Seven Individuals Indicted for Engineering Sophisticated Internet Fraud Scheme That Infected Millions of Computers Worldwide
On November 9, 2011 the United States Attorney for the Southern District of New York announced charges against against six Estonian nationals and one Russian national for engaging in a massive and sophisticated Internet fraud scheme that infected with malware more than four million computers located in over 100 countries. Of the computers infected with malware, at least 500,000 were in the United States, including computers belonging to U.S. government agencies, such as NASA; educational institutions; non-profit organizations; commercial businesses; and individuals. The malware secretly altered the settings on infected computers enabling the defendants to digitally hijack Internet searches and re-route computers to certain websites and advertisements, which entitled the defendants to be paid. The defendants subsequently received fees each time these websites or ads were clicked on or viewed by users. The malware also prevented the installation of anti-virus software and operating system updates on infected computers, leaving those computers and their users unable to detect or stop the defendants’ malware, and exposing them to attacks by other viruses.
Six of the defendants, Vladimir Tsastin, Timur Gerassimenko, Dmitri Jegorov, Valeri Aleksejev, Konstantin Poltev and Anton Ivanov, all Estonian nationals, were arrested and taken into custody November 8, 2011 in Estonia by the Estonian Police and Border Guard Board. The U.S. Attorney’s Office will seek their extradition to the United States. The seventh defendant, Andrey Taame, a Russian national, remains at large.
As alleged in the indictment, from 2007 until October 2011, the defendants controlled and operated various companies that masqueraded as legitimate publisher networks (the “Publisher Networks”) in the Internet advertising industry. The Publisher Networks entered into agreements with ad brokers under which they were paid based on the number of times that Internet users clicked on the links for certain websites or advertisements, or based on the number of times that certain advertisements were displayed on certain websites. Thus, the more traffic to the advertisers’ websites and display ads, the more money the defendants earned under their agreements with the ad brokers. As alleged in the indictment, the defendants fraudulently increased the traffic to the websites and advertisements that would earn them money. The defendants accomplished this by making it appear to advertisers that the Internet traffic came from legitimate clicks and ad displays on the defendants’ Publisher Networks when, in actuality, it had not.
The defendants accomplished their scheme by employing both “click hijacking” and “advertising replacement fraud.” In “click hijacking” schemes the user of an infected computer clicks on a search result link displayed through a search engine query, the Malware causes the computer to be re-routed to a different website. Instead of being brought to the website to which the user asked to go, the user is brought to a website designated by the defendants. In “advertising replacement fraud” schemes the defendants used malware and rogue DNS servers which replaced legitimate advertisements on websites with substituted advertisements that triggered payments to the defendants. It is alleged in the indictment that both schemes earned the defendants at least $14 million in ill-gotten gains.
The defendants are being charged with wire fraud conspiracy, wire fraud, computer intrusion, computer intrusion conspiracy, and computer intrusion by transmitting information. The indictment also alleges that the defendants laundered the proceeds of the scheme through numerous companies.
The author of this blog is Erich Ferrari, an attorney specializing in Federal Criminal Defense matters. If you have any questions please contact him at 202-280-6370 or firstname.lastname@example.org.
Before speaking to government agents think long and hard about the information you want to provide them. Even if you aren’t the target of their investigation, any statements you provide the government that turn out to be false can be grounds for charging you with a separate and distinct felony under 18 U.S.C. 1001. This offense carries a penalty of up to 5 years imprisonment and should not be taken lightly. Therefore, think through your statements before providing them to government agents, and if possible, retain counsel before making any such statements.
The False Statements statute makes it a felony to (1) conceal a material fact, (2) make a false statement or representation, or (3) make or use a false writing, in any matter within the jurisdiction of the United States Government. Thus the statute criminalizes the making of a wide range of both sworn and unsworn statements to the federal government.
False statements typically arise when prosecutors charge those who have lied to cover up some other illegal activity. Hence the common characterization of 18 U.S.C. 1001 as a “cover-up” crime.
What follows is a brief break down of the three primary offenses:
(1) Concealing a material fact – a person has to falsify, conceal or cover up any material fact that he had a duty to disclose. Such a duty exists if the government asks you to disclose the fact either in person or on an official form. Even answering “no” to an agent’s question of whether you committed the crime can be grounds of charging you under section 1001 if you did in fact commit the crime.
(2) Making a false or fraudulent statement – a person makes a “false” statement if the statement was untrue when it was made, and the person knew it was untrue at that time. A statement is “fraudulent” if it was untrue when it was made, and the person knew it was untrue at that time, and the person intended to deceive.
(3) Making or using a false writing – a person uses a false writing or document when that person knows it contains materially false, ficticious, or fraudulent statements or entries.
For each of the three offenses above, the following additional elements must be proven before someone can be convicted of 18 U.S.C. 1001:
(a) The subject of the false statement, the fact, must be material. To be material, a fact either has a natural tendency to influence or is capable of influencing a decision of any federal governmental entity.
(b) The person must have acted knowingly and willfully. A person acts knowingly or willfully if they have acted voluntarily and intentionally, and not because of mistake or some other innocent reason.
(c) And finally, that the fact actually pertained to a matter before some agency or branch of the U.S. Government regardless of whether the person knew it was actually a matter before the government. As such, making false statements to private contractors carrying out a federal project or filing papers with your employer that are subsequently sent to the federal government can make you liable under section 1001.
You must understand and respect the gravity of the situation when speaking to government agents either in person or in written responses. Make sure your statements are true and reflect the knowledge you actually possess about any matter you are being asked about. The risk of prosecution is real, and the government is not shy about charging section 1001. However, if you fear that speaking the truth will get you in trouble you can just decline to speak to the agents altogether until you are compelled to by court order or subpoena. At that time you can invoke your Fifth Amendment right to remain silent.
The author of this blog is Erich Ferrari, an attorney specializing in Federal Criminal Defense matters. If you have any questions please contact him at 202-280-6370 or email@example.com.
The DOJ recently reported that five individuals and four of their companies have been indicted as part of a conspiracy to defraud the United States that allegedly caused thousands of radio frequency modules to be illegally exported from the United States to Iran, at least 16 of which were later found in unexploded improvised explosive devices (IEDs) in Iraq. Some of the defendants are also charged in a fraud conspiracy involving exports of military antennas to Singapore and Hong Kong.
Authorities in Singapore arrested Wong Yuh Lan (Wong), Lim Yong Nam (Nam), Lim Kow Seng (Seng), and Hia Soo Gan Benson (Hia), all citizens of Singapore, in connection with a U.S. request for extradition. The United States is seeking their extradition to stand trial in the District of Columbia. The remaining individual defendant, Hossein Larijani, is a citizen and resident of Iran who remains at large.
The indictment alleges that the defendants conspired to defraud the U.S. and defeat export controls by sending U.S.-origin components to Iran rather than to their stated final destination of Singapore. The government has stated that this case undescores the continuing threat posed by Iranian procurement networks seeking to obtain U.S. technology.
The indictment, which was returned in DC on Sept. 15, 2010, and unsealed on October 25, 2011, includes charges of conspiracy to defraud the U.S., smuggling, illegal export of goods from the United States to Iran, illegal export of defense articles from the U.S., false statements, and obstruction of justice.
The charged defendants are Iranian national Larijani, 47, and his companies Paya Electronics Complex, based in Iran, and Opto Electronics Pte, Ltd., based in Singapore. Also charged is Wong, 39, an agent of Opto Electronics who was allegedly supervised by Larijani from Iran. The indictment also charges NEL Electronics Pte. Ltd., a company in Singapore, along with NEL’s owner and director, Nam, 37. Finally, the indictment charges Corezing International Pte. Ltd., a company in Singapore that maintained offices in China, as well as Seng, 42, an agent of Corezing, and Hia, 44, a manager, director and agent of Corezing.
Wong, Nam, Seng and Hia allegedly conspired to defraud the United States by impeding U.S. export controls relating to the shipment of 6,000 radio frequency modules from a Minnesota company through Singapore to Iran, some of which were later found in unexploded IEDs in Iraq. Seng and Hia are also accused of conspiring to defraud the United States relating to the shipment of military antennas from a Massachusetts company to Singapore and Hong Kong. Singapore has agreed to seek extradition for Wong and Nam on the charge of conspiracy to defraud the United States relating to the components shipped to Iran, and to seek extradition for Seng and Hia on the charge of conspiracy to defraud the United States relating to the military antenna exports.
