Category Archives: Business

Игроки всегда ценят удобный и стабильный доступ к играм. Для этого идеально подходит зеркало Вавады, которое позволяет обходить любые ограничения, обеспечивая доступ ко всем бонусам и слотам.

Prosecutors Reveal ‘Securities Fraud on Cyber Steroids’

Posted on by

The investigation into a huge cyberattack on JP Morgan Chase last year has exposed one of the largest computer hacking and fraud schemes to date.

online pharmacy periactin with best prices today in the USA

According to U.S. prosecutors, Gery Shalon, Joshua Samuel Aaron and Ziv Orenstein, all from Israel, hacked a total of 12 companies to expose the personal information of more than 100 million people, netting hundreds of millions of dollars in profit. The men face 23 criminal counts, including wire fraud, computer hacking, illegal internet gambling and money laundering, with alleged crimes targeting 12 companies, including nine financial services companies and media outlets including the Wall Street Journal. Investigators say their massive criminal empire used 75 shell companies that employed hundreds of people, and hacked seven major banks, ran an online casino, laundered money around the world and set up an illegal Bitcoin trading operation.

online pharmacy zestril with best prices today in the USA

“It is hacking in support of a diversified criminal conglomerate,” said Preet Bharara, U.S. attorney for the Southern District of New York. “In short, it is hacking as a business model.”

In addition to the hack of JP Morgan, which U.S. Attorney General Loretta Lynch called “the largest theft of customer data from a U.S. financial institution” and exposed the personal information of 83 million customers, the criminals also attacked E*Trade Financial Corp., TD Ameritrade, Scottrade Inc., Fidelity Investments and News Corp’s Dow Jones, which publishes the Wall Street Journal. The breaches date as far back as 2007.

“By any measure, the data breaches at these firms were breathtaking in scope and in size,” Bharara said. “This showcases a brave new world of hacking for profit.”

Breaking into these financial institutions gave the attackers information to target specific people, and gave them extra insight into the stock market. According to the indictment, they used the customer data to contact individuals and push them to buy stocks in order to manipulate their prices. In addition to the pump-and-dump scheme, sometimes the defendants reportedly engineered mergers with shell companies to create publicly traded stocks that could be manipulated.

online pharmacy symbicort with best prices today in the USA

Bharara called the scheme “securities fraud on cyber steroids.”

Beginning in 2012, in addition to disguising payments and constantly obtaining new bank accounts, the men further tried to evade detection by hacking into a company that assessed merchant risk for credit-card issuers. The breach allowed the defendants to read employees’ emails and figure out how to sidestep the company’s efforts to monitor illegal payments, according to the indictment.

The defendants are also accused of operating at least 12 illegal internet casinos, even launching cyberattacks against rival gambling businesses to review executives’ email and gain a competitive edge. Shalon hacked competitors’ customer databases and directed denial of service attacks to shut down their businesses.

Several compliance officers may soon feel the heat as well: the investigation found that, in operating the online casinos and illegal pharmaceutical payment processing enterprises, the co-conspirators deceived financial institutions into processing and authorizing payments between the casino companies and others. “They colluded with corrupt international bank officials who willfully ignored its criminal nature in order to profit from, as a co-conspirator described it to Shalon, their payment processing ‘casino/software/pharmaceutical cocktail’,” the indictment charges.

According to prosecutors, the case illustrates the growing power of criminals and their tools, and makes such crimes particularly difficult to solve. But it may also highlight one key resource to do so: self-reporting to law enforcement. Officials credited JP Morgan’s early cooperation for helping to uncover the network of criminal activity. The firm came forward early on to share information with the government, a move many forensic investigators encourage.
buy prednisone online https://galenapharm.com/pharmacy/prednisone.html no prescription

This case provides one of the clearest examples of why: hackers frequently use the same schemes to target a swath of companies in a given industry. While many companies worry about the reputational and regulatory risks of disclosing a breach to law enforcement, as hackers grow more sophisticated in their techniques and complex in their operations, it may prove an ever more critical step in the breach response and investigation process.

