Colombian Regulator Fines Uber $629,000 for Obstructing Regulatory Visit

On August 12, the Colombian Superintendency of Industry and Commerce announced that it was fining Uber Technologies $629,000 for obstructing a regulatory visit in October 2017.  According to the Superintendency, “Uber urges employees not to give information to regulators and to block access to company computers” and implemented those policies during the visit.

The Superintendency also meted out fines to two Uber legal staff members and one Uber manager, in amounts ranging from $1,469 to $7,344.  It asserted that those three Uber employees “collaborated and executed the obstruction of the mentioned administrative visit and the incompletion of the orders and instructions imparted by the Superintendency.”  It also declared it “proven that these people gave evasive and incomplete declarations about their roles and functions inside the company, and about their knowledge of the corporate structure of Uber Colombia.”

Reuters reported that Colombia “has not specifically regulated transport services like Uber, but has said it will suspend for 25 years the licenses of drivers caught working for the platform.”  It also noted that “Uber has repeatedly drawn the ire of authorities in Colombia, where use of the service is widespread but illegal.”

Last month, the Superintendency announced that Uber would have four months to improve its data security, in the wake of the Uber 2016 data breach that resulted in compromising the data of 57 million Uber users, including approximately 267,000 Colombian residents.  In addition, police authorities in Bogota closed an Uber Driver Care Center because the center did not have a certificate for an automatic door on the premises.  Uber reportedly objected to the closure and stated that it would bring legal action to challenge the closure.

Note:  Because Uber stated that it had not officially been informed of the fine but would examine it once it was informed, at the moment there is no final resolution of the matter.  Even so, regulatory compliance officers should regard this official action as an opportunity to revisit their policies and procedures for how to respond to regulatory interactions and requests for information.

If a company finds itself in a fractious relationship with a primary regulator in some jurisdiction, that company – at least if its products or services are deemed legal in that jurisdiction – needs to do more than simply be appropriately responsive and timely when that regulator seeks information to carry out its mandate.  In parallel with its day-to-day interactions with that regulator, it must also pursue discussions with senior regulators to damp down the fractiousness and to improve mutual understanding.

Senior business leaders, in other words, must make clear to their executives and managers that conflict management, not conflict promotion, is essential to the long-term management of business-regulator relationships.   That point should be reinforced in internal training, and in meetings to prepare for regulatory inspections or examinations.

U.S. Appeals Court Reverses Bank Fraud Convictions, Says Prosecutors Charged Defendants With “The Wrong Crimes”

On August 5, in United States v. Banyan, a panel of the U.S. Court of Appeals for the Sixth Circuit reversed the convictions of two defendants on bank fraud-related charges, on the ground that the prosecution had failed to prove that the companies at which the fraud was directed were federally insured financial institutions.  In doing so, the majority opinion stated at the outset that the government had “charged the defendants with the wrong crimes.”

The facts in Banyan involved two individuals: Bryan Puckett, a Nashville homebuilder who had become overloaded with debt incurred while building luxury homes that he had yet to sell; and Amir Banyan, a mortgage broker.  Together, they recruited straw buyers to purchase Puckett’s unsold homes with loans that SunTrust Mortgage Company, where Banyan had previously worked, and Fifth Third Mortgage Company funded.   While neither of those companies was a federally insured financial institution, both were owned by federally insured banks.  The Court of Appeals, however, found that none of the straw buyer’s loan applications (most filled out by Banyan) included, which included overstatements of the buyer’s income and false statements about the buyer’s intention to live in the home – reached the parent banks, and neither parent bank funded the loans.

Banyan’s and Puckett’s scheme eventually garnered more than $5 million from the two mortgage companies.  When Puckett proved unable to keep up with his mounting debt, by the end of 2008 the mortgage companies foreclosed on most of the homes.

Thereafter, there was a delay of more than five years between the time that the FBI began investigating the case in 2009 and the indictment in 2014.  Although most federal felonies have a five-year statute of limitations, federal bank fraud statutes have a ten-year statute of limitations, which made possible the indictment in this case.  Both defendants were charged with financial institution fraud under 18 U.S.C. §1344 and conspiracy to commit financial institution fraud under 18 U.S.C. §1349.   At trial, both defendants were convicted of both offenses.

On appeal, the majority opinion decided that the government had failed to prove that the defendants had intended to obtain bank property, and that the obtaining of bank property occurred by means of false or fraudulent pretenses, representations, or promises.  It stated that the government’s argument that the Court “should regard the mortgage companies as banks because each of them is a wholly owned subsidiary of a bank” was “nearly frivolous.”

The majority opinion also found that the government offered no evidence ”that either of the parent banks funded the loans at issue and that the defendants were aware of such funding.”  It rejected the argument that the parent banks had custody or control of their subsidiary mortgage companies’ funds.  It held that the government failed to prove “that the defendants sought to obtain bank property ‘by means of’ a misrepresentation.”  Since the government’s argument on the bank-fraud conspiracy count under section 1349 was “derivative of its arguments as to the sufficiency of the evidence under § 1344,” the majority stated, it failed “for the same reasons.”