In coordination with the criminal actions taken, the Commerce Department Bureau of Industry and Security announced the addition of 15 persons located in China, Hong Kong, Iran and Singapore to the Commerce Department’s Entity List. In addition to the five individual defendants in this case, the Commerce Department named additional companies and individuals associated with this conspiracy. In placing these parties on the Entity List, the Commerce Department is imposing a licensing requirement for any item subject to Commerce regulation with a presumption that such a license would be denied.
The United States aggressively enforces its export control and national security laws to ensure continued compliance with regulations expounding U.S. national security and foreign policy interests. Criminal prosecutions such as the ones announced in this indictment usually denote willful violations of the regulations. By lying to investigators and regulators, these individuals and companies find themselves in the unenviable position being charged with crimes that put them at direct odds with the stated national security and foreign policy goals of the United States.
The author of this blog is Erich Ferrari, an attorney specializing in Federal Criminal Defense matters. If you have any questions please contact him at 202-280-6370 or firstname.lastname@example.org.
The DOJ recently announced that Ali Charaf Damache, an Algerian man who resided in Ireland, and Mohammad Hassan Khalid, a Pakistani citizen and U.S. lawful permanent resident who resided in Maryland, have been charged with conspiracy to provide material support to terrorists in a superseding indictment returned on October 20, 2011 in the Eastern District of Pennsylvania.
Damache, aka “Theblackflag,” 46, is charged in the superseding indictment with one count of conspiracy to provide material support to terrorists and one count of attempted identity theft to facilitate an act of international terrorism. Damache was arrested by authorities in Ireland in March 2010 where he is currently being held on unrelated charges. The United States intends to seek his extradition from Ireland to stand trial in the Eastern District of Pennsylvania. If convicted of the charges against him in the superseding indictment, Damache faces a potential sentence of 45 years in prison.
Khalid, aka “Abdul Ba’aree ‘Abd Al-Rahman Al-Hassan Al-Afghani Al-Junoobi W’at-Emiratee,” 18, is charged in the superseding indictment with one count of conspiracy to provide material support to terrorists. Khalid was arrested in Ellicot City, Md., on July 6, 2011, and is currently in custody in the Eastern District of Pennsylvania. If convicted of the charge against him in the superseding indictment, Khalid faces a potential sentence of 15 years in prison.
The indictment alleges that, from about 2008 through July 2011, Damache and Khalid conspired with Colleen R. LaRose, Jamie Paulin Ramirez and others to provide material support and resources, including logistical support, recruitment services, financial support, identification documents and personnel, to a conspiracy to kill overseas. LaRose, aka “Fatima LaRose,” aka “JihadJane,” pleaded guilty in February 2011 in the Eastern District of Pennsylvania to conspiracy to provide material support to terrorists, conspiracy to kill in a foreign country, false statements, and attempted identity theft. Ramirez pleaded guilty in the Eastern District of Pennsylvania in March 2011 to conspiracy to provide material support to terrorists.
According to the indictment, Damache, Khalid and others devised and coordinated a violent jihad organization consisting of men and women from Europe and the United States divided into a planning team, a research team, an action team, a recruitment team and a finance team; some of whom would travel to South Asia for explosives training and return to Europe to wage violent jihad.
The indictment alleges that Damache, Khalid, LaRose and others recruited men online to wage violent jihad in South Asia and Europe. In addition, Damache, Khalid, LaRose and others allegedly recruited women who had passports and the ability to travel to and around Europe in support of violent jihad. The indictment further alleges that LaRose, Paulin-Ramirez and others traveled to and around Europe to participate in and support violent jihad; and that Khalid and LaRose and others solicited funds online for terrorists.
The investigation leading to this indictment included coordinated efforts by the FBI’s Joint Terrorism Task Force in Philidelphia, and the FBI Field Divisions in New York, Denver, Washington, DC, and Baltimore. Authorities in Ireland also provided assistance.
It is unclear from the indictment whether any of the co-conspirators were informants working under the direction of the FBI or if they were actual co-conspirators. If these co-conspirators were informants working with investigators then the defendants might be able to benefit from an entrapment defense. Entrapment is a complete defense to a criminal charge if (1) the government induced the crime and (2) the defendant lacked the predisposition to engage in the alleged criminal conduct. This defense is designed to discourage the government from “gaming” otherwise innocent people into thinking they can successfully engage in and attempt crimes. These individuals are subsequently arrested by the very authorities who set them up. Given that several of the co-conspirators in this case had already pled guilty it would be interesting to know if any of them exchanged their cooperation with this investigation for lighter sentences in their own cases. If so, the case for entrapment becomes more compelling.
