Certified Technology Banking Fraud Expert

Mayur Joshi
-
0
Certified Technology Banking Fraud Expert

Certified Technology Banking Fraud Expert (CTFE) is the part of Banking frauds certifications customised by Fraudexprss. Typically, CTFE  is a banker, ITES or banking professional or a banking or IT consultant who has undergone training to become an expert in the technology banking frauds domain, forensic auditing related to technology banking sector, litigation support and investigative accounting.

This program is one of the foremost certification focusing on the technology frauds in the banking and financial institutions domain.

This program is updated with the latest techniques of laundering with the digital currencies.This course contains the chapters designed on the basis of the research carried out by Indiaforensic captioned as Cyber Laundering – Digital Currency Way. This report is available for download for the members.

Certified Technology Banking Fraud Expert

(CTFE) is a designation awarded by Indiaforensic Center of Studies and marketed by Fraudexpress. This is a useful certification for the professionals looking to understand the technology frauds in the banking sector such as the ATM frauds, Credit card frauds and other remittance frauds. Apart from these traditional tools, the course speaks about the new age technology tools like Digital Currencies.

Syllabus for this program is

  • Classification of ATM Schemes
  • Categories of ATM fraud
  • $45 Million – ATM heist
  • How to prevent the ATM Frauds
  • Credit Card Frauds
  • Classification of Credit card Scheme
  • Application frauds
  • Transaction frauds
  • Prevention of the card not present frauds
  • Laundering with Digital Currencies

To register for this course click here

For more information on this certification program please contact us on +91-9766594401 or write to us on education@162.240.144.27

Case of spear phishing in India

CA Mayur Joshi
-
0
Case of spear phishing in India

Fraudsters are evolving with the technology. Couple of years ago, Phishing was replaced by Vishing and now SpearPhishing is the new baby on the blocks. Spear Phishing in India is not very common. Phishing was a generic attack without having any information about the victims, Vishing was voice based phishing but the frauds are now getting personal. SpearPhishing attack is committed with a specific person in mind.

Spear phishing in India

Certified Forensic Accounting Professionals are emerging as a powerful community, across the world. One such CFAP was engaged by a pharmaceutical company with a request to conduct a routine assessment of its system security. During his analysis, he discovered that some of the client’s PCs were infected by certain malware. This malware was transferring research data to a location which was based out of Indore. Head office of one of the competitor’s of the pharmaceutical company was based in Indore too.

Business faced a cyber attack,  when a junior research scientist unwittingly helped infect the PC of a senior scientist. In India, generally the corporate networks are affected by the employees who, though unintentionally, use a company owned computer to visit porn sites. In this case, however, the junior scientist was not even watching any objectionable content but was simply trying to do his job.

The trouble began when he received an email from an apparently known, legitimate source. Attached to the actually phony message was a malicious PDF attachment purporting to be the document of the kind the junior scientist and his supervisor were working to complete a very important research project. Because neither its apparent source nor content appeared suspicious, the junior scientist opened the attachment. When its contents turned out to be unfamiliar, he sought guidance by forwarding the message to the senior scientist who also opened the attachment.

The attachment apparently came from some vendor who was part of the research work too. Junior scientist had no way of knowing that his email account was compromised. When the attachment was opened, it executed malware that infected their PCs and spread to sensitive system modules that the senior scientist had access to. Once the hackers were able to scan through the entire system they could simply take out the information they wanted to access. Some very important research  and the business plans. To get the valuable information competitor never entered the premises of the victim pharmaceutical company. The total damage was calculated at Rs. 7.6 crores. In various countries the Certified Forensic Accounting Professionals are called in to assess the damages caused to the companieI because of the frauds.

This was an attack that involved advance planning and research that had nothing to do with technology. These hackers were skilled spearphishers, whose precisely aimed attack sought a particular type of information accessible only to certain senior staff members of this pharmaceutical company.

