Air India Found Wanting – Designing a Robust Fraud Prevention Program

Stelios Haji-Ioannou, founder of budget airline EasyJet once uttered the famous phrase “If you think safety is expensive, try an accident”. This was based upon his dire experience in 1991 when a tanker belonging to his father’s shipping company spilled 50,000 tonnes of oil in an environmental catastrophe that claimed five crew members’ lives. As chief executive, Stelios Haji-Ioannou barely escaped incarceration in Italy for manslaughter.

Likewise, any substantial business or organisation is tempting fate by failing to have a Robust Fraud Prevention Program in place. The risks may not be an oil spill but can be equally costly to the bottom line and damaging to the reputation of the business.

As an example for failing to have an adequate Fraud Prevention Program in place, the state owned airline Air India has recently been in the news for all the wrong reasons. Allegations of rampant theft, fraud and maladministration have been widely circulated. These have included tales of repeated thefts of liquor from flights, diversion of spare parts for illicit sales, kick-backs related to the orders of goods plus pilots being paid for duties not performed.

State owned Air India is now facing the reality of job cuts or cease flying certain routes. The failure by executives and management to inculcate an atmosphere of anti-corruption as well as implement an anti-fraud structure has set the scene for wide scale waste and theft.

Any company, institution or organisation –must create and implement a robust fraud prevention programs that is staffed and overseen by capable fraud examiners.

A fraud prevention program will help to protect a company or organisation by:

  1. Instituting a whistle-blower hotline whereby employees and contractors can make confidential tip-offs regarding fraudulent behaviour;
  2. Setting the principled “tone at the top” so that the whole business or organisation embodies the anti-fraud ethos;
  3. Developing a code of conduct and a confirmation process to structure anticipated behaviour for all personnel and contractors
  4. Creating an environment that ensures audit trails for purchase, orders etc. are in place;
  5. Hiring and promoting appropriate employees via a Pre-Employment Screening program;
  6. Instituting suitable anti-fraud and graft training programs;
  7. Identifying and measuring fraud risks;
  8. Implementing and monitoring internal controls;
  9. Having a strong and independent audit committee;
  10. Contracting independent external auditors;

Stopping fraud before it occurs is the ultimate goal of a successful fraud prevention and awareness program.

Hotlines Run Hot
Honest and responsible employees & contractors will utilise hotlines to report irregularities and suspicions anonymously without fear of retaliation. Anti-fraud surveys by the ACFE have reported that hotlines can cut an organization’s fraud losses by approximately up to one half.

An independent third-party vendor can set up whistle-blower hotlines; receive, screen and log confidential calls before passing along relevant information to investigative entities for their action.

Extra effort should be made to communicate the existence, contact channels and benefits of the hotline to all employees and contractors on a regular basis to report any suspect or improper business practices.

Three fraud mitigation actions
Fraud experts have outlined three main actions to mitigate fraud: create a culture of honesty and high ethics, evaluate anti-fraud processes and controls, and develop an appropriate ongoing oversight process.

Setting the Tone at the Top
A company or organisation’s executive and management team sets the moral and ethical direction for all employees and contractors to follow. Employees need to know that the upper echelons believe and submit to a high level of ethical behaviour. Management must clearly communicate a zero tolerance for fraud and the need to follow the pronouncement with education and awareness campaigns to reinforce policies and procedures.

Develop a Code of Conduct
The keystone of an effective fraud prevention program is a culture with a strong value system founded on integrity. This value system can be reflected in a code of conduct. The code of conduct should be created with the involvement and input of employees so that they can be guided whilst making appropriate decisions during their workday.

A code of conduct should include written standards that are designed to deter dishonest or immoral behaviour, promote honest and ethical conduct by all employees plus advise employees what they can and cannot do. The code of conduct should be provided in both a soft and hard copy to all employees, circulated regularly and translated into appropriate languages for overseas locations.

