prevent diversions to forbidden nations - fraud magazine s-o '15
TRANSCRIPT
24 FRAUD MAGAZINE SEPTEMBER/OCTOBER 2015 FRAUD-MAGAZINE.COM
PREVENT DIVERSIONS TOFORBIDDEN NATIONS
Avoid export controls and sanctions violations
BY ROBERT J. WARD JR., ESQ., CFE, CUSECO
Unprepared U.S.-based companies can find them-selves in hot water if they don’t prevent personnel or customers from diverting their products to em-
bargoed countries. Here’s how to protect against substantial civil and criminal penalties. -->
FRAUD-MAGAZINE.COM SEPTEMBER/OCTOBER 2015 FRAUD MAGAZINE 25
ohn Carrington, a former North Carolina state sen-ator, and president and chief executive officer of Sirchie Fingerprints — a police and forensics equip-ment supply company — wanted to sell some prod-
ucts to Hong Kong and China. However, he had no intention of U.S. export control licens-ing requirements holding him up. He simply shipped the goods to an Italian associate who was quite happy — for a price — to send them to Carrington’s customers in China. The U.S. gov-ernment eventually caught Carrington, slapped him in 2005 with a criminal fine of $850,000, a year of supervised release and barred him from exporting anything for five years. Sirchie Fingerprints also was barred from exporting for five years and was required to pay a $400,000 civil penalty. Undaunted, Carrington continued illegally exporting through a successor com-pany he created. The feds caught him again. In 2010, Carrington’s successor company had to pay $2.5 million for 10 violations plus another $10.1 million in criminal fines and had to stop exporting for another five years.
[This case history is from the July 2014 U.S. Bureau of Industry and Security (BIS) publica-tion, “Don’t Let This Happen To You!” See http://tinyurl.com/nstvwxz.]
Increasing enforcement -->Scores of U.S.-based companies either unwit-tingly or knowingly illegally divert products by selling them to customers in federally accepted nations only to have those customers resell the items to companies or individuals in embar-goed countries — such as Syria — or nations that require rigorous government oversight through export control licensing and associated conditions and requirements — such as China.
The U.S. federal government is increas-ingly enforcing sanctions and export controls in pursuit of national security and foreign policy
goals. As a result, U.S.-based companies must implement more effective internal controls to prevent fraudulent shipment diversions. The penalties — both criminal and civil — are severe for failing to take adequate preventive steps. The U.S. Department of Treasury’s Office of Foreign Asset Control (OFAC) alone has issued recent penalties rivaling those for violations of the Foreign Corrupt Practices Act. (See http://tinyurl.com/3c8ld8q.)
Other countries are also cracking down on fraudulent shipment diversions. Witness the joint European Union and U.S. imposition of sanctions against Russia related to the Ukraine crisis. And the Wassenaar Arrangement on Ex-port Controls — implemented among 42 coun-tries to this point — requires implementation of adequate transaction screening procedures to prevent diversion of the export/transfer to unauthorized end users or end uses. (See http://tinyurl.com/ouc2qr7.)
In this article, I’ll review U.S. requirements for preventing diversion, which are similar to other Wassenaar Arrangement signatory countries. I’ll provide some case studies and then discuss best practices for 1) balancing in-centives for sales personnel, 2) empowering international trade compliance personnel to impose transaction holds when necessary and 3) conducting proper and adequate transaction due diligence on end users and end uses.
U.S. requirements for preventing diversion -->As of the publication of this article, the OFAC imposes almost total embargoes on such coun-tries as Cuba, Crimea, Iran, North Korea, Syria and Sudan. (See http://tinyurl.com/pumqgll.) (The embargo on Iran might change because of the July 14 announcement of the Nuclear Containment Agreement.)
Meanwhile, the Obama administration is pushing to have the Cuban embargo lifted. And Congress has begun to take action in that direc-tion through the July 23rd Senate Committee
J
26 FRAUD MAGAZINE SEPTEMBER/OCTOBER 2015 FRAUD-MAGAZINE.COM
Prevent diversions to forbidden nations
amendments to the Senate Financial Services appropriations bill. (See the Re-uters article on MSN, “Senate panel passes amendment to end restrictions on travel to Cuba,” http://tinyurl.com/o4wju6e.)