The hackers were anxious to not draw attention of their attempt, so they sent only one message to one carefully selected user — the junior Scientist. How did they know to whom to send it? These fraudsters used a very simple technique. When the competitor company hosted a conference related to the subject, an email was sent to the senior scientist. It was an invite to be a speaker. The mail reached him when senior scientist was on vacation and his email sent an auto-responder email. This email also requested to contact the junior scientist in case of emergency. Every fraudster is not however, as lucky as this. In most of the cases of spear phishing they have to do extensive research and reconnaissance — much of it offline — on who worked with whom in the target firms and each employee’s nature of work.

Sometimes, hackers explore the firm’s email address-naming convention. So, when the technological part of their scheme — a virus – gets ready , the hackers know to whom to send it.

Certified Forensic Accounting Professionals are investigating some of the most challenging assignments of investigation of the frauds and aspirants can get into the right network of professionals by obtaining the most valuable certification in India.

Syllabus – Certified Bank Forensic Accounting

Indiaforensic Media
-
0

Syllabus for CBFA

Certification in Bank Forensic Accounting emphasize a forensic rather than a control-based or risk management approach to the analysis of bank governance and the possibility of fraud.
Participants will be given a broad-based introduction to the nature and purpose of forensic accounting. The scope and content of all subjects extend well beyond ‘narrow’ focus of fraud prevention and provide an opportunity to study and acquire skills in investigative techniques and the collection of data as well as the skills necessary to not only identify poor management but also unethical and fraudulent activities.

Whole syllabus of Certification in Bank forensic is divided in ten topics. This is probably the first certification in the banking frauds in India and covers following chapters primarily.

  •     Frauds in Advances or the traditional frauds in India
  •     Technology related frauds in India
  •     Money Laundering techniques
  •     Frauds related Negotiable instruments
  •     Causes of Bank failures
  •     Legal provisions that deal with the bank frauds in India
  •     Prevention of the bank frauds – ten branch approach
  •     Tools to investigate the frauds
  •     Drafting the fraud policies
  •     Case studies on the bank frauds

The above syllabus is updated frequently based on the new trends and developments in banking industry and the banking frauds. This curriculum is dynamic and is updated frequently. The syllabus is divided into 6 modules in 6 weeks and associated with 2 dedicated case study Sessions in 2 weeks.

The detailed syllabus is provided in the Study Guide for CBFA. After completion of the course, the professionals would get a thorough understanding of the terms associated with the banking frauds in the banking sector.

For more information on the Study Guide- Click Here

Kammer, World Bank and Indian frauds

Indiaforensic Media
-
0

“I participated in Indiaforensic’s (IF) fraud conference in June 2008, and, despite IF being a young organization, I was extremely impressed by the capacity and maturity of its staff. I had the privilege of sharing the podium with first-class speakers from some of India’s main corporations, currently operating in global markets. In addition, the high profile of organizations represented in the audience, is a further tribute to IF’s capacity to raise interest in the topic and attract big players that contributed to an intense exchange of ideas and networking opportunities” – says Mr. Christian Kammer – the high profile Sr. Forensic Accountant from World Bank.

Mr. Kammer who entered the World Bank in 2001 has lots of previous experience in the anti-fraud field. He had just graduated from University and had completed an internship at the Office of the European Commission in Milano, mostly engaged with assisting the Commission’s counsels in a case of fraud to the European Social Fund allegedly committed by an entity in Milano when he was hired by a small CPA firm in Milano and Monza. This firm had engagements with the local Criminal Courts involving cases of fraudulent bankruptcies, as well as with prosecutors investigating Clean Hands cases.
At a very early age – in his early 30s – Mr. Kammer started taking his own assignments with the Tribunal of Monza regarding cases of fraudulent bankruptcies. This was the time when he had to appear in court during criminal procedures as an expert witness, testify about his findings, and be cross-examined by defense lawyers. All this helped him to gather a lot of experience as well as expertise.

Mr. Kammer also worked with the forensic accounting division of one of the Big Four, in Milano, for two years. He was so effective with his work over all these years that he still retains his ties and engagements with the Tribunal and Prosecutors in Monza.