Confirmation Process
People with low integrity or external pressures may be deterred from committing fraud if they know that there is an oversight and confirmation process which increases the likelihood that they will be caught. After issuing the code of conduct to all employees, each should be required to sign a statement indicating that they have read and understood the code’s requirements and will comply with them. This will have the effect on those who have signed the statement can’t later hide behind the claim of ignorance.
Do you need to know more about our services and how Regents can assist you with preventing internal theft and corrupt activities?

Simply go to our Internal Theft or Corruption Investigation pages for our phone numbers or else send an email to contactus@regentsriskadvisory.com with your contact details and we will respond at once.

Is Speak Asia Online to be trusted?

Despite being the home of software programmers and large scale IT out-sourcing companies, the Indian public has not been exposed to internet sensations, rumours and intrigue to the same extent as countries such as the USA.

Until now.

The online opinion company Speak Asia Online is a Singapore-based company which is now being investigated by Indian authorities for alleged financial fraud and conducting business in India without a licence. Some claim that Speak Asia Online has all the hallmarks of a classic internet Ponzi scheme whilst its supporters claim that it is a legitimate business venture which is being criticised for its own rapid success.

Speak Asia Online claims that it is a legitimate company which pays its’ subscribers a small sum each time they complete an online questionnaire regarding a product or service. Speak Asia Online claims that it is engaged by various companies to conduct market research with Indian households.

Speak Asia Online claims to have attracted nearly two million members in India since it started operations in January 2010. A company statement says it has paid out more than $50 million to survey takers and reported revenue of $80 million in the past nine months.

But there is a catch. Of course there is.

To become a subscriber, you must first pay fees of around Rs10,000 which provides a ‘Surveys Today’ e-zine, an online magazine, for one year and the opportunity to enrol as s panellist. A panellist can be paid up to Rs900 to fill up two surveys of about 12 lines each.

Therefore, after completing around eleven surveys a panellist would start to earn an income from Speak Asia Online. Panellists can also earn money by recruiting other panellists to join and thus receive a commission.

This has left some detractors to conclude that Speak Asia Online is some sort of fraud, scam or Ponzi scheme and should be investigated or shut down by the Indian government. Speak Asia Online protests that it is genuine business and has broken no laws, offering to co-operate with the authorities if need be.

Supporters also point out that they are earning an income from Speak Asia Online as panellists and those complainants should mind their own businesses.

In order to assess whether Speak Asia Online is a genuine business, fraud experts would recommend assessing the following points in relation to Speak Asia Online:

Business model – does the model itself make sense?
This is hard to answer directly. Certainly there are genuine businesses which have operated for decades conducting surveys. But the surveys are focused, relatively small and usually conducted face to face to ensure quality. Speak Asia Online does not follow this path.

People can also earn money by recruiting other subscribers. This has generated a group or recruiters seeking to find new subscribers to continue their income stream.

Analysts have seen this as the trait of a classic Ponzi scheme, sucking in new cash to pay out to earlier subscribers. Speak Asia Online needs to demonstrate that this is not the case.

Does the subscriber need to pay?
Definitely and it is paid upfront. This can be viewed as a definite red flag for a possible scam. It has been noted that Speak Asia Online charges subscribers to be a panellist and receive an e-zine – smartly declining to promise that later payments will be made or else that this is an investment scheme.

Location of the business – does this make sense?
Not at first blush. Though Speak Asia Online is only active in India it has few employees or offices there. Instead, it is a registered company in Singapore. It could be argued that it makes sense for taxation but this doesn’t make business sense.

It has been noted that reporters from Star TV are said to have visited the business address in Singapore and found that there were few people present who claimed they were not involved with Speak Asia Online. This certainly raises more red flag concerns.

Business history – how long has it been running?
Not very long; about 18 months according to the registered documents held by ACRA in Singapore. It should be noted that the business has changed its’ name two times; from Haren Technology Pte Ltd to Pan Automotives Pte Ltd. Neither of these former names suggests that the previous business incarnations were internet based opinion operations.

A cause for concern.

What do the top people of Speak Asia Online say about the business?
Not much and not very convincing.

