Category Archives: Fraud

Is China the Home of the New Cyber Criminal?

A year ago we had GhostNet, a massive cyber espionage network rooted in China that went well beyond simple allegations of spying on Tibetan Institutions. After a 10-month investigation, a network of over 1,295 infected hosts in 103 countries was discovered that included computers at ministries of foreign affairs, international organizations, news media, and NGOs.

Then we had massive cyber attacks that originated in China, including one against Google last December, and now even Google is pulling out of the country (as it must do no evil).

And now, we find out that GhostNet was but a shadow of a much larger Shadow Network (The Globe and Mail) which has compromised sensitive data from at least 16 countries from compromised computers in at least 31 countries (including computers used at Honeywell and NYU), which have been used to gleam Indian missile defence secrets and Canadian Visa applications from its citizens travelling abroad (including applications from the UK). The full findings will be revealed today in Toronto, as the network was cracked by researchers at the University of Toronto’s Munk Centre for International Studies, the Ottawa-based security firm SecDev Group, and a U.S. cyber sleuthing organization known as the ShadowServer Foundation, the real-world Internet Lone Gunmen.

The Full Report is available on line on Scribd and documents how much of India’s defence network has compromised as the computers and systems of the National Security Council Secretariat, Military Engineer Services, Military Personnel (including the Artillery Brigade and the Air Force), Military Educational Institutions (including Army Institute of Technology, the Military College of Electronics, and the Mechanical Engineering College), India Strategic Defence and Force magazines, a number of corporations (including YKK India Private Limited, DLF Limited, and TATA), and Maritime India (including the National Maritime Foundation and the Gujarat Chemical Port Terminal Company Limited) were all breached.

Share This on Linked In

Are You Being Hit with the “Double Payment” Problem in Your Shipping?

Logistics Management just ran an excellent article on “Logistics and the Law: Don’t Pay Twice”, by Brent Wm. Primus, J.D. of Primus Law Office that I think is a must read for anyone responsible for global shipping.

When a shipper engages a broker or when a shipper or a broker books a load with a carrier, they expect to be billed and to pay for the charges for moving the freight. What they don’t expect is to have to pay the charges twice. Unfortunately this does happen and, in the last few years, has happened with increasing frequency. This emerging issue is called the double payment problem.

As the article points out, there are three variations of this problem:

  1. The going-out-of-business broker.
    In the last weeks or month of its business life, a broker continues to book loads and collect payment for carrier charges, but fails to pay the carrier.
  2. The double-brokering carrier.
    A load is tendered to a carrier with the understanding that the carrier will be providing the actual transportation, but, instead of providing the transportation itself, the carrier uses its broker authority and tends the load to another carrier, which it fails to pay.
  3. The fraudulent broker.
    A fraudulent broker solicits loads that it then tenders to carriers with every intention of collecting from the shipper but with no intention whatsoever of paying the carrier

With respect to the first two variations of the problem, two competing legal theories have developed. The first theory is the well-established principle that under the traditional bill of lading contract, the consignor has primary liability for payment of the charges on “prepaid” shipments, and if the consignor fails to pay, then the consignee must pay. For “collect” shipments the consignee has primary liability and if the consignee fails to pay, then the consignor has to pay (unless the no-recourse provision of the bill of lading, known as “Section 7”, has been signed).

But what happens when the consignor or consignee has fully paid an entity under a good faith assumption that the entity is the carrier or paying the carrier? In this situation, a legal principle known as “equitable estoppel” has developed and applies in situations where Courts have held that it would not be fair or equitable to ask a party to pay twice. However, there are situations, such as Freight Lines, Inc. v. Sears Roebuck & Co. where the principle, though it had merit, was not applied by the courts.

With respect to the third variation, which has become a more significant problem as of late, typically no money ever reaches the carriers and you, as a shipper, will likely end up with full responsibility for the payment unless you can demonstrate that you had a reasonable expectation that the company was legitimate (and thus use the equitable estoppel argument). This of course means that you have to do your homework, and unless the company in question has hacked US Government Systems to make it look like they are affiliated with reputable companies (like Viacheslav Berkovich and Nicholas Lakes did), it might be hard to demonstrate a reasonable expectation of a reputable enterprise, especially if the broker is relatively new.

