In recent times, fraud, fraud detection and fraud prevention have been hot topics of discussion. Cyber-fraud, perpetrated on a grand scale through software worms, viruses, “backdoors,” hacking and a multitude of high-tech terrors, has led to major losses across many industries. The risks of loss and possible ransom attacks through cyberspace are enormous and, of course, must be taken seriously.
But certain types of fraud specific to leasing can also be quite simple — for the perpetrators to pull off and to detect and prevent. There are straightforward steps and checks that every leasing company can implement to prevent some of these basic (but no less harmful) forms of fraud that ripple through the industry. The following common traps and prevention tips show how simple precautions, if consistently applied, can prevent many basic forms of fraud in leasing transactions.1
Lessees and Borrowers in General
Corporate Filings. Most obligors are business entities subject to state registration or
other similar requirements and can be looked up on the website of the applicable state corporation commission, secretary of state, or third-party filing service. A quick check may give you a lot of information: Is the business is active? Are its required filings up to date? Does it even exist? A brief review of state filings, however accessed, may tell you a lot about the legitimacy, longevity and management of the business.
Websites. Virtually every business today has a presence on the web, and reviewing a company’s website can be revealing in many ways. An unprofessional look and feel may indicate that a site was slapped together in a hurry or without much serious consideration, whether for nefarious purposes or not, and this should at least raise your alert level and prompt a deeper look. On many websites, the home page or landing page (usually at the very bottom) includes a “sitemap” or something similar. Clicking on the linked pages can reveal whether the site is legitimate or is limited only to a few pages that have been put together for show and without any meaningful purpose. These links may even lead to messages showing the named pages don’t actually exist. A couple of quick findings may suggest that you dig further into the details of the business itself.
OFAC Checks. You should already be conducting Office of Foreign Assets Control checks on every new applicant since there may be serious legal consequences if you don’t. But such checks may also be useful for your own review of the applicant. The OFAC sanctions list(s) not only show persons or entities sanctioned by the U.S. government, but they may also show that a person or entity has multiple aliases or similar related names, which can alert you to possible skullduggery, even if the applicant is not named exactly as claimed.
Email Addresses and Links in General
Email Links. The best way to smoke out a fraudulent or misleading link in a text, email, PDF or other document that includes links is to hover your mouse over the link itself, without clicking. The address to which the link points will pop up in a small window over the link. The text of a link (usually shown in blue and underlined) may say anything at all, but these words have no direct connection to the address to which they refer. This is a common trap for the unwary. When receiving an email or text with links in it (unless you are certain of the source), you should always hover over the link before clicking it. If you don’t recognize the address or website that pops up, do not click the link. This is a frequent means by which fraudsters or malware purveyors induce you into going somewhere on the web that you should not go. Remember, once you click that link there’s no going back — you may have triggered the download of malware onto your computer, the consequences of which may not come to light until well into the future.
Email Addresses. Beware of email addresses that do not follow this general pattern: nameofsomeone@businessname. com. Scammers can be very effective at fooling their victims by creating email addresses that simply reverse or change this pattern, and they are very easy to overlook. For example, [email protected] (which can be created by anyone) is not the same as john@ IBM.com (which can only be created by IBM). Even less obvious is something like john@ IBM.computers.com, which has nothing to do with IBM but is meant to be misleading. Remember that only the text immediately to the left of the last “dot” is the actual domain name of the intended party and is the only part that matters when you’re looking for fraud in email addresses. If in doubt, try typing the domain name portion of the email address (only the text immediately before and after the last “dot”) into a browser to see if it brings up a legitimate website.
Another trick used by fraudsters is the creation of email addresses that incorporate or mimic legitimate business names but are subtly misspelled, such as john@ XYZfinancing.com (note the extra “i” in “financing”), which in fact are not connected with the business at all. This is a common ploy, and it can be uncovered easily and quickly with a simple but careful review of email addresses and links provided by a party.
