Hong Kong-based Björn Wahlström (Managing Director of Current Consulting) is a leading expert in risk management and investigations, involving manufacturers and other companies in China. In this guide, Björn shares his knowledge concerning different types of scams, prevention methods, and real-life case studies.
Types of Manufacturer Related Frauds
There are multiple ‘frauds perpetrated in China or perpetrated with a connection to China. We’ve seen a steady rise in fraudulent attacks of various sorts over the past few decades, and in the most basic terms, this trend follows the rise of China as the location for partners and manufacturing sites to the rest of the world, meaning that substantial payments pass through or go into China.
In recent years we are also seeing money from frauds committed in other parts of the world being funneled into China, where it’s typically split up in multiple transfers across multiple banks, making it virtually impossible to trace.
Below we’ll look at a few common scams we’ve dealt with over the years.
Type A: CEO Scam (Payment Fraud)
The CEO scam is one of the most common fraud types in the market. It’s easy to execute, the setup is simple, and the success rate is surprisingly high. In a CEO scam, the fraudster will impersonate a senior executive in the target company, and give directions relating to payments to other departments, or to vendors and partners. In its most simple form, the fraudsters might redirect payments to an account under his control.
This could be as simple as sending out an Invoice where all details are correct except for the bank account.
In more complex scams he can redirect the whole financing structure for large projects to come under the control of the fraudster’s operation. This requires some knowledge of the mechanics and logistics of the targeted company and of the routines of top executives. For instance, this type of scam can’t easily be executed if the CEO and CFO share the same office.
We’ve recently come across cases of this scam being perpetrated against the CEO, but with the fraudster impersonating a supplier. In one such case, this communication went on for over 1 month before it was discovered, and more than 7 Million USD was transferred out of the company.
This type of scam has happened to several Swedish companies in recent years, and we’ve included a brief case study further down in this text.
Type B: Conflict of Interest / Abuse of Trust
A very common type of fraud is actually internal. Local representatives play a key role for many western firms operating in China, and over the years a local country manager can have almost complete control of a company’s dealings in China.
This means that the local manager develops a parallel commercial network and a parallel set of interests and incentives. These can go well beyond just commercial and may have an effect on factors such as quality, product safety, code of conduct, and other areas.
A common temptation is to make backroom deals with suppliers, which will only become apparent to corporate head office years after the fact, if at all. The damage to a company can be substantial, both in financial terms, but also in the loss of control over the operation.
Imagine for a second that the local purchase office has been compromised in the matter described above and that this office is tasked with purchasing safety parts for the auto industry. The local manager may have strong personal incentives to place the order with the firm that will give him personally the best benefits, and the reason they are willing to do that may be precisely because they are aware of their inability to compete when it comes to quality.
How can importers prevent scams?
While it seems daunting to create effective controls for the avoidance of financial, operational, and reputational losses, there are some basic and very effective steps to consider. Just remember that getting out of trouble in China is far more complicated, costly, and uncertain than staying out of trouble.
Verify your supplier
Build a very thorough knowledge of who you’re dealing with. In the most basic terms, this means to establish their identity, their background, and their business interests. The easiest way to get started on this is simple and cheap: ask the right questions and ask to see the documentation.
This can be challenging for companies dealing with hundreds of vendors, and most companies will try to establish a few different levels of due diligence, where smaller vendors can be approved just by basic documentation, whereas key suppliers can be held to a higher standard. Such due diligence should go beyond superficial business records and litigation checks because commoditized checks rarely produce any warnings.
Even due diligence teams inside large banks in Hong Kong are often duped by fraudsters. So, make sure to ask more questions about the company’s leadership and their involvement in other businesses; look for external individuals who may be familiar with the company and willing to share their perspective on their trustworthiness; check for any debts and litigation history; verify company’s physical presence and activity at the stated address. In other words, a proper due diligence investigation needs to make use of records and media as well as onsite observations, interviews, and sometimes even more drastic activities like undercover work or surveillance.
Maintain control of payment methods
One key way of preventing scams is to maintain positive financial control. Negotiate payment terms that could help reduce your exposure to deception and fraud, such as escrows, verification of service completion or product shipment before releasing of funds, redundant internal approvals for payments, interbank money transfer protections (based on availability), positive pay or reverse positive pay (with your bank), and any other payment protection tools available in your jurisdiction.
Establish clear terms and routines
The most important step is to establish checks and balances and to ensure protocols are followed. Fraudsters are always looking for the weak link in any company’s defense, and that weak link is typically either a person and or a process that can be pushed outside of the protocol.
Agree with your partner in China on using a single local banking institution and account number for all money transfers and teach your finance staff about rules for the release of payments. Should the local partner wish to amend the bank details, a mutually agreed thorough validation process with at least two layers of approvals should be in place.
The local banking institution should be a part of this validation process. Conduct periodic (at least quarterly) physical assessments of your partner’s operations to help validate their compliance with your expectations and contract terms.
Lastly, all firms should have a robust network of local professionals in place who could advise you on local laws, incident management capabilities, and asset recovery processes. Try to plan ahead for worst-case scenarios and ask yourself if you have the right resources available.
What can I do if I have already been scammed?
In the unfortunate event of a successful fraud against your company, please know that speed of reaction is absolutely crucial. If you wait longer than eight hours to initiate your response, a successful and speedy resolution of an incident will be less likely. If by the time of the incident your company has not set in place robust asset recovery controls and resources, you will lose valuable hours and perhaps days to set your recovery efforts in motion, thus reducing your chances of success.