The U.S. also imposes limited sanc-tions against many other countries, spe-cially designated nationals and denied parties. (See: http://tinyurl.com/398fb4p.) Companies, of course, must ensure they aren’t conducting business with any of these and other blacklisted entities.
Meanwhile, the U.S. Department of Commerce’s Bureau of Industry and Se-curity enforces export and embargo con-trols. (See 15 CFR Parts 744 and 746, http://tinyurl.com/o9uhv2g.) Among these con-trols is the prohibition against end-users who are proliferators of nuclear, biologi-cal and chemical weaponry and missile delivery systems. (See 15 CFR Part 744.) The law requires inclusion of a destination
control statement on all relevant export documentation stating at a minimum:
“These commodities, technology, or software were exported from the United States in accordance with the Export Ad-ministration Regulations (EAR). Diversion contrary to U.S. law is prohibited.” [See 15 CFR §758.6(a).]
Under the Export Administration Regulations, the government can impose criminal penalties up to $1 million and 20 years imprisonment per violation while administrative penalties can reach the greater of $250,000 per violation or twice the amount of the transaction that is the basis of the violation. (See http://tinyurl.com/p3b7w3g.)
Criminal penalties for willful viola-tions of OFAC sanctions can include fines ranging up to $20 million and imprison-ment of up to 30 years. Civil penalties for violations of the U.S. Trading with the
Enemy Act can range up to $65,000 for each violation. Meanwhile, civil penalties for violations of the International Emer-gency Economic Powers Act can range up to $250,000 or twice the amount of the underlying transaction for each violation. (See http://tinyurl.com/ooysbzs.)
More case studies of company failures -->Computerlinks FZCO
Computerlinks FZCO, the United Arab Emirates subsidiary of the German firm Computerlinks AG, committed three viola-tions of the EAR for transferring devices manufactured by Blue Coat Systems Inc. (USA) for monitoring and controlling In-ternet traffic to Syria.
Computerlinks — at the time an au-thorized reseller for Blue Coat of Sunny-vale, California — ordered equipment val-ued at approximately $1.4 million, which the U.S. government controls for national security and anti-terrorism reasons and as encryption items.
Computerlinks falsely stated to Blue Coat, the U.S. manufacturer and exporter, that the ultimate destination and end us-ers for the items was the Iraq Ministry of Telecom or the Afghan Internet ser-vice provider Liwalnet and not the actual Syrian end users. Blue Coat subsequently shipped the items to Computerlinks in the UAE. Computerlinks UAE then shipped the items to Syria without obtaining the required licenses.
On April 24, 2013, Computerlinks agreed to pay a $2.8 million civil pen-alty — the statutory maximum — and complete three external audits of its ex-port control compliance program. “It is vital that we keep technology that can be used to further the repression of the Syr-ian people out of the hands of the Syrian government,” said Under Secretary for Industry and Security Eric L. Hirschhorn.
Criminal penalties for willful violations of OFAC sanctions can include fines ranging up to $20 million and imprisonment of up to 30 years.
FRAUD-MAGAZINE.COM SEPTEMBER/OCTOBER 2015 FRAUD MAGAZINE 27
[The preceding case history is from the July 2014 U.S. Bureau of Industry and Security (BIS) publication, “Don’t Let This Happen To You!” See http://tinyurl.com/nstvwxz.]
Rental diversion on the slyI once worked as chief compliance officer at a U.S.-based company — we’ll call it GlobalRentz — that rented satellite com-munications equipment to international firms. The company provided VSAT sat-ellite communications equipment to a Chinese customer in Singapore. However, the Chinese customer later said it was planning to take the equipment to Iran to use on its projects there. GlobalRentz was unable to retrieve the equipment. Meanwhile, a high-level engineer for Glo-balRentz based in Singapore, took it upon himself to continue to provide the Chinese company managed technical services as a subcontractor to a Singapore vendor of the Singapore GlobalRentz company. Remarkably, the general manager of the Singapore GlobalRentz office at the time approved this arrangement without con-sulting headquarters in the U.S.
That general manager left Global-Rentz Singapore to help manage a differ-ent regional office. His successor in the Singapore office discovered the engineer’s abnormal arrangement when he reviewed management accounting reports. He hap-pened to notice the Singapore vendor’s payments to GlobalRentz Singapore for services rendered rather than the Glob-alRentz Singapore company paying the vendor. (It was a vendor after all and not a customer.) GlobalRentz hired outside counsel to conduct an investigation to pur-sue this red flag, which led to the discovery of the fraudulent diversion of managed technical services to support the Chinese customer’s project in Iran.
