FRA

Forensic Risk Alliance

FRA Sponsors the Northeast Regional InfraGard Information Sharing Initiative

FRA is sponsoring the 2019 Northeast Regional InfraGard Information Sharing Initiative in Providence this week. InfraGard is a partnership between the FBI and members of the private sector. The ISI programme was designed to maximize the benefit of the information sharing between the public and private sector and seeks to adopt a consistent, cross-functional, multidisciplinary approach to assess and manage information sharing. This particular session will concentrate on economic espionage and insider threat considerations to information sharing between private sector companies and the Federal Government. Key insights will be posted on our website.

Panel topics will include:

  • The Foreign Corrupt Practices Act: Background, Current Trends, and Avoiding the Pitfalls of Foreign Bribery Schemes
  • Industrial Espionage: The Foiled Attempt to Steal Advanced Robotics
  • The Insider Threat: The Rise and Fall of the American Superconductor

Conference speakers will include:

  • Hermano J. Ferreira, Senior Director Global IT Systems & CyberSecurity, Medrobotics Corporation, Keynote Speaker
  • Mike Trahar , Director, FRA
  • SSA Keith Nelson, FBI
  • SA Scott McGaunn, FBI

ISI Official Program Information

Insights from the NYCFE Spring Fraud Conference

FRA Manager Daniel Roseberry attended the New York Conference of the Association of Certified Fraud Examiners (NYCFE) Spring Fraud Conference: Technology is shaping the fight against fraud, in New York. The NYCFE was formed in 1990 and is dedicated to fraud prevention education through meetings, seminars, workshops and professional networking opportunities for our members. Below are some of Daniel’s key insights from the event.

The Ethically Intelligent CFE

Dr. Bruce Weinstein, The Ethics Guy®, presented five powerful principles driving ethical intelligence that he urged CFEs to consider when confronting decisions inside and outside of the workplace. In his remarks, Dr. Weinstein walked the audience through the following questions based on what he calls the five principles of ethical intelligence:

  1.  Will this avoid causing harm?
  2. Will it make things better?
  3. Is it respectful?
  4. Is it fair?
  5. Is it a caring thing to do?

At the end of his presentation, Dr. Weinstein explained that if the answer to each of the five questions is “Yes”, then the approach is likely to be ethically intelligent.
The principles are based on Tom L. Beauchamp and James F. Childress’s “Principles of Biomedical Ethics” (Oxford University Press). Dr. Weinstein simplified the names of the principles and broadened their applicability beyond healthcare and biomedical research.

Metadata and How It Is Used in Complex Investigations

Founder of SL Data Management, Sal Llanera, talked about metadata and how it can be an effective tool to use in investigations. Metadata, or data about data, includes things like file dates, file authors, the type of application used to create the file and hash values (i.e., the file’s digital fingerprint). By using these metadata points, an investigator can create an effective exhibit in the form of a timeline of events which most audiences can easily understand. For evidence like this to hold up at deposition or trial, Mr. Llanera stressed the importance of capturing a “forensic image” of metadata and completing a robust chain of custody. Mr. Llanera ended his presentation by walking the audience of CFEs through ways to confront claims of an email never being sent and document manipulation.

Why People Lie

Bret Hood, a former FBI Agent and current adjunct professor of forensic accounting at the University of Virginia, exposed the audience to the inner thoughts of a fraudster as he explained why people lie. Mr. Hood extensively discussed integrity tests conducted by Dan Ariely, a Duke University professor of psychology and behavioral economics, and what the results of those tests proved. One of the results being that people find comfort in following the behavior of others with whom they can relate (i.e., in-group behavior), which lends to the importance of an ethical tone at the top. The discussion also touched on different ways people who lie rationalize the act, including distancing themselves from the lie through euphemisms (e.g., “grease the wheel” vs. bribing). Mr. Hood noted that some key considerations on how to maintain an ethically sound company culture is to celebrate those who are ethical and maintain consistency in the moral code of the company.

Navigating the Threat Landscape: Fraud, Extortion and Espionage

Douglas Bienstock, a Principle Consultant at Mandiant, spoke to the conference attendees about the mechanics of a cyberattack and how bad actors use unauthorized access to commit fraud, extort and spy. Among the topics discussed was the anatomy of a cyberattack, which includes the penetration of a network at an initial point of compromise, the bad actors establishing a foothold throughout a network, gaining access to higher privileged credentials and data exfiltration. Mr. Bienstock concluded his presentation with some takeaways to help prevent the threats of a cyberattack which comprised of educating employees about security awareness, having a strong understanding of the network environment and investing in key technologies (e.g., multi-factor authentication, email screening, Content Disarm and Reconstruction).

Leveraging Data Analytics to Detect Digital Money Laundering

Michael Schidlow, SVP & Head of Financial Crime Compliance and Emerging Risk Audit Development at HSBC, kicked off his presentation by explaining the prevalence of virtual currency (“VC”) transactions and the two classifications of VC: closed VC and open VC. The key difference between the two forms being that closed VC is limited to a closed environment (e.g., a coffee shop gift card) while open VC can be converted into cash using exchanges or ATMs (e.g., Bitcoin). While closed VC does not appear to present as much of a risk compared to open VC, Mr. Schidlow explained that through a scheme called “ghost laundering”, closed VC can be an effective money laundering tool. In order to effectively detect digital money laundering, Mr. Schidlow described the extensive use of analytics to spot anomalies, such as abnormally high volumes of transactions, high frequency of missing data fields and a high rate of inconsistent merchant codes. Once the application of analytics flushes out these irregularities, it then allows for a much more targeted approach to assess root cause.

