likes of romance and cryp-
and more, Zelle fraud class action lawsuit (See “Zelle Emerges as Lawmakers’ Surprise
tocurrency scammers. And while banks say
investigation,” Top Class Actions, Oct. 30, Foe at Bank Hearings,” by Jennifer Surane,
they take Zelle fraud seriously, many victims
2022, tinyurl.com/mrxp7ycw and “Class Bloomberg, Business, updated Sept. 22,
have struggled to get help. The problem is
Action Lawsuit Filed Over Alleged Wells 2022, tinyurl.com/2b7fpvrc.)
that many fraudsters trick their marks into
authorizing Zelle payments, and banks say Fargo Zelle Scam [Update],” by Corrado An investigation led by U.S. Senator
regulations don’t require them to refund Rizzi, ClassAction.org, updated June 30, Elizabeth Warren (D-MA) found that in 2021
money for authorized transactions. (See 2022, tinyurl.com/ybkwmxmv.) and the first half of 2022, four banks had
“Fraud Is Flourishing on Zelle. The Banks The U.S. Senate Banking Committee 192,878 cases worth $213.8 million where a
Say It’s Not Their Problem,” by Stacy Cowley convened hearings in September, pressing customer claimed they’d been tricked into
and Lananh Nguyen, The New York Times, bank CEOs and Zelle’s operator, Early Warn- making Zelle payments. Banks reimbursed
March 6, 2022, tinyurl.com/2nh73dds.) ing Services, on how they can make their customers in only 3,500 of those cases.
“It’s like the banks have colluded with customers whole. JP Morgan CEO Jamie Di- Only 47% of the dollars were reimbursed
the sleazebags on the street to be able to mon told the committee, “Anything that’s in cases where it was obvious that funds
steal,” fraud victim Bruce Barth told The unauthorized, we do cover. So, you’re really were transferred without the customers’
New York Times. Barth is one of many cus- talking about authorized transactions that authorizations. Warren’s report also found
tomers scammed by thieves on the service that PNC Bank had 8,848 cases on Zelle in
2020 and will have about 12,300 cases in
but discovered his bank was unwilling to
refund the stolen money.
“It’s like the 2022. US Bank had 14,886 cases in 2020 and
Since the summer, Zelle customers banks have colluded had 27,702 cases in 2021. Truist had 9,455
have joined in several class-action lawsuits cases of fraud and scams on Zelle in 2020,
aimed at their banks. The lawsuits, against
with the sleazebags which shot up to 22,045 in 2021. (See “Sen-
the likes of TD Bank, Capital One and Wells on the street to be ate report finds increasing cases of fraud,
Fargo, press banks to take responsibility for scams on Zelle,” by Ken Sweet, Associated
the money customers have lost to fraud- able to steal.” Press, PBS Newshour, Oct. 3, 2022, tinyurl.
sters through authorized Zelle payments com/yckmyjya.) /03
small building. One said it was feeding 2,000 children a day and the
other claimed to be feeding 500. Another operation in a restaurant said
it was feeding 6,000 children a day, which was more than the number of
children who lived in the ZIP code in that area. A lawyer for the nonprofit
said the group never had an accountant on staff. And while Feeding Our
Future said it had a three-member board to provide outside oversight
of its finances, the person listed as the board’s president between 2018
and 2020 was a bartender and electrician who said he’d been tricked
into taking the job. (See “Running a marathon at a sprinter’s pace,” by
Paul Kilby, Fraud Magazine, May/June 2021 issue, tinyurl.com/2bvv547p;
“Preparing for a post-pandemic fraud landscape,” by James Ruotolo,
CFE, and Linda Miller, Fraud Magazine, November/December 2021 issue,
tinyurl.com/2p8sa2va; and “F.B.I. Sees ‘Massive Fraud’ in Groups’ Food
Programs for Needy Children,” by David A. Fahrenthold, The New York
Times, March 8, 2022, tinyurl.com/29hbz6c2.) /04
Bed Bath & Beyond fraud the stock prices of the deli’s parent company Hometown Interna-
tional and another company, E-Waste Corp, through manipula-
In September, the CFO of Bed Bath & Beyond,
Gustavo Arnal, fell from the 18th floor of a Manhat- tive trading. Hometown’s stock prices rose 939% and E-Waste’s
tan building to his death less than two weeks after rose 19,900%, raising Hometown’s market value to $123 million
being named in a federal lawsuit accusing him of even though its sole asset was a deli. (See “Owners of a small
securities fraud and insider trading. The suit, filed deli are charged with fraud for valuing business at $100 million,”
in the U.S. District Court for the District of Columbia by Matt Adams, NPR, National News, Sept. 28, 2022, tinyurl.
claimed that Arnal and GameStop chairman Ryan com/3bpyy6cn and “$100 million New Jersey deli scheme leads
Cohen used false statements to sell their Bed Bath to U.S. fraud charges,” by Jonathan Stempel, Reuters, Sept. 26,
& Beyond shares and inflate the price of publicly 2022, tinyurl.com/2p9aex9j.)
traded stock. Arnal sold more than 42,000 shares for
$1 million, and Cohen sold all his 9.8% stake, causing ‘Gucci Master’ of none
shares to plummet in a pump-and-dump scheme.