Note: This decision may be of interest to financial-institution fraud compliance teams for two reasons.  The first is that on its face, the case appears to involve a simple classic mistake that federal prosecutors have made in a number of cases over the years: i.e., failure to present evidence proving that the entity from which a defendant sought to obtain funds was a federally insured financial institution.  Unless the parties stipulate to federal jurisdiction in a bank-fraud prosecution (see United States v. Branch, 46 F.3d 440 (5th Cir. 1995)), prosecutors must adduce evidence sufficient to prove that element beyond a reasonable doubt, like all other elements of a federal criminal case.

The government is free to choose to prove that element with one or more forms of evidence (see, e.g., United States v. Stergios, 659 F.3d 127, 131-32 (1st Cir. 2011).  But it must use at least one.   For that reason, a financial institution that was the target of a fraud scheme should be prepared, when federal prosecutors obtain an indictment of one or more defendants connected with the scheme, to identify a suitable representative who can testify at trial if necessary about its insured status.

The second is that the panel’s declaration that the government had “charged the defendants with the wrong crimes” is, on its face, both inaccurate, given the facts of this case, and inappropriate for a federal court to make.  By the majority’s own reasoning, the indictment charged the defendants with federal crimes that, had the prosecutors presented affirmative evidence as to all elements of those crimes, would likely have resulted in conviction.  By referring to “the wrong crimes,” however, the majority’s statement implies that the Court had in mind some other federal crimes that it considered the “right crimes.”

It is no part of the judicial function to opine on whether particular crimes are the “right crimes” or “wrong crimes” for prosecutors to charge.  For that reason, neither phrase should be part of the vocabulary for judicial opinion-writing.

Foreign National Extradited, Indicted for Leading Conspiracy to Illegally Unlock Cell Phones for Profit

On August 6, the U.S. Department of Justice announced that on August 5, the U.S. District Court for the Western District of Washington unsealed an indictment charging Muhammad Fahd, a Pakistani national, with multiple offenses relating to his leadership of a conspiracy to illegally unlock cellphones for profit.  The unsealing of the indictment followed Fahd’s extradition from Hong Kong to the United States on August 2.

The indictment alleges that Fahd, using telephone, Facebook, and other communications channels,  contacted and recruited insiders at AT&T, including employees at the AT&T call center in Bethell, Washington, who were willing to take bribes to participate in fraudulently unlocking cellphones.  During the course of the conspiracy, which allegedly ran from 2012 to 2017, Fahd and others not connected with AT&T allegedly paid more than $1 million in bribes to AT&T insiders who joined the conspiracy, including one coconspirator who received a total of $428,500.

Fahd allegedly “paid AT&T insiders to use their computer credentials and access to disable AT&T’s proprietary locking software that prevented ineligible phones from being removed from AT&T’s network.”  According to the Justice Department, he

would send the employees batches of international mobile equipment identity (IMEI) numbers for cell phones that were not eligible to be removed from AT&T’s network.  The employees would then unlock the phones.  After some of the co-conspirators were terminated by AT&T, the remaining co-conspirator employees aided Fahd in developing and installing additional tools that would allow Fahd to use the AT&T computers to unlock cell phones from a remote location.

The scheme reportedly “resulted in millions of phones being removed from AT&T service and/or payment plans, costing the company millions of dollars.”

Fahd is charged in 14 counts of the indictment.  They include conspiracy to commit wire fraud, conspiracy to violate the Travel Act and the Computer Fraud and Abuse Act, four counts of wire fraud, two counts of accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act.  To date, three of Fahd’s alleged coconspirators have pleaded guilty, “admitting they were paid thousands of dollars for facilitating Fahd’s fraudulent scheme.”

Note: This case should help anti-bribery and corruption (ABC) and cybersecurity compliance officers to recognize the importance of identifying all internal corporate functions that can pose bribery and corruption risk.  Although many would not think of call-center operations as a high-risk function, the allegations in the indictment indicate that the defendant was able, even remotely, to exploit call-center employees’ discretion to unlock phones for their personal profit at the expense of their employer.

Standard Chartered Southern Africa CEO Calls on Financial Sector to Combat Illicit Wildlife Trade

On August 6, Bloomberg reported that Kweku Bedu-Addo, chief executive officer for Standard Chartered Southern Africa, issued an emailed statement in which he urged the financial sector to “become attuned to the [illicit wildlife trade] activity that courses through the system and apply the armory of tools that they use to fight other financial crimes.”  The Bloomberg article stated that the illicit wildlife trade “has an estimated annual worth of as much as $23 billion, according to the Zoological Society of London’s website,” and that a 2017 United Nations Office on Drugs and Crime report found “that only 26% of the 45 jurisdictions it surveyed investigated the financial flows behind the crime.”

Bedu-Addo told Bloomberg that Standard Chartered “is training its bank-branch tellers to spot transactions that could be linked to the illegal wildlife trade and has made them a focus for its financial-crime investigators,” and “is also educating its clients about the threat.”  In his view, “This isn’t simply a conservation issue – the reality is that the illegal wildlife trade is an organized crime which fuels violence, drives corruption, and impoverishes communities.”

