Our team have compiled commentary on financial crime trends affecting Australian business, government and the not-for-profit sectors in the five months to November 2019. Our analysis is based on a review and assessment of financial crime linked articles appearing in the Australian news media.
In presenting this overview, it is important to note that some of the matters have not yet been tested in legal proceedings (and indeed some may never be tested in legal proceedings). For further information about any of the matters raised, please visit our FCX Newsroom.
There were several reports during the period of public sector personnel in senior state government and local government roles allegedly being involved in what is collectively referred to as ‘official corruption’. Some of these cases were identified by whistleblowers who made protected disclosures to the relevant government anti-corruption agencies while others, untrusting of the official channels for reporting public sector corruption, made their report directly to the media.
All of the official corruption reports, whether ultimately sustained in legal proceedings or not, caused significant reputational harm to the government agency concerned as well as the government itself. Many official corruption cases were initiated by private sector businesses under financial pressure making improper payments in order to win government contracts or in order to secure planning approval or some other improper commercial advantage.
- Victoria’s Independent Broad-based Anti-corruption Commission (IBAC) is currently holding public hearings into allegations of serious corruption in relation to planning and property development in the City of Casey in metropolitan Melbourne. The public hearings are examining relationships between a property developer and councillors as well as unexplained bank transfers to one councillor by the property developer with planning applications before council at the time.
- A senior Western Australian public servant formerly in charge of integrity for the Department of Communities was charged with receiving fraudulent payment for false invoices totalling $2.5 million. The WA Corruption and Crime Commission (CCC) alleged that the public sector employee colluded with a person in the private sector in raising and processing the bogus invoices. The employee has since entered a guilty plea and is awaiting sentencing. WA Police allege the false invoicing scheme could involve as much as $25 million.
- A project manager at a Melbourne metropolitan Council is alleged to have received cash, gifts and other benefits from a road contractor at the time he was involved in awarding the contractor work valued at more than $16 million.
An ongoing theme in the FCX newsroom is crypto-currency scams. In the five months to November 2019, we saw increasing media attention on crypto-currency (both in terms of legitimate and illegitimate applications) and government agencies struggling to keep pace with the growing involvement of organised crime in crypto-currencies.
- Melbourne E-crime squad police arrested a man in relation to unregistered cryptocurrency transactions. The investigation included seizure of a crypto-currency ‘ATM’ from a shopping centre in suburban Melbourne. The ATM was established to convert Australian currency into crypto-currency allegedly at an inflated conversion rate.
- The Joint Chiefs of Global Tax Enforcement (known as the J5) including representatives from the Tax Departments of the United States, United Kingdom, Australia, Canada and the Netherlands attended a meeting in Washington DC. The meeting identified dozens of potential tax evasion schemes linked to cryptocurrency.
- A “National Proceeds of Crime Conference” held in Brisbane on 13 November had a significant focus on crypto-currencies and their role in money laundering and facilitating untraceable illegal transactions. The conference heard that over the last 10 years the joint “Criminal Asset Confiscation Taskforce” seized $435 million in criminal proceeds much of which was in the form of various crypto-currencies.
- Facebook plans to launch a cryptocurrency called ‘Libra’ next year as part of a strategy to leverage its social media platform in establishing an e-commerce and global payments solution. In response, ASIC said that it believes Libra poses “many risks and threats” to Australia’s financial system, including potential scams, fraud and privacy concerns.
- Reports of ‘crypto-jacking’ continue to be posted in the media. Crypto-jacking involves employees of organisations and external cyber-criminals using various techniques to steal computing power from target devices in order to secretly “mine” (i.e. unlock the block-chain code) crypto-currency.
- A Gold Coast based crypto-currency investment scam tricked more than 100 investors into handing over almost $300 million with the promise of generous returns. Senior citizens made up a large proportion of the alleged victims.