 

FRA Welcomes Director Viktor Josefsson to the Forensic Accounting team

Viktor Josefsson joins FRA as the newest Director in the Forensic Accounting team in London. He brings over 15 years of experience in his portfolio focused on assisting clients and counsel in the areas of anti-bribery / anti-corruption, FCPA, regulatory compliance, global corporate investigations, disputes, financial crime and forensic accounting matters.

Viktor said “I feel truly privileged to be part of this market-leading and rapidly-growing boutique firm that specializes in the fields and areas seamlessly aligned with my professional expertise, passions and interests. The brand that FRA has built in just 20 years is nothing short of extraordinary and after having spent just a short time with the firm I understand all the accolades. It is exciting to join a team where everyone is given a platform to succeed; a platform that continues to grow as the organization makes strategic business investments – perhaps more importantly, strategic investments in its people – to broaden and grow its footprint in the market.”

Prior to joining FRA, Viktor spent 15 years with Deloitte as part of its Forensic practice based in Washington, DC. While with Deloitte, he specialized in large cross-border investigations into potential corruption, bribery, fraud, diversion of funds and other types of corporate governance or misconduct matters. In addition, he also has extensive experience with anti-corruption risk assessments, M&A due diligence assessments (both pre-and-post close), developing and evaluating ethics & compliance programs, developing and delivering trainings as well as assisting clients with remediation efforts.

He is a native Swedish speaker, fluent in English, has working knowledge of Norwegian and Danish as well as basic knowledge of German.

Viktor Josefsson, Director

French DPAs and International Cooperation at GIR Live Paris

It has been two years since Sapin II came into effect, with the broad goal of ensuring that French companies have robust anti-corruption and compliance regimes. What has been the application of it so far and what changes has it actually brought on ground level? The inaugural GIR Live Paris conference will not only focus on developments in the national investigations sphere but also on the extraterritorial reach of the new legislation, and how best to navigate it.

There will be three sessions:

  1. Internal investigations in France: the view from ground-level
  2. The rise and role of anti-corruption agencies in France: internal investigations and compliance
  3. French DPAs and international cooperation

FRA Partner, Yousr Khalil, will be joining the panel for session three. An outline of what will be discussed is below.

Sapin II has created a French version of the DPA (CJIP), which allows the public prosecutor to conclude a plea agreement with entities accused of corruption, influence peddling, tax fraud, the proceeds of tax fraud, or related offenses. This panel will examine cases of this tool being used, focusing on the interplay between French and foreign authorities. Questions they are expected to discuss include:

  • Are there disputes between the district prosecutor’s offices and the PNF over which agency takes investigations?
  • Do French companies see the value in self-reporting to French authorities? Is it any different post-UBS?
  • When to cooperate? Is it better to talk to authorities early, or wait until the case is accepted by an investigative judge?
  • Are we any clearer on what a company must do to be offered a CJIP?
  • Is settlement with multiple authorities only making fines bigger?
  • Do French companies still fear the DOJ more than French authorities?
  • Do we know what French monitorship looks like?

Panel:

Astrid Mignon Colombet, Soulez Larivière & Associés
Yousr Khalil, FRA
Stephane de Navacelle, Navacelle

Buy your ticket via the GIR website

Insights from Incident Response Forum 2019

Last week, FRA Senior Director Russell Miller and Director William Odom attended the Incident Response Forum 2019 – A Data Breach Response Conference for Legal and Compliance Professionals.

Government cyber-prosecutors and cyber-investigators, attorneys and experts specializing in data breach response came together to discuss the most important and timely data breach response topics such as the legal and compliance aftermath of a data breach, including governmental investigations and litigation, as well as the almost endless list of potential civil liabilities after a cyber-attack.

Key topics of discussion included:

  • Data Breach Response
  • Managing Retail Data Breaches
  • After the Breach: Cyber Insurance and Class Actions
  • National Security and Cyber-Attacks
  • Managing Data Breaches Across Borders (Privacy & GDPR)
  • Breach Avoidance/Preparation: Counseling Companies Before the Inevitable Breach
  • After the Breach: Digital Forensics and Remediation
  • Managing Financial Firm Data Breaches

Consistent messages throughout the Forum included:

  • Email phishing and other low-tech entries into systems are still the most prevalent.
  • Ransomware is now more sophisticated and targeted.
  • Basic cyber hygiene is necessary: Updates to IR plans on a regular cadence, table top exercises on a similar regular cadence and after action plans.
  • Boards and C-Suite execs are getting smarter to the risks associated with cybersecurity but they need constant and current communication
  • Perfect security is impossible
  • US privacy laws will be top of mind in the coming months.

Read their full insights here

Incident Response Forum 2019