Monday, August 30, 2010

Undisclosed Stanford Loans Prove Fraud, Examiner Says

Stanford International Bank Ltd.’s $1.7 billion in undisclosed loans to its owner, indicted financier R. Allen Stanford, are proof of the bank’s involvement in fraud, an examiner said in a U.S. court trial in Houston.

“There’s a complete disconnect between what the bank is saying, that it has fully liquid, short-term, fully monetized assets, and the fact a third of these assets are loans to the shareholder,” fraud accountant Mark Berenblut said today.

Berenblut, testifying for a second day in a civil trial over whether Lloyd’s of London Underwriters will have to cover Stanford’s legal defense costs, said there was a gap between the claimed assets and what Stanford International Bank had on hand when regulators seized it.

“That money went somewhere, and very likely to the primary shareholder,” said Berenblut, who was asked to testify by Lloyd’s.

Lloyd’s is arguing that Stanford’s companies’ alleged criminal conduct voids the directors’ and officers’ they bought.

Berenblut said his examination showed two large loan balances on Stanford International Bank’s books -- one for $1.7 billion to Stanford himself and another for $1.8 billion to Stanford-related companies. The examiner testified both items should have been disclosed to investors and were not.

Accounting Entries

Stanford’s lawyers have repeatedly claimed Berenblut is misinterpreting the accounting entries. They say the two loan balances refer to the same money, because Stanford claims he assumed personal responsibility for loans the bank made to the related companies, which then recorded the funds on their balance sheets as capital contributions from Stanford.

“You’re making the assumption that whoever recorded it did it wrongly,” Berenblut said today, when asked about the two balances by Kirk Kennedy, one of Stanford’s lawyers.

Robert S. Bennett, another attorney for Stanford, challenged Berenblut’s testimony that many parts of the bank’s financial records included “fictitious information.”

“Have you seen any direct communications from Allen Stanford to Kuhrt, Lopez, Davis or Holt that you consider to be fictitious information?” Bennett asked, referring to Stanford’s co-defendants.

“No,” Berenblut replied.

Antiguan Bank

Investors bought more than $7 billion in certificates of deposit from the Antiguan bank, which Stanford controlled as sole shareholder until the U.S. Securities and Exchange Commission sued the financier in February 2009, and seized his businesses.

Stanford and three other executives were indicted by a federal grand jury in Houston in June 2009 on charges they had run fraud scheme centered on the certificates of deposit. They pleaded not guilty.

Investors were told the bank’s portfolio consisted of conservative, highly liquid investments that offered above- market returns.

Forensic accountant Alan Westheimer, who was hired by comptroller Mark Kuhrt and chief accountant Gilbert Lopez to examine Stanford’s financial statements, testified today that Berenblut was wrong that there were separate loans outstanding to Allen Stanford and to the related companies.

‘One Basket’

“There’s one basket, not two,” Westheimer said. “And there’s a number of documents that support that conclusion.”

U.S. District Judge Nancy Atlas told the lawyers she was less concerned with the number of loans to Allen Stanford than that the size and nature of them weren’t disclosed.

“It wasn’t consistent with the investment promotional materials for the CDs,” she said.

The Stanford defendants claim they can’t afford to hire defense lawyers without the Lloyd’s proceeds because their assets were frozen by court order when the SEC filed suit.

Lloyd’s last year rejected the executives’ pleas for coverage under the $100 million worth of insurance bought by the business after Stanford Group Cos. Chief Financial Officer James M. Davis pleaded guilty to charges he aided in the scheme.

Atlas today said she would admit into evidence part of Davis’s plea agreement with prosecutors.

”I am really only accepting Davis’s statements against his own conduct,” not what he says about others he claims were involved in the scheme, she said.

The trial, now in its third day, will continue tomorrow.

The case is Laura Pendergest-Holt v. Certain Underwriters at Lloyd’s of London, 4:09-cv-03712, U.S. District Court, Southern District of Texas (Houston).

The criminal case is U.S. v. Stanford, 09-cr-00342, U.S. District Court, Southern District of Texas (Houston). The SEC case is Securities and Exchange Commission v. Stanford International Bank, 09-cv-00298, U.S. District Court, Northern District of Texas (Dallas).

Source: Laurel Brubaker Calkins in Houston at laurel@calkins.us.com & Andrew M. Harris in Chicago at aharris16@bloomberg.net.

