How One Man Exposed His Fellow FBI Agent as a Russian Spy

/

FROM THE PRESIDENT

James D. Ratley, CFE
ACFE President

Here’s the situation. You’re a new FBI undercover field operative. But the bureau has called you into headquarters, put a suit and tie on you, and ordered you to take a desk job as the assistant to a longtime FBI special agent and computer systems expert. You’ll be locked in a soundproof, two-office vault to do one thing: covertly surveil this man suspected of being a master spy for the Russians.

That’s where Eric O’Neill found himself in 2001. He became a loyal assistant to Robert Hanssen — an intimidating, demanding and suspicious boss. The FBI had its eye on Hanssen, but they just needed a smoking gun.

O’Neill, who will be a keynote speaker at the 28th Annual ACFE Global Fraud Conference, June 18-23 in Nashville, watched Hanssen for months, but couldn’t find anything incriminating.

Finally, O’Neill was able to get to Hanssen’s Palm Pilot. O’Neill rushed it to the FBI techies on another floor who decrypted it and found Hanssen’s drop date and location of classified material to the Russians. They had him.

Hanssen was arrested on Feb. 18, 2001, at Foxstone Park, near his home in Vienna, Virginia, where he’d made his last drop. He was charged with selling U.S. secrets to the Soviet Union and then the Russian Federation for more than $1.4 million in cash and diamonds in 22 years.

He pleaded guilty to 15 counts of espionage and was sentenced to 15 life terms without the possibility of parole. The U.S. Department of Justice described his spying as “possibly the worst intelligence disaster in U.S. history.”

I’m impressed that O’Neill was able to gather information on Hanssen, who prided himself on being able to detect any hint of deception.

The story was so dramatic that Hollywood transformed it into the 2007 movie, “Breach,” starring Ryan Phillipe as O’Neill, Chris Cooper as Hanssen and Laura Linney as “Kate Burroughs,” O’Neill’s handler. O’Neill was an onsite advisor for the film.

During the 28th Annual ACFE Global Fraud Conference, O’Neill — who now runs an investigative and security consulting firm, and works for a security protection software company — will be addressing recent changes in fraud and cyberespionage through the eyes of sophisticated attackers.

“I will use elements of the Hanssen investigation as a framework and also to tell an entertaining story,” O’Neill says. “The audience will understand why I say that there are no hackers; there are only spies.”

3 Tips to Help Prevent and Detect Fraudulent Travel Expense Activity 

/

GUEST BLOGGER

Misty Carter, CFE, CIA, CISA
ACFE Research Specialist

Have you ever wondered, “Are my travel expenses being reviewed?” Fraudsters who have been successful at defrauding companies through the submission of fictitious travel expenses most likely have. If management, though, has never considered this question from the employee’s perspective, they might unknowingly be paying out thousands of dollars to fund a fraudster’s lifestyle — that fraudster being one of their own employees.

Unfortunately, this was the case with New York State Assemblyman William Boyland, Jr. Boyland, indicted on charges of allegedly filing tens of thousands of dollars’ worth of fraudulent travel expenses, claimed he had been traveling on legislative business in Albany, New York, between January 2007 and December 2011 when he allegedly was not (as reported in Metropolis, a Wall Street Journal blog). In fact, in some of the instances where he allegedly claimed he was traveling to Albany, he was in New York City meeting with undercover investigators who were building an unrelated bribery case against him.

While the exact dollar amount falsely claimed by Boyland is still uncertain, an audit found no record of him being in Albany 609 of the 975 days he claimed he had traveled there. Based on these audit findings, Boyland is required to repay the state $67,497 in mileage reimbursement and per-diem payments. In addition to the indictment for submitting fraudulent travel expenses, Boyland has two other pending charges against him related to bribery and mail fraud.

This is just one example of many where employees abuse company or tax-payer dollars through expense reimbursement schemes. According to the 2016 Report to the Nations, expense reimbursement fraud schemes made up 14 percent of the asset misappropriation schemes with an average loss of $40,000. The report also noted that these frauds lasted a median of 24 months before being detected, as was the case with Boyland.