Your first call should be to your bank to stop any funds still on the way out. The second action should be to understand what happened and to make sure the fraud can not continue.
This can vary a bit with different types of fraud, and private investigators can be of some help here.
On the commercial side you have to quickly assess the total monetary value of your loss because local law enforcement has fairly high cut-off limits for helping address financial fraud. This is not because they don’t want to help, but simply because they are already handling very large volumes of similar cases with larger losses.
In practice, any total loss which is less than US$500,000 is likely to garner lukewarm attention, if any, from local authorities. That said, please make sure you file a police report as soon as you can. This is not because the police will help you act (they mostly won’t) but because the police report will be needed later on to file a civil suit against the fraudsters.
Lawyers can be very helpful in matters of asset recovery because they can help reach banking institutions and freeze assets. The main factors for their success are a full understanding of what happened and the ability to act very quickly (within 8 hours) because fraudsters are known for moving stolen funds through multiple accounts to reduce any chances of successful recovery.
You should consider the total value of your loss relative to the fees you may pay for asset recovery. Oftentimes, fraudsters are happy to steal small sums of money (anything under US$100,000) because recovery fees typically start at approximately US$10,000.
Case Study 1 – Global recovery from Chinese citizens (7M USD stolen, 4M recovered)
Our team was instrumental in tracing assets after a large firm was defrauded of more than 7M USD through a spear-phishing attack (the fraudulent practice of sending emails ostensibly from a known or trusted sender in order to induce targeted individuals to reveal confidential information).
In this case, the attacker managed to convince a mid-level financial controller that a new set of payment instructions was from the company’s top management, to be executed urgently and outside the usual approval structure.
The funds were sent to a Hong Kong bank account, and from Hong Kong to over 30 accounts globally. Around half of these accounts belonged to Chinese nationals, and another portion belonged to companies with connections to Hong Kong. Our team supported the legal team in Hong Kong, South America, and in the U.S. in tracking down the individuals behind each account, service of process, and to build background profiles of the larger recipients.
This involved the tracing of assets of Chinese citizens both in China and in the U.S. We also investigated the principles behind the scheme in Hong Kong and Mainland China, uncovering critical gaps in the Due Diligence performed by a major global bank.
Some of the funds were laundered through an illegal Foreign Exchange Scheme in China.
We helped investigate this scheme, the process behind it, and the companies operating the scheme. Through our work, the legal team was able to effectively demonstrate the mechanisms and the illegitimacy of the scheme. More than 4M USD was ultimately recovered.
Case Study 2 – Processing Fraud (1.3M USD stolen, 900k recovered)
Our client, a major e-commerce company, was defrauded by a Singapore partner, who was working through a number of Hong Kong associates.
The Singapore partner was supposed to process certain transactions locally, and then forward funds to the client. Instead, they claimed that all funds had been frozen and couldn’t be accessed (this turned out to be false. They were being vague about the details.
We were able to trace the funds from Singapore to a major bank in Hong Kong, and to identify the specific merchant account, operated by a nominee director, where the funds were held.
Working together with legal counsel in Hong Kong and Singapore, we got the funds frozen. We located the principles behind the operation and provided all key intelligence of the players to legal counsel. We also served a legal notice on the company behind the main merchant account involved.
Our team was ultimately asked to approach the nominee director and successfully negotiated the return of 90% of the funds. This outcome was possible due to the strong position achieved through our investigation.
Case Study 3 – False Friends
A mid-size Swedish firm had mature relationships with several suppliers in China and would regularly make transfers of 100k USD or more to China. One of these suppliers was the victim of a cyber-attack, which left the criminals in control of their Email account.
Unusual requests were sent from this email account, involving the change of bank details for wire transfers. For one entire month, the Swedish firm communicated only with the fraudsters, believing they were talking to their supplier. By the time someone on the Swedish side picked up the phone and called China, over 200k USD had been wired to a fraudulent account in Hong Kong.
Current Consulting got involved to investigate, file the corresponding police reports, and help with the recovery. We were able to get the fraudulent account locked down and to recover the full amount for our client.
Are supplier-related frauds increasing or decreasing?
Fraudsters love the Covid climate – It’s volatile, unpredictable, and all normal routines are off-center. According to an analysis conducted by the firm Abnormal Security earlier this year, business email compromise attacks related to various forms of payment fraud have jumped by 200% from April to May.
We estimate similar trends for all other types of payment fraud in recent months. This is because the challenges of the current pandemic have affected various levels of society and commerce.
People lost their incomes, businesses either closed or lost significant portions of their revenue streams and profits. All this has increased stress, reduced people’s ability to use critical thinking, and created many new opportunities for fraudsters. The general climate of uncertainty also makes fraud easier.
On the one hand, actors in the market place are already operating under exceptional circumstances, and often under new routines (such as Covid travel restrictions). On the other hand, there is a general interest in identifying new business opportunities.
How can Current Consulting help importers avoid or resolve payment scams?
Our firm handles both proactive efforts to help validate the trustworthiness of prospective partners and supports clients with asset recovery cases. We also help train client teams in effective and efficient ways of reducing fraud risks.
We also function as first responders in the event of fraud and can command an efficient network in recovery, from law enforcement to cyber specialists and recovery lawyers.