The diversion violated OFAC regula-tions and potentially violated U.S. export control laws — because the components in the equipment originated in the U.S. — and broke the U.S. company’s code of conduct, which forbids activities that amount to a conflict of interest. Put an-other way, the former Singapore office general manager evidently attempted to sustain sales revenue by joining with a vendor and permitting his chief engineer to undertake contract services work for the vendor to serve a customer operating in a forbidden, sanctioned jurisdiction.
After an investigation, GlobalRentz dismissed the former general manager and the high-level engineer for violating U.S. laws applicable to its U.S.-controlled subsidiary and for the unreported con-flict of interest. As part of the company’s self-disclosure to the U.S. government, outside counsel advised the company that it had to be able to demonstrate disciplin-ary action against those responsible and show remedial measures to prevent future occurrences.
I spearheaded GlobalRentz’ creation of an operations manual to alert person-nel to be on the lookout for customers that might be at risk for operating in sanctioned countries. Also, company personnel are now requiring customers to return any rented equipment to Glob-alRentz if they’re contemplating work in a sanctioned country.
Traps illustrated in these case studiesTraps can arise from fraudulent represen-tations of unscrupulous foreign intermedi-aries, overzealous customer service activi-ties of foreign-based employees trying to keep their numbers up and even former state senators (like Carrington) who might believe they’re above the law and who make fraudulent conveyance of company
assets to evade their own denial orders. It’s clear that companies need to conduct risk assessments on vulnerabilities and train all personnel in vulnerable positions.
Best practices for avoiding fraudulent diversions -->Fortunately, BIS has developed principles the government considers components of the cornerstone of best practices for avoiding fraudulent diversions (See http://tinyurl.com/olrjy8t.)
Here are those BIS principles verba-tim with my comments in italics:
Best practice No. 1: Companies should pay heightened attention to the Red Flag Indicators on the BIS Website and communicate any red flags to all divi-sions, branches, etc., particularly when an exporter denies a buyer’s order or a freight forwarder declines to provide export ser-vices for dual-use items.
15 CFR Part 732, Supp. 3 lists red flags, which indicate a fraudulent diversion is likely. The key red flags are:
1. The customer or purchasing agent is reluctant to offer information about the end use of a product.
2. The product’s capabilities don’t fit the buyer’s line of business; for example, a small bakery places an order for several sophisticated lasers.
3. The product ordered is incompatible with the technical level of the country to which the product is being shipped. For example, semiconductor manu-facturing equipment would be of little use in a country without an electronics industry.
4. The customer has little or no business background.
5. The customer is willing to pay cash for a very expensive item when the terms of the sale call for financing.
28 FRAUD MAGAZINE SEPTEMBER/OCTOBER 2015 FRAUD-MAGAZINE.COM
Prevent diversions to forbidden nations
6. The customer is unfamiliar with the product’s performance characteristics but still wants the product.
7. The customer declines routine installa-tion, training or maintenance services.
8. Delivery dates are vague, or deliver-ies are planned for out-of-the-way destinations.
9. A freight forwarding firm is listed as the product’s final destination.
10. The shipping route is abnormal for the product and destination.
11. Packaging is inconsistent with the stat-ed method of shipment or destination.
12. When questioned, the buyer is evasive or unclear about whether the pur-chased product is for domestic use, export or re-export.Best practice No. 2: Exporters/Re-
exporters should seek to utilize only those Trade Facilitators/Freight Forwarders that administer sound export management and compliance programs which include best practices for transshipment.
This will require proper due diligence on a company’s freight-forwarding agents.
Best practice No. 3: Companies should “know” their foreign customers by obtaining detailed information on the bona fides (credentials) of their customer to measure the risk of diversion. Specifi-cally, companies should obtain informa-tion about their customers that enables them to protect dual-use items from diver-sion, especially when the foreign customer is a broker, trading company or distribu-tion center.
Undertaking screening against the vari-ous black lists is just the start of such due diligence efforts.
Best practice No. 4: Companies should avoid routed export transactions when exporting and facilitating the move-ment of dual-use items unless a long standing and trustworthy relationship has been built among the exporter, the
foreign principal party in interest (FPPI), and the FPPI’s U.S. agent.
