Author: Jonathan J. Rusch

On September 17, the U.S. Department of Justice announced that on the night of September 16, Spanish authorities arrested a Chinese woman “in connection with her role in using bribery and other forms of fraud to facilitate her son’s admission to the University of California at Los Angeles (UCLA) as a purported soccer recruit.”  This arrest is part of the investigation, led by the United States Attorney’s Office in Boston, into an alleged “nationwide conspiracy that facilitated cheating on college entrance exams and the admission of students to elite universities as purported athletic recruits.”

In an indictment unsealed on September 17 in the District of Massachusetts, Xiaoning Sui, a resident of Surrey, British Columbia, Canada, was charged with one count of conspiracy to commit mail fraud and honest services mail fraud.  The Department stated that Sui “is currently detained in Spain, and authorities will seek her extradition to Boston to face charges.”

The indictment alleges that Sui agreed with William “Rick” Singer, who has already pleaded guilty and agreed to cooperate with the government’s investigation,

to pay $400,000 to facilitate her son’s admission to UCLA as a purported soccer recruit. It is alleged that during a phone call in August 2018, Singer explained that Sui’s son could be “guaranteed” admission to UCLA, in exchange for $400,000. Between August and October 2018, Sui allegedly provided Singer with her son’s transcript and photographs of her son playing tennis.

A co-conspirator, Laura Janke, who has also pleaded guilty and is cooperating in the investigation,

then fabricated a soccer profile for Sui’s son, which described him as a top player for two private soccer clubs in Canada. On Oct. 24, 2018, Singer instructed Sui to wire Singer $100,000 which would be “paid to the coach at UCLA” in exchange for a letter of intent from the UCLA soccer coach. Two days later, Sui allegedly wired $100,000 to a bank account in Massachusetts in the name of Singer’s sham charitable organization, the Key Worldwide Foundation (KWF).

Thereafter, on November 5, 2018, UCLA admitted Sui’s son as a recruited soccer player, and awarded him a 25 percent scholarship.  Sui also allegedly wired an additional $300,000 to the KWF account In February 2018, “as final payment for her son’s fraudulent admission to UCLA.”

Note: This indictment is noteworthy for two reasons.  First, the Justice Department release stated that Sui is the 52^nd defendant charged in this investigation.  That number alone provides some indication of the scope and scale of the alleged cheating scandal.  Second, the fact that the Boston U.S. Attorney’s Office was willing to take the trouble to seek Sui’s arrest in and extradition from Spain indicates that that office is prepared to pursue the investigation for an extended period, as any extradition can take months, at a minimum, if the defendant opposes extradition through the requested country’s legal system.

In March 2019, former UCLA men’s soccer coach Jorge Salcedo was indicted and pleaded not guilty in connection with the investigation.  While a UCLA Daily Bruin article characterized Salcedo’s departure as “a blessing in disguise” because of the soccer team’s poor record during his tenure, this latest arrest and charge adds to the weight of reputational harm that UCLA must bear.

On September 18, the United Kingdom’s independent governmental authority on cybersecurity, the National Cyber Security Centre (NCSC) issued a threat assessment of “the current cyber security threat to UK universities and academia.”  The NCSC report noted that “[t]he threat posed to the university sector sits within the broader context of the threat to the UK as a whole,” including the threat of state-sponsored malicious cyber activity, as well as “a serious and sustained threat to the UK from organised cyber crime.”

The report presented four key judgments about the threat to universities:

1. The key cyber threats to UK universities are highly likely to be (1) “Criminals seeking financial gain”; and (2) “Nation states looking to steal personal data and intellectual property, for strategic advantage.”
2. Cybercrime “will probably present the most evident and disruptive difficulties for universities,” although state-sponsored espionage “is likely [to] cause greater long-term damage.” The report stated that the latter finding “is particularly true for those universities which prize innovation and research partnerships.”
3. Likely effects of state espionage include (1) “Damage to the value of research, notably in STEM subjects”; (2) “A fall in investment by public or private sector in affected universities”; and (3) “Damage to the UK’s knowledge advantage.”
4. “If foreign direct investment were to come under greater scrutiny or restriction, it is a realistic possibility that the cyber threat to universities would increase, as nation states sought alternative ways to gain access to sensitive research and intellectual property.”

The report also identified four potential categories of data and information of interest to a nation-state: (1) emails; (2) “bulk personal information on staff and students”; (3) “technical resources (e.g. documentation and standards)”; and (4) “sensitive research and intellectual property.”  Use of these data “will meet a wide range of state requirements,” such as “commercial advantage for the nation’s companies, advancing equivalent research efforts, military or security apparatus.”  The report also stated that sensitive research

may be targeted for its defence or commercial value, and its loss is likely the most detrimental of all to both the affected university and to the UK as a whole. Likely effects include damage to the value of impacted research and intellectual property for both individual researchers and the institution. The attractiveness, relevance and value of an impacted university as an investment partner will also be negatively affected. And at a wider scale, the knowledge advantage of the UK will suffer.

