Nigerian Scam Leads to Embezzlement

by Sam Ott and Mary Beth Guard

Help free a dead man's funds from the clutches of a corrupt government.

Earn millions.

What's not to like?

In many respects, 59-year old secretary Ann Marie Poet is just one more gullible individual suckered by the soap opera-sounding correspondence that is the hallmark of the Nigerian Advance Fee scam. She was promised $4.5 million in fees if she would render assistance in getting $18 million out of Nigeria and into a U.S. bank. All the standard elements of this common scheme were present - the sense of urgency, the need to advance sums of money to cover fees and bribes, the official-looking documents.

What makes this case different, however, is that the money Poet lost wasn't just her own. According to an indictment handed down this week by a federal grand jury in Detroit, she financed her participation in the scheme by embezzling $2.1 million from the small law firm where she had worked as a trusted employee for nearly a decade. According to court documents, over the course of several months after she received the scam fax in January Ann Poet wired money from the law firm's accounts in amounts ranging from $9,400 to $360,000 to offshore accounts. The law firm apparently remained clueless that funds were being drained from its accounts until September 4, when a $36,000 settlement check written to a client inexplicably bounced. After being unable to obtain satisfactory answers from its bank, the firm brought in the FBI and the fraud was revealed.

Now, the law firm is contemplating filing suit against the bank. According to the firm, Poet was never authorized to conduct wire transfers.

Whether Poet was or was not authorized to conduct the transactions is a matter of fact and law to be resolved by a court, but the situation clearly raises questions regarding the type of fraud detection measures a financial institution (and its commercial customers) should have in place, whether this activity was regarded (and reported) as suspicious, and whether the bank adequately protected itself by having, and following, a commercially reasonable security procedure for wire transfers.

Fraud Detection Policies and Procedures
In determining whether the law firm has a valid claim against the bank, answers to the following questions may be crucial.

Did the bank have a duty to detect fraudulent activity?
Should the bank have realized this activity was fraudulent?
Were the bank's fraud detection policies and procedures adequate and were they followed?
How well did the bank know its customer?
Did the law firm routinely transfer large sums of money via wire transfer?
Had previous wire transfers been made to offshore locations?
Did the employee have either actual or apparent authority to conduct these transactions?
Did the bank have procedures in place to identify any changes in the wire transfer habits of the law firm?
If unusual activity was detected by the bank, was an investigation conducted and the law firm contacted for an explanation?
Did the bank manager call the law firm for verification prior to approving all of the wire transfer requests?
Did the bank employees keep and maintain detailed reports covering any discussions conducted with the law firm regarding the wire transactions?

Suspicious Activity Reporting
More than $2 million was wired from the law firm's accounts to accounts in financial institutions in South Africa and Taiwan. All of the wire transfer instructions were presented at one bank branch and approved by the same branch manager. The law firm contends the secretary/bookkeeper was not authorized to make wire transfers from any of the law firm's accounts. The bank's wire transfer forms required wire transfer instructions to be verified by the bank calling the law firm.

A financial institution is required to file a Suspicious Activity Report (SAR) regarding any transaction with a known suspect involving or aggregating to at least $5,000 that the institution knows, or has a reason to suspect:

involves funds derived from illegal activities or is conducted to disguise funds derived from illegal activities
is designed to evade the reporting or recording keeping requirements of the Bank Secrecy Act or
has no business or apparent lawful purpose or is not the sort in which a particular customer would normally be expected to engage, and the bank knows of no reasonable explanation for the transaction after examining the available facts, including the background and possible purpose of the transaction.

FinCEN has indicated the following are common patterns of suspicious activity involving wire transfers:

A lack of evidence of legitimate business activity, or any business operations at all, undertaken by many of the parties to the transaction
Unusually large number of wire transactions
Unusually complex series of transactions
Transactions conducted in bursts of activities within a short period of time and
Beneficiaries maintaining accounts offshore at foreign banks that have been the subject of previous SAR reporting regarding wire transfers

If any of these warning signals are present, a duty of increased scrutiny is placed on a financial institution to review the transaction and determine if a SAR filing is warranted.

Whether the wire transfers in this particular case would be deemed suspicious or not would depend, in part, upon the past transactions in this customer's accounts and what might be expected for a law firm of this size in this locale with the type of practice it has.

It is imperative that a financial institution have in place a system to identify transactions that may be high risk for money laundering or exhibit indicia of suspicious activity. The system must take into account the type of products and services the institutions offers and the nature of its customers. Without such a system, a financial institution could not be certain that it was reporting suspicious transactions as required by the Bank Secrecy Act.

This point is driven home by a recent case where a bank consented to the assessment by FinCENof a civil money penalty in the amount of $100,000. FinCEN had determined the bank had information about its customers and their transactions that should have caused the financial institution to "know, suspect, or have reason to suspect" that many transactions were reportable suspicious transactions, yet the institution had failed to file any SARs because it did not have procedures to identify or analyze or report suspicious activity.

Wire Transfer Security Procedures
If appears that one of the major fact issues in the case will be the issue of whether or not the wire transfers were proper.

Article 4A of the Uniform Commercial Code governs what is referred to in Article 4A as a funds transfer, but the term as defined there is really referring to what financial institutions call wire transfers. [It specifically excludes a consumer funds transfer any part of which is governed by the Electronic Fund Transfer Act.] Article 4A governs a financial institution's liability for wire transfer (funds transfer) losses and provides as follows.

At the root of the protection from liability is the requirement that the institution implement and follow a "commercially reasonable security procedure".
If a financial institution conducts a wire transfer pursuant to a payment order that has been verified by the security procedure agreed upon by the customer, the order is effective whether or not it has been authorized by the customer.
The security procedure must be commercially reasonable and the financial institution must have acted in good faith and in compliance with the security procedure.
The commercial reasonableness of the security procedure depends on the wishes of the customer, the circumstances known to the financial institution regarding the size, type, and frequency of payment orders issued by the customer and alternative security procedures offered to the customer.
Security procedures may include codes, identifying words or numbers, encryption, callback procedures, or other similar devices.

According to the news reports, the bank's security procedure may have involved a callback feature. In the event the law firm designated the dishonest bookkeeper as the party to receive the callback and the bank followed the agreed-upon procedure and contacted the bookkeeper to obtain authorization, the law firm may not have a claim against the bank.

Note: Article 4A has been adopted in all states, with some minor variances. Your financial institution should review the version of Article 4A adopted in your state and determine whether your security procedure is sufficient to protect you from liability. Make sure your procedure has been properly implemented and is being followed.

Summary
Nigerian Advance Fee fraud or similar schemes can have repercussions beyond the original victim. In their desire to get rich, greedy victims may place others in jeopardy. Take the time to make sure your policies and procedures are adequate to protect your institution against this and other types of crooked bookkeeper fraud. Thoroughly train your employees and monitor their compliance with your policies and procedures. The best policies and procedures in the industry can't protect you if they are not applied.

Related Links: