Category Archives: Crime

Для тех, кто интересуется безопасным доступом к онлайн-играм, наш партнер предлагает зеркало Вавады, которое позволяет обходить любые блокировки и сохранять доступ ко всем функциям казино.

Oil and Politics: Brazil’s Petrobras Scandal

Posted on by

PetrobasLast month, we focused on Mexico and specifically the state-owned oil company Pemex as a risk for companies selling or investing into Latin America. We saw that Pemex represents a drag on Mexican fiscal accounts and is imposing losses on suppliers and investors. This month, we turn our gaze to Brazil: it is similar to Mexico in that it has a dominant, politically charged state-owned oil company, but different because the scale of the crisis is much more severe, as are the risks to suppliers and investors.

Brazil is undergoing a major economic and political crisis, and its state-owned oil company, Petróleo Brasileiro S.A. (Petrobras), is right at the center of the trouble. Petrobras shares some of the same challenges as Pemex: It started as an entirely state-owned firm, was used as an instrument of government policy from inception and took on enormous quantities of debt in recent times, exemplified by its $11 billion debt issue in 2013—the largest on record for emerging markets.

Brazil, however, recognizing earlier than Mexico the necessity of foreign investment for a viable oil industry, opened up the sector in 1997 and eventually reduced the government shareholding to 64% (direct plus indirect). Petrobras expanded into deepwater areas in Angola and the Gulf of Mexico and became one of the few national oil companies able to equally compete with companies such as Royal Dutch Shell and Total.

In 2014, information about the extent of corruption between Petrobras board members, various politicians and business executives not only came to light, but also sparked official investigations and arrests. President Dilma Rouseff has been temporarily removed from office pending a trial by the Senate. The official charge against her is manipulating the federal budget by directing state banks to support spending programs. She was the chair of Petrobras when the corruption allegedly occurred, however, and she and her party (Partido dos Trabalhadores or PT) are perceived by many as at least partly responsible for the scandal.

It is likely that Rouseff will be permanently removed from office within six months, but the uncertainty does not end there: As of this writing, two cabinet ministers have been removed from office, and six more are under investigation. Dozens of politicians and executives have been convicted in connection with the scandal, and prosecutors have recovered $795 million in stolen money. The economy of Brazil shrank 3.8% in 2015 and is projected to shrink another 3.5% in 2016. Moody’s downgraded Petrobras to Ba2 in December 2015, and S&P cut the sovereign rating to BB with a negative outlook in February. With the Zika virus now causing a global health emergency and the Olympics beginning in August, one wonders how many more stresses Brazil can take before serious political unrest breaks out.

Like with Pemex, the Petrobras crisis is increasing risks to suppliers already: There are trade credit insurance claims stemming from suppliers to Petrobras, and the wider Brazilian economic downturn (combined with the commodity price trough) is giving rise to other credit losses. But the Brazilian crisis goes well beyond trade credit risk. Brazil is a $2.2 trillion economy and one of the largest bond issuers in the emerging markets. As a result, this crisis has global implications: Eurasia Group has Brazil as one of its top 10 global risks for 2016.

Mexico and Brazil are not the only countries dependent on state-owned oil (or other natural resource) companies that are facing major challenges: Venezuela, Ecuador, Nigeria, Angola, Russia—the list goes on and on. In Brazil, however, there are some mitigating circumstances that reveal a silver lining. First, 85% of Brazil’s sovereign debt is held domestically, meaning it is less affected by currency depreciation and is easier to reschedule. Provided Brazil takes on some painful fiscal reforms, the country can dig itself out of the economic crisis. Secondly, so far, officials have been able to investigate and prosecute some of the parties responsible, despite the defendants being some of the more powerful people in Brazil.

There is hope that Brazil’s institutions will emerge all the stronger for being able to correct wrongdoing, which may set the stage for a more just Brazil and a better investment and credit risk environment in the long run. In the meantime, we are likely to see severe market and political volatility. It is a good idea to closely monitor your exposure in Brazil and in other countries dependent on highly indebted state-owned natural resource companies.

Companies Failing to Use Technology to Fight Fraud

Posted on by

While an increasing number of malicious actors are using technology to perpetrate fraud, the vast majority of companies are not using the technological resources available to fight it.

online pharmacy flexeril with best prices today in the USA

According to KPMG’s new report Global Profiles of the Fraudster, technology significantly enabled 29% of the 110 fraudsters analyzed in North America and 24% of the 750 fraudsters analyzed worldwide. What’s more, 25% of frauds that hinged on the use of technology were detected by accident rather than safeguards or analytics, compared to just 10% spotted by accident in cases where the criminals did not use technology.

Indeed, proactive data analytics was not the primary means of detection in any North American cases and was only used to detect 3% of fraudsters worldwide.

online pharmacy tamiflu with best prices today in the USA

In North America, the most common means of detecting fraud were: tip offs and complaints, management review, accidentally, suspicious superiors and internal audit.

KPMG found that weak internal controls contributed to 59% of frauds in North America.

online pharmacy xifaxan with best prices today in the USA

buy symbicort online https://galenapharm.com/pharmacy/symbicort.html no prescription

Companies are failing to focus on strengthening controls, the firm reported, despite the increasing threat of newer types of frauds, such as cyber fraud and continued traditional forms of wrongdoing.