With regard to cybercriminals, the report observed that they “are likely to impact universities most often through untargeted attacks,” such as ransomware, which “brought significant loss-of-service to multiple UK universities in June 2018.”  It also noted that “[t]he use of spoofed or compromised email accounts to impersonate a university’s partners or suppliers is rising, and has led to the passing of sensitive information or funds to criminals.”

To defend against cyberattacks, the report cited widely recognized approaches, such as “good security awareness among staff and students”; “[s]ecurity-conscious policies, strict access controls and partitioning of high-value research”; and segregation within a university network of smaller, private networks, which “offers an opportunity to separate high-value or sensitive data and information, and apply a higher level of protection, without impacting the openness of the wider network.”

The report concluded with four main predictions:

1. “State-sponsored activity will continue whilst it remains successful and the repercussions are limited.”
2. “[S]tate espionage will continue to pose the most significant threat to the long-term health of both universities and the UK itself. There’s a realistic possibility that the threat will increase in-line with increased scrutiny of foreign direct investment and the minimising of other avenues to gain insight and advantage.”
3. “Cyber crime too will almost certainly continue to impact universities, either as a direct target or as collateral, regardless of the reputation and success of those universities targeted.”
4. “[S]pear-phishing and social engineering are highly likely to remain the main attack vectors,” but ransomware “is likely to be the greatest single cause of disruption to staff, students and the universities themselves.”

Note:  The NCSC report stated that its information “will be of interest to all academic and non-academic staff. It will be particularly relevant to senior leaders in universities and research institutions, members of university councils and those engaged in research.”  It should also be required reading for legal, cybersecurity, and compliance officers in United Kingdom universities and research institutions.

Because universities are accustomed to regarding themselves as bastions of academic freedom that “nurtur[e] a culture of openness, tolerance and dialogue,” it can be difficult for some university administrators to accept that their institutions can be treated simply as targets of opportunity by “state-sponsored actors . . . looking to steal data and information for strategic gain” or “cyber criminals seek[ing] to commit fraud, or monetise stolen material through sale or ransom.”

For those reasons, University legal, cybersecurity, and compliance officers should coordinate their efforts to inform university administrators about the report’s findings, and use it as an opportunity to reassess the state of their own institutions’ cybersecurity programs.

On September 17, The Times reported that the Chinese government “was responsible for a cyberattack on Australia’s national parliament and the three biggest political parties” before the May 2019 general election.  According to a report by Australian’s national signals-intelligence and cryptologic agency, the Australian Signals Directorate (ASD), the cyberattack

was orchestrated by China’s Ministry of State Security although the attackers used sophisticated techniques to try to conceal their identity. It was suspected that the attackers were looking for information that could prove useful if they were trying to influence or compromise members of parliament.

The ASD report was shared with at least the United States and the United Kingdom, according to Reuters sources.  Previously, in February 2019 Australian Prime Minister Brian Morrison had delivered a statement to the Australian House of Representatives reporting on “a malicious intrusion into the Australian Parliament House computer network” and that “the networks of some political parties – Liberal, Labor and the Nationals – have also been affected.”  But in the aftermath of the ASD report, the Reuters sources said, the Australian Government had decided “not to publicly blame China, as it was concerned it could hurt Australia’s commercial interests.”

Note:  Although China has long been recognized for its use of cyber espionage to support its strategic development goals, Russia thus far has received the lion’s share of global publicity for online efforts to interfere with other countries’ elections.  The Times report, however, provides further evidence — along with prior reports of Chinese interference in the 2018 Taiwan election (through social media, disinformation, and funding of candidates), and use of fake accounts in 2019 to foment political discord in Hong Kong — that China has chosen to emulate Russia in incorporating interference in foreign elections as a legitimate strategy to advance its foreign-policy and strategic interests, at least in the Asia-Pacific region.

Moreover, those prior efforts involved territories over which China has long asserted jurisdiction.  There is no comparable justification for it to interfere in other sovereign nations’ electoral processes.  Countries in and beyond the Asia-Pacific region should therefore regard further electoral interference — whether by state agencies or purportedly non-state actors — as a basis for concerted responses in multiple diplomatic and multilateral channels.

On September 13, the Nederlandse Vereniging van Banken (NVB, or Dutch Banking  Association) issued a press release (in Dutch and English) that announced a banking-industry initiative to enhance cooperation in the fight against money laundering.  The release stated that five Dutch banks — ABN AMRO, ING, Rabobank, Triodos Bank, and de Volksbank—are seeking “to set up an organisation that will monitor payment transactions: Transaction Monitoring Netherlands (TMNL).”

