Forensic Investigation recipes
The 2009 survey of global corruption carried out by Transparency International, the German-based organization that annually ranks the performance of 180 countries, shows there’s no room for complacency. “At a time when massive stimulus packages, fast-track disbursements of public funds and attempts to secure peace are being implemented around the world,” it says, “it is essential to identify where corruption blocks good governance and accountability, in order to break its corrosive cycle.” Corruption, financial crime, anti-money laundering are the focus of this important survey which puts many developed and emerging countries under the forensic investigation blowtorch.
One country that’s redeemed itself is Australia, which has risen to eighth spot in 2009 from ninth in 2008. It held top spot in 2002, when it was considered the least likely nation in the world to allow corruption. That was before the exposure of dealings by the Australian Wheat Board with the Iraqi Government of Saddam Hussein. Transparency International’s latest Corruption Perception Index (CPI) has New Zealand replacing Denmark in top place. The CPI is a composite index that draws on 13 expert and business surveys to measure the perceived levels of public sector corruption in any given country. In the important regional breakdown of the Index, Australia ranked third for the Asia-Pacific, behind New Zealand and Singapore.
Overall, most of the 180 countries still scored under five on a zero-to-ten scale, with zero perceived as highly corrupt and 10 to mean low levels of corruption. The challenge, therefore, remains undeniable. Highest scorers in 2009 were New Zealand at 9.4, Denmark at 9.3, Singapore and Sweden at 9.2, and Switzerland at 9.0. Australia, Canada and Iceland came in at 8.7. Fragile, unstable states that are scarred by war and ongoing conflict rated lowest, with Somalia at 1.1, Afghanistan at 1.3, Myanmar at 1.4, and Sudan at 1.5.
Economic and commercial espionage has a much lower profile than it deserves – dangerously low. It’s an area where many companies remain unaware of their vulnerability, believing that unless they’ve invented something like a cure for the common cold, no one is likely to be interested in what they’re doing. That’s definitely not the case, for it’s often just a missing link in a chain that a competitor is after. But despite the seriousness of the matter this arena does sometimes produce the oddest of perversities. Here’s a story that takes a lot of beating, even if it doesn’t involve a commercial James Bond having a flat tyre at a crucial moment.
One of China’s major car companies, Great Wall, which is Hong Kong listed and also one of the biggest non-state motor manufacturers, has accused Fiat of secretly photographing its production line and stealing information on its new models. Perhaps there’s nothing unusual about that, but for the fact the Chinese argue that Fiat engaged in this perfidious activity while gathering evidence for its own claim that Great Wall had copied one of the Italian company’s models. This is where things get sticky, as well as perverse.
Fiat has a compact car called Panda, and an Italian court handed down a finding in 2008 that a similar vehicle called the Peri that is produced by Great Wall was in fact an imitation of the Italian model. As a result, sales of the Peri have been halted in Europe. The Chinese are currently in litigation to have that decision overturned. Meanwhile, they claim that while Fiat was gathering evidence on the Panda case, it secretly engaged in industrial espionage at one of Great Wall’s production facilities. The Chinese are now suing Fiat and they’re citing as evidence the very evidence that Fiat itself has presented to a Chinese court to prove that it was Great Wall that did the dirty deed in the first place. Now that’s the sort of convolution that gives convolution a bad name.
Australia’s Daily Telegraph reported on October 21 that McDonald’s – the largest fast food chain in the country – will overhaul security on its EFTPOS machines after customers were stripped of $A4 million. Criminals had snatched the devices at McDonald’s outlets across the Western Australian state capital of Perth, a city of more than one million people, and replaced them with bogus card-skimming versions. This allowed them to fleece at least 3,500 customers. If you’re running a retail business make sure you not only have the appropriate security protocols in place but that you’re also in contact with a team of experienced forensic investigators who can ensure that your protective walls are not breached.
Police in Australia have recently warned retailers to be vigilant in maintaining their EFTPOS security systems. A top fraud squad officer in Western Australia has explained that the McDonald’s scam occurred when legitimate EFTPOS PIN pads were replaced by fake ones that transmitted PINs to the criminals. “It doesn’t take much time to switch these pads over,” he said. “Perhaps 15 to 20 seconds. It’s plug in and play.”
The most likely scenario in the scam is that McDonald’s staff were distracted while serving customers, with the bogus devices probably substituted at that time. A police taskforce has been established to specifically target the McDonald’s crime and it has warned retailers across the nation, especially in the largest state of New South Wales, to learn from the Perth experience and keep their terminals under constant and close scrutiny. No arrests have so far been made.
Most people are aware that dangers lurk on the Internet, but they are often amazed when they discover just how destructive attacks can be. And threats tend to come from the most unexpected quarter. In Australia, for example, the federal taxation commissioner recently warned that identity theft and the rorting of online tax refunds were a particular problem. Blatant and increasingly sophisticated scams, he said, were causing havoc in the lives of those innocent people targeted, adding that, “If your identity is stolen it can take years to put things right.” The commissioner’s worry, of course, isn’t just the loss of revenue but also a national loss of confidence in the tax system itself. What if you, as an individual or as a company chief, had your reputation destroyed? That of your company would go with it as well.
So how do you fight back against those who use the anonymity of the Internet to commit such crimes and to cause harm and distress? That’s where Internet forensics come in. Here are six areas in which professionals experienced in this state-of-the-art field of investigation can help you retrieve what you’ve lost.
1. Tracing Anonymous Emails.
Computer forensics came to the fore once again during an investigation into four top British executives with allegations that one of them had used special software to destroy critical financial documents shortly after the investigation was launched. Digital forensic investigators seized and forensically imaged multiple computer, laptop & server hard drives as part of the government agency investigation in the U.K.
MG Rover Group Limited was best known for manufacturing the MG spitfire sports car as well as the Rover sedans after it emerged from the nationalised British Leyland Car Company in 1986. In 1994, Rover was sold to BMW which made heavy investments into the company to revive the brands’ appeal. However, by 2000 BMW decided to sever links and Rover was sold for £10 [US$16] to Phoenix Venture Holdings, headed by John Towers. [Land Rover was sold off separately to Ford whilst BMW kept an interest in the production of the Mini].
Though Phoenix Venture Holdings had bought Rover for just £10 [US$16], there was a side transaction whereby Phoenix and it’s four directors bought the Rover cars finance and lease loan book from BMW for £313 Million [US$515 Million] in 2001.
For anyone interested in the sophisticated art of computer forensics and analysis, whether you work for a government agency or a business, an article in The Wall Street Journal on September 4 had particular relevance. One of the Journal’s writers, Siobhan Gorman, revealed a major technological breakthrough, one that intelligence insiders claim is the world’s most effective analytical tool for investigating terrorist networks. And it’s come from a virtually unknown software start-up.
Based in Silicon Valley, Palantir Technologies has created a user-friendly search tool that can scan multiple data sources at once, something that previous search tools couldn’t do. That means an analyst who is following a tip about a planned terror attack, for example, can more quickly and easily unearth connections among suspects, money transfers, phone calls and previous attacks around the globe. Palantir’s software has helped root out terrorist financing networks, revealed new trends in roadside bomb attacks, uncovered details of suicide bombing networks and discovered a spy infiltration of an allied government, according to current and former US officials familiar with the events. It is now being used by the CIA, the Pentagon and the FBI.
Yet Palantir remains an outlier among government security contractors. It rejected advice to hire retired generals to curry favour with the agencies and hired young government analysts frustrated by working with slow-footed technology. The company’s founders knew little about intelligence gathering when they started out. Instead, they went on a fact-finding mission, working with analysts to build the product from scratch. The technology they’ve produced is increasingly valuable to spies confronting an information explosion, where terrorists can hide communications in vast data streams on the Internet. A former US Assistant Secretary of Defense has said that this is a new way of war fighting.
Even if Bernard Madoff does manage to complete his 150-year sentence, due to exceptional family genes and a nutritious prison diet, he’s already earned his place in history. And that’s not just because he’s laid down the ground rules for becoming a bold and brazen con man. Rather, it’s due to key lessons he’s taught us about weaknesses in the regulatory system that were just waiting to be exploited. Those same shortcomings exist in businesses too, big and small, around the globe. The message is, if you think something might be awry in your firm get onto the appropriate professionals without delay. Make sure they’re experienced and able to handle state-of-the-art forensic investigation because that’s what you’ll need.
The full 477-page report of the US Securities and Exchange Commission’s inspector-general, recently released, makes for heavy reading. It’s scathing, and one thing leaps out from its meticulous detail: the number of opportunities to catch Madoff that were missed, and why.
