|
I forge, therefore I am?
By Mark R Outhwaite
Anybody that has worked in financial crime prevention, or in HR will quickly come to realise that people and their claims do not always tally. I must admit, the first time I used a pre-employment screening service I was some what sceptical. Why? Because most people would like to think that the colleagues we work with and would like to work with are the people they hold themselves out to be.
I was converted, however, when the service identified a number of significant inconsistencies in some job applicant’s information.
Nevertheless it remains true that the vast majority of people working in financial services industry tend to be law abiding, active in their communities and generally decent people.
Unfortunately, there is a hardcore of people who are not. Even worse, there are dedicated, professional criminals committed to servicing the needs of these crooks, sometimes on an industrial scale. I would, therefore, like to take a moment of your busy New Year to convey a brief insight into the scale of the problem as well as challenging some of our pre-conceptions’ about forgers, their products and some of the risks they pose to our firms.
Forgery, a business for loners?
Crime films and TV shows would have us believe that forgers tend to be slightly odd individuals keeping themselves to themselves and meeting a sticky end at the hands of an ungrateful assassin. However, in November last year, the press reported a very interesting case which should make us all sit up and take notice. They reported that nine members of a gang of forgers were jailed at Snaresbrook Crown Court for a total of 41-and-a-half years.
Now this gang included three generations of the same family, ranging from 23 to 71 years of age. They had been arrested for counterfeiting sterling bank notes following a lengthy surveillance and phone-tapping operation after the financial authorities became suspicious. The gang was using "hot foiling" machines (used to insert silver foil into notes) printers and guillotines in their Shoreditch workshops.
At the time of the trial, it was stated that the gang had produced so many fake £20 notes that the whole British banking system was under threat. It was believed, for example, that two-thirds of all the counterfeit notes circulating in 2005 were produced by the "family business" with the Bank of England recovering £14,280,320 in fake £20 notes and £1,367,550 in fake £50 notes.
Now let’s take a moment to reflect on the implications of this news story:
• With nine people convicted, this was not a small operation,
• No product, apparently, is beyond the ambition of a forger,
• Forgers have access to technology that allows them to reproduce all sorts of documents and paperwork that most of us wrongly believe is beyond their capability, and in large volume.
• Forgers work for a profit and they are not to fussy about who they sell their product too.
It’s also amusing to note that the gang seemed to be complying with the age discrimination legislation as, at 71, old age was not seen as being a bar to criminal pursuits!
By popular demand
Bogus British passports remain a surprisingly straightforward document to obtain. As recently as December 2006, The Sun newspaper obtained one in the name of the current Home Secretary, John Reid, in Bulgaria for £565 pounds. The quality of which was described as being good enough to fool most of the people most of the time. It is also worth remembering that early in 2003 the BBC “stole” the then Home Secretary’s identity (David Blunkett) identity and used it to obtain a real British passport for one of its Kenyon Confronts programmes.
Now the passport examples, in particular, present a number of problems for those working in the regulated financial services sector. When servicing our clients, how would the relevant staff go about verifying the validity / authenticity of the documents presented too them? How do they deal with overseas documents of identity? Have they been trained to spot a duff one? Do they know what to do if they get one?
A lot of firms rely on their written procedures, IT systems, and appropriate training to help answer these questions. However, a number of firms still believe that forged documents will not catch them out and, that if an incident occurs, it will be a one off.
What a lot of people forget is that professional money launderers will also be examining and testing the strength and weaknesses of a firm’s procedures and IT systems. They will then use forgers to produce good quality documents to exploit any weakness in those systems. For example, where a cashier cannot recognise a counterfeit bank note or an account opener does not pick up on a stolen passport. What senior management sometimes fail to understand is that once a money launder has identified a systemic weakness in a firm then he or she is likely to repeat the exercise of introducing more bogus clients/suppliers/staff (delete as applicable) with new fake documents.
Something useful this way comes
Now, crude cut and paste fake IDs aside, it is in the use of stolen ID documents and or the repeat reproduction of the same ID document (with slightly different personal details) that the forger is at his or her most vulnerable. Why? Because, these days one can obtain systems allowing virtually instant access (for a price) to international databases of forged or stolen passports documents of identity etc etc. Batches of blank ID cards, stolen before they are issued by the relevant State are very valuable. In terms of quality, virtually undetectable but the numbers of ID cards stolen is known. So even these counterfeits are vulnerable, if you have access to the right information.
Now whilst no IT system is perfect and no system can pick up every forgery (lets not forget that some Government intelligence services used forged documentation of identity for a number of reasons), it should significantly increase the chance of detecting bogus clients/suppliers/existing staff. This only holds true, however, if the benefits of such a system are shared with other departments in the firm (e.g. typically people “forget” HR) who have a similar requirement to test the veracity of documents identity presented to the firm.
It may be that volume and style of business that you undertake does not warrant significant IT investment but your firm’s training should then include help on how to spot, deal with forged documents.
So start the New Year with some questions
Try this approach next time you have a few precious spare minutes. When looking at your firms systems and procedures try doing it from the point of view of a forger. What are the least number of documents and of what type would you need to fulfil your firm’s requirements for documentary evidence to open an account, staff or supply your firm?
Then go onto the web and have a look at the news stories over the last 2 years concerning forgery, counterfeit bills, fake degrees convictions police raids etc etc. Then review your firm’s safeguards asking whether anybody really sat down and analysed the risks to a firm of falling foul of faked documents presented to the firm from clients, business introducers, suppliers, staff etc etc?
Still feeling comfortable? Then I salute the robust forethought that has gone into designing your firms systems and controls.
Feeling uncomfortable? Then now is the time to act, before an incident occurs. Ensure that the right person carries out a relevant risk assessment and acts on it. Please remember that from a forger’s point of view, a fake document is his or her key to accessing you and your firm. They are out there, they are active so let’s not give them an easy time.
I hope you have a great 2007!
|
