Advertisement
Advertisement
The “business email compromise” scam targets Hong Kong ’s multi-billion dollar legitimate trade finance business. Photo: Sam Tsang
Opinion
The View
by Jane Moir
The View
by Jane Moir

Hong Kong is ground zero for a scam that the FBI labels a ‘super swindle’

Jane Moir explains how criminals are using deception to target overseas companies that have supplier arrangements in the city

Hong Kong has emerged as the financial lynchpin in an audaciously simple US$3.1 billion scam, which, unchecked, threatens to damage its reputation for fast, efficient and generally trouble-free trade intermediation. The rip-off has all the appearance of “normal business” and masquerades under the cover of the territory’s multi-billion dollar legitimate trade finance business, which is the bread and butter of this economy.

The US Federal Bureau of Investigation was not mincing its words last month when it dubbed it a “super swindle”

The scam typically targets a “victim” company located in the US or Western Europe which has supplier arrangements that are brokered through Hong Kong and involve money cleared through bank accounts here. The victim generally receives an email asking for payment to be made by wire transfer, with a sufficiently plausible cover note that suspicions are not raised, and hence payment is made to the requested bank account in Hong Kong.

When the goods do not show up, suspicions are raised and at this point it becomes clear that the con-artist has interloped as the trusted trade partner. Details of the supplier relationship may have been gleaned from a “hack” of the two parties’ correspondence, however the actual deception generally involves the wire transfer request being made on an email address that is slightly different (maybe just a single letter) from the real trade partner’s regular email. Funds rarely hang around long enough in the scammers account to be traced.

Scammers typically hack into emails and use the information to deceive victims in Western Europe and the US. Photo: Robert Ng

This fraud comes with the nicely sanitised moniker “business email compromise” although the US Federal Bureau of Investigation was not mincing its words last month when it dubbed it a “super swindle” that has so far sucked up US$3.1 billion and counting. The agency cited a 1,300 per cent increase in losses as a result of the scam since January 2015, affecting 100 countries and claiming more than 22,000 victims over the past three years. Since January this year, reports were up by 270 per cent.

More recently the scam has evolved into a harder to detect “masquerade” which often involves an executive at a trading firm having their email hacked; what usually follows is a payment request email being sent to an employee at the victim firm who usually handles such transfers. While funds were fraudulently wired to more than 70 countries, the FBI noted that most were sent to Asian banks within Hong Kong and China.

The simplicity of the scam is that it piggybacks Hong Kong’s role as a huge trade finance booking centre. While a victim company would never respond to a fund-transfer request from say Adeola Ibrahim in Lagos Nigeria, they may not think twice when it comes (apparently) from Prudence Lai, their regular trade agent based in Kwun Tong. As such, Hong Kong’s just-in-time trade management sector is vulnerable to being hijacked.

This is especially the case when its banking system is friendly to those who have an interest in making illicit funds seem to be legitimate. Such funds are likely to be laundered through the city’s normal trade-based channels or spirited across the border. This is a problem for those trying to limit money laundering and in particular the lack of a currency declaration system has fallen foul of Financial Action Task Force (FATF) requirements.

Hong Kong was deemed “non-compliant” back in 2012 given the absence of a process for declaring cross border transactions, including the movement of currency and bearer negotiable instruments such as banknotes, travellers cheques and money orders. In April 2012 Hong Kong proposed a system of requiring inbound passengers to declare up to HK$120,000 at the border. Proposed legislation however failed to attract support from lawmakers and was apparently put back on the shelf. A consultation on the proposal ended in October 2015 but any mention of a time frame from officials to date has been vague.

With Hong Kong due to report back to FAFT possibly next year, this somewhat out-of-step approach to cross-border financial reporting may not sit well with the global money-laundering body. In addition, Beijing increasingly has an interest in regulating such suitcase movements of cash, both from the perspective of macro-prudential financial stability measures and its domestic anti-corruption initiatives which show little sign of abating.

To date Hong Kong has dragged its heels on such measures as they would strike at the heart of what this place does—cynics may call it money laundering, promoters would prefer trade arbitrage. In defence of laissez faire money flows Hong Kong could always claim to be fulfilling a market need and while money laundering may not exactly be a “victimless crime”, the source of the problem was at least in another jurisdiction. That same defense does not hold when a lax approach to cash movement means that Hong Kong is a lynchpin for a global scam whose victims are the very customers who are central to its “legitimate” trade finance economy. Talk about biting the hand that feeds you.

Jane Moir is a Director at FTI Consulting. She was admitted as a barrister in 2012 and previously worked as a journalist

This article appeared in the South China Morning Post print edition as: Ground zero for a scam
Post