FinCEN Proposes Reporting Requirement of International Transport of Prepaid Access Products at U.S. Borders
Furthering the U.S. Department of the Treasury’s efforts to address the potential misuse of prepaid access products, the Financial Crimes Enforcement Network (FinCEN) recently proposed adding certain tangible prepaid access devices to the list of monetary instruments to be reported when transported into or out of the United States. FinCEN’s proposal would add devices such as general use prepaid cards, certain gift cards, and potentially cell phones to the list of other monetary instruments that must be aggregated to determine if they exceed more than $10,000 and included on the Currency and Monetary Instrument Report (CMIR), the form used to report international transport of funds at U.S. borders. The proposal is intended to address certain devices that can be used as a substitute for currency, as they provide access to funds by any bearer of the device. This product attribute, as FinCEN’s cooperation and consultation with law enforcement has indicated, may enable the anonymous transfer or concealed transport of illicit funds across the U.S. border.
Excluded from the proposal are credit cards and debit cards, and codes and personal identification numbers or items like computers or web enabled cell phones, or other devices that are not dedicated to accessing specific prepaid funds.
“The proposal we’re releasing today is a further step in our staged approach, building upon our newly implemented regulations of prepaid access, in a coordinated effort with law enforcement to shine a light on the transfer of money obtained through illicit activity,” said FinCEN Director James H. Freis, Jr. “Reporting tangible prepaid access devices puts another tool at the disposal of law enforcement to interrupt the transfer of monetary value anonymously across international borders when that value was obtained illegally.”
Current regulations require that a CMIR be filed regarding the international transportation, mail, or shipment of currency or other monetary instruments – defined as coin or currency, traveler’s checks, checks, promissory notes, money orders in bearer form, and bearer bonds among others – in an aggregate amount that exceeds $10,000. FinCEN’s proposal will update U.S. reporting requirements, which have been in place since the 1970s, to reflect the emergence of new payment methods and monetary instruments that could be used to facilitate illicit financial activity.
While FinCEN was already developing regulatory proposals in this area, the Credit Card Accountability Responsibility and Disclosure (CARD) Act of 2009 required the issuance of regulations in final form implementing the BSA, regarding the sale, issuance, redemption, or international transport of stored value, including stored value cards. FinCEN defined prepaid access and included new regulatory requirements in July 2011, expanding beyond the previous framework for certain products known as “stored value.”
This proposal should serve as a warning to those who frequently travel with monetary instruments worth over $10,000. Travellers will need to accurately add up the total value of their monetary instruments and account for items such as gift cards, prepaid cards, and possibly even pre-loaded cell phones. If a traveller either fails to report or reports inaccurately their total value of monetary instruments, including these new items, such items can be seized by U.S. Customs and Border Protection and subsequently subject to forfeiture. Such seizures will make transporting money even more expensive by enabling the government to levy fines and penalties against travellers.
Proactive Suspicious Activity Report Review Leads to the Arrest of Army Officer and Recovery of Iraqi War Funds
FinCEN recently reported that a U.S. military officer used his official position to steal currency designated for war use, transferred the funds to the United States, and then spent that money on personal items. When the defendant conducted transactions with the stolen currency at financial institutions, those transactions triggered anti-money laundering detection protocols. The resulting SAR led to a quick arrest and recovery of the stolen currency.
This is an example where the underlying crime went undetected, but where BSA reporting requirements resulted in the identification of transactions involving the fruits of the crime. The facts of the case stated that for a period of almost 2 years, the defendant was deployed to Iraq and was responsible for making monthly payments in U.S. currency, derived from an emergency relief program, to Iraqi nationals. At any one time, the defendant had nearly $300,000 in cash locked in a safe.
During his deployment, the defendant stole nearly $700,000 of the funds, which consisted of newly issued $100 bills. The defendant then forwarded the currency to his home address before returning from Iraq. After returning home, the defendant opened accounts at several different depository institutions and began to deposit the stolen currency into the accounts. In a 3-month period, the defendant made numerous currency deposits on consecutive days or the same day for less than $10,000. In all, the defendant deposited more than $350,000 in stolen currency into the accounts.
