Good Guy Gone Bad Gone Good: The Story of John Rusnak

GUEST BLOGGER

Mark Blangger
ACFE Research Editor

Once a good guy goes bad, there’s no turning back — right? For some, absolutely. For others, like John Rusnak, hope exists.

Allfirst Financial was searching for a savvy foreign currency trader to help boost its bottom line. Enter well-intentioned John Rusnak. During his first two years at Allfirst, Rusnak did well, but he wanted to prove that he was the go-getter he made himself out to be when he was hired. So, he began placing multi-million-dollar bets on the yen rising against the dollar, only to watch the yen’s value nosedive — and his anxiety skyrocket. Rather than face humiliation and the discovery of the mounting losses, Rusnak requested more cash to increase the size of his trades, hoping to alleviate his deficit. His hopes dashed, he took advantage of Allfirst’s loose (almost nonexistent) internal controls to enter bogus option contracts into the system, giving the illusion that his trades were remunerative.

After five years, Allfirst’s powers that be realized how much capital the bank had tied up in the currency market and demanded that Rusnak release it to remedy the bank’s balance sheet’s skew toward the foreign exchange market. Runsnak’s smoke screen soon dissipated. The discovery that the requested capital was nonexistent and Rusnak’s cover-up of $691 million in losses led to his arrest. He was sentenced to seven-and-a-half years in prison, fined $1 million for concealment and required to pay restitution.

After serving his time, a former acquaintance gave Rusnak a job and later put him in charge of running his ZIPS Cleaners franchise. Now an advocate for second chances, Rusnak works with jail treatment centers and similar organizations to staff the growing franchise, helps juveniles find entry-level jobs and uses his “bad guy” past to mentor others on the consequences of making poor choices.

John Rusnak is just one example of bad guys who, following their expiation, do turn back, and even pursue liberation from their past and associated guilt. Another on the list of bad guys who did an about-face is Kevin Mitnick, who was convicted of hacking into Digital Equipment Corporation and Motorola, and now evaluates organizations’ internal controls.

Financial cover-up and financial gain are most often the impetus for good guys like Rusnak and Mitnick to become bad guys. Studies on white-collar crime have brought to light some mind sets that are common among such white-collar fraudsters. Here are a few examples:

  • The fraud is victimless. (The organization and its employees and shareholders are victims. Enron and WorldCom are epitomes.)
  • The benefits outweigh the costs. (For those who fail to consider the consequences of being caught, the opposite is true.)
  • The victim is at fault. (The fraudster blames the crime on the organization’s [victim’s] failure to implement strict controls; the fraudster’s lack of self-control and moral integrity are to blame.)

The intricacies and results of these studies are explored in detail in the ACFE’s new online self-study course, Criminology and the Psychology of Fraud. The course offers anti-fraud professionals insight into crime causation, how criminological theories explain and predict white-collar crime, psychological and organizational restraints as well as other revealing information to add to their toolbox of knowledge.

Unite With Heroes From Across the World at the ACFE Global Fraud Conference

More than 3,000 fraud fighters from more than 60 countries across the globe — the largest gathering of anti-fraud professionals in the world — will come together at the 28th Annual ACFE Global Fraud Conference in Nashville, June 18-23.

The conference offers more than 70 unique educational sessions in 13 tracks, allowing you to customize your agenda to meet your experience level, job function and current challenges. Dedicated networking opportunities, the Anti-Fraud Exhibit Hall and professional development resources offer additional ways to help you reach new heights in your career as an anti-fraud professional.

See why heroes unite to fight the good fight against fraud:

You can still save $100 on Full or Main Conference. Use discount code 28Early100 before April 21.

How Companies Can Stop Thieves in the Race for Your Tax Return

GUEST BLOGGER

Sarah Hofmann
ACFE Public Information Officer

It's unfortunately common this time of year for individuals to file their taxes only to find out that someone has already claimed their return. This type of identity theft can be upsetting, but it may be even more upsetting if they found out their identity was stolen not through a fault of their own, but due to their employer falling victim to a scam.

Savvy cybercriminals are using business email compromise schemes, or "spear-phishing" tactics, to acquire personally identifiable information (PII) through employers. They spoof an email address or phone number to make it look like they are someone from the company's human resources management company or accounting firm — or even someone from within the company itself — and ask for employee W-2s. Once they have the W-2s, they are able to steal employees' identities.

This year, the IRS warned that cybercriminals are widening their target scope from just large corporations to smaller organizations, such as nonprofits and school districts. According to the ACFE's 2016 Report to the Nations on Occupational Fraud and Abuse, small organizations often have fewer anti-fraud controls in place than larger organizations — a weakness that makes them easier targets for fraudsters.

Bruce Dorris, J.D., CFE, CPA, CVA, vice president and program director for the Texas-based Association of Certified Fraud Examiners (ACFE) said, "Fraudsters and cybercriminals are continuing to search for new victims with this unique phishing scam. Many of these organizations have smaller budgets and do not have personnel to defend against these attacks, so nonprofits and school districts must invest and raise awareness in the latest fraud detection and prevention techniques to protect themselves."

Employers can protect themselves and their employees by:

  • Educating employees on email best practices
  • Never sharing PII over the phone or via email
  • Reporting suspicious behavior

The IRS has asked employers who receive phishing emails to forward them to phishing@irs.gov. Employers must remember that as technology evolves, so do fraudsters. The best defense against fraud during tax season is to be wary of anyone asking for sensitive information and to report any suspicious behavior.