“In addition to ensuring internal controls are thoughtfully designed, companies should deploy effective training and instill a culture of integrity so that controls are properly executed,” said Phillip Ostwalt, partner and Global Investigations Network Leader at KPMG LLP. “Companies should also adopt new controls as their risk profiles change. Ongoing risk assessments can help cost-constrained companies ensure they are properly investing in such controls.”

Who are these fraudsters?

  • 65% are between ages 36 and 55
  • 39% are employed by the victim organization for over six years, most in operations, finance or office of the chief executive
  • 42% operate in groups and 52% of collusive frauds involved external parties

Check out the infographic below for more of the study’s findings:

Profiles of the Fraudster InfographicFraudster Infographic Women

Beware of Coverage Gaps for Social Engineering Losses

Posted on by

Social engineering is the latest cyberrisk giving companies fits and large financial losses. A social engineering loss is accomplished by tricking an employee of a company into transferring funds to a fraudster. The fraudster sends an email impersonating a vendor, client, or supervisor of the company and advises that banking information for the vendor/client has changed or company funds immediately need to be wired at the “supervisor’s” direction.

buy prelone online blackmenheal.org/wp-content/uploads/2023/10/jpg/prelone.html no prescription pharmacy

The email looks authentic because it has the right logos and company information and only careful study of the email will reveal that the funds are being sent to the fraudster’s account. Unsuspecting and trusting employees unwittingly have cost their companies millions of dollars in connection with social engineering claims.

But when companies look to their traditional insurance program, they are usually met with the unhappy surprise that they do not have coverage for such a loss.

buy ventolin online blackmenheal.org/wp-content/uploads/2023/10/jpg/ventolin.html no prescription pharmacy

Most assume that the loss will be covered by the crime/fidelity policy that nearly all companies have. Insurers, however, have denied coverage for social engineering claims under those policies, claiming that the loss did not result from “direct” fraud. Insurers contend that the crime policy applies only if a hacker penetrates the company’s computer system and illegally takes money out of company coffers. In the case of a social engineering claim, company funds have been released with the knowledge and “consent” of an employee, albeit the employee has been induced by fraud to release the funds. Policyholders and insurers are currently litigating the scope of coverage under traditional crime policies nationally with mixed results.

Some crime policies also contain exclusions that may pose specific barriers to social engineering claims. For example, many traditional crime policies contain a “voluntary parting” exclusion that bars coverage for losses that arise out of anyone acting with authority who voluntarily gives up title to, or possession of, company property. In addition, some insurers have put overly broad exclusions on crime policies that are directed toward eliminating coverage for many cyber risks, including social engineering claims.

Given the prevalence of social engineering claims and the clear market for companies looking to insure against such risks, some insurers have begun to offer an endorsement that provides coverage for social engineering claims.
buy flagyl online https://galenapharm.com/pharmacy/flagyl.html no prescription

The coverage may be subject to a sublimit and may include coverage for some, but not all, social engineering risks. The coverage also might be subject to additional exclusions.

buy robaxin online blackmenheal.org/wp-content/uploads/2023/10/jpg/robaxin.html no prescription pharmacy

Like all insurance policies, the precise words of the endorsement matter and, therefore, should be carefully reviewed.

Finally, and most important of all, social engineering coverage will not automatically be added to a company’s policy and not all insurers will provide such coverage. Therefore, companies should review their current insurance program with their insurance professionals and experienced coverage counsel to determine whether they have appropriate coverage that is in line with the market for social engineering claims.

Check out “6 Tips to Minimize the Risks of Social Engineering Fraud” from Risk Management.

How Phishing Emails Can Threaten Your Company

Posted on by

Impostor emails, dubbed “business email compromise” by the FBI, are increasing and targeting companies of every size, in every part of the world. Unfortunately, victims often do not realize they have been had until it’s too late. There are no security tool alarms and there is no ransom note. But because systems appear to be running as normal, everything seems like business as usual. And that is the point, according to Proofpoint’s study, “The Imposter in the Machine.”
PP1

From New Zealand to Belgium, companies from every industry have suffered losses, the study found. Here is a small sampling of recent impostor attacks during the last year:

  • A Hong Kong subsidiary at Ubiquiti Networks Inc. discovered that it had made more than $45 million in payments over an extended period to attackers using impostor emails to pose as a supplier.
  • Crelan, a Belgian bank recently lost more than $70 million due to impostor emails, discovering the fraud only after the company conducted an internal audit.
  • In New Zealand, a higher education provider, TWoA, lost more than $100,000 when their CFO fell victim to an impostor email, believing the payment request came from the organization’s president.
  • Luminant Corp., an electric utility company in Dallas, Texas sent a little over $98,000 in response to an email request that they thought was coming from a company executive. Later it was learned that attackers sent an impostor email from a domain name with just two letters transposed.

PP2

Most often, company executives are targeted, with two common angles. In one case, the always-traveling executive is studied by attackers, who use every resource available to understand the target’s schedule, familiar language, peers and direct reports. Because the executive is frequently on the road, direct reports who routinely process payments can easily be victimized.

Another ploy involves suppliers and how they invoice.

online pharmacy vibramycin with best prices today in the USA

For example, the supplier’s language, forms and procedures are used to change bank account information for an upcoming payment. If the attackers are successful, a company may find that they have been making payments to them for months without knowing it.

online pharmacy augmentin with best prices today in the USA

PP3

For more about the risks of phishing, check out “The Devil in the Details” and “6 Tips to Reduce the Risk of Social Engineering Fraud” from Risk Management.