With the stolen money in the accounts, the defendant proceeded to purchase cashier’s checks for tens of thousands of dollars. The defendant used the checks to purchase expensive vehicles, electronics, computers, furniture, and handguns. Eventually a financial institution filed a SAR on some of the transactions. Of note, the SAR described a series of cash deposits on consecutive days or on nearly consecutive days where the source of the funds could not be determined and the aggregate amount exceeded reporting requirements.
An IRS agent conducted a proactive review of SARs and opened an investigation. Within a few months, agents executed a search warrant and found approximately $300,000 in currency at the defendant’s residence. The currency was still in the original wrappers from the Bureau of Engraving and Printing. Agents also seized around $50,000 from bank accounts and approximately $100,000 in investment accounts. Investigators, through either seizures or asset recovery, accounted for nearly all the stolen money.
FinCEN serves as the financial intelligence unit (or FIU) of the United States. An FIU is the central agency within a jurisdiction responsible for collecting, analyzing, and disseminating financial information in furtherance of law enforcement investigations and prosecutions. By analyzing the suspicious transactions utilizing the fruits of originally undetected criminal activity, FinCEN was able to work backwards and obtain a conviction of the defendant for the underlying criminal activity. SARs and other reporting requirements were specifically implemented to deal with scenarios such as this one involving suspicious financial transactions, transfers of money, and originally undetected transnational criminal activity.
FinCEN Implements New Rule Requiring U.S. Banks to Seek Information from Foreign Banks on Iranian Financial Ties
On October 5, 2011 the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN) delivered to the Federal Register a final rule to implement section 104(e) of the Comprehensive Iran Sanctions, Accountability, and Divestment Act of 2010 (CISADA) to complement Treasury’s ongoing efforts to protect the international financial system from abuse by Iran. The rule becomes law upon its publication in the Federal Register.
The new rule will be published in 31 C.F.R. Section 1060.300 and is entitled “Reporting obligations on foreign bank relationships with Iranian-linked financial institutions designated under IEEPA and IRGC-linked persons designated under IEEPA.”
The goal of this new rule is to further separate the U.S. financial system from Iran by ensuring that no foreign banks with which U.S. institutions have corresponding accounts with have any ties to suspect Iranian financial institutions. The outcome of this rule will be to further isolate the Government of Iran, disrupt its ability to develop weapons of mass destruction or support terrorism, and encourage the broader international financial system to isolate Iran if it wants to benefit from doing business with the United States.
The rule accomplishes these goals by requiring a U.S. bank, upon a request from FinCEN, to inquire into whether any of the foreign banks with which it holds a correspondent account has dealings or accounts associated with the Government of Iran, blocked Iranian banks, or the Revolutionary Guards (IRGC). The rule also requires, upon request, inquiries into a foreign bank’s transfers of funds for or on behalf of, directly or indirectly, an Iranian-linked financial institution or IRGC associated entity designated under IEEPA within the preceding 90 calendar days.
The new rule also requires that the U.S. bank request from the foreign bank a notification if the foreign bank subsequently establishes an account for an Iranian-linked financial institution designated under IEEPA at any time within 365 calendar days from the date of the foreign bank’s initial response. A laundry list of requirements is listed in the new regulation dictating the specific disclosures a bank must report to Treasury with regards to financial dealings involving Iranian entities designated pursuant to IEEPA and any of the foreign banks with which the U.S. bank has a correspondent account. U.S. banks have 45 days after a request from FinCEN to file their initial report. A U.S. bank will also have 10 days to file a report to FinCEN if they are subsequently informed that a foreign bank they hold an account with opens an account with an Iranian-linked financial institution.
This line of inquiry will ultimately determine whether or not that foreign financial institution itself will be prohibited from maintaining or opening, in the United States, a correspondent account or payable-through account. As authorized by Congress in CISADA, if the Secretary of the Treasury determines that the foreign financial institution knowingly engages in certain specified activities, that foreign financial institution will not be allowed to maintain or open such accounts with U.S. financial institutions. Those specified activities include facilitating a significant transaction or transactions or providing significant financial services for a financial institution whose property or interests in property are blocked pursuant to IEEPA. This prohibition is specifically aimed at disrupting Iran’s proliferation of weapons of mass destruction or delivery systems for weapons of mass destruction, or in connection with Iran’s support for international terrorism, or for the IRGC or any of its agents or affiliates whose property or interests in property are blocked.
