What are examples of common frauds found in the Asia Pacific region and how might parties avoid falling victim or seek recourse after being scammed?
Alastair Campbell
Traditional China’s extensive penal code enshrined two distinct categories of crime GongCui 公罪 and SiCui 私罪, public and private. For the official class, mistakes made in administration were considered admissible and not subject to severe penalties whereas improper behavior and personal corruption were subject to serious penalties. As the philosopher Fan Zhongyan resignedly concluded in the Song dynasty: “Private wrongdoing cannot be tolerated but public wrongdoing cannot be avoided”. This reflected the theoretical pyramid of personal moral integrity emanating from the emperor and permeating down through the ranks. In practice, however, officials avoided recourse to law and evaded punishment by using their network of guanxi “relationships” with superiors. An interesting example of a fraud case combining both categories of crime occurred in the 1380s: Guo Huan a Vice-Minister of Revenue was found to have embezzled 24 million piculs of grain: his co-conspirators included several ministers, who lost their posts, but were otherwise unpunished by the trial judge. However, many merchants who unwittingly held stocks of the grain were ordered to return these to the State or face imprisonment. Some facing bankruptcy committed suicide, whereupon a group of merchants who had been privy to the conspiracy mobilized public opinion against the trial judge for causing wrongful death to many innocent parties, and he was eventually tried and sentenced to death.
The rapid expansion of logistics and commerce together with the widespread expansion of silver currency in the Ming dynasty may have occasioned rapid growth in fraud. And in 1617 one Zhang Xingyu published the remarkable “Book of Swindles” documenting many cases, partly as cautionary tales, but clearly also relishing the ingenuity of the fraudsters portrayed. One chapter is devoted to the perennial and best documented object of fraud: the imperial examination system. A family’s fortune would be dramatically transformed if the son was successful in becoming an official. So, despite the severe punishments to which they were exposed, many families sought ways to bribe or influence examiners. Even in the 20th century, the famous writer Lu Xun’s grandfather, a member of the prestigious Hanlin academy, was imprisoned for trying to bribe an examiner on behalf of his son. Extricating him from jail nearly bankrupted the family and may account for Lu Xun’s bitter satires on traditional society.
Gillian Lam and Kay Cheng
In recent years, we have seen increases in terms of loss, frequency, and sophistication in cyber-attacks, particularly in light of the global pandemic necessitating heavier reliance on online communications. These frauds range from smaller scale romance scams or COVID-19-related supplier frauds to major business email compromise or ransomware attacks. Spear-phishing attacks deploy social engineering by pretending to be senior management/suppliers and directing funds to be sent abroad (making the funds harder to be traced). Hackers’ ability to use real email addresses (rather than spoofed ones) for these payment instructions has made these frauds harder to spot. Together with fake websites and manipulation tactics by fraudsters, employees (senior management included) can easily fall victim of these frauds. We have seen losses amounting to tens of millions of Euros/USD.
In all fraud cases, time is of the essence, and victims must move quickly upon discovery of the fraud to maximise recovery prospects. The first and most crucial step is to ensure that the defrauded funds are “frozen”, so the fraudsters cannot dissipate the funds further and victims can commence recovery actions. In Hong Kong, there are a few options to secure the funds. (1) Bank freeze – triggered by funds recall from the remitting bank or letters issued to the recipient banks to put them on notice of the fraud. Banks may impose an informal hold on the funds pending its own suspicious transaction report to the police to comply with AML laws in Hong Kong; (2) Police freeze – in a form of “Letters of No Consent” issued by the police to the banks to informally secure defrauded funds under the current AML regime. However, the Hong Kong CFI recently held that this regime is unconstitutional and unlawful. Practical effects of this judgment remain to be seen and (3) Civil injunction – the most reliable (though costly) option to secure funds as the court injunction can only be discharged by a court order. Although we have had major successes in the recovery for clients if discovered in time, prevention is always better than cure. Risk mitigation can be achieved by (1) regular employee training and updates to policies; (2) enhanced cyber-security in IT systems; (3) cyber-insurance and contractual risk allocations; and (4) having an internal crisis management/response plan against cyberattacks.