And then came the big name – World Bank. In early 2001, Mr. Kammer joined the Anti Corruption and Fraud Investigation Unit (now Integrity Vice Presidency – INT) of the World Bank. The Unit, at that time, was in its pioneering stage, with a staff of about fifteen, including support staff and consultants. He participated in the selection process under international recruitment. His profile and background (high profile and large scale white collar crime investigations, big four, expert witness, languages, and IT) probably were seen as a good fit to complement a more traditional investigative skill set at that time present in INT.

We get to know the crucial role of a forensic accountant in World Bank through Mr. Kammer. Within INT, forensic accountants are mapped to the Forensic Services Unit (FSU). They view FSU to serve a number of purposes and clients within INT, the Bank, and outside the Bank as well, as follows:

  • INT: Support INT’s core activity of investigating allegations of sanctionable practices, by providing expert skills whenever Regional Investigative Teams require it, as well as by taking charge of specific investigations; supporting any other investigative activity, including INT’s VDP program; and conducting special proactive reviews.
  • Bank: Forensic accountants support World Bank’s Operations when problems are identified, by providing consulting advice, such as drafting or reviewing ToRs for external consultants’ engagements, selecting consultants, supervising consultants’ work; as well as providing assurance work by performing forensic reviews.
  • External to the World Bank: Forensic Accountants are committed to providing a range of support activities, such as training anti-corruption agencies in Bank Client countries and training government auditors, as well as cooperating with specialized anti-fraud units of other development agencies.

This gives us an idea of the responsibilities Mr. Kammer handles effectively and why he becomes a leader in the anti-fraud domain.

Mr. Kammer has worked on a large number of cases both in the private sector as well as in the World Bank. While working for the private sector, during 1995-2000, he worked on six to eight cases per year, generally divided between three major cases, and the rest were short engagements. During this time he also started developing my skills in the use and design of IT tools to support forensic accounting investigations, including designing a program for insurance companies to proactively monitor contracts and transactions to identify fraud red flags.

At the World Bank, he has conducted and led a number of investigations and proactive, diagnostic reviews, such as Detailed Implementation Reviews (DIR), since the very beginning. From early 2001 to 2009, in a way or another, he was involved in approximately fifty cases, including verifications of companies joining INT’s Voluntary Disclosure Program (VDP), in addition to leading or conducting six DIRs.

Though any investigator is involved in resolving a large number of cases, he has some personal favorites, some cases he especially remembers. The same is the case with Mr. Kammer. He remembers that at the outset of his professional life, in Italy, he participated in significant investigations involving some of Italy’s major corporations and politicians. He worked on data provided by foreign banks and was able to reconstruct the flow of money from the source, Italian corporations, into off-shore bank accounts, and from there being shredded and blended into a galaxy of other transactions and eventually becoming “black funds” for illegitimate payments.

He also remembers investigating a major transfer pricing fraud case involving the Italian subsidiary of an American multinational corporation. The headquarter was imposing transfer prices for goods manufactured in the Italian plant well below average production cost, let the alone market price, thus maximizing its own profit when selling the goods on the international market. At the same time, the headquarter was implementing its decision to scale down manufacturing operations in Italy by driving the Italian company into bankruptcy to circumvent local labor regulations and negotiations with the unions.

Despite all these achievements, if we speak to him about the title of “Leader in Anti-fraud Profession” given to him by Indiaforensic, he modestly says, “I am sincerely honored by the recognition given to me by Indiaforensic and Fraudtoday, however, I feel there are many professionals who inspired and taught me a lot. I respect each and every one of my colleagues in the anti-fraud community which, in my view, is a community of peers, where everyone has unique skills and experience. In the course of my career, I have taken certain decisions, and risks that allowed me to pioneer certain areas of the profession, benefiting from being in the right place at the right time, as have done with other colleagues. This profession has experienced growth and diversification over the last fifteen years or so, probably second only to IT. It has evolved from taking bean-counters and almost forcing them to make a swing in mindset to become fraud investigators, to a very structured and multi-disciplinary approach to financial investigation, with a growing number of specialized areas, ranging from audit to sophisticated IT applied to investigations. This is the profession where change is the daily bread and butter, no case is like the previous and innovation is a must. If someone is sticking to approaching it the traditional manner, with a pencil and a calculator, trying to reconcile A to B without applying skeptical thinking, innovative problem solving, supported by the correct use of technology, will in my view lose the train and be left behind.”