Be especially careful of email addresses from Gmail, Yahoo or other free email domains. These can be acquired by anyone and made to look like anything (e.g., johnIBM@ gmail.com or [email protected]). When in doubt, ask the party providing the email address for a company-specific email address. And note when reviewing emails on a mobile device that the sender’s address is usually not revealed until you click on it. The sender may appear to be someone familiar — but the actual address may belong to someone completely different. An additional level of diligence is required when utilizing these less-secure endpoints.
Locations and Street Addresses. A lot can be learned at the application stage from a simple online check of addresses and telephone numbers. The terrain view available in most online map sites will quickly show whether the address is an actual business building, a mailbox drop or even a vacant lot. Reverse lookups of phone numbers may reveal a bogus or “borrowed” phone number. Doing a quick online check on a phone directory site may confirm that the number given is a live number connected to the named applicant. Even checking if an area code refers to a geographic location matching the business street address can alert you to possible concerns. These checks are all fast and easy, and they should be routine on new applications, even if the name of the applicant appears to be a well-known or repeat customer.
References. Obtaining references on applications is a common practice, but these should not be taken for granted or casually overlooked. Names, business details and telephone numbers should be checked out, just as the applicant’s are. These are easy checks to make and may uncover some second level concerns.
Guarantors. The same degree of scrutiny must be applied to reviewing prospective guarantors, especially if they are related parties or are part of the ownership or management structure of the lessee or borrower. Guaranties are not just formalities.
Sole Contacts. A surprisingly large number of fraud schemes in the leasing industry have been facilitated by originators’ or leasing companies’ reluctance to identify the actual funding source in a transaction. Particularly in private-label or syndication situations, originators may require funders to make no direct contact with obligors. Fraudsters have exploited this requirement in a number of major leasing industry frauds by requiring funders to deal solely with one individual without contacting anyone else about the deal, including customers, vendors or other third parties. This situation is made to order for mischief. Every leasing company providing funding for deals of any significant size should, unless the deal is provided by a well-known and reliable entity, include in due diligence contacting more than one person representing the originator, even if the company has a track record with the originator. (A number of major leasing frauds have been carried out by criminals using the “long con” — doing seemingly legitimate deals for a year or more and then lowering the boom with one large consolidated fraudulent funding or building a portfolio on a pyramid of multiple companies which, as with every Ponzi scheme, ultimately crashes on its own.)
Consistency of Information. It is good practice to take a step back from the minutiae of an application and assess the overall picture of the deal. For instance, does the type of equipment appear to be appropriate for the nature of the applicant’s business or industry? Is the equipment location suitable for the type or size of equipment being requested? Do the street addresses, telephone area codes, equipment types and other details provided by the applicant ‘line up’ in a consistent way?
Timing of Events and Circumstances. One of the factors present in many fraudulent transactions is an exaggerated sense of urgency on the part of the applicant. Although many businesses are anxious to acquire the equipment they need, the imposition of truly unnecessary timing constraints and conditions may be a clue that a closer look should be taken. Likewise, last-minute changes in payment or bank wire instructions, equipment delivery requirements, document delivery or other transaction details that have already been confirmed may be an effort to turn a seemingly legitimate deal into something that is designed from the outset to be fraudulent. Lastminute changes can circumvent what the perpetrator knows will be a higher level of review at the start of the process.
Signatures. Documentation professionals should be alert to significant changes in the way signatures appear. If they slant one way on one document and the other way on another; if they include middle initials on one and not on another; if they look large and bold on one and small and scratchy on another — it is always worthwhile to take a deeper look.
Financials. If a lessee or borrower submits audited financial statements, it is important to take a few minutes to validate the accountant or accounting firm signing off on the statements. Look them up on the internet, find out if the preparer is a licensed and reputable firm or individual who is completely unrelated to the borrower. Many fraudulent deals have been approved based on the strength of underlying financials that turned out to be bogus (remember Bernie Madoff?).
Transaction Documents. A lot of information may be found or inferred from the deal documents, particularly when purchasing transactions or taking assignments from other funders. Various forms that are inconsistent in font, company logos, formatting or other basic features or that appear to be a hodgepodge of materials from different sources should prompt a deeper review of their source and validity. Concern should also be heightened if documents appear to have been photocopied too many times or that have signatures that seem pasted or photoshopped in.