Gillian Lam is a senior associate in Baker McKenzie’s Hong Kong office and a member of the Firm’s Dispute Resolution Group. Gillian’s practice focuses on commercial litigation and arbitration in Hong Kong, including general commercial/corporate disputes, commercial fraud and bribery investigations, and contentious employment issues. She has been granted “Solicitor Advocate” status before the Hong Kong courts. She is also a fellow of the Chartered Institute of Arbitrators.
Kay Cheng is an associate in Baker McKenzie’s Hong Kong office and a member of the Firm’s Dispute Resolution Group.
Shannon Argetsinger
In part, the convergence of digitization and greed in a time of crisis enabled fraudulent activity to flourish. Situational and exploitive fraud has grown dramatically since the advent of the COVID-19 pandemic, capitalizing on near optimal conditions to exploit the good will of people and limited supplies. In May 2021, the United Nations Office of Drugs and Crime stated “Cybercrimes, including the spread of malware, ransomware, DDoS attacks, data breaches and phishing, continues to rise in Southeast Asia. Financial data fraud, credit card fraud and romance scams also continue to grow as cybercriminals ultimately seek to make profit.” For example, Paddy the Room Trading Company, a Thai based business, defrauded U.S. companies purchasing PPE (nitrile gloves) at the height of the pandemic. In early 2020, the need for PPE grew exponentially and people, hospitals, companies, and governments were sourcing it wherever it could be found. Many failed to conduct due diligence for the sake of expediting procurement during a time of crisis. These conditions led to a massive fraud scheme involving sale of defective, dirty, or previously used nitrile gloves to desperate buyers. According to a 2021 CNN investigative report, “Governments and hospital systems scrambled to get what they needed — and dozens of shady companies looking to turn a quick profit saw an opportunity.” There were other companies that defrauded consumers, but Paddy the Room was, perhaps, the most heinous and noteworthy because they were so brazen. Sourcing soiled/used nitrile gloves from other countries and selling them as “new” to buyers during a pandemic was bold.
Fraud blossomed during the COVID era and nefarious characters emerged because the conditions were near perfect. They took advantage of public health demands, short supplies, and sympathies. To combat fraud, we need to be vigilant; conduct appropriate levels of due diligence on purveyors (and when possible, the supply chain); and create greater public awareness of the scams and frauds that threaten our safety. The simple truth is fraud thrives in times of crisis because fear drives desperation, urgency, and apathy. We get complacent and make hasty decisions. Additionally, there’s a part of us that assumes bad actors wouldn’t be so low as to victimize people in a time of need. Tragically, in a time of crisis, a needy person makes a good victim.
Douglas A. Jaffe
Share pledge scams have become a common part of the fraud landscape in Asia. These scams prey on the desperate by offering readily available cash at favorable loan-to-value ratios. Victims are often approached by trusted middlemen who may not actually be aware of or in direct contact with the ring leaders. The lenders often choose reputable sounding names combining a famous historical surname with a high-end brand name. There are usually credible websites, lender representatives using accurate financial jargon and formal documentation. A key to making the scam successful is when the lender recommends a custodian. By agreeing to use a related party custodian, the victim has removed an important obstacle on the path to ruin. The victim may first transfer a small number of test shares and will be rewarded with a prompt disbursement of cash. Further shares are sent and here is when problems arise. Extended delays in payment give the scammer’s custodian time to quietly sell off shares. This might have the unintended consequence of driving down the victim’s share price, and the scammer can then insist on additional shares or send threatening legal letters. A desperate victim could end up sending more shares to secure badly needed funds. Ultimately, when the victim wises up, lender and custodian will conveniently disappear.
These scams are run by global syndicates weaving together parties across multiple jurisdictions, including less credible offshore territories. Interestingly, legitimate service providers may be acting on behalf of the scammers. If law firms are drafting documents, banks are accepting payments and licensed custodians are holding/selling shares, it does raise questions on DD/KYC practices. Victims find it difficult to get law enforcement interested, especially for global scams with no clear home jurisdiction and where communications have been primarily online. And, victims may prefer not to report losses, either for face or other reasons. While the scammers are sophisticated, a common thread in many instances is a failure of the victim to do basic DD on the lender/custodian. Even a simple Web search can uncover obvious red flags. Furthermore, LTV rates more attractive than industry standards could also be a warning sign. Company management desperate for capital may not be thinking straight but implementing a few simple checks and applying commonsense practices can save heartache and future recrimination.