When we asked Mr. Kammer what 5 years down the line, where does he see the anti-fraud profession globally, he said – “Forensic accounting is growing at a high pace, and is diversifying quickly into various streams. In my view, this is because increasingly more operators in different sectors and areas realize the value added of forensic accounting in identifying and investigating fraud, as well as establishing systems to proactively analyze and diagnose risks and exposure to fraud. This is ranging from supporting criminal investigations, with forensic accountants acting as consultants or expert witnesses in criminal procedures, to consulting and assurance work in the private sector, as well as international organizations. Therefore the profession is moving and permeating various different scenarios, the market is wide open, and the demand is still higher than the offer, especially with regard to certain niches. The profession is increasingly experiencing forensic accountants becoming regular staff of big organizations, rather than the work being outsourced. This trend will probably continue for some time.”

When asked about the situation of India from a fraud perspective, Mr. Kammer says, “India is no different from any other country: where there is money, hidden interests may result in circumvention of regulatory frameworks, thus in fraud and corruption. India, as one of the fastest growing economies, is in a very interesting situation, because I see it having to deal with a dichotomy, a gap between significant impetus of investments in the private and public sectors, and, a regulatory framework that is relatively slow in getting tuned with the reality in the markets. This applies to almost all countries with fast-growing economies I have operated in. In fast-emerging countries, there is a lot of investment in markets that are not very well scrutinized, especially in infrastructure. The checks and balances are relatively low and therefore the opportunity for government officials and corrupt companies to collude to skim off certain amounts is really very high.”
In fact, according to Mr. Kammer, fraud and corruption know no national boundaries; they do not stay within jurisdictions. Rather, the fraudsters know the systems very well and take full advantage of the differences or gaps across national jurisdictions and they are fast in learning and adapting. He says, “Coordination and synchronization amongst national agencies of different nations is key, as well as the adoption of a uniform sanctioning platform across countries and international organizations. Significant progress is being made in recent times with the adoption of international conventions (e.g. OCSE convention) and the implementation of national laws, as well as ongoing initiatives amongst international development agencies to standardize the sanctioning process and implement sanctions whereby if an entity is sanctioned by, say, the World Bank, the other development agencies also black-list that same entity based on principles of cross-debarment. The real challenge here is speed: regulators typically operate within constrained frameworks compared to fraudsters.”

According to Mr. Kammer, fraudsters are very creative and the manner frauds are committed is continuously evolving. Frauds permeate any aspect of the financial life of people and organizations, ranging from investment scams, to all different shades of white-collar fraud (to the benefit or the detriment of organizations), to fraud and corruption by or to public entities (officials or organizations). Staying ahead of the game is the key and professionals need to have the right mindset coupled with technical skills. There are many very good accountants and auditors, however, not everyone has the right combination of skill sets to allow them to effectively operate in the forensic accounting arena. An investigative mindset, skepticism, and solid investigative experience are keys to obtaining good results in the profession.

Mr. Kammer also says that one should be driven to pursue continuous professional education because the anti-fraud profession is going in so many different directions and each forensic accountant has something to share. Education, training, and workshops are critical to the profession. That’s how one gets to know what is out there (the red flags, the viruses, and the symptoms) in order to learn or come up with innovative solutions on how to deal with them.
That is, therefore, one very important reason why I feel that Indiaforensic is doing a great job for the anti-fraud community by frequently arranging for the members to gather together.

Khaki to Suit – An Encouraging Journey

Indiaforensic Media
-
0

Senior inspector of Cuffe Parade police station Arun Wable quit the Police force in April’2008 to join Deutsche Bank as Vice President of Antifraud Unit. Arun Wable is now a reputed name in the banking frauds domain.

