Author: Jonathan J. Rusch

On March 12, the U.S. Federal Reserve Board announced that it was banning two former senior investment bankers in the Goldman Sachs Group, Tim Leissner and Ng Chong Hwa (also known as Roger Ng), for their participation in a scheme to illegally divert billions of dollars from the Malaysian sovereign wealth fund 1Malaysia Development Berhad (1MDB).

The Board stated that in their capacities as senior investment bankers employed by foreign subsidiaries of Goldman Sachs, Leissner and Ng coordinated bond offerings arranged by Goldman for 1MDB in 2012 and 2013.  “The funds diverted from 1MDB,” according to the Board, “were then used for the conspirators’ personal benefit and to bribe certain government officials in Malaysia and Abu Dhabi.”

Leissner, who consented to the permanent ban, was fined an additional $1.42 million by the Board.  In 2018, Leissner had pleaded guilty to a criminal information, filed in the Eastern District of New York and unsealed in November 2018, that charged him with conspiracy to violate the Foreign Corrupt Practices Act (FCPA) and money-laundering conspiracy in connection with his participation in the scheme described above.  In connection with that plea, Leissner was also ordered to forfeit $43,700,000.

In November 2018, Ng was arrested in Malaysia pursuant to a provisional arrest warrant filed by the United States, and the U.S. Department of Justice announced the unsealing of an indictment in the Eastern District of New York against Ng and fugitive Malaysian financier Jho Low for FCPA conspiracy and money-laundering conspiracy for their roles in the above-described scheme.  In December 2018, Malaysia also indicted Ng for his role in the scheme. Ng subsequently agreed to waive extradition and to return to the United States to face the charges against him, but Malaysian Attorney General Tommy Thomas reportedly “advised the government against doing so until Ng’s cases in Malaysian courts are completed.”

Note:  The Board’s action against Leissner and Ng reflects a continuation of the more aggressive stance that it has taken on bankers’ participation in foreign bribery since the 2016 FCPA resolution with JP Morgan Securities (Asia Pacific) Limited (JP Morgan APAC).  In that latter resolution, which involved hiring of children of foreign government officials in order to obtain improper business advantages, the Board permanently barred two former JP Morgan APAC investment bankers from the industry without the bankers’ being criminally charged in the United States, and assessed a $1 million civil penalty against one of the former bankers and a $500,000 civil money penalty against the other former banker.

In this case, the Board chose to take action against Ng even before he pleaded or was found guilty of either set of criminal charges, and evidently negotiated a resolution with Leissner after his 2018 guilty plea.  There is every reason to expect that the Board will continue similar uses of its prohibition authority in future FCPA cases involving the financial sector.

On March 6, the Commodity Futures Trading Commission (CFTC) Division of Enforcement announced that it was issuing an Enforcement Advisory “on self-reporting and cooperation for violations of the Commodity Exchange Act (CEA) involving foreign corrupt practices.”

The Advisory states that it is intended “to provide further guidance regarding circumstances under the Division’s cooperation and self-reporting program in which it may recommend a resolution with no civil monetary penalty.”  Previously, in January 2017, the Enforcement Division had issued two Enforcement Advisories that outlined the factors that the Division would consider “in evaluating cooperation by individuals and companies in the Division’s investigations and enforcement actions.”  A third Enforcement Division Advisory in September 2017 “outlin[ed] the ways in which the Division would consider voluntary disclosures by a company or individual in the context of its broader cooperation program.” In particular, that latter Advisory specified that “[i]f the company or individual self-reports, fully cooperates, and remediates, the Division will recommend the most substantial reduction in the civil monetary penalty that otherwise would be applicable,” and explained “that, in certain circumstances, the Division may recommend a resolution with no civil monetary penalty on account of voluntary disclosure, cooperation, and remediation.”

The March 6 Advisory states that it

applies to companies and individuals not registered (or required to be registered) with the CFTC that timely and voluntarily disclose to the Division violations of the Commodity Exchange Act involving foreign corrupt practices, where the voluntary disclosure is followed by full cooperation and appropriate remediation, in accordance with the January 2017 and September 2017 Advisories.  In those circumstances, the Division will apply a presumption that it will recommend to the Commission a resolution with no civil monetary penalty, absent aggravating circumstances involving the nature of the offender or the seriousness of the offense. In its evaluation of any aggravating circumstances, the Division will consider, among other things, whether: executive or senior level management of the company was involved; the misconduct was pervasive within the company; or the company or individual has previously engaged in similar misconduct.

The Advisory also states that even if the Division were to recommend a resolution without a civil monetary penalty pursuant to that Advisory,

the Division would still require payment of all disgorgement, forfeiture, and/or restitution resulting from the misconduct at issue. In addition, the Division will seek all available remedies—including, where appropriate, substantial civil monetary penalties—with respect to companies or individuals implicated in the misconduct that were not involved in submitting the voluntary disclosure.