Failure of a U.S. bank to comply with FinCEN’s request for inquirt into the Iranian-linked affairs of a foreign financial institution will subject the U.S. bank to both civil and criminal penalties as enumerated in 31 U.S.C. Sections 5321(a) and 5322.
As was reported in our last blog post about Suspicious Activity Reports (SARs), such reports are critically important to the U.S. government’s efforts to detect complex criminal activity. FinCEN, the U.S. Department of the Treasury’s office responsible for analyzing such filings, has been more active than ever in detecting criminal activity. Since SARs are filed by a financial institution without the target’s knowledge they give the government a head start in their investigations. The information contained in the reports is analyzed by teams of government analysts who develop trends and establish findings that assists the government’s subsequent investigation.
One area of criminal activity SAR analysts focus on is foreign corruption. Analysts will search SARs for key terms such as “politically exposed person” or “PEP,” “foreign corruption,” and “senior foreign political figures.” In 2010 analysts documented 1,294 SARs related to the terms mentioned above. Most of the reports are filed by depository institutions like banks, but other institutions like securities dealers and money services businesses also filed “foreign corruption” related SARs. Most of the reports involved amounts or aggregate amounts between $100,000 and $50,000,000 and identified the activity as BSA/Structuring/Money Laundering.
One such SAR exposed a foreign corruption scheme to Federal officials. The government ultimately seized and forfeited criminal proceeds valued at more than $100 million from the findings of that initial SAR and its subsequent investigation. The investigation revealed that several subjects conducted a complex series of transactions, over a period of several years, using the proceeds of foreign corruption.
The investigation centered on the circumstances surrounding a foreign civil case in which the judge found for the plaintiff and ordered the defendant to pay the plaintiff (and heirs) the U.S. equivalent of half a billion dollars. Soon after the judgment in the civil case, law enforcement commenced an investigation into the possibility that the decision in the civil case was the result of a bribe, worth tens of millions of dollars, paid to the judge through a group of attorneys. This investigation led to the arrest of several individuals involved in the civil case, including the plaintiff’s heirs, the judge, and the attorneys. The judge and attorneys were convicted of bribery.
After the bribery scandal broke, a financial adviser (and co-conspirator) helped the plaintiff and his heirs set up corporate and trust structures to conceal and launder large portions of the public corruption proceeds. A significant portion of the corruption proceeds were then moved through these entities to or through bank and investment accounts located in the United States.
U.S. authorities became involved when members of the plaintiff’s family attempted to open accounts in the United States. Through the use of Bank Secrecy Act (BSA) data, especially SARs, and investigative information provided by foreign authorities, investigators identified approximately 2 dozen accounts in the United States that contained the proceeds of the fraud and bribery schemes.
All of the plaintiff’s family and heirs involved the scheme were arrested, pleaded guilty, and were sentenced to prison. The financial advisor was arrested and has yet to be tried.
In a case initiated from a Suspicious Activity Report review team, a Federal government accountant pleaded guilty to theft of public money and money laundering. The case began when an alert bank noticed several unusual transactions, including large cash payments to credit card accounts. Activity in one account at the bank, ostensibly a business account, appeared suspicious, because the only deposits were U. S. Treasury checks, most of the debits were for currency, and there was no apparent business activity.
A bank filed a SAR on the defendant indicating structuring and unusual transactions involving the subject’s business. The SAR narrative revealed cash payments made to two credit card accounts of approximately $8,000 each, but the balances on the cards were less than $200. The bank reported several check deposits into the business account, with almost all of the withdrawals consisting of currency. In addition, the bank found no signs of checks drawn on the business account for business expenses.
The bank also noted that some of the cash withdrawals appeared to occur at casinos. The defendant received cash advances at casinos and sent some of those payments back to credit card accounts. Casinos filed more than 80 Currency Transaction Reports on the defendant beginning around the time the defendant began his embezzlement. In addition, a casino filed a SAR on the defendant for cashing nearly $6,000 worth of checks in a month with no subsequent buy-ins or rated play.
The defendant confessed and was sentenced to more than 3 years in Federal prison without parole. The Court also ordered the defendant to pay approximately $600,000 in restitution.
SARs help the government identify potential and actual illegal activity such as money laundering, terrorist financing, and other financial fraud and abuse. These reports help the government detect and prevent flows of illicit funds and establish emerging threats through analysis of patterns and trends. The report, and the subsequent analyses associated with the report, helps the government target, arrest, and convict all sorts of criminals.
