The CEO Fraud: A Call for Vigilance

March 2016

The CEO Fraud: A Call for Vigilance

Ronald H. Levy
This email address is being protected from spambots. You need JavaScript enabled to view it.
514 878-3251

A well thought out scam and the urgent need for action

This scam, referred to by the FBI as the "CEO Fraud", is reported to have claimed over 12,000 victims worldwide. Canadian companies, including Quebec companies, have not been spared. A representative from the Sûreté du Québec said that, since 2014, almost 50 Quebec companies have fallen victims to this scam for losses totalling several hundreds of millions of dollars. This phenomenon continues to grow which is cause for concern.

This scam preys on fooling senior employees into believing that intra company communications actually comes from their own CEOs or other senior high ranking executives.

According to the daily Financial Times, this situation is primarily due to two factors: corporate governance shortcomings and the lack of strict redundant safeguards in place, which are adhered to in all cases, have caused average losses of 120,000 USD, with some companies having been tricked into transferring in the tens of millions of dollars.

To guard against fraud, it is crucial to understand the level of sophistication involved and immediately take steps to ensure that processes designed to protect you are put in place. It is all the more urgent to act now considering that in several cases, it was reported that the companies that have succumbed to this scam had to close their doors as they could not make payroll after the loss.

How this scam unfolds

First social media and the websites of the intended victims are studied to establish the corporate hierarchy, as well as the behaviour and habits of senior management.

Once this picture is complete, the fraudsters mimic the email address of the CEO and instructions are sent to the appropriate employee, requesting, confidentially, that monies be sent to an overseas account, so that an acquisition can be completed on behalf of the company. The email usually contains information that the employee would have thought was only available internally.

The employee is given a glimpse of the supposed importance of the transaction and believes he/she is taken into the confidence of the CEO to smooth the way for the transaction to proceed. To add to the authenticity of the request, the fraudsters also mimic the name of either a lawyer or accountant with an internationally recognized firm who confirms the transaction and wiring information. Monies are usually sent to accounts in Asia or Africa but European banks are also now being used to great effect.

The elegance of the scam is revealed in the fact that having phished the travel and personal habits of the CEO, the confidential urgent request is made when the CEO is unavailable to be contacted to confirm the written instructions.

Obviously, once the money is transferred, it is usually lost. However, there are mechanisms available to attempt to freeze the funds in the receiving bank before they disappear. Alacrity and knowledge of these techniques are essential if there is any hope of recovering these sums.

Protect yourself

Unfortunately, many insurance policies will not provide coverage or loss recovery. Insurance companies will argue that the employee fraud clauses do not apply as the funds were voluntarily sent overseas.

The best protection calls for specific governance rules that need to be put in place and adhered to. No company is immune to these scams. This is why nothing should be left to chance.

This bulletin provides general comments on recent developments in the law. It does not constitute and should not be viewed as legal advice. No legal action should be taken on the basis of the information contained herein.

 

DE GRANDPRÉ CHAIT LLP

800 René-Lévesque Blvd. West, 26th Floor, Montréal, Québec Canada H3B 1X9

T 514.878.4311 | F 514.878.4333 | This email address is being protected from spambots. You need JavaScript enabled to view it. | www.dgchait.com