Nigerian Instagram influencer, Ramon Abbas, aka the “Billionaire
The home goods retailer closed 150 of its 900 stores
Gucci Master” or Hushpuppi to his followers, was sentenced to
and laid off 20% of its corporate staff. (See “Bed Bath
11 years in prison in the U.S. for committing wire fraud, money
& Beyond CFO was implicated in insider trading and
laundering and identity theft. The assistant director of the Los
fraud scheme days before death, court docs show,”
Angeles FBI office, Kristi K. Johnson, said he was “among the
by Oliver O’Connell, The Independent, Sept. 5, 2022,
tinyurl.com/37pp6hk4.) most high-profile money launderers in the world.”
Abbas made his claim to fame bragging on social media
The pastrami wasn’t amazing about his wealth. But his riches weren’t won through an hon-
est day’s work. Instead, Abbas accumulated his wealth through
In September, the owners of a tiny deli in New Jersey
business email compromise (BEC) scams. The FBI also believes
were charged with securities fraud for falsely valuing
their business at more than $100 million. In a letter he facilitated large-scale transactions for North Korea, including
to clients, investor David Einhorn noted the deli a scheme in 2019 to launder $13 million stolen by North Korean
had generated less than $40,000 in sales but had a hackers from a bank in Malta. The Gucci Master’s scams amount-
market cap of $113 million. “The pastrami must be ed to more than $24 million in losses. (See “Hushpuppi: Notori-
amazing,” he joked. ous Nigerian fraudster jailed for 11 years in US,” BBC News, Nov.
According to prosecutors, the owners of Home- 8, 2022, tinyurl.com/5n8sbrtv and “‘He Got Burnt’: How One of
town Deli, James Patten, Peter Coker Sr. and Peter Instagram’s Biggest Fraudsters Was Brought Down,” by Charlotte
Coker Jr., had been conspiring since 2014 to inflate Lytton, Vice, Nov. 8, 2022, tinyurl.com/yfd8ad2h.)
0 5 / C h i n a’ s
banking scandal
failure of the regulatory system to properly implement regu- Contact her at jliebman@ACFE.com.
05
most
SCANDALOUS
fraud cases
of 2 0 2 2
BETTER TOGETHER
Sometimes departments within organizations can have tunnel vision, which can be
fatal for fraud investigations. Here the author looks at how a money-laundering probe at
one financial institution revealed the flaws in its siloed approach and how working together
makes all the difference.
W
hen sailing, mariners
must always know the
wind’s direction and
mind their points of sail — a boat’s
course relative to the wind. Sails can’t
catch the wind in what is known as the
no-go zone, approximately 45 degrees on
either side of the wind’s direction. But
sailing close-hauled, or as close to the
wind as possible, mobilizes sails. (See
“What is Sailing Close to the Wind?”
Life of Sailing, tinyurl.com/2m2mnvpr.)
Indeed, sailing requires working with
the wind to move ahead. Managing
fraud risk and investigations is a similar
process: Just as the mariner works with
the wind, collaboration among teams
of experts is the best way to propel
forward. When people come together
and share their expertise, they can truly
succeed.
My team and I learned the impor-
tance of collaboration when we worked
on a money-laundering probe at my
former employer, a financial institu-
tion. The investigation revealed gaps
in my organization’s processes and A case of money laundering similar troubling trends associated
controls, but perhaps more important, Someone had been wiring millions of with the same account through the
it redefined how we operated and man- U.S. dollars to different accounts outside company’s alert management system.
aged cases. Ultimately, we were able to the country without the appropriate We’d both spotted significant issues but
do right by our customers, sharehold- approvals from the account owner. And had failed to share the information with
ers, peer banks and regulators because as an investigator, I identified suspi- each other.
we decided to work together. We also cious patterns in the transactions, which This proved to be just one of many
strengthened our organization’s fraud- the anti-money laundering (AML) unit instances in the investigation that
fighting efforts after breaking down had reviewed. But, unbeknownst to me, showed how vital information went un-
the siloes we worked in. Here’s what our fraud-risk analyst, who worked in a noticed among teams that are trained
happened. different department, had also spotted to spot fraud and money laundering in
avoid overlapping reports as occurred and identify whether it’s necessary to in- compared to a $57,000 median loss
above, and help anti-fraud and AML vestigate further or escalate a suspicious when fraudsters go solo. (See ACFE.
teams build on what’s already known activity report (SAR) to regulators. com/RTTN.)
about a customer profile. Remember that financial institu-
Fraudsters know that the keys to
To ensure that they’re adequately tions use know-your-customer and
success are collaboration and sharing
covering the AML and fraud-risk know-your-customer’s-customer
information, so fraud examiners must
ground, organizations should maintain processes (KYC and KYCC) to monitor
separate transaction-monitoring sys- transactions, and that this readily avail- pool their resources and work together
tems but educate the different teams on able data can be used to spot suspicious to fight back. (See “Why fraud fighters
how to identify the red flags that each cases and trade-based money launder- should team up for success,” by Nicho-
team seeks. ing triggers. las White, BAI, Banking Strategies, Oct.