In his public remarks announcing the new Advisory, CFTC Enforcement Director James McDonald called attention to the strong cooperation between the CFTC, the U.S. Department of Justice, and the Securities and Exchange Commission (SEC) on enforcement matters, and characterized CEA violations carried out through foreign corrupt practices as “one type of misconduct that can undermine our domestic markets.”  He also stated that the new Advisory is intended to help in achieving “optimal deterrence in our markets.”

In explaining the new Advisory, McDonald also took care to state that

we will not pile onto other existing investigations.  When we investigate in parallel with other enforcement authorities, we will work closely with them to avoid duplicative investigative steps.  To the extent the CFTC brings an action that includes a monetary penalty, we will ensure that our penalty appropriately accounts for any imposed by any other enforcement body.  And when the CFTC imposes disgorgement or restitution, we will give dollar-for-dollar credit for disgorgement or restitution payments in connection with other related actions.

Note: The new Enforcement Advisory is of immediate significance in two respects.  First, it specifically aligns the CFTC’s approach to resolving cases of corporate misconduct to those of the Justice Department and the SEC in three respects: (a) by committing the CFTC, in foreign corrupt practices-related investigations, to the self-reporting-cooperation-remediation framework that underlies the Department’s Corporate Enforcement Policy and the SEC’s Cooperation Program; (b) by holding out the possibility that, like the Department’s discretion to decline prosecution per the Corporate Enforcement Policy, the CFTC could exercise its discretion in such investigations not to impose a civil monetary penalty in appropriate circumstances; and (c) by indicating its acceptance of the Department’s “piling-on” policy for corporate resolutions involving multiple enforcement and regulatory agencies.

Second, it sends a strong and clear signal to leading commodities firms that the CFTC is fully prepared to coordinate with the Justice Department in Foreign Corrupt Practices Act (FCPA)-related investigations, and to offer incentives for early and wholehearted cooperation in such investigations.  The timing of this signal is not accidental.  Late last year, Brazilian prosecutors publicly disclosed that they are investigating three of the world’s leading commodities firms — Vitol, Glencore, and Trafigura — for alleged bribery relating to Petrobras.  Just last month, Reuters reported that the Justice Department is investigating the two top executives of Vitol in the Americas for bribery-related conduct, and that a former U.S.-based oil trader for Petrobras, Rodrigo Garcia Berkowitz, is cooperating with U.S. authorities after Brazilian authorities charged him with participating in an alleged corruption scheme involving all three firms.

Because U.S. and Brazilian prosecutors investigating FCPA and other corruption-related conduct have been closely cooperating for several years, the commodities industry can expect that the U.S. FCPA investigation – if it has not done so already – will expand to encompass all three firms.  Although neither the Justice Department nor the CFTC would give any of those firms credit for self-reporting at this point, each of those firms should be weighing carefully the advantages of leniency if the firms can demonstrate full cooperation and remediation.  Given the focus on alleged corruption in Brazil, the firms have only to contrast the FCPA resolutions for three Brazilian companies — Petrobras and Odebrecht, which received a 25 percent discount from the low end of the applicable U.S. Sentencing Guidelines range based on full cooperation and remediation, and Braskem, which received only a 15 percent off the low end of the applicable Guidelines range based on what the Justice Department termed “partial cooperation” – to see that delay in cooperation with the Department and the CFTC can have substantial financial and reputational consequences.

On March 8, 2019, the United States Attorney’s Office for the Southern District of New York announced that two Bulgarian nationals, Konstantin Ignatov and Ruja Ignatova, have been charged in connection with their leadership of an  international pyramid scheme related to the marketing of a fraudulent cryptocurrency called “OneCoin.” As a result of misrepresentations that Ignatov, Ignatova, and others made about OneCoin, victims allegedly invested billions of dollars worldwide in the fraudulent cryptocurrency.

Ignatov was arrested March 6, at Los Angeles International Airport, on a criminal complaint charging him with wire fraud conspiracy.  He is the alleged current leader of OneCoin Ltd, which marketed the fraudulent cryptocurrency OneCoin.  Ignatova, reportedly known as “Cryptoqueen,” was the subject of an indictment unsealed on March 7 in the Southern District of New York, charging her with wire fraud conspiracy, wire fraud, money laundering conspiracy, securities fraud conspiracy, and securities fraud.  She was allegedly the co-founder of OneCoin Ltd., but “disappear[ed] from public view, in October 2017” and currently is listed as “at large.”

A third defendant, Mark S. Scott, was the subject of a prior indictment for his role in the scheme and was arrested in September 2018.  Scott allegedly participated with Ignatova in money laundering more than $400 million through purported investment funds holding bank accounts at financial institutions in the Cayman Islands and the Republic of Ireland.

According to the U.S. Attorney’s Office press release, OneCoin Ltd., which is still operating,

operates as a multi-level marketing network through which members receive commissions for recruiting others to purchase cryptocurrency packages.  This multi-level marketing structure appears to have influenced rapid growth of the OneCoin member network.  Indeed, OneCoin Ltd. has claimed to have more than 3 million members worldwide, including victims living and/or working within the Southern District of New York.