Even though the detection and prevention of fraudulent employee expenses can seem overwhelming, there are controls that management can put in place to mitigate risk in this area. The following tips can aid in the detection, prevention and deterrence of this type of fraud:

  • Implement continuous control monitoring software. This software is automated and can review 100 percent of expense data. It can be configured to identify outliers or areas where fraud and noncompliance are most likely to be detected. Data reported from these monitoring solutions can help decrease fraudulent expense activity through trend reviews of anomalies. Employees might also be deterred from attempting a fraud if they know that a tool is in place to review all expenses submitted. 
  • Implement a formal travel and entertainment expense policy. It is important for management to develop a clear travel and entertainment expense policy and communicate it to their employees. Management should also ensure employees are aware of their expectations toward policy adherence and establish consequences for failure to comply with policy requirements. 
  • Hold management accountable. Management might be lax in its review and approval of employee expenses, but if held accountable for approving fraudulent expenses, they might spend more time reviewing them. Approving managers should also consider occasionally questioning employees about expenses they submitted. This practice can actually have a deterrent effect: if employees know someone is actually reviewing what they submit, they are less likely to submit a fraudulent expense. 

Although expense reimbursement fraud is rampant, it can be minimized if the proper action is taken. Management must be proactive and implement the necessary controls to help deter employees from committing schemes and detect if they do occur. Failing to take action can be detrimental to the company and leave it exposed to this and other types of fraud schemes.

Episode Notes for Fraud Talk: 'The Problem With Too Many Choices'

/

GUEST BLOGGER

Emily Primeaux, CFE
Associate Editor, Fraud Magazine

In January I had the pleasure of interviewing Bret Hood, CFE, about using data analytics in fraud examinations and the problem of “choice paralysis.” Currently the director of 21st Century Learning & Consulting and a retired FBI supervisory special agent, Hood has spoken at ACFE Annual Global Conferences and is a federal court-recognized expert in fraud and money laundering.

Hood recently wrote an article for the January/February 2017 issue of Fraud Magazine about choice paralysis using a grocery store study. In the article and on the podcast, he explained that this study helped highlight that when people are given too many choices, they freeze and can’t make a decision. The same can happen when a fraud examiner approaches an investigation using data analytics.

Data analytics software can produce an endless amount of data — some usable, others distracting. In the podcast, Hood explained that it’s important for fraud examiners to determine which data sets are relevant. “If we’re doing a billing fraud, I should only be concerned with the billing and not something else,” Hood said. “So if I have billing fraud, I don’t necessarily care about accounts payable. It depends on what kind of billing we have, but what happens is when we start to focus on other things, when we start to take the divergent path, that distracts us from what our original purpose is.”

Other highlights from the interview include:

  • Recommendations for how fraud examiners can overcome choice paralysis, including prioritizing three things that are relevant to your case, focusing on those and fighting the urge to move down other paths as they become present.
  • An analysis of how the brain processes information, including a look at your “working memory.”
  • System 1, the reactionary part of your brain, versus system 2, the reasoning part of your brain.

You can listen to Hood’s entire interview at ACFE.com/podcast and join the discussion about the podcast in the ACFE Community.

Helpful Resources Mentioned in This Episode

The Romance Scam: The Love Song That Never Was

/
Valentine-2017-burst-your-bubble.gif

AUTHOR'S POST

Mandy Moody, CFE
ACFE Content Manager

Jennifer Lopez once sang that her “love don’t cost a thing.” I can’t remember if this was before or after Ben Affleck bought her a Rolls Royce. Don’t worry, it worked out evenly. She bought him a Bentley.

But, alas, not every romance works out as merrily as Bennifer did. (They almost made it to the chapel.) For some, love really is blind, especially when it happens over the internet.

To remember how much of a battlefield love can be, here are some of the latest news stories about people who give love a bad name:

BBC Promotes Valentine’s Day Awareness Campaign
[Jenny] started communicating online with a "very caring, considerate" man who said he was an IT consultant. "Very early on in the communication he was telling me how much he loved me, how he wanted to be with me, I suppose I got to the point where I believed everything he said," she said. Read the full story.