If an AML analyst reviews an alert It’s also critical that organizations 24, 2022, tinyurl.com/42yspae6.)
and doesn’t find anything suspicious reach out to regulators because infor- You can’t overreact and roll out a
from an AML perspective, they should mation sharing helps identify global
fraud risk management program with-
pass those alerts along to a fraud risk criminal infrastructures.
out understanding what your business
analyst for their review. This informa- Identifying unusual relationships
tion sharing enables the fraud inves- in nonfinancial data using demograph- requires — that’s like sailing directly
tigation team to dig deeper into the ic details of employees, customers, into the wind. However, finding the
matter. While financial crimes analysts vendors, contract workers’ attendance right degree of wind is like finding your
cut their teeth in a wholly different area records, etc. is critical for any organiza- degree of collaboration during a fraud
of expertise, sharing their informa- tion in the race to curb bribery, corrup- investigation. Collaboration ensures
tion can also greatly aid in AML and tion and the use of insider information. that when fraud happens, the impact is
terrorist-financing investigations. In
minimal. No fraud risk assessment or
our case, it was clear that there had Fraudsters work together, so
any program can save an organization
been no collaboration between the AML must fraud fighters
and fraud team, each keeping alerts and Fraud examiners must work collabora- alone but collaboration with stakehold-
reviews within their respective units. tively because that’s what fraudsters are ers can. n FM
doing. ACFE’s Occupational Fraud 2022:
Leveraging in-house data A Report to the Nations shows fraudsters
Raina Verma, CFE, is an internal audit
It’s important to leverage readily avail- are increasingly working together and
and fraud risk management profes-
able in-house data. Some companies successful because of it. Frauds involv-
sional specializing in financial crimes
often think that hiring a data analyst to ing two or more perpetrators comprised
create reports is enough. But it’s often 58% of cases in 2022 versus 42% in 2012. investigations, regulatory compliance
better to bring in a financial crimes The median loss to fraud committed by and anti-money laundering. Contact
analyst with the skills to review reports two or more perpetrators is $145,000 her at Raina@windowslive.com.
Register now at
FRAUDCONFERENCE.COM
CAREER CONNECTION Building your professional future
G
rowing up, we all tried at some inaction or a lack of urgency. Second,
point or another to squirm our COLUMNIST
they don’t want to admit to a problem,
way out of being accountable DONN LEVIE JR., CFE so they rationalize with an “out of sight,
for something we shouldn’t have done or LEADERSHIP CONSULTANT out of mind” mentality. Third, they fall
said. (I admit to throwing my little broth- into the Dunning-Kruger Effect, which
er under the bus a couple of times, but is a cognitive bias whereby their initial
company, the founders were golfing
my parents were wise to that approach.) confidence exceeds their competence.
friends and fraternity brothers who
We spun the facts or rationalized our (See “Why can we not perceive our own
would rationalize their actions to keep
action to avoid punitive measures; in abilities? The Dunning–Kruger Effect,
up the steady cash flow from venture
short, we wanted to preserve our stand- explained,” The Decision Lab, tinyurl.
capitalists. The founders were enthusias-
ing in the family unit and stay in Mom com/bddnbssm.)
tic yarn spinners, painting vivid imagery
and Dad’s good graces. But alas, many Palmar’s insights show how people
of us suffered some parental wrath as a of what the future could look like after resort to self-preservation behavior,
consequence for our behavior — and the their product launched in the market- which is an innate desire to keep oneself
fictitious tales we told to rationalize it. place in a few years. They were experts safe and out of harm’s way. It’s a power-
Our parents knew something we kids at dismissing objections with a smile, a ful motivator that can lead people to do
didn’t fully appreciate: Rationalization half-truth and a rationalization. or say things they otherwise wouldn’t so
allows us to wander further away on But soon reality set in, replacing the as to preserve their physical, emotional
the far side of truth. As adults gaining hype after yet another scheduled delay, or psychological safety. Self-preservation
experience in our respective professions, another request for additional funding can lead to unethical rationalizations,
we learn about compliance and eth- and another round of layoffs. as individuals try to justify their own
ics, but we also add to our repertoire of actions or decisions while overlooking
rationalizations. Role of egocentric bias in (or being willfully blind to) the potential
rationalization harm they could cause.