The NVB prefaced its comments about this initiative by recognizing that “[i]n their gate-keeping role, Dutch banks have an important function in protecting the integrity of the Dutch financial system,” and that “the banks are continually monitoring customer transactions with the aim of combating money laundering and the financing of terrorism.”  It noted that this initiative, which “the banks are actively supporting,” stems from the Money Laundering Action Plan that Dutch Minister of Finance Wopke Hoekstra and Minister of Justice and Security Ferdinand Grapperhaus outlined in July 2019.

Over the next six months, the NVB explained, it and the five banks will study whether the TMNL “is feasible given the technical and legal challenges involved.”   In light of the 68,000 unusual transactions that the banks reported to the Dutch Financial Intelligence Unit (FIU) in 2018 – 15,000 of which the FIU deemed suspicious – it stated that

[t]he banks are determined not to cooperate in money laundering in any way whatsoever. As part of their social responsibility, the banks are actively working on improving the effectiveness of their transaction monitoring in order to significantly increase the return from identification, detection, prosecution and conviction of criminal conduct. The combining of transactions effected by the various banks is expected to make it easier to spot flows of criminal funds.

The NVB also made clear that in connection with this initiative, the participating banks “are specifically looking for cooperation” with the FIU, the Dutch Openbaar Ministerie (Public Prosecution Service),  the Dutch Fiscale Inlichtingen- en Opsporingsdienst (FIOD, or Fiscal Information and Investigation Service),   and ministries.

Note:  This initiative is one that authorities across Europe and beyond – especially the United States – should follow closely over the next six months.  The financial sector is well aware that the current global regime for monitoring transactions for anti-money laundering and terrorist financing (AML/TF) basically consists of tens of thousands of unconnected  “stovepipes,” in which financial institutions review only their internal transactions without reference to potentially relevant transactions that other financial institutions are identifying.  The joint initiative between the NVB and Dutch banks offers a promising opportunity to see whether a more coherent approach to AML/TF transaction monitoring can be devised in conformity with national and European Union legal requirements.

On September 11, Judge Edward Chen of the U.S. District Court in San Francisco sentenced StarKist Co. to a criminal fine of $100 million – the statutory maximum — and a 13-month term of probation for its role in a criminal conspiracy to fix prices for canned tuna in the United States.  StarKist also agreed to cooperate in the U.S. Department of Justice’s continuing investigation of canned-tuna price-fixing.

In October 2018, StarKist pleaded guilty to a one-count information, charging it with a criminal violation of the Sherman Act.  The information stated that from at least November 2011 through at least December 2013, StarKist and others conspired to fix, raise, and maintain canned-tuna prices by “engag[ing] in conversations and discussions and attend[ing] meetings with representatives of other major packaged-seafood-producing firms,” “agree[ing] and reach[ing] mutual understandings during these conversations, discussions, and meetings, to fix, raise, and maintain the prices of packaged seafood sold in the United States,” and “negotiat[ing] prices with customers and issu[ing] price announcements for packaged seafood in accordance with the agreements and mutual understandings reached.”

StarKist had sought a reduction in the fine on the basis of its financial circumstances.  The Justice Department’s Antitrust Division opposed that reduction, and Judge Chen found “that StarKist had not proven that its financial circumstances justified a lower criminal fine.”  StarKist issued a release in which StarKist President and CEO Andrew Choe stated that the company has cooperated with the Department during the course of its investigation and accepts responsibility, and that “[w]e have addressed the necessary actions required in this agreement and we will continue to strengthen related compliance best practices.”

Note: This sentence should provide corporate compliance officers with an opportunity to remind senior executives in their companies that compliance with antitrust laws needs to be treated as seriously as compliance with other high-visibility financial crimes laws, such as the Foreign Corrupt Practices Act and money laundering.  Under the Sherman Act, price-fixing, bid-rigging, and other conspiracies in restraint of trade can be criminally prosecuted, with sentences as high as fines of $100 million per violation for companies and sentences of up to 10 years’ imprisonment and $10 million fines for individuals.

The fine against StarKist is by no means the highest in Sherman Act corporate prosecutions.  As of June 12, according to an Antitrust Division list, 146 corporate cases involving Sherman Act violations had resulted in criminal fines of $25 million or more, including 32 cases with fines of $100 million or more.

Moreover, the Antitrust Division’s pursuit of criminal Sherman Act violations is not limited to a few industries.  Its record shows that it has prosecuted cases in dozens of industries over the years, including air and marine transportation, bread, capacitors, construction, explosives, fine arts auctions, foreign currency exchange, industrial diamonds, and vitamins.  Every company and financial firm therefore needs to have an antitrust-compliance program that can pass muster under the Department’s new Evaluation of Corporate Compliance Programs in Criminal Antitrust Investigations.