Zhang Yingyu (張應俞) – Style name Kui Zhong (夔衷)
Several successful candidates in the 1600 provincial civil services examinations in Fujian were students of a famous Master Shen. After the successful candidates who now attained the rank of Juren 舉人 had gone off to Beijing to take the metropolitan examinations, an enterprising fraudster came up with a creative scam to leverage the reputation of Master Shen. He engaged an educated accomplice who was a good calligrapher and drafted many letters purported to be from Master Shen. The fraudster delivered these letters to the homes of each of the new Juren who had already left for Beijing. The beautifully written letters would recount a dream Master Shen had that foretold the coming success of the Juren in the Beijing examinations. The fraudster would caution the family that this news must be kept strictly confidential so that people would not accuse Master Shen of playing favorites. The fraudster would further explain that other families of Juren in the area would also be receiving letters of greeting from Master Shen but none of those would include mention of any auspicious dreams.
The fraudster delivered similarly beautiful letters to all the Juren families recounting a very special and highly specific dream in which Master Shen described omens that would indicate the future success of the Juren. For example, “… I dreamed of a flying bear (xiong) holding in its paw a red spring blossom, which it lifted high above its head. As it passed in front of a red sun, I saw two gilded characters: First Place”. In this instance, the candidate’s surname was Xiong, which is phonetically similar to bear (xiong), hence a good omen. The families were understandably overjoyed to receive such wonderful news, and the fraudster would receive generous tips (a few ounces of silver) and often asked for additional ounces, which he usually received. All in, the scammer earned over 100 ounces of silver. When the exam candidates finally returned home and shared the story of their Master’s letters, they realized they were all victims of the same scam but applauded the crook’s ingenuity. As the author Zhang Yingyu noted, the fraudster pulled off a successful, but ultimately painless scam. Families paid out a few ounces of silver but the entire household was happy for several months!
The Book of Swindles: Selections from a Late Ming Collection by Zhang Yingyu, translated by Christopher Rea and Bruce Rusk. Columbia University Press. “Forged Letters from the Education Intendant Report Auspicious Dreams”, pp 24-26.
Takeaways:
- A reliance on technology and forced distancing from the pandemic have made it easier to perpetrate frauds. The “modern” trend of avoiding voice conversations in favor of messaging/emails allows fraudsters to better employ social engineering tactics to dupe victims. Sometimes, picking up the phone and speaking to someone can save a lot of heartache and confusion, even if it is considered “rude” by younger generations.
- While somewhat counter-intuitive, a fraudster who has gained access to your network may choose to do nothing for weeks or even months. They prefer to gain intelligence on your processes and behavior and then choose the right moment to execute a plan, such as diverting a payment to a new bank account, for example. IT teams who conduct routine monitoring often stand a better chance of discovering unauthorized access, changed settings/rules, new account creation, etc.
- Hierarchical cultures in many parts of Asia offer fertile ground for successful social engineering. When the boss sends an urgent request to a subordinate, it can be difficult to say no or request additional authorization. Policies that require dual-authorization or verbal confirmation of high-value transactions are easy to implement but when the boss tells you to do something immediately, it can be difficult to say no.
- When a scam has been successfully executed and the funds stolen/transferred, the window for recovery is extremely short. Once funds hit a bank account (or a digital wallet), the fraudster will quickly transfer them out and often into a new jurisdiction. Tracking the funds, even in the digital asset realm, can be extremely difficult and costly. And, when all communication with fraudsters was through unverified digital channels, there may not even be any identifiable subjects for law enforcement to pursue, much less build a case against. Doing basic KYC and insisting on verified identifiers beyond a generic email, messaging account, or digital image (particularly important in the case of romance scams) should not be an issue for a legitimate counterparty and could show a fraudster that you are a difficult mark and not worth pursuing.
- COVID-19 created an environment that enabled fraud to flourish. It was a “perfect storm” wherein people’s good will and trust in others to do the right thing was heightened. There was a sense of exigency that precipitated a desire to expedite the delivery of materials and services. Taking advantage of high demand and short supply, bad actors devised fraudulent schemes that capitalized on human suffering and crisis to derive illicit profits. During a time of crisis, don’t neglect due diligence and vigilance in order to expedite procurement. When possible, research the purveyor as well as the brokers, suppliers, and processors involved throughout the supply chain.
If you or your company has a fraud-related matter or other investigation requirements, please contact us at info@kalavinkaadvisors.com or +852 2196 2727