Rationalizations and Entrepreneurship isn’t entirely to blame.
entrepreneurship People behave in ways that favor their Everyone uses rationalizations
Entrepreneurship encourages founders self-interest due in part to egocentric every day
to be persistent evangelists and wheeler- bias (the tendency to believe that one’s Who are the rationalizers among us? To
dealers for their fledgling enterprises. own opinion is the correct one). Egocen- quote the comic strip “Pogo”: “We have
They have a lot to lose and must continu- tric bias occurs when people allow their met the enemy and he is us.” If you’ve
ally be on their “game” to woo venture personal perspectives to distort their ever had to defend yourself against
capitalists, entice employees from other judgment of a situation. Entrepreneurial feelings of guilt or protect yourself
companies to come work for them, and pursuits are just one area where this bias from criticism for something you did
win over skeptical market analysts. How- plays out. or said, you’re probably a rationalizer.
ever, such a system conceals the treach- Joseph Palmar, CFE, CEO of Palmar Even if “things all worked out in the
erous waters that lure all who enter. Forensics, tells Fraud Magazine that end anyway,” you’re using consequen-
Back in the late 1990s, I worked he’s encountered three reasons why tialism (the theory that says that the
at several high-tech startups, where I people don’t act and rationalize reasons consequences of your actions determine
regularly witnessed instances of unethi- for not taking preemptive or proactive whether they’re good or bad) to rational-
cal — and even illegal — actions. In one steps. First, they’re comfortable with ize a positive result from a questionable
Bounded ethicality is inherent to Emerging field of Than Among High Moral Identifiers,”
many organizational structures in the behavioral ethics by Laetitia B. Mulder and Eric van Dijk,
public and private sectors, and perhaps in Frontiers in Psychology, Jan. 8, 2020,
Research into the emerging field of be-
none more so than in the field of entre- tinyurl.com/37zmumf4.)
havioral ethics (including cognitive and
preneurship, as previously explained.
behavioral psychology, and evolutionary
biology) reveals something we already Damage done by rationalizing
Situational ethics unethical behavior
knew: People are not completely ratio-
rationalization: ‘It depends …’ It’s easy to rationalize unethical behav-
nal. Most ethical decisions are intuitive,
People who behave in a manner in con- ior. We tell ourselves that it’s not really
by virtue of feeling; they rarely have the
flict with their character or lifestyle may that bad, or that everyone does it, or that
luxury of resulting from methodical
be operating on the principal of situ- we’ll make up for it later. But the truth
analysis. Usually, someone who makes a
ational ethics, wherein individuals are
morally questionable decision has con- is, rationalizing unethical behavior can
free to make choices that align with their
scious and subconscious influences at damage business opportunities, careers,
own circumstances. Situational ethics
play, including self-serving bias and the relationships, and a sense of self. It can
contends that the context of an issue
pressure to conform, as well as the situ- erode our integrity and damage our
should determine the morality, rather
ational factor. (See “Ethics Unwrapped: reputation. It can also dull our sense of
than deferring to a comprehensive moral
Behavioral Ethics,” The University of responsibility for wrongful actions, and
code for all situations. This more flexible
Texas McCombs School of Business, lead to more serious problems, includ-
approach to ethics arguably can create
tinyurl.com/373p7mk3.) ing a variety of fraudulent actions and
fertile ground for justifications to green-
When people engage in post hoc consequences. ■ FM
light behavioral ills that absolve propo-
nents from personal accountability. (See moral rationalizations, they may be
“Situation ethics,” BBC, Ethics guide, more likely to engage in additional Donn LeVie Jr., CFE, is a Fraud Magazine
tinyurl.com/2ws9n7sy.) unethical behaviors. This is especially staff writer and a presenter and leader-
Critics say the problem with true for people who attach less impor- ship positioning/influence strategist at
situational ethics lies with individuals tance to morality for their personal ACFE Global Fraud Conferences since 2010.
who can’t make meaningful choices. identity. These “low moral identifiers” He’s president of Donn LeVie Jr. STRATE-
Instead, they rely on mitigating factors may even increase the intensity level GIES, LLC, where he speaks, writes, and
like convenience, efficiency or facing a of their unethical behavior over time. leads programs that enhance leader-
“no-win scenario” in an “ends justify the “High moral identifiers,” on the other ship performance, increase executive
means” approach, rather than relying hand, are less likely to follow this path. influence, and cultivate deeper strategic
on established ethical concepts and (See “Moral Rationalization Contributes connections. His website is donnleviejr-
personal standards of accountability and More Strongly to Escalation of Unethical strategies.com. Contact him at donn@
responsibility. Behavior Among Low Moral Identifiers donnleviejrstrategies.com.
CFEs have the edge in pay, high work satisfaction, CFEs earn
2022 Compensation Guide shows 17% more
than their
non-certified
Certified Fraud Examiners (CFEs) earn compensation reports with the ACFE counterparts.