Speak Asia Online CEO (India) Manoj Kumar claimed during an interview that Speak Asia Online was engaged by ICICI Bank. Following a refutation by ICIICI Bank they there were not a client, Kumar back tracked and said that his earlier claim was a mistake. Kumar allegedly claimed a number of other prominent clients which were later found not to have any relationship with Speak Asia Online. Commentators stated that the CEO ought to know who his own clients are.

At a press conference in Mumbai, Kumar struggled to define exactly what Speak Asia Online does. He denied that they are a direct seller or a company that makes money based on referrals.

Is the company properly regulated?
Not really. It operates in an economic area which has been overlooked so far.

The Indian Direct Selling Association (IDSA) has asked the government to come up with a regulatory framework that will define direct selling, stipulate how it should operate and pass laws to protect consumers.

Meanwhile the Ministry of Corporate Affairs (MCA), Economic Offences Wing, market regulator Sebi and bank regulator Reserve Bank of India are reviewing different aspects of Speak Asia Online’s operations.

What other bad news has Speak Asia Online experienced?
The Singapore bankers of Speak Asia Online, United Overseas Bank, are reported to have declined to continue to be their bankers. Speak Asia Online claimed that they elected to change banks but the confusion suggests that United Overseas Bank no longer wanted to be associated with Speak Asia Online. Does United Overseas Bank know something we don’t?

 

Speak Asia Online may prove it’s detractors wrong and thrive in a new business sector in the budding Indian market. If it can be more transparent about the operations and exactly who its’ clients are, then it should be able to save the day.

Watch this space.

 

Do you need to know more about our services and how Regents can assist you with preventing fraud and money laundering? Simply go to our Fraud Investigation page for further details and us send an email to contactus@regentsriskadvisory.com with your contact details and we will respond at once.

Hacking of White House Gmail accounts

The recent announcement by Google that a number of users Gmail accounts have been hacked into has ratchet up the debate on cyber war between China and the US. The importance of this report relates to the fact that these Gmail accounts were held and sued by senior US and South Korean government officials as well as Chinese political activists.

Google claims that it had discovered and alerted hundreds of users who had been duped by a carefully targeted “phishing” scam. The method used – called spear phishing – is not new but can be particularly successful when targeted properly.

A spear phishing attack occurs when a victim receives an email from a familiar address of a close associate or a collaborating organisation/agency. However, the address has been spoofed [falsely generated] and the email comes from the hackers. Usually the email has some form of attachment which needs a viewer – when clicked on, the user is directed to a fake Gmail login page for harvesting login details of the user.

Once the hackers had the password details of the user, the hacker would log into the Gmail account and create rules to forward all incoming mail to another account without the user’s knowledge. Often the other Gmail account ID is made to closely resemble the victim’s ID so as to reduce suspicion. From that point on, the spurious Gmail account is frequently accessed remotely and all incoming emails downloaded to a central location and the emails deleted from the Gmail account.

By this method, the hacker(s) can begin to create a patchwork of communications between various users and organisations. It has been indicated that these hacking attempts originated from Jinan, the capital of Shandong province. While there is no direct evidence that the hackers are located in Jinan or are in the pay of the Chinese government, the dedication of the attacks and their highly targeted nature eliminates direct financial gain as a motive. Technology watchers haven’t ruled out the possibility of the attack being state-sponsored.

However, it should be noted that the main reason that the Gmail accounts were selected in the first place is that they were thought to have contained some useful information related to the users work. Though we don’t know the identity of the users, it has been suggested that elements within the White House and Senate have been users plus South Korean government officials.

It is a fact that many White house officials choose to use external email accounts rather than the government approved ones for certain emails. The users are aware that government emails are archived and my be the subject of later legal actions, investigations or being placed in public archives. For this reason, they have chosen to use Gmail addresses for certain subjects or contacts. This happened during the Bush presidency too so that many subjects are absent from official correspondence.

What does this mean for your business or organisation? We are all prone to hacking attempts though mainly for commercial gain for scammers seeking bank account numbers, credit cards, passwords etc.

