Close

Feds looking for signs of fraud amid financial turbulence

The Securities and Exchange Commission and other federal agencies have been keeping watch as the capital markets go through a period of volatility amid rising inflation and interest rates, looking for telltale signs of financial fraud.

During the Association of Certified Fraud Examiners’ global fraud conference last month, ACFE president and CEO Bruce Dorris asked Gurbir Grewal, director of the enforcement division at the Securities and Exchange Commission, about some of the trends he has been seeing. 

“We just watched the cryptocurrency markets disintegrate, and I know that the SEC is having to grapple with a lot of the regulations and enforcement,” said Dorris. “What are some of the emerging trends beyond crypto and other things that the SEC is doing that this audience would be curious about from your perspective?”

Grewal advised anti-fraud professionals to look out for troubling signs in the current environment. “This is a really interesting and perfect storm of events,” he responded. “It’s a time when the opportunity for fraud, and the opportunity for professionals like you to detect misconduct, probably has never been greater because the volatility that we’ve seen in the markets over the last number of years, even before recent events around crypto, has uncovered a lot of wrongdoing. In other words, when we’re in these boom cycles and the money’s good and profits are high, a lot of things remain difficult to detect and hard to discover. I think Warren Buffett said when the tide rolls out, you see who’s swimming naked. Right now, you’re going to see a lot of naked swimmers.”

grewal-gurbir-sec.jpg

Gurbir Grewal, director of the Securities and Exchange Commission’s Division of Enforcement, speaking at the Association of Certified Fraud Examiners global fraud conference.

He pointed to several recent cases that came to the SEC’s attention. “We’ve brought recent prosecutions around valuation issues with private funds,” said Grewal. “With Allianz [Global Investors], we had over a billion-dollar resolution with them for valuation issues. Infinity Q is another case, a private fund with fraud in how they were valuing highly illiquid assets.”

The current financial turmoil has been uncovering fraud patterns that haven’t been apparent until now. 

“We’ve had some recent resolutions where executives are siphoning away money from the corporate fisc by creating dummy corporations and traditional fraud schemes, which now are becoming more apparent as companies’ bottom lines are becoming tighter, so you’ll see more of that,” said Grewal. “Certainly in crypto, whether it’s balance sheet issues now as the market is going up and down as it is, that’s an area of risk that I’m seeing. Beyond crypto, in technology, the books and records issues that I mentioned should be a point of concern for each of us right now as folks are working remotely because of the pandemic. Our return to office probably looks a little bit different for all of us, and recordkeeping is not what it was, and the opportunity to commit fraud being where it is right now, and recordkeeping being challenging in this environment, I think that’s a place where people should be looking.”

The SEC has also been focusing on cybersecurity vulnerabilities. “Cybersecurity issues remain front and center for us at the commission, both on safeguarding data, those rules we enforce around safeguards, as well as disclosure issues when there are events,” said Grewal. “I see a lot of that. In the FCPA [Foreign Corrupt Practices Act] space, it’s going to be interesting because corporations haven’t been wining and dining and flying people around like they used to, so I am certain that misconduct is going on in different ways and is going to require each of you to be more vigilant in your businesses to see if that’s continuing to happen because that risk, since the FCPA has been around, remains. The demands to do business in different parts of the world and the challenges are still there, and we need to be vigilant about that.”

Dorris noted that training and education are stressed by the ACFE as a way to understand such fraud risks, but he also asked about some of the challenges faced by the SEC enforcement staff in keeping up with the latest trends so they can pursue wrongdoers.

“The nearly 1,400 professionals we have in enforcement are remarkable,” said Grewal. “Despite the challenges of the pandemic, they’re resilient and they continue to find new ways to push forward their investigations to hold bad actors accountable, to gather testimony. They continue to push forward our mission of investor protection.”

The SEC is increasingly leveraging data analytics as a way to uncover fraud. “Where I’m focused is on how we can better leverage data, on how we can better use the different data streams that we have, whether it’s using AI or other techniques, to make the work of the professionals at the SEC more efficient,” said Grewal. “We’re all in on using the data streams that we have. We’ve brought a ton of cases around earnings management issues using data. We continue to bring insider trading cases and start investigations using data. That’s an area where I want to get better. I want to make sure we’re investing more and leveraging all of the various data streams that we have as a regulator to facilitate the work. And also on the discovery side, to make sure we’re managing the documents that are coming in. This is not like when I was a first-year associate where I’m sitting in a warehouse going page by page. We have tools now to help us go through documents and identify misconduct a little more easily, so those tools help us bring to bear on our investigations as well.”

An emerging fraud risk could come from environmental, social and governance initiatives, which can be exploited by fraudsters looking to capitalize on the increasing popularity of ESG investing. The ACFE and Grant Thornton collaborated on a guide to managing fraud risks in the evolving ESG environment, which they released at the conference. It can be downloaded here.

PPP fraud and fintechs

Chris Covington, manager of the Fraud Task Force at the federal government’s Pandemic Response Accountability Committee, also spoke at the conference about the billions of dollars in fraud he has been seeing in pandemic aid programs like the Paycheck Protection Program and the Economic Injury Disaster Loans. Some of that fraud has been traced to unscrupulous financial technology companies.