Among other alleged misrepresentations, OneCoin Ltd. falsely claimed that the OneCoin cryptocurrency is “mined” using mining servers that the company maintained and operated, that the value of OneCoin is based on market supply and demand, and that it had a private “blockchain” (i.e., a digital ledger identifying OneCoins and recording historical transactions).  In addition, by approximately March 2015, Ignatova and her co-founder allegedly had begun allocating to OneCoin members coins that did not even exist in OneCoin’s purported private blockchain, and referred to those coins as “fake coins.”

As a result of misrepresentations that Ignatov, Ignatova, and other OneCoin representatives allegedly made,

victims throughout the world wired investment funds to OneCoin-controlled bank accounts in order to purchase OneCoin packages.  Records obtained in the course of the investigation show that, between the fourth quarter of 2014 and the third quarter of 2016 alone, OneCoin Ltd. generated €3.353 billion in sales revenue and earned “profits” of €2.232 billion.

Note: Within the past year, the Department of Justice has prosecuted multiple individuals allegedly connected with cryptocurrency schemes, including AriseBank, Blue Bit Banc, CentraTech, My Big Coin Pay, pressICO LLC, and RECoin.  These latest charges emphasize, yet again, the importance of would-be cryptocurrency investors conducting sound due diligence before investing any funds in any purported cryptocurrency firm or investment product.  As the Securities and Exchange Commission has warned about cryptocurrency investments, “In many cases you may not know exactly who you are dealing with, where your money is going or what you are getting in return.”

On March 7, The Times reported on the efforts of professional services firm Ernst & Young to access the CA$180 million (US$133.9 million) in investor funds that Gerald Cotten, the late Chief Executive Officer of cryptocurrency exchange QuadrigaCX, had reportedly placed in an offline “cold wallet.”  Cotten, who died suddenly in India in December 2018, was believed to be the only person who knew the password or recovery key to the cold wallet.  At the behest of the Nova Scotia Supreme Court, from which QuadrigaCX sought creditor protection, Ernst & Young reviewed electronic records of funds going in and out of QuadrigaCX.

Ernst & Young reportedly has now found “that all the funds had been withdrawn in April [2018], months before Cotten died.”  It identified 14 accounts, which Cotten created using “various aliases,” that were used to trade on QuadrigaCX “and possibly to withdraw money for transfer to other exchanges” . Ernst & Young is now contacting those exchanges “to see if they can find any evidence of the money from the 14 accounts deposited with them.”

Those who entrusted their funds to Cotten – already irate that Cotten’s widow, Jennifer Robertson, this week requested reimbursement of CA$225,000 in court fees – must be both heartsick and hopeful about the Ernst & Young information.  For now, they should take comfort from Spenser’s line in The Faerie Queene: “ . . . there is nothing lost, that may be found, if sought.”  If their investments were transferred to other cryptocurrency exchanges or other financial institutions, those funds should be further traceable, and the individuals and entities who effected the transfers available for questioning – by both investors’ attorneys and law enforcement authorities.

On March 5, the Wall Street Journal reported that Chinese hackers have targeted 27 universities in the United States and other countries “as part of an elaborate scheme to steal research about maritime technology being developed for military use,” according to cybersecurity experts and current and former U.S. officials.

A report by cyber security firm iDefense found that a total of 27 universities – including Duke University, the Massachusetts Institute of Technology, Pennsylvania State University, and other universities in Canada and Southeast Asia – had been targeted by the hackers, based on the fact that those universities reportedly “either studied underwater technology or had faculty with relevant backgrounds.”  Some of the universities reportedly have been working on underwater communications technologies, and MIT in particular “conducts research on warship design.”

The iDefense report noted that the hackers used a simple and time-tested attack technique, “sen[ding] universities spear phishing emails doctored to appear as if they came from partner universities, but they unleashed a malicious payload when opened.”  According to The Times, the hacker group in question, known variously as APT10 and Temp.Periscope, “has also tried to infiltrate computer networks of companies involved in chipmaking, advanced manufacturing and industrial processing . . . [and] is thought to be behind the [2018] theft of missile plans from a US naval contractor.”

Note: These cyberattacks on universities are only the latest manifestation of the sustained offensive that Chinese hackers have directed at the United States and other countries in pursuit of military and trade secrets and other intellectual property.  These latest reports should prompt Chief Information Security Officers and Chief Compliance Officers to take two actions:

• First, use these attacks as illustrations in new cybersecurity warnings to employees about spear-phishing attacks and the risks to the company from opening such messages;
• Second, update information-security due diligence for third-party providers (including law firms) and joint-venture partners with which the company is sharing sensitive data for business reasons.

Unfortunately, the increasing sophistication of Chinese hacker teams in recent years means that cybersecurity teams in companies and agencies must base their cyberdefense planning on the Red Queen’s advice: “ . . . it takes all the running you can do to keep in the same place. If you want to get somewhere else, you must run at least twice as fast as that!”