You need to brief email users as to the perils of `spear phishing’ attacks and the spoofing of addresses. One negligent click on a smart phone could expose company details to the outside world.

And what are your corporate policies on people using Gmail, Yahoo etc accounts for business or organisation communications? Is this acceptable? What happens when a smart phone is lost or the user leaves the business? Those email may be lost with no auditable trace of what was agreed with clients, customers etc

It’s not just the White House that needs to review policy and security – these hackers may be targeting you.

Do you need to know more about our services and how Regents can assist you with computer forensics and data recovery? Simply go to our Contact Us page for our phone numbers or else send an email to contactus@regentsriskadvisory.com with your contact details and we will respond at once.

l

Woolworth’s buyer and coffee importer charged over corruption

A senior Woolworths executive and an alleged co-conspirator both face criminal charges following a protracted investigation into a corruption kickback scheme operating inside Australia’s major supermarket chain.

In January 2011, Bill Harvey, formerly Woolworth’s national buyer for coffee, tea and sugar, was charged by Police with receiving or soliciting secret commissions and with conspiracy to cheat or defraud. Harvey was responsible for selecting the brands and lines of coffees and teas from a number of suppliers across Australia. Therefore, Harvey would have been required to frequently meet with current and prospective suppliers as well negotiate terms of contract for supply.

The allegations centre on the claim that Mr Harvey accepted a percentage of a ”promotional fee” from the coffee and tea supplier for the purpose of ensuring that the coffee and tea products were given space on Woolworth’s shelves.

One of Woolworths suppliers was Melbourne based LZ Enterprises, which is the Australian distributor of Arrosto Bello coffee and Cha Yuen tea brands. Robert Lever, now the former marketing and export manager at LZ Enterprises, dealt with Harvey as part of his task for promoting the brand.

Upon receiving this allegations, Woolworths undertook its’ own investigations and made a report to the Police. Harvey was subsequently arrested at the Woolworth’s offices. Internal auditors are checking to see if other products are involved in the alleged scheme and whether more offences may be detected.

The charges come almost a year after both were arrested during operations by police in New South Wales and Victoria. The matter came to light after a tipoff from a disgruntled supplier suggesting that corrupt activity was occurring.

Corrupt kick back schemes are nothing new for the major grocery retailers in Australia, Woolworths and Coles. In October 2009, Woolworths removed three buyers from the fresh produce purchasing department after investigations showed that the grocer was paying up to $20 per carton too much for vegetables from one of its supplier. In 2006, Coles fired an executive after a secret business deal came to light that the executive and the owner of Tasman Group Holdings, then one of Coles’ primary suppliers of red meat products.

When employees interface with suppliers and vendors on a daily basis there is always a likelihood that over time they may form an illicit alliance and seek to act corruptly. As demonstrated in the case above, it is possible to detect errant employees and have them arrested / prosecuted for this activity which can be so damaging to the company and the reputation overall.

In order to reduce the likelihood of corrupt activities between employees and suppliers, plus increase the chances of detecting such activity, it is advised to at least follow some of these suggestions:

  • Ensure that all meetings between employees and suppliers take place at designated locations only, usually company offices
  • Have all meetings documented and meeting notes made to detail what was discussed and agreed
  • Have managers randomly attend meetings to ascertain the demeanor and progress of discussions on pricing, quality, deliverables
  • Ensure that all proposals, agreements and communications are scrutinised by auditors and or legal departments
  • Issue a Code of Conduct outlining what constitutes corrupt or dishonest conduct and the severe penalties involved for this activity
  • Have all employees and suppliers / contractors read the Code and Conduct and sign that they will abide by this
  • Install a working `whistle blower’ program so that any party can make a formal complaint as to suspect activity
  • Have regular training and education on the perils of corrupt activities
  • Rotate employees between positions so as no to over familiarize them with individual suppliers

Do you need to know more about our services and how Regents can assist you with preventing internal theft and corrupt activities?

Simply go to our Internal Theft or Corruption Investigation pages for our phone numbers or else send an email to contactus@regentsriskadvisory.com with your contact details and we will respond at once.