17% more than their non-certified coun- Salary Calculator at ACFE.com/Comp-
terparts, and 62% report being happy Guide, using categories such as job mostly fighting fraud from home. In
on the job. These are just a few of the in- function, education, industry, years of 2019, less than 20% of CFEs worked
sights from the Association of Certified experience, and age and gender. mostly remote, according to the 2020
Fraud Examiner’s (ACFE) 2022 Compen- Compensation Guide.
sation Guide for Anti-Fraud Professionals, Like many professionals, fraud
which also revealed a slow trend toward
examiners experience on-the-job stress,
gender diversity in the anti-fraud pro-
rating their jobs either Somewhat High
fession and changing workplace habits
Stress (39.5%) or Very High Stress
since the COVID-19 pandemic. (See
ACFE.com/CompGuide.) (16.7%). But 62% gave the profession
“The CFE credential can help dis- high marks. And many find personal
tinguish anti-fraud professionals from fulfillment fighting fraud, rating it
their colleagues and represents a 17% Somewhat High (38.9%) or Very High
premium, when withholding for key (23.1%). But Pry has a warning for
factors like geography, professional role employers:
and experience,” says ACFE Vice Presi- “When participants were asked
dent of Membership Ross Pry, CFE. about their professional plans, it was
The guide, using data from 5,040
nearly a 50/50 split with respondents
fraud examiners from across the globe,
saying they plan to stay with their cur-
shows that CFEs make more than their
rent organization for the next two years
non-certified peers no matter where
they are. CFEs in Latin America and Evolving and diversifying and those saying they plan to leave in
the Caribbean outearn non-certified The guide provides a status update on the next two years.”
counterparts by 34%, while CFEs in the the field and presents a profession that’s
Middle East and North Africa are paid
21% more than non-CFEs in those coun-
diversifying, growing and adjusting to
the pandemic. Here are some notable
acfe board of regents
tries. North American CFEs earn 12% results. expels member
more, and European and Sub-Sahara Signaling an increasingly global The ACFE Board of Regents has revoked
African CFEs earn 8% and 9% more, network, over 52% of survey respon- the CFE credential of Paul Doran, of
respectively. CFEs in Asia earn 1% more dents were outside the U.S., exceed- London, U.K., and permanently expelled
than non-CFEs. ing the number of non-U.S. respon- him from the ACFE. This decision was
North American fraud examin- dents in the 2020 guide. (See tinyurl. based on Doran falsely holding himself
ers have the highest median salary at com/2zeesbzc.) The profession is also
out as a CFE and providing a false docu-
$106,000, followed by European fraud seeing more gender diversity, although
ment to support that status.
examiners at $91,991. Middle Eastern that trend has stalled over the last few
and North African examiners’ median years. In the 2013/2014 Compensation
Guide, the breakdown was 65% male
Reporting disciplinary cases
salary is $65,036, and in Latin Amer-
and 35% female; however, in 2020 If you believe an ACFE member has vio-
ica and the Caribbean the median is
$62,413. Asian and Sub-Saharan African it was 60/40. The 2022 guide nearly lated the ACFE’s rules of conduct, report
fraud examiners round out the list at matches that split at 62/38. And the directly to the ACFE Legal Department,
$51,346 and $34,356, respectively. COVID-19 pandemic generated major Legal@ACFE.com. The ACFE also main-
ACFE members can delve deeper change for anti-fraud professionals. tains an anonymous hotline. For more
into the data and create their own Now, 91% of respondents say they’re information, visit ACFE.com/standards.
K
erry Binder thought of herself of the record 7 million reported cases of
COLUMNIST
as a real computer jock. When ROBERT E. HOLTFRETER, identity theft, credit card fraud ranked
she had a problem with her PH.D., CFE second with nearly 390,000 cases. New
DISTINGUISHED PROFESSOR
computer that she couldn’t solve, she account credit card fraud accounted
OF ACCOUNTING AND RESEARCH
contacted the Geek Squad, retailer Best for 363,092 of these cases, and existing
Buy’s tech support service, for help. One credit card fraud accounted for 32,204 of
Don’t use the number included in the them. (See tinyurl.com/m34ywy8x.) The
day she received a text message saying
message. FTC offers the following explanations of
she’d been charged hundreds of dollars
• If you see an unauthorized transaction why new account fraud predominates:
to renew her Geek Squad member-
on your credit card or in your bank • Existing account fraud has become
ship. She knew nothing about this and
account, ask the credit card company more difficult because advance credit-
thought that this was an error. The
or bank to reverse it and give you back card chip technology has made the
text message said Binder could dispute
your money. transaction process more secure, and
the charge or cancel her membership
• Report it or any other scam to the FTC it’s now harder to counterfeit credit
by calling a phone number within 24
at ReportFraud.ftc.gov. cards. (See “How the EMV credit card
hours. When she made the call, a scam-
• Also, if you paid a scammer or gave chip works and why it matters,” by
mer told her that he had to gain remote
them personally identifiable informa- Lance Cothern, credit karma, July 26,
access to her computer to help her.
tion (PII) or access to your computer, 2022, tinyurl.com/mumufuk6.)
