ZDNet reports that federal agencies are prosecuting Costa Rica-based digital currency firm Liberty Reserve, claiming the firm ran a US $6 billion money laundering scheme. The U.S. Justice Department says that Liberty Reserve and seven of its principals and employees are being charged for running the largest ever money laundering scheme by "operating an unlicensed money transmitting business" and giving its users the ability to commit crime clandestinely. The company allegedly facilitated at least 55 million illegal transactions for a minimum of one million users — 200,000 of which reside in the United States.
Five defendants, including Liberty Reserve's founder and cofounder, were arrested last month, a Russian citizen is set to be extradited to the United States, and two other defendants in Costa Rica have not been apprehended. In addition to the arrests, law enforcement also has seized domain names and 45 bank accounts, and a civil action lawsuit has been filed against 35 exchanger websites used to facilitate the company's scheme.
The internal audit profession must continue adapting to online fraud by embracing relevant counter-fraud strategies such as data analytics and continuous auditing/monitoring.
One key data analytics-related strategy to combat online fraud schemes is refining effective Internet-based search techniques. Most information exists beyond the simple search techniques (e.g., plugging in names and keywords) — auditors just need to know where to look. Internal auditors should:
Understand the legal issues. It's important to stay informed about what is considered acceptable practice when searching the Web when investigating fraud, as the laws vary based on the country or state, as well as the reason for the search. Auditors should talk to legal counsel before using information gathered online in an investigation. Information obtained under false pretenses may not be admissible in court. Intelligence is not evidence.
Be persistent. There are many options for gathering necessary information for conducting a thorough investigation. Open sources (i.e., publicly available information) are a good starting point, but many of these sources are not easily found on the Internet unless auditors know where to look. Even if they hit a wall, auditors should keep digging, using the information gleaned from the search to find deeper sources. Sometimes several layers of searches will be necessary to get to the next layer of information.
Look for the telltale signs. When the focus is on financial fraud (e.g., money laundering), signs may include:
- Accounts can be opened without validation.
- Deposits are made through third parties using a credit card or bank wire system, among other "loose" deposit options.
- The company does not directly process deposits or withdrawals.
- Deposited funds are converted into unusual forms (e.g., Liberty Reserve Dollars).
- No limits are placed on transaction size.
- Transactions are "100 percent irrevocable."
Use social media to gather intelligence. Auditors can use social media to research fraud schemes and suspects. It's important to conduct searches across multiple social media sites, as many people have different profiles and privacy settings for each account. Internal auditors should be aware, however, that many social media sites have privacy policies that prohibit people from setting up accounts using an alias, and evidence gathered by using a fake account may not be admissible in court.