“Shalon, Aaron, and their co-conspirators allegedly robbed victim companies, often for months at a time, stealing the contact information of tens of millions of customers,” said FBI Assistant Director-in-Charge Diego Rodriguez. “They cloaked themselves in secrecy, but their methods rivaled those of the traditional masked robber. Today’s indictment sheds light on an increasingly complex threat. But just as criminals continue to develop relationships with one another in order to advance their objectives, the law enforcement community has developed a collaborative approach to fighting these types of crimes.”

Emerging Market Risk: Leaders, Laggards and Rules for Avoiding Loss

Posted on by

world map

When the developed world’s economies ground to a halt during the Great Recession of 2009, large, Western-based multinational companies turned their growth-hungry eyes toward developing markets. The slow recovery that followed the recession in the U.S. and Europe did little to change this trend. In fact, according to the United Nations Conference on Trade and Development (UNCTAD), foreign direct investment in emerging markets reached a new high in 2013 of $759 billion (the most recent year for which data is available). This represented more than half the world’s estimated $1.46 trillion total outward investment flows for that year. Given this intense interest in doing business in emerging markets, FTI Consulting, a global professional services firm, conducted a survey in November and December 2014 on the character of the risks businesses face in these markets and how they attempt to mitigate them.

FTI surveyed 150 companies with revenues of more than $1 billion and business interests in developing economies, as well as interviews with 32 executives focused on compliance and risk management from those companies. Our results indicated an enormous difference between leaders (defined as companies whose self-reported losses as a percentage of revenues was in the lowest quartile, averaging 0.2%) and laggards (those in the highest quartile, with a loss rate averaging 2.2% of revenues), not only in the ways they managed overseas risk, but how they thought about it.

Quantifying Risk: The Numbers

According to our survey, 83% of multinational companies have suffered significant losses in emerging markets since 2010, with an average cost per company over that time of $1.38 billion, and the average loss per year $260 million, or 0.7% of revenues.

In virtually all loss-making incidents (99%), our respondents reported that the issue was either a matter of a regulatory violation, bribery or fraud, or reputational damage. In incidents with the highest losses, two or three of these types of risk converged: 60% of reported incidents involved more than one type, 35% involved two, and 25% were perfect storms that involved all three.

Regulatory issues are the most frequent cause of loss (either due to the difficulty of keeping up with ever-changing regulations or lax or inattentive corporate compliance policies), but legal and criminal issues (engaging in fraud or paying bribes) lead to the most expensive incidents. The most frequently cited consequences of getting caught were noted as reputational harm (67%), loss of revenues (56%), and prosecution (44%). In all cases, reputational issues invariably make matters worse.

These are serious issues, and some companies respond with equal seriousness. Some do not.

Leaders vs. Laggards: The Three Greatest Ways They Differ

According to our survey, there are enormous differences in the ways companies that have suffered the lowest rate of loss in emerging economies and companies that have experienced the highest approach risk mitigation in the three major categories. (See Figure 2.) From these differences, we have derived three rules that leaders follow to best mitigate overseas risk.

Rule 1: Walk Away From Countries Where Compliance is Impossible

Our leading companies believe it is more important to avoid doing business in jurisdictions where compliance may not be possible than do laggards by a ratio of more than 5:1. In other words, our leaders are willing to walk away, even when environments are hyped and offer the potential for quick profits. Globalized companies often overestimate their ability to estimate and analyze overseas risk accurately.

For instance, it is extraordinarily difficult to stay compliant with Brazil’s tax laws. According to Renato Niemeyer, Chief of Tax Legislation in Roraima State, each of Brazil’s 27 states has its own tax regulations “and the rules change all the time.” Neimeyer said this has led some companies to postpone paying taxes as the penalties for late payment are relatively low. However, when a company does pay the penalties, “corrupt officials will solicit the organization for bribes in order to lessen the penalties,” Neimeyer said. This, of course, is the proverbial slippery slope that can lead to both bribery and fraud prosecution and concomitant reputational damage – the perfect storm.