When he’d finished rummaging around
read the helpful advice in my Novem- • Data breaches have exposed infor-
in her computer, he told her that he’d
ber/December 2022 Fraud Magazine mation for hundreds of millions of
corrected the error and apologized for
column, “Inheritance scam, improv- people. Identity thieves can use this
the mistake.
ing cybersecurity protection and information for new account fraud.
A week later, Kerry found that her
what to do if you get scammed,” to • Fraudsters can more easily steal mon-
bank account had a zero balance. A bank
help resolve these issues. (See tinyurl. ey via new account fraud because con-
employee told her that when she gave
com/2rtpm9n3.) sumers don’t know the new accounts
the scammer remote access to her com-
in their names exist. Card issuers or
puter, he probably installed a spyware
Credit card fraud consumers may notice suspicious
program that stole her bank account
Credit card fraud, a major and lucrative activities on their existing accounts
information.
scheme in the playbook of most iden- and lock the cards to prevent possible
This case is fictional, but represents
tity thieves, consists of two types: new takeovers by identity thieves.
this recent scam posted on the Federal
account and existing account.
Trade Commission (FTC) website. (See Assessing liabilities
New account: An identity thief
“How to recognize a fake Geek Squad Are you personally liable for any
opens a new credit card in your name
renewal scam,” by Alvaro Puig, FTC, Oct. using stolen PII. fraudulent charges that show up on
25, 2022, tinyurl.com/tvcptyxc.) Existing account: An identity your credit cards? According to the FTC,
Puig, the author of the FTC article, thief uses your existing credit card after your liability is limited, but it depends
offers the following advice: stealing your credit card information or on when you report the loss and the
• If you think the message is legitimate, purchasing it on the dark web. type of card that has been charged. (See
contact the company in question us- According to the FTC’s 2021 Con- “Lost or Stolen Credit, ATM, and Debit
ing a phone number you know is real. sumer Sentinel Network Data Book, out Cards,” FTC, tinyurl.com/4aad4wp3.)
Kathryn Wilson, CFE, learned in high school that accounting encompasses so much
more than crunching numbers — it’s also about following the money. And accounting
isn’t just a job for Wilson, who conducts risk assessments and devises ways to prevent
fraud as a senior manager in CohnReznick’s government and public-sector group; it’s
also a family affair with her two brothers and late grandfather in the profession.
Interview by Jennifer Liebman
I was born in Indiana but raised in I wanted to be an actress, pastor, risk assessments, identify and
Western Pennsylvania. I now live in private detective, archaeologist, implement internal controls, and
Northern Virginia with my husband, teacher and a lawyer. But a high establish policies and procedures
daughter and three fur babies: a school accounting course with an to mitigate fraud, waste and abuse.
tabby cat, miniature dachshund amazing teacher sold me on the Even though we don’t inves-
and Great Dane. (I’m a huge profession. It wasn’t the number tigate fraud, we consider control
“Scooby-Doo” fan.) crunching that interested me as weaknesses that allow fraud to oc-
I’m the oldest of four children, much as the challenge of following cur and identify areas that require
so I always had a buddy to play the money. It’s also a profession remediation. There’s always a
with. My parents encouraged us to I share with my two brothers and lesson to learn about what fraud-
be active, and my favorite activi- late grandfather, who was an ac- sters can do and how to apply that
ties included cheerleading, tennis, countant for General Electric. knowledge to future audits and risk
archery, swimming, horseback assessments.
riding and reading. On nice days, I’m currently a senior manager
you’d see me reading a mystery in CohnReznick LLP’s govern- My interest in fraud started with
or a “Betty and Veronica” comic in ment and public sector advisory my passion for solving “myster-
the tree outside my window or on group, leading the company’s ies” and bringing justice to those
the porch swing. I absolutely loved growth in anti-fraud, waste and who’ve been victimized. You
reading “Choose Your Own Adven- abuse services. Additionally, I lead might’ve guessed from the careers
ture” books, “The Boxcar Children,” a team of hard-working, talented I considered and the books I en-
“Nancy Drew” and Agatha Christie individuals to support one of our joyed growing up that I’m a fan of a
mysteries. government clients. We conduct good mystery.
Pay attention to details and docu- instantly knew I needed to be a part Don’t be afraid to network and
ment, document, document! When of it. I took a chance and traveled to build relationships, and don’t be
it comes to documentation, it’s New York City for the ACFE’s CFE too quick to judge an opportu-
important to capture exactly what Exam Prep Course, and I passed all nity. Talk to people, observe their
you learned and what you found to four sections that week. My mother mannerisms (a helpful interview
be reasonable or unreasonable and even traveled to support me and tool), and most of all, be yourself.
explain why so that someone read- see me walk out of the last exam I wouldn’t be where I am today if
ing your report for the first time will with a big “cheese” smile and yell, “I I didn’t network and meet people
understand what happened. did it!” who’ve supported and mentored
me in my career.