Many financial institutions are required by law to file SARs when someone conducts a transaction that seems suspicious. Financial institutions that are currently required to file SARs include depository institutions, money services businesses (MSBs), currency dealers, casinos, and securities and futures dealers. It has recently been proposed to include both insurance companies and mutual fund operators in the list of institutions required to file SARs.
SARs are to be filed no later 30 days after the date of initial detection of facts that may constitute a basis for the filing and no later than 60 days if no suspect was identified on the date of the incident requiring the filing.
SARs must be filed by the institution if that institution knows of or suspects violations of federal criminal laws or regulations committed or attempted against or through the institution and involves or aggregates at least $5000 (or $2000 for MSBs) in funds or other assets. Thus, the institution usually files SARs when it knows or suspects that the funds passing through its institution are (1) obtained from illegal activity, (2) intended or conducted to hide or disguise funds or assets derived from illegal activity, or (3) designed to evade any reporting requirements of the Bank Secrecy Act (BSA). Also, if the transaction is undertaken without any apparent reason or if the client does not normally undertake such transactions certain financial institutions will be required to file SARs.
People undertaking unusual transactions with financial institutions should know that U.S. law prohibits the institution from notifying any person involved in the transaction that the transaction has been reported. So the institution will likely process the transaction and then confidentially report the transaction to the Department of the Treasury via an SAR. The subject of the SAR will not know that his or her transaction has been reported until Federal, State, and local law enforcement have analyzed the facts and initiated an investigation into the individual.
Attorney General Eric Holder and Health and Human Services (HHS) Secretary Kathleen Sebelius announced that a nationwide takedown by Medicare Fraud Strike Force operations in eight cities has resulted in charges against 91 defendants, including doctors, nurses, and other medical professionals, for their alleged participation in Medicare fraud schemes involving approximately $295 million in false billing.
In recent years the government has ramped up enforcement to bring an end to Medicare fraud. The joint DOJ-HHS Fraud Strike Force is comprised of a multi-agency team of federal, state and local investigators. Accordingly, this massive takedown involved the work of approximately 400 law enforcement agents from the FBI, HHS-Office of Insepctor General, and other federal, state and local agencies. In addition to the 91 arrests, the Strike Force also executed 18 search warrants in connection with ongoing investigations. As if this massive takedown wasn’t already enough, the Strike Force arrested an additional 45 defendants the same day in Miami and in the past couple of months has charged 10 defendants in Baton Rouge, 6 defendants in Los Angeles, 18 defendants in Detroit, and 2 defendants in Houston.
This level of coordination is unmatched in other white collar/fraud related crimes. Thus, the government’s stubborn focus on preventing fraud should not be taken lightly by anyone in the healthcare industry. As Assistant Attorney General Breuer said at the press release, “as charged in these indictments, the defendants cover nearly the entire spectrum of healthcare providers, and perpetrated a variety of fraudulent schemes.” Since its inception in 2007, the Strike Force has operations in nine major cities across the nation and has charged more than 1,140 defendants who account for nearly $2.9 billion in false billings.
The best way to avoid being ensnared by a federal investigation is for healthcare providers to maintain aggressive Medicare fraud and abuse compliance programs. These internal corporate policies should, at the very least, be written and cover a wide range of corporate functions susceptible to fraud and abuse. Other critical elements to a successful compliance program include the designation of a compliance officer, conducting effective training and education, developing effective lines of communication, establishing internal enforcement procedures, auditing and monitoring, and maintaining a whistleblower/non-retaliation policy. Preventing all violations may be impossible, but that shouldn’t stop healthcare providers from establishing and faithfully administering an anti-fraud compliance program. With such a program in place, the government will tend to look the other way when technical violations of the law occur. This is a much better, and cheaper, outcome than being charged in a federal indictment.
Since Medicare is a federally funded program most defendants are charged with federal crimes and required to make appearances before a U.S. District Court judge. Indictments in these cases usually include “white collar” charges such as health care fraud, conspiracy to commit health care fraud, receipt of health care kickbacks, and money laundering. In addition, practically all of the defendants are subject to criminal forfeiture proceedings and required to pay restitution if convicted. These charges are very complex, time consuming, and expensive to defend against. Therefore for both compliance and defense purposes, healthcare providers should employ the services of an attorney that has an intimate understanding of the intersection between federal regulatory compliance and federal criminal defense.