These are instances in which foreign par-ties certify, as the freight-forwarding agent principal, that the exports from the U.S. are legal.
Best practice No. 5: When the Des-tination Control Statement (DCS) is re-quired, the Exporter should provide the appropriate Export Control Classification
Number (ECCN) and the final destination where the item(s) are intended to be used, for each export to the end-user and, where relevant, to the ultimate consignee. For exports that do not require the DCS, other classification information (EAR99) and the final destination should be communi-cated on bills of lading, air waybills, buyer/seller contracts and other commercial documentation. For re-exports of con-trolled and uncontrolled items, the same classification and destination specific in-formation should be communicated on export documentation as well.
This best practice goes beyond what’s required by law, but it will go a long way in helping the exporter demonstrate due care and good faith for the mitigation of any penalties.
Best practice No. 6: An Exporter/Re-exporter should provide the ECCN or the EAR99 classification to freight forwarders, and should report in the Automated Ex-port System (AES) the ECCN or the EAR99 classifications for all export transactions, including “No License Required” designa-tion certifying that no license is required.
This is an attestation that the exporter has knowingly checked all the requirements for a license exception and that it has and will meet these requirements.
Best practice No. 7: Companies should use information technology to the maximum extent feasible to augment “know your customer” and other due-dil-igence measures in combating the threats of diversion and increase confidence that shipments will reach authorized end-users for authorized end-uses.
The new state-of-the-art method for en-suring compliance is integrating with the web portal of a company’s freight forwarder to track shipments. Radio frequency identi-fication technology is making this tracking more foolproof. In our rented equipment case on page 27, we even potentially discussed in-cluding a GPS tracking device on U.S. origin
Companies should “know” their for-eign customers by obtaining detailed information on the bona fides (credentials) of their customer to measure the risk of diversion.
equipment so that we could monitor potential unlawful diversions in real time.
Further considerations -->Companies can use additional strategies to help prevent fraudulent diversions. Be sure to train all personnel on global sanctions and export controls, including foreign-born employees — particularly those not living in the U.S. (The BIS itself conducts regular training. See http://tinyurl.com/pkndet5.)
Certain countries are known for high incidences of improper transshipments: Hong Kong, Singapore and the United Arab Emirates. The BIS has assigned seven export control officers to those countries plus China, India and Russia. (See the “Keynote Speech of David W. Mills, Assistant Secretary for Export Enforcement UPDATE Conference, July 30, 2014,” http://tinyurl.com/qabj4ed.) Companies should conduct in-person training for personnel in branch, subsidiary and sales agent offices in these countries. Sales personnels’ bonus and commission structures should include the key performance indicator of meeting export control compliance requirements.
Finally, similar to the concept of an “empowered official” under U.S. International Traffic in Arms Regulations (see: 22 CFR §120.25, http://tinyurl.com/njj6d89), exporting companies should appoint in-ternational trade compliance officers who have the authority to issue stop orders on any transactions in which red flags are present. Companies should man-date that compliance officers perform due diligence on proposed shipments with personnel in countries known for a high incidence of transshipments.
If U.S.-based companies don’t work to prevent fraudulent diversions of their products, they can expect prosecution, potential substantial criminal and civil penalties, denial orders against exporting privileges and certain reputational damage. n FM
The views expressed by the author are his own and don’t necessarily express the views of Hewlett-Packard.
Robert J. Ward Jr., Esq., CFE, CUSECO, is the global customs and export controls compliance manager at Hewlett-Packard. Ward is a Certified U.S. Export Compliance Officer. His email address is: [email protected].
Visit ACFE.com/OBAI to learn more.
When bias enters an individual’s work, the results can be very harmful. Allowing bias to impact audits and investigations can lead to the wrong person being punished and the real perpetrator getting away. This course explores bias and its effects on investigations and audits. You will examine conscious and unconscious bias, how bias affects work and how you can counter its effects.
NEW! Self-Study CPE Course
Overcoming Bias in Audit InvestigationsCPE Credit: 2 Course Level: OverviewPrerequisite: None
You Will Learn How To: • Recognize bias and the ways it can manifest
• Distinguish conscious from unconscious bias
• Recognize the way bias affects auditors and investigators
• Relate bias to professional skepticism
• Determine ways to mitigate the effects of bias
$59 Members / $79 Non-Members