He is one of the most notable Certified Forensic Accounting Professionals [Certification awarded by Indiaforensic]. He has more than 29 years in Police Force and has spend a year in UN and now with Deutsche bank. He has keen interest in Money Laundering and has successfully completed the Certification in Anti-Money Laundering also offered by Indiaforensic.He is one of those few members who was constantly talked about during his stint with Mumbai Police. He has glorious track record in service and has won 5 awards including the Sword of Honour in the year 1980. Then in 1994, H.S. Joshi Shield for the outstanding service. In year 2001 he won two awards President’s Police Medal for Meritorious Service and Director General of Police’s Insignia for meritorious Service and finally in the year 2004 he won the United Nations Mission in Kosovo, Medal and Bar.His exit from the department of police made a big story for the newspapers. He is one of the most hi-profile antifraud experts in the country today.

Arun is a very studious person and has two publications to his credit.

1. Growth of Gangsterism in Bombay City- A Report-1994

2. Guidelines for the investigation of Disproportionate Asset Cases-2000

When asked about his most memorable fraud case he explains that “There are many, each one of them having their own importance. However, Rs. 200 Crore Fraud of a cooperative bank in Mumbai can be identified one of these. In 1997 branch manager of a cooperative bank reported forgery in a pay order which was altered from Rs. 212 to few thousand. During the course of this investigation, apart from the complainant branch manager, many more branch employees were arrested. Hundreds of bogus accounts in all branches of the bank were identified and finally the Income Tax department walked away with Rs. 200 Crores of unaccounted money from this bank”.

Though he feels that there is a huge potential for fraud investigators and forensic accounting professionals in the banking industry in India. However, it is yet to be recognized by the industry.

However he is not happy with the number of investigators in India and feels that there are hardly any experts in these fields, as good as none. Most of the investigators are either CAs or those with certificates from the market.

My interaction with India Forensic has been very limited. However, from whatever I have seen and learnt, IF is doing a wonderful job in fraud awareness, fraud prevention and above all creating a common platform for all the players in the field to interact and share their experiences.
 

Phishing in India is becoming innovative

CA Mayur Joshi
-
0
Phishing in India is becoming innovative

Did you know that e-mails, long considered the most convenient form of communication, can actually spring some nasty surprises for you?

Every day, our mailbox is flooded with numerous emails—personal mails, subscription mails and junk mails. While the spam filter takes care of most of the unwanted junk, there are a few which make it to your inbox. According to the latest report by global security solutions provider Symantec Corp., India generates the maximum number of spams and phishing mails among Asian countries.

What does phishing mean?

Phishing means sending an e-mail that falsely claims to be a particular enterprise and asking for sensitive financial information. Phishing, thus, is an attempt to scam the user into surrendering private information that will then be used by the scammer for his own benefit.Phishing uses ‘spoofed’ e-mails and fraudulent Web sites that look very similar to the real ones thus fooling the recipients into giving out their personal data. Most phishing attacks ask for credit card numbers, account usernames and passwords. According to statistics phishers are able to convince up to five per cent of the recipients who respond to them.

Phishing mails take you to fraudulent websites. While the easiest way to deal with these emails is to simply ignore, there are a few that will deceive you, entice you, even humour you, and if you bite the bait, ultimately make you a fraud victim or worse, even a criminal.

Most common scenario of the Phishing emails include the email coming from fraudster claiming to have access to several million dollars and wants you to help him or her to take this money out of his country. All they need for you to do is send your bank account information and some advance fee to pay for the cost of the transfer of funds. But the enormous reward in foreign currency never arrives. Another version is when you inadvertently open a fraudsters email. That way they get access to all you contacts in your email account.

Identifying Phishing

A legitimate financial institution will never ask for details of your account via an e-mail. A corollary to this rule is that never e-mail financial information over the Internet. E-mail is not a secure method for transmitting this kind of information.

If you initiate a transaction and want to provide your personal or financial information through an organisation’s Web site, look for indicators that the site is secure, like a lock icon on the browser’s status bar or a URL for a Web site that begins ‘https:’ (the ‘s’ stands for ‘secure’).

Unfortunately no indicator is foolproof, so always call your local bank and ask for verification before responding to any form of electronic correspondence that claims to come from the bank.

123Page 3 of 3