Secrets: When White-Collar Crime Goes Dirty
In two unrelated but sadly similar cases, Harvey and Larry carried on secret, sexually aberrant lives that were decidedly at variance with their known, socially respectable lives. Unfortunately, Harvey and Larry encountered extortionists who exploited their secrets, which cost each man thousands of dollars and one his life. Read the full story.

‘Prince Charming’ Behind Bars in Romance Scam Case
Olayinka Ilumsa Sunmola, 33, of Nigeria was sentenced to 27 years in federal prison for an international criminal enterprise he ran from 2007 to 2014. Sunmola and his associates targeted hundreds of women across the United States, developing intense online relationships and promising them true love. Instead, Sunmola bilked them for millions of dollars. Read the full story.

As a fraud examiner, you may not wear your trust on your sleeve as many of the victims who fall prey to internet barracudas do. You know to ask questions, be cautious and remain curious. Let’s use these stories to help spread the word that love doesn’t have to cost a thing; it can actually be an endless love that will take your breath away.

How many love song references did you spot? Let me know in the comments. Happy Valentine’s Day from the ACFE!

The Red Flags of Workers' Compensation Claimant Fraud 

/

ACFE Staff

Workers' compensation insurance is a type of insurance that provides medical and disability coverage for employees who suffer work-related injuries and illnesses.

While most workers' compensation claims are legitimate, some are inflated or fraudulent. Workers' compensation fraud occurs when someone knowingly makes a false statement or conceals information to obtain workers' compensation benefits or to prevent someone from receiving benefits to which they might be entitled.

Workers' compensation fraud, however, is not rampant. Nationwide studies have shown that only a small percentage of workers' compensation claims are fraudulent. Nevertheless, this type of fraud is costly. Not only does workers' compensation fraud cost insurers billions of dollars every year, it results in higher health care costs and insurance rates for U.S. businesses (according to "Risk Control: Managing Workers' Compensation Fraud" published by Travelers Indemnity Company in 2008).

There are several steps that management and HR teams should take to minimize the risk of claimant fraud and the damage it can cause. For one thing, management should develop and maintain a safe work environment to prevent workplace accidents and control workers' compensation claims. For another thing, leadership should develop post-injury management programs that help guide behavior when workplace accidents do occur.

Also, managers should adopt zero-tolerance policies regarding fraud, meaning that they will investigate and seriously deal with all suspected incidents of fraud. Furthermore, organizations should work with their insurance carriers' fraud investigation units to stay abreast of potential schemes. Finally, organizations' leaders should educate their employees about the various workers' compensation fraud types, schemes and associated red flags.

As instances of claimant fraud rise, management should be aware of the following red flags that can signal abuse:

  • The claimant is engaged in seasonable work that is about to end.
  • The claimant is a new employee, disgruntled, on probation, facing layoff or about to retire.
  • The claimant has a poor attendance record.
  • The claimant has financial problems.
  • The claimant waited days or weeks before reporting the accident or injury.
  • The accident or injury reportedly occurred late Friday or early Monday morning, indicating that it actually occurred off the job over the weekend.
  • There are no witnesses to the reported accident or injury, or the only witnesses are individuals who have a "close" relationship with the claimant.
  • The claimant provides vague or inconsistent details about the accident or injury.
  • The claimant and witnesses provide conflicting details about the accident or injury.
  • The accident or injury reportedly occurred at a location away from where the claimant normally works.
  • The claimant's coworkers express doubt about whether the accident or injury actually occurred.
  • The claimant is unusually pushy about settling the claim.
  • The documentation presented by the claimant contains irregularities or questionable content.
  • The claimant is involved in physical hobbies or sports.
  • The incident report and the medical evaluation contain conflicting information.

Workers' compensation fraud continues to thrive, but management can minimize the risk of such schemes by committing to work safety, implementing post-injury management programs, adhering to zero-tolerance policies, working with insurance carriers and educating employees. And because evidence of illegal activity can come from almost anywhere, as demonstrated by The Price Is Right fraud bust, managers, workers and fraud examiners must be vigilant in their efforts to identify this and similar types of fraud.