Latin America is also growing increasingly green in its politics, and environmental regulations are becoming problematic, especially in the energy, mining and construction sectors. Chevron vs. Ecuador, the nasty, ongoing, eight-year trial over liability concerning alleged environment damage, is an example of how damaging running afoul of environmental regulations can be.

When successful companies do attempt to do business in countries where it is difficult to comply with regulations, they invest time and energy into helping host countries develop more rational regulatory frameworks. Our leaders consider this kind engagement more important than do laggards by a ratio of almost 3:1.

Rule 2:  Keep to the Straight and Narrow

In most developed markets, it is understood that paying bribes to win or facilitate business is bad business and, if there were any doubt, the U.S. Foreign Corrupt Practices Act (FCPA) and U.

buy bactroban online shadidanin.com/wp-content/uploads/2023/10/jpg/bactroban.html no prescription pharmacy

K. Bribery Act remove them. But in many developing economies bribery is just how business gets done. In China, facilitation payments are customary to keep projects on target. The long-established Chinese custom of giving gifts to customers violates both the FCPA and U.K. Bribery Act. For our leading companies, the first rule for avoiding getting caught in the coils of bribery and corruption is to “conduct continuous dialogue with local staff on compliance issues.” Leaders rate that more important than do laggards by a ratio of nearly 7:1.

It is very difficult for local managers to resist making a facilitation payment when that’s the only way to get a pallet off a loading dock, or a critical part to a factory. That’s why companies that avoid getting in trouble make significant investments in internal communication and compliance training. They also go the extra mile when conducting due diligence on potential local partners and suppliers that may not have the same commitment to hewing to the straight and narrow as do their own organizations.

buy norvasc online shadidanin.com/wp-content/uploads/2023/10/jpg/norvasc.html no prescription pharmacy

Companies sometimes forget that the contractors their local managers hire, and the subcontractors the contractors hire, also need to be vetted and watched. Ted Unton, a former director of global financial compliance at Bemis Company, a U.S. global manufacturer, said his company has hired private investigators to look into partner companies and even partner executives.

Rule 3: Walking the Compliance Talk

Our respondents said that reputational damage – of the sort famously experienced by Walmart (accused of bribery in Mexico) and McDonald’s (accused of using tainted meat in China) – most often leads to loss of revenues, followed by exclusion from markets and even expropriation of assets. In our research, we found the greatest difference between how leaders and laggards approach mitigating reputational risk was how the regarded maintaining a good reputation over the long term. Leaders rate it more important than do laggards by an impressive ratio of 10:1.

This variance is mind-boggling when one considers that those companies that do not rate the importance of maintaining a good reputation highly have, by definition, suffered far greater losses than those that do.

Maintaining that good reputation is difficult as local populations are prone to regard multinational corporations as bad actors, and rich exploiters of resources and people – a belief often reinforced all-too willingly by the local press. It requires action and investment. One former president of an energy company operating in Bangladesh (who requested anonymity) told us his company, which had purchased land for a 40-mile pipeline, set up offices to help displaced farmers find jobs.

By demonstrating its concern for the community and by conveying that the company was involved for the long-term, planned protests were averted. (Indeed, many of the farmers were hired by the company and their living standards improved.) According to the former president, the company became seen as a benefactor, not a despoiler, and he believes that reputation will improve the company’s future business prospects.

Notably, laggards believe that running “preemptive publicity campaigns to counteract negative reactions” is a fine strategy. Leaders do not. That spread is one of the largest differences we’ve found.

Do It Right or Don’t Do It at All

As we’ve seen, multinational companies have suffered significant and severe losses in emerging markets. And the difference in the loss-rate as a percentage of revenue – 2.2% for the laggards; 0.2% for the leaders – is certainly wide. Developing risk management competence in the three major categories of risk defined by our survey not only helps to stem these losses, but builds a strong foundation for future profits.

It is bad to be a laggard. What’s more, it is unnecessary.