- The ACCC reported that it expected losses due to crypto-currency scams in Australia to reach $532 million by the end of 2019 with falsified celebrity endorsements for so-called crypto-currency investments on the rise. The ACCC’s advice to Australians is to be wary of crypto-currency investment advertisements they see on the internet.
- Research by the Australian Strategic Policy Institute shows that organised crime is experimenting with crypto-currency as a way of laundering money and that this will represent a challenge for regulators as they will need teams of experts who understand crypto-currencies in addition to understanding more traditional finance arrangements.
Financial sector compliance breaches
Major banks and other financial sector organisations continued to be criticised in the mainstream media during the period to November 2019.
- AUSTRAC (the Australian Transaction and Analysis Centre) called-out Westpac for breaching the Anti-Money Laundering and Counter-Terrorism Financing Act for failing to report 23 million suspicious transactions.
- nab admitting to breaching the National Consumer Credit Protections Act in connection with a loan referral scheme – the bank admitted 255 breaches in relation to receipt of information and loan applications from ‘introducers’ who are deemed by ASIC to be, in fact, unlicensed agents.
- The Australian Prudential Regulation Authority (APRA) reported that a new legally-enforceable security standard on the financial sector (CPS 234) had uncovered 36 data breaches since it came into force in July 2019 many involving the disclosure of personal information as a result of “human error”.
- ASIC published its planned action and public ‘to-do’ list to banks, brokers and consumer credit industry in view of increasing incidents of bank outages, online payments fraud, major data breaches and poor consumer lending practices.
Cases of external cyber-attack continue to be reported in the mainstream media reflecting the increasing propensity for organised crime to engage in fraudulent activity over the internet.
- A joint Australian Federal Police (AFP) and ASIC taskforce uncovered ‘multi-layered cybercrime activity’ in one case. The AFP-ASIC investigators allege that a criminal syndicate used stolen identity information acquired on the ‘dark net’ as well as single use SIM cards and fictitious email accounts, to commit ‘identity takeover’ before siphoning up to $10 million from victims’ accounts into more than 70 fictitious bank accounts.
- One example of a settlement ‘redirection scam’ was reported. This scam involved redirection of settlement funds to a fraudulently created fictitious bank account by creating an email address that appears to be the genuine email account of an agent for one of the settling parties. The email address had only one character different from the genuine account which goes unnoticed by the other party. Settlement funds were forwarded to the bogus account which subsequently is cleared by the organised criminals. This case follows the PEXA scam of a 2017 where organised crime gained access to the email account of one of the settling agents before changing the bank account details and syphoning more than $500,000 out of the automated settlement process.
- Cyber-crime experts reported that there has been an “explosion” in stolen credit card details being distributed online. Tested and verified card details with high balances are sold online for US$10 to US$20 particularly for use in card-not-present (CNP) fraud. The ease of trading stolen credit card details especially over the dark net is seen as the main driver for an increase in CNP fraud. Potentially, this is also a primary driver for why hackers break into systems to access customer personal and banking data. In August 2019, PayID reported that hackers broke into a new payment system involving customers of the big four banks where fraudsters targeted customers with bogus texts and telephone calls in order to access the ‘New Payments Platform’ database.
To combat online fraud, the Australian Institute of Criminology and the ACCC have combined to explore factors that make people vulnerable to consumer fraud and to develop solutions to reduce the likelihood of online consumer fraud. Amongst the solutions proposed in the study are:
- Enhanced education and awareness in identifying possible fraudsters in conjunction with banks and money transfer businesses that have direct contact with potential victims of fraud.
- Policymakers and relevant organisations and agencies could produce advice on how to properly research organisations and companies.
- Consumer-protection campaigns and programs to educate and remind individuals of the risks of using money wire transfers when making overseas payments.
- Invasive preventive and disruptive actions such as allowing financial institutions and remitters to refuse to transfer funds where definitive evidence proves the account holder is being defrauded.
Many of the articles in the media about money laundering focused on financial sector organisations’ failure to comply with their suspicious transaction reporting obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. But there were a large number money laundering cases appearing before the courts in the five months to November 2019.