Invoices. Phony invoices are an unfortunate reality in our business, going back at least as far as the infamous OPM scandal in the 1970s, which involved the creation of fraudulent content printed on a major company’s actual invoice forms that had been stolen and repurposed for fraud. Today’s technology makes it even easier to reproduce invoices or other forms digitally. It is important to review such documents closely, comparing them with similar documents from the same vendor in prior transactions or comparing part numbers with actual catalog information available online for the stated equipment. If in doubt, ask the lessee or vendor for supporting materials such as online references to the questionable equipment or direct contact with the manufacturers or other providers.
Equipment Knowledge. Not everyone in the approval or funding chain is an expert on every type of asset, but those who review transactions should at least have a good working knowledge of general equipment values, pricing and related details. These must be consistent from deal to deal and with general market knowledge in the company’s areas of focus. When the leased assets reflect values that are much higher than expected, a deeper review is warranted.
Wire Transfers. In every deal funded via bank wire, the applicable instructions should be scrutinized for consistency and compliance with common practice. If one U.S. company sells or assigns a transaction to another U.S. company and the wire instructions specify a bank in the Cayman Islands or Hong Kong, for example, the transaction should be held up until the source of these instructions can be substantiated.
Employee-Originated Funding. As a matter of good practice, the origination and documentation of fundings should involve more than one employee and more than one department (e.g., initiated by lease administration and completed by accounting or treasury). ‘Inside jobs’ are very real, and they may often be avoided or cut short through the routine use of well-established and consistently applied procedures assigning responsibility to more than one person or department. ‘Check and double check’ is always a good rule to follow.
What To Do If It Smells Bad
Most importantly, sound the alarm. Encourage and train employees not to be shy about calling out potential red flags. The well-known rule about preferring to seek forgiveness rather than permission does not apply in this context. A better rule here would be, it’s better to be wrong and too early than to be right and too late. It’s never too early to sound an alarm if something doesn’t look or feel right, even at the risk of raising false alarms, and greater experience sniffing out the warning signs will lead to fewer false alarms and more actual fraud detection.
Incorporating various fraud prevention applications and software into your overall deal-flow procedures is also a good practice. These may be incorporated into front-end or lease-management systems, or they may be standalone processes that function in specific areas of activity, and they may provide important help in detecting the kinds of fraud discussed here. In addition, periodic discussions with your bank’s treasury products staff can keep you abreast of new threats and fraud trends as they arise. Unfortunately, the bad actors in our industry are always inventing new methods, and it is crucial to use all the tools available to prevent what could be a catastrophic event. Periodic third-party vulnerability assessments, unannounced audits and consistent account reconciliation can address small problems before they become larger ones.
Many of the methods of common fraud we have described may be prevented if key personnel are trained and expected to look for warning signs at every turn. This approach may be further enhanced using documented and enforced checks and balances and the separation of duties at each stage.
Remember, applied common sense is the best detector of this type of fraud. Always be skeptical, always be aware, sweat the details and don’t hesitate to sound the alarm.
1The authors note that all of the traps and frauds described here are real; they have all actually been experienced through the authors’ combined decades in the leasing industry.
ABOUT THE AUTHORS:
Paul Bent is a senior managing director of The Alta Group and head of the firm’s Legal Services practice. With decades of experience as an investment banker, equipment leasing CEO and transaction attorney, Bent has participated in all facets of leasing and corporate financing. He serves as a testifying expert in legal matters involving leasing, transaction structuring and contract interpretation; and he provides services as a neutral arbitrator in difficult disputes over leasing and corporate finance.
Gary LoMonaco is a director at The Alta Group and the leader of the firm’s Business Assessment practice. He draws on his vast experience in vendor finance, executive leadership skills and passion for new challenges to help Alta clients succeed. His areas of expertise include financial management, captive/vendor finance programs, structuring and funding managed services contracts and credit leadership.
No categories available
No tags available