Bedu-Addo also cautioned that it

is a mistake to think we can just arrest our way out of this problem. Where one shipment is stopped, another will take its place. Instead, we need to disrupt the business model behind the trade. Its Achilles heel is the very thing that motivates it – the money.

Because ringleaders in the illegal wildlife trade “need to move, store and realize proceeds,” Bedu-Addo explained, that “gives governments and the financial sector the power to identify criminal networks via their financial footprints and help close the net.”

Note: Bedu-Addo’s statement indicates that Standard Chartered is following through on a number of commitments that it made last October to combat the illegal wildlife trade.  At that time, another Standard Chartered official declared (in language virtually identical to Bedu-Addo’s) the bank’s commitment to “disrupting the business model,” identifying the “Achilles heel of the illegal wildlife trade [a]s the very thing that motivates it – the money,” and criminals’ “need to move, store and realise proceeds.”

As part of that commitment — under the aegis of the United for Wildlife Financial Task Force of The Royal Foundation of The Duke & Duchess of Cambridge and the Duke & Duchess of Sussex — Standard Chartered focused on “training bank branch tellers in source countries to spot the signs, making illegal wildlife trade a focus for our financial crime investigators, and enabling those efforts through new artificial intelligence and machine-learning tools,” as well as “sharing what we have learnt with our correspondent banking clients around the world.”

Other objectives that Standard Chartered stated in 2018 included “enabl[ing] conservation activists to deliver intelligence right to the heart of the financial sector;” “creat[ing] a broad, transnational coalition of partners that gives law enforcement, regulators and banks, working with not-for-profits, the ability to spot patterns that no one can see alone’; and “expand[ing] initiatives . . . that strengthen the ability of law enforcement in key hotspots to use financial intelligence.”

It is not too soon for the Task Force to report publicly on the status of its and its members’ efforts to meet these objectives.  While certain details must inevitably be kept private, the more that the Task Force can demonstrate that its efforts are achieving meaningful results, the greater the attraction for other financial institutions and law enforcement agencies to join this vital initiative.

HSBC Reaches €294.4 Million Settlement with Belgian Prosecutors in Tax Fraud and Money Laundering Investigation

On August 6, the Belgian Public Prosecutor’s Office announced that it had reached a €294.4 million (US$329 million) settlement with HSBC Private Bank SA (Switzerland) (Bank) to resolve a criminal investigation into allegations of tax fraud and money laundering.

The Public Prosecutor’s Office stated that this investigation began in March 2013 and led to searches at the Bank in October 2013.  Subsequently, in 2014 an investigating judge charged the Bank with serious and organized tax fraud, forgery of documents and the use of false documents, money laundering, and illegal exercise of the financial intermediary position.  The authorities’ suspicions were directed at two types of alleged wrongdoing by the bank:

  • What the Public Prosecutor’s Office deemed the bank’s “many years of illegal intervention in Belgium with a view to attracting and managing the assets of a very well-to-do clientele, especially from the Antwerp diamond industry”; and
  • “[K]nowingly promoting and even encouraging tax evasion by making offshore companies available to a number of its privileged customers, particularly in Panama and on the Virgin Islands, which have no economic activity and whose sole purpose is to hide the assets of their customers.”

The Public Prosecutor’s Office pointed out that “[m]ore than a thousand Belgian taxpayers could be involved for amounts that would amount to several billions of dollars that were invested, managed and / or transferred between 2003 and today,” and that “[l]arge amounts of money may also have been laundered.”

In connection with the settlement, the Public Prosecutor’s Office took note of the fact that the bank “has taken important measures to fully revise its structures, controls and procedures to adjust its risk profile.” Those include (1) recruitment of new general directors, a new director for compliance, and a new director for the fight against financial crime; (2) discontinuance of certain services, such as those related to offshore companies; (2) the bank’s separation “from many markets and customers” and introduction of “a policy of fiscal transparency towards existing customers.”

The Public Prosecutor’s Office noted that under the Belgian Code of Criminal Procedure, the Brussels City Council Chamber must review and approve the agreement, and indicated that it would be possible to have the Council review it in September 2019.

Note: This settlement is significant in its own right, as it is reportedly the largest criminal penalty in Belgium’s history.  It also constitutes the second time within the last several months that Belgian authorities have sanctioned leading financial institutions for money laundering-related misconduct.  On April 24, according to De Standaard, the Sanctions Committee of the Belgian Central Bank fined ING Belgium €350,000 for money-laundering violations relating to a Russian customer of the bank between 2000 and 2013.  The Central Bank reportedly found that ING Belgium had done banking with that customer without having properly identified that customer or identifying why he was opening an account in Belgium as a non-resident of Russian nationality.

Anti-money laundering (AML) compliance teams at financial institutions doing business in the European Union (EU) should share this information within their teams and, as appropriate, to senior executives ta their institutions.  Financial firms that pay attention to AML requirements in the largest EU countries, but neglect AML compliance in other EU countries, increasingly do so at their peril.