- The AFP obtained court orders freezing property worth $17.3 million as part of an investigation into money laundering by two Chinese nationals. The AFP allege that the money was raised through real estate and loan fraud with the proceeds of crime used to purchase or develop numerous properties in Victoria and Tasmania.
- NSW Police arrested three people charged with participating in a $100 million money laundering syndicate linked to organised crime. Each was alleged to have played a role in using a security business as a front to launder money in and out of the hands of organised criminals in Australia and abroad. A security firm set up as a semi-legitimate business allegedly accepted cash from organised crime groups before moving the funds through additional transactions and withdrawing them to be passed-back to other criminal syndicates.
- A Sydney man who laundered more than $3 million through the Commonwealth Bank in less than a year was jailed for seven years.
- The first Australian to face a terror-related foreign incursion charge has been jailed for at least four years on a separate matter after he helped launder $18 million through local banks. The man was found to have deposited more than $4 million in 558 separate transactions each designed to be just under the $10,000 threshold that would require the banks to report the transactions to AUSTRAC. The transactions were made in the 10 months to October 2017 at Sydney bank branches with most of the funds deposited with the Commonwealth Bank ($3.1 million) and NAB ($670,000).
Occupational fraud continues to hit the headlines underpinning the position that in addition to the increased incidence of external attack on Australian Government and business sectors, internal fraud continues to grow in frequency and financial and reputational impact on the organisations concerned. Some of the occupational frauds reported during the half year were:
- The financial controller of a Sydney school alleged to have defrauded the school of close to $4 million by directing the GST and FBT remittances into bank accounts owned by him or his associates.
- An administrative officer of a cruise line alleged to have stolen $3.7 million from her employer.
- A couple who defrauded an insurance underwriter of more than $17 million in a large scale internal false invoice fraud were jailed in Victoria for more than nine years.
- A well-known Melbourne bookmaker admitted to defrauding gamblers of almost $18 million across five years in a betting-ring fraud.
- The former chief of staff to NAB’s chief executive accused of defrauding NAB of millions of dollars and corruptly giving a benefit to a service provider to the bank.
- A former finance executive of a well-known supermarket operator accused of stealing almost $2 million by preparing false documentation and altering an email to make it appear an office payment voucher had been approved to siphon funds into his bank account to pay for rent and reduce the debt on his vehicle.
- An unauthorised financial adviser charged with allegedly misappropriating millions of dollars in client funds that were deposited on the premise that they would be traded on the clients’ behalf in commodity markets but were instead used to fund a lavish lifestyle of private jets and jewellery.
- A former executive of a major television network was charged with the misappropriation of funds for allegedly creating false invoices and transferring more than $8 million into several bank accounts on more than 700 occasions over 14 years.
Final comments on trends
It is instructive to contemplate the common themes associated with many of the matters highlighted in the FCX newsroom since July 2019 and to consider how Australian organisations can leverage the lessons from these and other reported matters. Key themes common to many of the matters raised are:
- significant involvement of information technologies in financial crime;
- the rise in the incidence of external cyber-borne attacks on Australian organisations;
- the increasing involvement of organised crime in external attack on Australian business and consumers;
- involvement of parties external to victim who collude with insiders;
- complexity of business relationships;
- desperation shown by individuals and business entities that are financially distressed;
- involvement of parties outside of the Australian jurisdictions;
- the ability to easily move funds from one jurisdiction to another; and
- speed of transaction processing including ‘straight-through processing’ of transactions with no human involvement.
Addressing these key themes would involve Australian organisations:
- investing more heavily in cyber security;
- raising awareness internally of the risks facing the organisation;
- researching the financial crime exposures of the industries in which the organisation operates;
- increasing fraud, corruption and cyber-security resourcing;
- encouraging the governance function and executive level management to view financial crime as a serious risk and to invest more funds in controlling financial crime; and
- ensuring that the organisation is adequately covered by applicable insurances.