Two-Thirds of Latin American Companies Have a Risk Management Policy

Posted on by

Latin AmericaA majority of firms in Latin America (66%) have developed a risk management policy and, of those, 70% make sure that the policy is known throughout the organization.

online pharmacy proscar with best prices today in the USA

From these numbers, it is clear that risk management and enterprise risk management practices have made significant progress in Latin America, according to a joint survey by Marsh Risk Consulting and RIMS of businesses from 15 countries in the region.

But while risk management programs are in place at a majority of organizations in Latin America, much more can be done. Only 42% of respondents reported that their organization’s boards are involved with risk management.

online pharmacy actos with best prices today in the USA

What’s more, just 21% of respondents said their risk management programs are integrated with strategic planning.

“The report demonstrates that Latin American companies increasingly understanding the competitive advantage and added value risk management brings to their organizations,” said Rodrigo Fajardo, Marsh Risk Consulting Leader for Latin America. “While the trend is encouraging, we must continue to educate Latin American business leaders about the benefits of an integrated and strategic risk management approach by demonstrating its ability to positively impact finances, sustainability and governance.”

The study was released as part of RIMS’ first Risk Forum Latin America, taking place Nov. 9 and 10 in Lima, Peru.

“Latin America’s growing economy offers many opportunities but, before engaging in commerce in the region, it is critical for risk professionals to be able to identify and assess all uncertainties,” said RIMS President Rick Roberts. “The report and RIMS’ forum are aimed at providing practitioners with a better understanding of the region’s risk management landscape and most pressing challenges to make informed recommendations for their organizations.

online pharmacy reglan with best prices today in the USA

New Approaches Needed for Effective Data Risk Management

Posted on by

virus

Over time, the role of corporate legal departments has expanded to address the increasing risks in corporations—from increasing involvement in implementing corporate policies to leading employee training on procedures for managing electronic communications, social media, and bring your own device (BYOD) policies. This shift, however, is not enough to meet the challenges posed by an increasing range of risks proliferating within global organizations. Legal and compliance groups must also take the lead in finding new ways to leverage the power inherent in their data and address the challenges posed by massive data stores, information and network security challenges, as well as regulatory compliance requirements.

Failings of Traditional Strategies

In the past, organizations used straightforward, people-intensive methods to search for and remediate risk. For example, organizations instituted policies training, hoping that it would be sufficient to corral employee use of electronic communications, BYOD, and social media. Some may have formed working groups or intradepartmental committees designed to consider the implications of data privacy or information security for their businesses. Others rely on basic technology, such as keyword searches, that trigger electronic alerts when they find a hit in a document.

While these tools are still important to demonstrate compliance, they are insufficient alone to monitor for risk.

buy estrace online www.biop.cz/slimbox/css/gif/estrace.html no prescription pharmacy

Older technology falls short when it comes to handling unstructured data, such as e-mail. For example, discerning employees will be too cautious to use triggering keywords such as “donations” or “bribes” when referring to illicit activity. Keywords are also notoriously inaccurate: if over-inclusive, they may yield a stockpile of irrelevant information, while under-inclusive keywords could omit critical documents from discovery.

Trends Drive New Risk Management Approaches

Three recent trends—escalations in data volumes, increasing threats to data privacy and security, and heightened regulatory scrutiny—highlight the need for more intensive means to investigate risk in organizations.

1-Burgeoning Data Stores

With today’s hyperfocus on information, risk follows data. The more data sources organizations have, and the more locations for storage of data, the greater the legal exposure.

Email is perhaps the most insidious source of risk, as hackers may look to exploit unwitting employees who may open spoofed e-mails containing malware or viruses designed to attack the corporate network. Along with e-mail, employees also have more ways than ever to share confidential corporate data such as trade secrets with outsiders. Newer forms of unstructured data, such as social media and instant messaging, allow people to disperse troubling information even more rapidly than before.

As more organizations look for low-cost storage for their data reserves, they have turned to the cloud—yet another source of potential risk to data privacy. Cloud providers may be susceptible to the same hacker schemes as employees. Moreover, depending on the terms of their service-level agreements, they could employ lax security protocols, lack disaster-recovery plans, share data with other clients, or transfer data to third parties, all without notifying the data owner. Furthermore, depending on the location of the cloud storage, it may trigger the application of international laws that protect data privacy and prevent the processing or transfer of a corporation’s data.

