January 16, 2019

Cyber fraud - follow the money

In 2018 we saw clients of all sizes, sectors and domicile affected by cyber-security breaches. Perhaps the most prevalent in the commodities and trading sector was the trend of email hacking and faking. A chain of correspondence between Party A and Party B arranging payment for the sale of goods, for example, is intercepted by hackers who then impersonate the parties using a very slightly altered email address so as not to arouse suspicion. Typically the hackers then advise Party A that the payment account details have been changed and Party A transfers sums to the wrong account.

These altered account details are very often not suspicious in and of themselves. The fraudster's email account may be as subtle as a single letter change to the email domain name. It is not hard to see how even the most sophisticated business may fall victim to such fraud.

Basic checks can help to prevent such fraud, including checking email addresses carefully particularly if there is a change in tone of correspondence or a change to payment details and checking any requested changes to account details via telephone (ideally with a known individual) with your counterparty.  Having a strict policy of rigorous checks on account changes can go a long way to solving the problem. Even with the most extensive training procedures for staff, mistakes can still happen and there is no question that, as monitoring techniques improve, fraudsters will find alternative ways of disrupting business for financial gain.

In the event payment is made to a fraudulent account, the payor should notify their bank immediately of the suspected fraud. If notified early enough, the paying bank may be able to interrupt the payment or, if not, alert the receiving bank who should freeze the receiving account pending further investigation. Informing the police and, where relevant/appropriate, the Action Fraud service in the UK or a local equivalent elsewhere is also important.

Employees should also be made aware of the need for care in how they deal with such incidents as, for example, 'tipping off' is an offence under the Proceeds of Crime Act 2002 and, as such, legal advice should be taken as soon as a suspected fraud takes place. 

If the payment cannot be interrupted, there are a number of legal steps available in the English courts which may assist in recovering any payment obtained fraudulently. The assistance available from the courts will depend on the specific facts of each case but include:

  1. A 'Norwich Pharmacal Order': Such order requires the receiving bank to disclose certain documents or information about the receiving bank account and the account holder, with a view to tracing the location of the funds. This type of Order is typically obtained where a party knows that wrongdoing has taken place against it but does not know the identity of the wrongdoer, yet can identify a third party who has this information.
  2. A Bankers Trust Order: This is often referred to as a sub-species of the Norwich Pharmacal Order and is available where (i) there is a fairly clear cut fraud and (ii) the claimant seeks disclosure of confidential documents, usually from a bank, to support a proprietary claim to trace assets. This type of relief is only available where, on the face of it, there is a clear case that the relevant funds held by, or passed through, the bank, belong to the claimant. It is also necessary to demonstrate a real prospect that the information might lead to the location or preservation of assets to which the claimant makes a proprietary claim.
  3. A Freezing Injunction: Such order restrains the bank from allowing transfer of the money in the account and/or fraudster from disposing of or dealing with its assets. The purpose of a freezing order is, typically, to preserve assets until judgment can be obtained or enforced. It is often possible to seek a freezing order in conjunction with the above two remedies.

No matter what action is taken, acting quickly is key. The English courts stand willing to assist victims of corporate fraud with urgent applications to freeze monies or trace funds, but if a party is slow to act, the monies are likely to have disappeared, often overseas, with little chance of recovery.  In such circumstances, the party who is left out of pocket will have no remedy or will be left to explore claims against its counterparty and/or the bank(s) involved.