Month: February 2020

On February 12, the United States Court of Appeals for the Third Circuit affirmed the convictions and sentences of former Direct Air senior executives Kay Ellison and Judy Tull on eight counts of wire fraud, bank fraud, and conspiracy.  Ellison and Tull had co-founded and served as managing partners of a charter airline called Southern Sky Air & Tours (d/b/a Myrtle Beach Direct Air & Tours (Direct Air)).

Both women were indicted for conducting a scheme to violate U.S. Department of Transportation regulations, which “require airlines to deposit customer payments into an escrow account and prohibit airlines from withdrawing those funds until the completion of the associated flights.”  Instead, Ellison and Tull “inflated the number of passengers on the flights with ‘dummy’ listings,” which enabled them to submit similarly inflated withdrawal requests to the bank, and falsified Direct Air’s profit and loss statements to conceal the scheme.  After their conviction on all counts at trial, the U.S. District Court in New Jersey sentenced them both to 94 months’ imprisonment.

On appeal, the defendants challenged their convictions, claiming prosecutorial misconduct, lack of sufficient evidence, and violations of their constitutional right against self-incrimination, and challenged the sentences as unfair.  The Court of Appeals disposed of each of their claims, finding that the prosecutors did not suppress favorable material evidence and did not engage in misconduct, that there was sufficient evidence of wire fraud and bank fraud, that there was no compelled self-incrimination, and that the District Court did not err in its calculations under the U.S. Sentencing Guidelines.

Note:  This case, considered on its facts, involves no more than garden-variety fraud.  Corporate compliance officers responsible for antifraud programs, however, should use this case in internal briefings and training, as a concrete example of why such programs need to include monitoring and internal controls that reviews transactions and activities of the most senior executives, as well as mid- and lower-level employees.  If some C-level officials are annoyed or discomfited by compliance measures that scrutinize their activities, their board of directors needs to remind them that such measures must extend to all levels of their companies, and be consistently applied, for regulators to conclude that their corporate antifraud program is effective.

On February 10, the Cour d’Appel (Court of Appeal) of Paris upheld a three-year suspended sentence against Equatorial Guinea Vice President Teodorin Obiang for his 2017 conviction for embezzlement, money laundering, corruption, and abuse of trust.  At trial, the Paris court, which convicted Obiang in absentia, had suspended both Obiang’s sentence and a €30 million fine.  Although Obiang challenged his conviction, the Cour d’Appel effectively increased his sentence by removing the suspension of the fine.

The Cour d’Appel also upheld the trial court’s order for confiscation of Obiang’s criminally derived assets.  One of the key assets whose legal status is still in dispute, however, is Obiang’s six-story €107 million mansion on Avenue Foch in Paris.  Obiang has maintained that the mansion, which French authorities seized in 2012, is a diplomatic mission that cannot be confiscated.  Consistent with that position, Obiang has independently appealed the mansion’s seizure to the International Court of Justice in The Hague.  The International Court of Justice has scheduled a hearing on that matter for the week of February 17.

Note:  Obiang undoubtedly will continue to pursue the appeal of his conviction to the Cour de Cassation, the highest court in France for reviewing criminal cases.  Even so, this latest phase of legal proceedings against Obiang should be considered a victory not only for French prosecutors, who have pursued Obiang’s wealth since 2011, but for the non-governmental organizations Transparency International France and Sherpa, which initiated the complaint against Obiang.

On February 5, the United Kingdom National Crime Agency (NCA) announced that the United Kingdom Court of Appeal dismissed the appeal of Zamira Hajiyeva, the wife of imprisoned Azerbaijani banker Jahangir Hajiyev, of an Unexplained Wealth Order (UWO) that the NCA obtained against Hajiyeva.  The UWO in question, which the NCA obtained in 2018, required Hajiyeva to explain how she and her husband could afford to buy a £15 million house in Knightsbridge, London.

Hajiyev, the former chairman of the state-owned International Bank of Azerbaijan (IBA), had been sentenced in Azerbaijan in 2016 to 15 years’ imprisonment and required to pay the IBA $39 million, after he was charged “with large-scale embezzlement, abuse of trust, and other violations of the Azeri Criminal Code.”  On the appeal of the UWO, Hajiyeva had sought discharge of the UWO on the ground that Hajiyev’s conviction, which she maintained was “the central feature” of the NCA’s application for the UWO, stemmed from a “grossly unfair trial” and should be discharged.

The court, however, not only ruled against Hajiyeva but refused her permission to take the case to the United Kingdom Supreme Court’ though Hajiyeva may apply directly to the Supreme Court to take her appeal.

Note:  An NCA official stated that the NCA is still “ultimately looking for Mrs Hajiyeva to comply with the original order, pending any further right of appeal that may be granted.”  That appears unlikely, given Hajiyeva’s sustained court challenges.  Unless Hajeyeva succeeds in persuading the Supreme Court to grant her appeal, the NCA could move to seize her house sometime this year.

This latest ruling regarding the Hajiyeva UWO – one of the first two UWOs that the NCA obtained – further bolsters the NCA’s credibility in its continuing use of UWOs to combat illicit finance associated with serious and organized crime.

On January 22, the U.S. District Court for the Western District of Arkansas sentenced Joseph Maldonado-Passage to 264 months’ imprisonment, after his conviction at trial of two counts of murder-for-hire, eight counts of violating the Lacey Act for falsifying wildlife records, and nine counts of violating the Endangered Species Act.  According to National Geographic, Maldonado, also known as “Joe Exotic,” was “a prolific tiger breeder and dealer” who operated an animal park in Oklahoma.

The Justice Department release on the sentencing stated that the original indictment against Maldonado-Passage charged him with “of hiring an unnamed person in November 2017 to murder a “Jane Doe” in Florida and also hiring a person who turned out to be an undercover FBI agent to commit that murder.”  A superseding indictment further charged him with falsifying forms involving the sale of wildlife in interstate commerce, killing five tigers “to make room for cage space for other big cats,” and selling and offering to sell tiger cubs in interstate commerce.  Because tigers are an endangered species, these alleged killings and sales violated the Endangered Species Act.

At trial, the jury heard evidence that Maldonado-Passage “gave Allen Glover $3,000 to travel from Oklahoma to South Carolina and then to Florida to murder Carole Baskin, with a promise to pay thousands more after the deed.”  Baskin, who had been a critic of Maldonado-Passage’s animal park, “owns a tiger sanctuary in Florida and had secured a million-dollar judgment against Maldonado-Passage.”  The evidence also showed that Maldonado-Passage “repeatedly sought someone to murder Baskin in exchange for money, which led to his meeting with an undercover FBI agent on December 8, 2017.”  The jury heard a recording of Maldonado-Passage’s meeting with the undercover agent to discuss details of the proposed murder.

Beyond the murder-for-hire counts, the evidence at trial included evidence of violations of the Lacey Act, which criminalizes the falsification of records of wildlife transactions in interstate commerce.  That evidence addressed Maldonado-Passage’s designation on delivery forms and Certificates of Veterinary Inspection “that tigers, lions, and a baby lemur were being donated to the recipient or transported for exhibition only, when he knew they were being sold in interstate commerce.”  Finally, the evidence also established “that Maldonado-Passage personally shot and killed five tigers in October 2017, without a veterinarian present and in violation of the Endangered Species Act.”

Note: In the fight against wildlife crime, Maldonado-Passage’s conviction and sentencing are noteworthy for two reasons.  Although much of the public attention paid to wildlife crime has focused on poaching of wildlife outside North America, there is extensive illicit trafficking in live animals and animal parts within the United States.  Maldonado-Passage’s trial, in fact, “revealed widespread criminal activity in the U.S. tiger industry.”  For that reason, financial-crimes compliance teams at financial institutions should ensure that they are conducting appropriate due diligence on any U.S. businesses, such as private animal parks or privately owned zoos, that make use of endangered species in their shows or displays, and conduct enhanced due diligence if they see indications that such businesses may be violating the Lacey Act, the Endangered Species Act, or U.S. Department of Agriculture regulations in the course of their operations.

With the continuing surges of international and national reporting about the coronavirus outbreak – including the World Health Organization’s declaration of a global health emergency, more than 200 deaths and sickening of more than 20,600 people worldwide, and hoaxes falsely reporting local outbreaks of coronavirus – malicious actors have begun to deploy a variety of phishing and malware campaigns:

• Cybersecurity awareness firm KnowBe4 called attention to a classic social-engineering attack, involving an email purportedly from the U.S. Centers for Disease Control and Prevention that invites recipients to click on a link that purports to be a list of “new cases around your city.” (Email security company AppRiver has posted a redacted copy of the email.)
• Dark Reading reported that emails received in the United States and the United Kingdom purport to come from a health specialist. In these emails (first detected by security firm Mimecast), the “specialist” advises recipients to “go through the attached document on safety measures regarding the spreading of corona virus,” with the admonition “This little measure can save you.” The email contains a link entitled “Safety Measures.pdf” that supposedly includes health advice.
• IBM X-Force Exchange reported that an active malspam campaign directed at residents of Japan is being conducted via emails. The emails, which purport to come from a disability welfare service provider in Japan, falsely alert recipients to coronavirus infection reports in several Japanese prefectures.  They urge the recipients to “check the attached notice,” and include language encouraging recipients to believe that the notice pertains to infection prevention measures.  In fact, those who click on the attached document and follow the “Enable document” instructions therein download a copy of the advanced banking trojan Emotet.  (The IBM site contains screenshots of the email and the attached document.)
• Most recently, the Chinese National Computer Virus Emergency Response Center warned of the use of emails and WeChat in China to distribute malware under names such as “novel coronavirus pneumonia.exe” and “coronavirus.exe.”

Note: IBM X-Force Exchange is undoubtedly right in stating that it “expect[s] to see more malicious email traffic based on the coronavirus in the future, as the infection spreads.”  For that reason, corporate information-security and financial-crimes compliance teams should promptly alert employees to this spate of phishing and malware attacks.  In particular, they need to reiterate warnings to employees never to click on any attachments in emails or other messages that do not come from a trusted source, remind them of the likely harm to their organizations that can come from inadvertent downloading of malware, and provide them with information on how to report such email- or chat-related attacks.