So what should you do? Especially when there is no sure fire way to eliminate the risk?

According to Steve Fernlund, the Executive Director of the Freight Transportation Consultants Association (FTCA), always know who you’re doing business with. Check payment practices and credit rating agencies to make sure there is minimal risk that the carrier and/or broker will default on its obligations. Have a standard procedure to qualify carriers and brokers and follow that procedure in every transaction. The latter will help you in the construction of equitable estoppel arguments should you ever find yourself in one of the first two situations, especially if the standard procedures cover everything you can be reasonably expected to do.

Furthermore, as the article points out, you have to monitor the carrier to ensure they are complying with the terms of the contract as some carriers will sign a contract and then ignore the prohibition against tendering to another carrier through their brokering authority. (This includes a spot check of delivery receipts to see if the carrier named as the delivering carrier is the one with whom you have a contract.)

When you’re using a broker, have a written contract that requires the broker have written contracts with its carriers. The broker’s contracts must require that the carrier specifically designates the broker as its agent for collection and that the carrier waives any right to collect from the consignor or consignee if the broker has been paid. Also require that copies of all contracts with all carriers the broker intends to use be forwarded to you for review and confirmation.

And, finally, if you truly want absolute protection, you could require that any broker you do business with post a surety bond greater than the amount of business you expect to do over a six-month time period. However, this will eliminate many brokers from consideration as most sureties require 150% collateral, which many smaller brokers will not have. It may also increase your brokerage fees, as they might insist that you pay the bond premium.

Share This on Linked In

A North American Near-Shoring Obstacle

Editor’s Note: Today’s post is from Dick Locke, Sourcing Innovation’s resident expert on International Sourcing and Procurement. (His previous guest posts are still archived.)

It appears that Mexican drug cartels are taking advantage of the US’ C-TPAT program to occasionally put marijuana into trucks that have been granted expedited clearance into the US. How serious is this?

Here are a couple of articles:
* Trucker Program Attracts Drug Smugglers
* Mexican Drug Smugglers Taking Advantage of New Program That Speeds Truckers Across the Border

If you dig into the articles you will see that there are about 5 million north-bound truckloads crossing the Mexican border annually. In two weeks CPB found four shipments containing marijuana. They say that ten percent of the trucks are inspected, but it’s not clear if that’s ten percent of all trucks or ten percent of the C-TPAT certified trucks. Worst case, that’s 20 trucks carrying marijuana per week, or 1,000 per year. That comes to 200 trucks per million. Your judgements will vary on how serious this is.

C-TPAT was not designed to catch drug smugglers. Of course, the obvious question is whether terrorists could substitute a weapon of mass destruction (WMD) for the marijuana. Theoretically it’s possible of course. However, I don’t think the Mexican drug cartels would do so voluntarily. A cynic would say that their customer base in the US is too valuable to them, and there are probably other reasons as well.

But the articles do raise some questions. Certified trucks are only required to notify the US Customs and Border Protection (CBP) staff 30 minutes ahead of reaching the border. This is in marked contrast to the Container Security Initiative that applies to ocean freight. For ocean freight, CBP must be notified of the contents of all containers 24 hours before a US bound container ship is loaded.

CBP is also finding trucks where secure seals have been broken or circumvented by removing doors at the hinges. That’s disturbing. These are the same seals that are used on ocean freight containers.

My thought is that there will probably be more delays at the border. One sensible approach would be to require trucks coming from further into Mexico than the immediate border area to provide more advance notice. CBP tries to judge security risks at least partly based on the names of the shipper and receiver and more time to react would help them select riskier for further inspection.

Dick Locke, Global Procurement Group and Global Supply Training.

Share This on Linked In

Cost of NOT Using Modern Supply Chain Systems: 6.8 Billion

A recent article over on CNN Money that noted that the store theft cost to your family, largely due to a 9% jump in retail theft over the past year, is $435 — as shoplifting, employee theft, and supply chain fraud cost retailers $42.2 Billion between July 2008 and June 2009, had a surprising revelation.