Fraud prevention and strong I credit all the job opportunities
internal controls are key. In my I’ve gotten and the people I’ve met My ultimate achievement is my
experience, many agencies are daughter. She is a sassy, strong-
throughout my career to the CFE
only focused on the latest tools for willed, passionate and beautiful
credential. Being a CFE has also
detecting fraud after the damage 5 year old (going on 16) who I
changed my mindset in every as-
is done. It’s our duty as CFEs to know will one day conquer the
pect of work. Not a day goes by that
educate about fraud risks, internal world. She’s lit a fire in me and em-
I’m not thinking about fraud risks. I
controls and prevention. I often hear powered me to be a better version
even apply my CFE knowledge
about programs in which only one of myself and a role model.
outside of work, such as watching
person is handling transactions with I enjoy reading, playing the
reality TV and calling out characters
little support documentation and piano and flute, watching movies,
who are lying because I can read
minimal review of internal controls walking, yoga, meditating, watch-
or appropriate reconciliations. their body language. It stays with
ing the Steelers, playing pool and
you.
rummy with my husband, “dance
If there’s a will, there’s a way; nights” with our daughter, being
fraudsters are finding new ways to If you haven’t already, get certified.
outside, going on family trips to the
deceive, and we need to be up to Even if you only have an inkling of
beach, national parks and historic
date on the trends. The world still interest, do it. You do need to study
landmarks, and evenings dancing or
needs fraud fighters. for the exam, and I highly encour-
sitting by a bonfire with friends I’ve
age taking the CFE Exam Prep
known since grade school. n FM
When I first started my career, only Course and attending in person if
a few of my colleagues were CFEs. possible. Once you obtain those
Jennifer Liebman is assistant editor
Once I heard there was an organiza- credentials, doors to many opportu- of Fraud Magazine. Contact her at
tion dedicated to fighting fraud, I nities will open. jliebman@ACFE.com.
1. According to the article, “The Medicare disadvantage,’’ A. Proper denial of late vendor bids.
how did Cigna allegedly commit fraud in its 360 Program? B. Needlessly long delays in contract negotiation or
A. It knew that 360 home visits generated false and invalid awards.
diagnoses but it continued to submit tens of thousands C. Unbiased technical evaluations.
of these invalid codes to the Centers for Medicaid &
Medicare Services (CMS). D. Approval of necessary contract modifications.
B. It consistently prioritized chronic care and acute care
management. 6. According to the article, “Thwart procurement fraud,” what
has not proven to be effective when performing analytical
C. It allowed vendors to provide patient treatment and
searches for questionable breaches in procurements?
care during home visits.
D. It gave nurse practitioners full access to beneficiaries’ A. Contextualization.
full medical histories. B. Triangulation.
C. Data quality and quantity.
2. According to the article, “The Medicare disadvantage,” the
sheer volumes of data and multitude of Medicare Advan- D. Limited data samples.
tage plans can make it easier for fraud fighters to miss
wrongdoing. 7. According to the article, “What can fraud examiners learn
from PIs?” what skillset do private investigators possess
A. True.
that can also enhance fraud examiners’ capabilities?
B. False.
A. Evidence tampering.
3. According to the article, “Battling fraudulent product sub- B. Preconceived judgment.
stitution,” what is one weakness in the vetting process for C. Skeptical and investigative mindset.
supply contracts in the U.S. armed forces, in contrast to the
proactive methods implemented at NAVAIR? D. Personal opinions.
A. When the Department of Defense detects nonconform- 8. According to the article, “What can fraud examiners learn
ing parts, excessive amounts of compelling evidence from PIs?” in a 2013 Google consumer survey conducted
have made it too easy to prosecute suspects.
by the firm Diligentia Group, 95% of those surveyed think
B. The Department of Defense normally administers each that private investigators break the law at least some of the
problem as a separate instance and rarely conducts an
time, and 20% think that PIs never abide by the law.
analysis of the overall practices of the vendor for pos-
sible referral for criminal investigation. A. True.
C. Law enforcement agencies have been overly proactive B. False.
in investigating bogus parts cases.
D. When the Department of Defense identifies a substan- 9. According to the article, “5 most scandalous fraud cases
dard part, the supplier immediately admits the error of 2022,” why have some banks been unwilling to refund
and is too quick to take the blame before a proper money stolen through Zelle fraud?
investigation can be conducted.
A. The Zelle fraud cases are so few that there’s no need to
4. According to the article, “Battling fraudulent product sub- take them seriously.
stitution,” what are the red flags to look for when monitor- B. Hardly any of their customers are using Zelle.
ing for suppliers that may be predisposed to supplying C. The number of Zelle fraud cases has been decreasing.
nonconforming parts to the Department of Defense?
D. They say regulations don’t require them to refund
A. A high number of passed tests and inspections. money for authorized transactions, and many fraudsters
B. Reports indicating high efficiency. trick their marks into authorizing Zelle payments.
C. A disproportionate percentage of deficiency reports,
10.According to the article, “5 most scandalous fraud cases of
failed tests or inspections, and terminations for conve-
nience or default. 2022,” employees of which nonprofit were arrested for a
massive $250 million COVID-relief fund scheme?
D. A lack of corrective action requests and zero testing
failures. A. Feeding Our Future.
B. Action Against Hunger.
5. According to the article, “Thwart procurement fraud,”
what is one example of how violators breach procurement C. The Hunger Project.
integrity? D. World Food Programme.
DO NOT SUBMIT THIS FORM. Log in to your My Transactions page after purchasing the Fraud Magazine Quiz
set to submit your answers or record your answers on the answer sheet and submit online when you are ready.
CONTINUED FROM PAGE 9 The Fraud Magazine CPE Quiz has moved to an online
• Don’t boil the ocean with your client’s data. self-study format, making it easier for CFEs to earn 10
Start small, demonstrate effectiveness and ACFE (non-NASBA) CPE. CFEs can earn 10 CPE by
quick-hit wins, then expand based on suc- taking quizzes online after reading featured articles in
cess metrics. Fraud Magazine.
• If you don’t know what you’re looking for,
you’ll never find it!
• Use the right technology tool for the right
job. Don’t force a square peg into a round
Visit ACFE.com/FMQuiz
hole just because it’s your square peg. Do and follow the steps below:
what’s best for the client and be technology
agnostic.
1. Select the Online Fraud Magazine CPE Quizzes
• When it comes to applying data analytics by year from the dropdown*.
as an investigative tool, technology is only
as effective as the people using it and the 2. Click the “Add to Cart” button and complete the
process designed to implement it. The devil’s checkout process.
in the details — you just need the right tools
to exercise the demons. 3. Read featured articles in Fraud Magazine that
correspond to the year of the quiz set you purchased.
• Make sure your data analytics specialists
have a reserved seat at the table early in the 4. Access your quiz set by logging into your ACFE.com
process. Don’t underestimate the value of a account, clicking on the “My Transactions” tab and
strong investigation plan centered around clicking on the quiz set you purchased.
carefully curated analyses.
Build it right, keep it relevant and stay 5. Pass 5 of 6 quizzes with a score of 70% or higher and
innovative. Follow this recipe and they will receive your CPE certificate instantly via email.
indeed come for your services. n FM
*
Quizzes will be added to the current year’s set as issues of Fraud Magazine are pub-
lished. CPE can only be obtained from the current year’s quizzes after the fifth quiz is
made available in September.
Please Note: The Fraud Magazine CPE Service CPE credits apply only to the CFE status
and not to any other professional designations. Fraud Magazine CPE is not registered
with the National Association of State Board of Accountancy (NASBA).
The ACFE collects and stores your personal data in the U.S. to provide member services
and fulfill transactions requested by you. For a full explanation of your rights regarding
how we store and use your data, visit ACFE.com/privacy-policy.aspx.
Together, Reducing
Fraud Worldwide
BOOKS AND MANUALS
Build your anti-fraud library with books and manuals
written by anti-fraud experts. Visit ACFE.com/books.
Bad Blood
By John Carreyrou
Paperback, 368 pages
In this book, you will learn the gripping story
of Elizabeth Holmes and Theranos — one of
the biggest corporate frauds in history — a
tale of ambition and hubris set amid the bold
promises of Silicon Valley, rigorously reported
by the author and prize-winning journalist
John Carreyrou.
$119.20 - $239.20 Members / $149 - $299 Non-Members $10.40 Members / $13 Non-Members
ACFE.com/books
SELF-STUDY COURSES
Expand your anti-fraud knowledge with our comprehensive,
ACFE.com/selfstudy.
NASBA-compliant self-study CPE courses. Visit
NEW NEW
CPE Credit: 0.2 CPE Credit: 0.2 CPE Credit: 0.2
For more information on ACFE self-study courses, including refund and ordering policies,
= This course fulfills the annual ethics CPE requirement for CFEs.
fields of study, learning objectives and course levels, visit ACFE.com/selfstudy.
CALENDAR OF EVENTS
ADVANCE YOUR CAREER WITH TRAINING FROM THE
GLOBAL LEADER IN ANTI-FRAUD EDUCATION.
ACFE.COM/CALENDAR
CFE EXAM REVIEW COURSE DETECTING FRAUD WITH DATA 2023 ACFE WOMEN’S SUMMIT
ANALYTICS WORKSHOP
Virtual Washington D.C. + Virtual
January 23-26, 2023 Virtual March 8, 2023
February 14-16, 2023
VISIT ACFE.COM/CALENDAR
for the latest list of UPCOMING EVENTS.
Calendar subject to change.
*All in-person events will be held following safety precautions for the city and venue of the event.