2-Data Privacy and Security

Traditional approaches to risk management are poorly equipped to meet the demands imposed by today’s data privacy and security regulations, particularly when it comes to the need to protect personally identifiable information, protected health information, nonpublic information, trade secrets, and privileged data.

This is especially true for global organizations, which are likely to have information cross international borders and trigger other nations’ data privacy schemes. Many nations have adopted restrictive schemes designed to protect their citizens’ personal information, such as the European Union’s Data Protection Directive, which controls when and how organizations can collect, process, store, alter, retrieve, and transmit this personal data. Many nations in the Asia-Pacific region have also created data privacy regimes, including China, which has blocking statutes that forbid the cross-border transfer of documents that contain “state secrets” as well as confidential commercial information.

Domestically, organizations must worry about laws such as the Health Information Technology for Economic and Clinical Health (HITECH) Act, which extends the Health Insurance Portability and Accountability Act (HIPAA) to a covered entity’s third-party business associates. Under HIPAA’s Security Rule, organizations and their business associates must take reasonable measures to safeguard protected health information.

buy tamiflu online www.biop.cz/slimbox/css/gif/tamiflu.html no prescription pharmacy

Organizations must vigilantly monitor their data to ensure there are no gaps in security that would violate these rules.

3-Regulatory Enforcement

The nation’s regulatory framework is becoming more complex almost by the day. Regulations that supplement laws such as the Foreign Corrupt Practices Act (FCPA) and the International Traffic in Arms Regulations (ITAR) have generated new areas of vulnerability, particularly when it comes to third-party relationships.

For example, the current administration has taken the position that no FCPA infraction is too small to prosecute. Organizations that fail to take proactive measures to search for, disclose, and remediate misconduct are likely to face substantial penalties if a regulatory agency discovers misconduct. Traditional tools, such as internal audits, are not up to the task of detecting the malfeasance of internal fraudsters, who may mask their corrupt behavior with code words or other innuendo that make it difficult to discover using keywords. Unless more advanced tools are used, an organization’s best defense against fraud might be reliance on tipsters.

A similar approach is required to ensure compliance with ITAR. This law imposes stiff penalties, including millions in fines, against U.S. organizations that export “defense articles” without government authorization. “Articles” is defined so broadly that it covers technical, defense-related data in documents, blueprints, drawings, photographs, plans, or instructions. The Directorate of Defense Trade Controls, the U.S. agency that enforces ITAR, is likely to take a more lenient approach with companies that have implemented a rigorous compliance program and that voluntarily disclose and remediate any failures.

Data-Driven Tools

Risk professionals now have a number of advanced analytics tools at their disposal to counteract the additional risks that lurk in emerging forms of data. Linguistic analysis techniques can identify instances where employees use seemingly innocuous words or phrases to engage in subterfuge. Concept clustering is a tool that isolates subtle patterns within documents that seem dissimilar to the untrained—or undigitized—eye. These conceptual search tools can identify patterns in documents, based on keywords or chunks of text, and flag the documents that refer to items that might fall within ITAR’s purview. Data visualization tools can analyze relationships and look for troubling connections that might violate the FCPA, such as links between employees, vendors, and foreign officials. In addition, anomaly detection tools can scan records for irregularities, such as unusual recurring payments.

Counsel, risk and compliance professionals can also apply tools such as technology-assisted review (TAR) to prioritize documents for review based on the likelihood that they contain material of concern. Using TAR, experienced legal counsel code a seed set of documents for relevancy to the issue at hand. Once done, they feed these documents into a computer that is programmed to uncover the logical reasoning behind the lawyers’ coding decisions. Sophisticated algorithms then apply that logic across an entire document population.

buy cytotec online www.biop.cz/slimbox/css/gif/cytotec.html no prescription pharmacy

The process is iterative, so that ultimately the computer’s logic closely mirrors the lawyers’ coding decisions. Organizations can use TAR to limit the population of documents for review, thus expediting the data mining process.