Breaking this mega-loss down, we find that:

  • 18.7 Billion is due to employee theft
    which could be considerably reduced with better screening, security and processes
  • 15.0 Billion is due to shoplifting
    which could be somewhat reduced with better security, but will likely always be a problem
  • 6.8 Billion is due to processing, supply chain errors, and frauds
    which could be eliminated with good systems and processes
  • 1.7 Billion is due to other causes

There’s no excuse for any errors. Good end-to-end e-Procurement systems can match every invoice against the purchase order and contract and make sure you’re only paying for what you ordered at contracted rates. Good forecasting and inventory tracking systems will prevent costly errors. And good visibility systems will allow you to spot any exceptions as soon as they occur and stop frauds, and fraudsters, in the act.

So now that you know that not using this technology is personally costing you, and everyone else in your organization, about $70 a year, why aren’t you using these systems? The reduction in loss alone over their service life-time will more than pay for them. (Not to mention the savings that a good sourcing, e-procurement, or inventory system can help you identify!)

Share This on Linked In

When Short-Term Gains Equal Long-Term Miseries

Editor’s Note: This post is from regular contributor Norman Katz, Sourcing Innovation’s resident expert on supply chain fraud and supply chain risk. Catch up on his column in the archives.

Dimitrios P. Biller, a former managing counsel for Toyota Motor Sales USA Inc., alleges in a recent lawsuit that Toyota forced him to withhold evidence from opposing counsel in lawsuits relating to vehicle rollover accidents. As some readers will remember when (small) sports utility vehicles (SUVs) were introduced there were a rash of rollover accidents that occurred. I recall that the reasons were generally centered on the vehicles being top-heavy and thus prone to rollover due to sudden steering wheel movements such as in accident-avoidance scenarios (see “the physics of SUV Rollover Accidents”).

Toyota paid Mr. Biller a $3.7M severance in 2007; the severance agreement forbade Mr. Biller from discussing company information such as what he is doing in his lawsuit against Toyota which accuses the automobile maker of concealing or destroying information in over 300 such rollover cases where vehicle passengers were injured or died as a result.

But this blog is not about the merits of the lawsuits Mr. Biller and Toyota are filing against each other. Those cases will be played out and decided in a court of law or through some mediation. Nor does this blog post look to accuse or absolve either party of their alleged sins. I merely needed a business example for the subject of this post: when short-term gains equal long-term miseries.

Too often the right thing is sacrificed for short-term gains but then found to lead to long-term miseries, and here is where I believe so much of the root-cause of what ails us lies. There may be early benefits to burying proverbial – and sometimes actual – skeletons but invariably they resurface to haunt us.

The telltale sign of trouble is when vision of short-term gains eclipses, blocks or otherwise obscures and obstructs our view of the long-term goals, and it is here that we can expect the long-term misery from our short-sightedness.

Enron, WorldCom, the real estate bubble, the dot-com bubble, (some) outsourced manufacturing … these are just some of the examples of how knee-jerk reactions to satisfy short-term fantasies created some miserable results in the not-too-distant future. The result is that markets, industries, and supply chains get whiplashed back-and-forth as more knee-jerk reactions are taken under the guise of “corrective actions”. In the fabled race between the tortoise and the hare, let’s not forget why the tortoise won and that there is an allegory to our personal lives and professional conduct.

What we see is that short-term huddling of resources, short-term planning, short-term damage-control, short-term gains to boost balance sheet numbers, etc. only leads to long-term misery. Chaos and confusion lie in wait ready to strike when we are probably least prepared to deal with them. The result is havoc that requires excessive resources to bring under control or at least attempt to damage-control.

Yet this advice seems counterintuitive to the competitive nature of business today, but I don’t think it needs to be. Would sound advice in a logical risk-management strategy be to blaze ahead or put all your eggs in one basket? Probably not or at least not for too long. Yet too often I think we forget that short-term gains do not equate to long-term success. A good risk management focus will recognize this.

So what is the point here? What are the lessons to be learned? (Blog posts need to lead to logical conclusions AND teach us something???) It’s better to clean up small messes early on when they happen than to keep sweeping things under the rug because eventually that big lump under the rug is going to get noticed. A good risk management strategy is one where supply chain frauds are caught early and before they infiltrate our organization and manifest themselves into disasters.

The proper perspective for a risk management strategy is one that looks both short-term and long-term and does not consider those viewpoints as distinct but rather as interrelated.

Norman Katz, Katzscan

Share This on Linked In