Even when the SEC’s own officers remained extremely worried about his integrity, the Commission’s enforcement division closed down its investigation into Madoff’s business, claiming it was a “fishing expedition”. That was less than a year before Madoff confessed to running one of history’s biggest ever Ponzi schemes. The inspector-general concluded that the breakdown on the SEC’s part was not the result of the “misconduct of a particular individual or individuals, and found no inappropriate influence from senior-level officials”. At least that’s comforting. What isn’t, is his conclusion that the Commission failed systematically during its inquiry into Madoff’s 17-year long scheme, missing the significance of eight separate complaints. Each of these offered an opportunity to expose the fraud.
The perils of focusing too strongly on identifying `red flags’ during due diligence profiles has come to haunt Kroll, the well known risk consultancy firm based in New York. Kroll, also known for its Kroll Consulting, Kroll Associates, Kroll Ontrack, Kroll Factual Data businesses is the author of the recent Kroll Global Fraud Report. It has been reported in the media that Kroll screened and gave the green light to two alleged fraudsters.
The matter involves alleged Ponzi scheme operated by two fraudsters with links to South Africa which resulted in a loss of around US$250 Million to investors. In 2007, Kroll was requested to profile Barry Tannenbaum, a South African, and Dean Rees on behalf of a New York-based asset management firm that was considering investing a substantial investment with their venture.
The revelation is a further blow for Kroll as the New York based firm is still reeling from the revelation that one of its top investigators gave a similar upbeat endorsement to Sir Allen Stanford, the Texas billionaire accused of orchestrating a $7 Billion Ponzi scheme which is under investigation by US Federal Authorities.
The due diligence profile was said to focus on identifying any `red flags’ which would indicate a serious flaw in their background, but found nothing unusual with either Tannenbaum or Rees and is instead reported to have portrayed both businessmen in a “very positive light”.
This month, we focus on some of those aspects of the Information Age not often thought of. It considers some issues not spoken about but we hope nevertheless that you will enjoy it:
The wonders of the electronic era never cease to amaze, with wall-to-wall connectivity, profound knowledge at our fingertips and social networking sites that keep us tuned into gossip on the other side of the globe. But as one US commentator, Nicholas Carr, has observed, “the information-dense, hyperlink-rich, spastically churning internet is in effect rewiring our brains, making it harder for us to engage in deep, relaxed contemplation.” If you think this is the sort of statement that only worries psychologists and anthropologists, think again. Its implications go to the heart of the business you’re running and explain why you’re probably in urgent need of the services of professionals specialising in computer forensics, transactional analysis, forensic investigation and pictorial, diagrammatic and timeline rebuilding.
If that sounds arcane, wait until you see such skills at work on your behalf, outlining the attitude that some of your staff have to your business, to its most closely-guarded secrets and to the obligation you assume they owe you in return for the salary you’re paying them. An audit of these and other related factors, and of the vulnerabilities they produce, can be a sobering experience.
6 KEY AREAS TO WATCH OUT FOR:
The head of the Australian Federal Police made a bombshell announcement at the end of August, days before stepping down from a position he had held for eight years: no criminal charges would be laid against executives responsible for the country’s biggest trade scam ever.
The Australian Wheat Board (AWB), which until recently had a longstanding government-backed monopoly on the wheat trade, had been paying kickbacks to Iraq under the United Nations Oil-for-Food program. The purpose: to secure about 90 per cent of that lucrative market. Of the thousands of companies around the world that were involved in rorting the program, which ran between 1996-2003, AWB topped the list. It paid $A300 million ($US222 million at the time) in bribes, disguised as “trucking fees”. Now no one’s to blame – at least, not in Australia – but the stigma remains. Professional investigation, combining state-of-the-art skills like computer forensics and transactional analysis, could have picked this activity up quickly and nipped it in the bud, even if the culprits had cleverly covered their tracks.
Today, AWB Limited is an independent trader, without its earlier monopoly and without the 11 executives who tarnished its reputation. It wants to move on, but is dogged by the scandal. This latest development – arising out of legal advice from a senior Australian attorney who declared that, “the prospect of convictions was limited and ‘not in the national interest’” – only serves to exacerbate the situation. The Australian Government too, is left in the lurch, for it was the government of each supplying country that had promised the UN that it would scrutinise the bona fides and activities of each of the companies involved.
While the Australian Securities and Investments Commission, the nation’s corporate watchdog, still has its own investigation under way, legal experts doubt that it will now achieve much.