“Fintech companies, we believe, are really part of the problem with the number of fraudulent loans because they took less diligence when it came to the loans than, say, the official bank might have,” said Covington. “In fraud schemes, we’ll often see that there are groups of loans where it looks like they begin hitting one type of fintech and then pivoted to another and then possibly pivoted to a third. You’ll actually see that the loans are clustered among multiple fintechs and it’s often done in a way that it looks like a number of loans might have come in say February and March of 2021 to fintech A, then in April and May it was fintech B and so on. We see fraud rings using fintechs, but the movement of money and applications seems to be across different fintechs. Consumers like to use the convenience of their mobile devices for applying for things, so fintechs are filling this great need that people have to get instant access to information. In the case of the PPP program it’s very likely that they saw this as a way that they could conveniently apply for these loans. Unfortunately that same ease of applications is used by fraudsters.”

He cited the example of one fintech leader, the CEO of MBE Capital, who was criminally charged by the Justice Department in March alleging he obtained a fraudulent PPP loan for his own company. Covington also pointed to a study released in May by researchers at the University of Texas at Austin that found a high incidence of fraud among loans arranged by fintech providers.

“Toward the end, as many as 70% of the loans were actually being processed by the fintechs,” said Covington. “Overall, it’s roughly 40% of the total between 2020 and 2021. The study found that fintech loans are more than 3.5 times as likely to be initiated by somebody with a criminal history. It talked about the fact that they cluster in certain industry players and in geographic areas that just don’t seem to make sense, based on census data.”

The study found that certain fintech lenders seemed to specialize in questionable loans, with more than 45% of their loans experiencing at least one indicator of possible misrepresentation. “They were looking at whether a business was in good standing with the Secretary of State,” said Covington. “They were looking at whether the business actually had physical space or was being operated from a personal residence. They were looking at things that just seemed to be unusual for the average business.”

The researchers also found that 1.8 million questionable loans representing $76 billion in capital were associated with the fintechs, and the fintechs were 2.7 times as likely to have at least one primary indicator of misreporting and 4.7 times as likely to have a primary indicator. 

“The study actually highlighted the fact that they felt the DOJ was behind the curve in the sense that there seems to be a lot more work than was actually being done,” said Covington. “That’s because there is always going to be a lag between the time that you commit a fraud, and when the fraud is discovered, investigated and ultimately prosecuted.”

There have been over 1,200 indictments in relation to PPP fraud, Covington noted, in addition to a number of arrests and convictions, while other individuals are awaiting trial. “These cases are particularly egregious to the point that I think in more cases than not we’re going to have pleas rather than trials just because the evidence is so overwhelming,” he added.

North Korea bank hackers

It isn’t just fraudsters in the U.S. who are responsible, but financial institutions and government agencies have also been seeing crimes committed by foreign governments. Rachel Wilson, director of cybersecurity for Morgan Stanley Wealth Management, a former counterterrorism official at the National Security Agency who also worked at the U.S. Embassy in London helping the U.K. prepare to host the 2012 Summer Olympics, is particularly worried about the activities of the North Korean government. “What am I losing sleep over in this job? I’d say the top of the list for me remains North Korea,” she said. 

She contended that the government there is actively using fraud as a way to bring in capital. “How is North Korea funding their government in 2022? I hate to break it to you all, but it’s fraud,” said Wilson. “Essentially they are hacking banks and stealing money as a means of funding their government. The old adage is ‘Why rob banks? That’s where the money is.’ We just never expected to see a country take that on as the source of their gross domestic product, but that’s exactly how North Korea has resourced this bank-hacking strategy at a very high level. Estimates now have it at 7,000 people within the North Korean government who have bank hacking as their full-time job. Those ranks just continue to grow.”

She sometimes reminds her children that it’s good for them that they didn’t grow up in North Korea. “In essence, a few years ago, the North Koreans implemented a policy whereby every 11-year-old child is administered an aptitude test,” said Wilson. “You score best and brightest on that North Korean aptitude test, and you’re immediately on-ramped into the bank-hacking program. So these kids are moved away from their families into dormitories where they’re trained to be bank hackers from the age of 11. Also unfortunate for all of us playing defense, the North Koreans have proven to be very adept at their bank-hacking strategy.”

She pointed to a 2016 case involving Bangladesh Bank. “This is where the North Koreans successfully hacked into the central bank of Bangladesh and carted off close to $100 million over a long weekend,” said Wilson. “What not everyone knows, though, about that particular hack is that the North Koreans were literally a typographical error away — a spelling mistake away — from that being close to a billion dollars. That’s an eighth of the total national reserves of the nation of Bangladesh. This was not a one-off for the North Koreans. This is their national strategy for finding their government, so much so that the United Nations published a report supporting the allegations of 27 countries around the world, all of whom are asserting that the North Koreans are coming after some aspect of their central bank. This is to the tune of more than $3 billion over the last three years, all of that money going into their missile and nuclear programs, reasons why all of us need to be on our toes.”