Wednesday, August 11, 2010

Medicare's private eyes let fraud cases get cold

By RICARDO ALONSO-ZALDIVAR (AP)

WASHINGTON — They don't seem that interested in hot pursuit. It took private sleuths hired by Medicare an average of six months last year to refer fraud cases to law enforcement.

According to congressional investigators, the exact average was 178 days. By that time, many cases go cold, making it difficult to catch perpetrators, much less recover money for taxpayers.

A recent inspector general report also raised questions about the contractors, who play an important role in Medicare's overall effort to combat fraud.

Out of $835 million in questionable Medicare payments identified by private contractors in 2007, the government was only able to recover some $55 million, or about 7 percent, the report found.

Medicare overpayments — they can be anything from a billing error to a flagrant scam — totaled more than $36 billion in 2009, according to the Obama administration.

President Barack Obama has set a high priority on battling health care fraud and waste, hoping for savings to help pay for the new law covering millions now uninsured.

Medicare's private eyes don't seem to be helping much.

Sen. Charles Grassley, R-Iowa, questions whether taxpayers are getting good value from for-hire fraud busters. His office, which is investigating the contracting program, obtained Medicare data for the last four years on how long it took to refer cases to federal agents.

"Medicare is already a pay-and-chase system when it comes to fraud, waste and abuse," said Grassley. "Providers are paid first, then questioned if there's a problem. Add to that mix contractors who sit on cases of ongoing fraud when they should be referring them to law enforcement, and you have a recipe for disaster."

As ranking Republican on the Senate panel that oversees Medicare, Grassley is trying to find out why it takes the contractors so long, and how much the government is currently paying the companies. In 2005, taxpayers paid them $102 million.

At least seven private companies Medicare calls "Program Safeguard Contractors" are working to detect fraud, part of a program that dates to the late 1990s. They oversee specific areas of jurisdiction, and some have more than one contract with Medicare.

The contractors investigate allegations of wrongdoing, acting as scouts for the government's criminal investigators. And they're also supposed to conduct "proactive" analysis to spot emerging fraud trends. For instance, they can use sophisticated computer models to scan millions of Medicare records for suspicious patterns to identify dishonest providers.

In practice, their performance has been uneven. The contractors have widely different track records. One identified $266 million in overpayments in 2007, while another found just $2.5 million, the Health and Human Services inspector general said in May.

Earlier, the inspector general found gaping differences in the number of new cases the contractors generate for law enforcement. Some had hundreds of cases, while others were in the single digits. Most were doing a poor job at spotting new fraud trends, with "minimal results from proactive data analysis," the inspector general concluded.

The Obama administration says it's aware of the problem and is close to completing a reorganization of the contractors, to consolidate their work, define their jurisdictions more clearly, and help them coordinate better with claims processors and law enforcement.

The private sleuths will now be called "Zone Program Integrity Contractors" — or ZPICs for short.

"By using these new contractors that can review claims across multiple providers and benefit categories, we will be better able to identify cases of waste, fraud or abuse," said Medicare spokesman Peter Ashkenaz. "And, we will be better able to monitor both the ZPICs' overpayment and collection efforts to make sure that they are performing their own oversight responsibilities."

In fairness to the contractors, the low collection rate may not just be their fault. Investigators say that when Medicare notifies a provider about a disputed payment, the fraudulent ones often just close up shop and move on.

Copyright © 2010 The Associated Press. All rights reserved.

Sunday, August 1, 2010

Hack makes ATMs spew out cash



July 30, 2010


A hacker has discovered a way to force ATMs to disgorge their cash by hijacking the computers inside them.

The attacks successfully targeted standalone ATMs, but they could potentially be used against the ATMs operated by mainstream banks.
Criminals have long known that ATMs aren't tamperproof.

There are many types of attacks in use today, ranging from sophisticated to foolhardy: installing fake card readers to steal card numbers, hiding tiny surveillance cameras to capture PIN codes, covering the dispensing slot to intercept money and even hauling the ATMs away with trucks in the hopes of cracking them open later.

Computer hacker Barnaby Jack spent two years tinkering in his Silicon Valley apartment with ATMs he bought online. These were standalone machines, the type seen in front of convenience stores, rather than the ones in bank branches.
His goal was to find ways to take control of ATMs by exploiting weaknesses in the computers that run the machines.

He showed off his results at the Black Hat conference in Las Vegas, an annual gathering devoted to exposing the latest computer-security vulnerabilities.
His attacks have wide implications because they affect multiple types of ATMs and exploit weaknesses in software and security measures that are used throughout the industry.

His talk was one of the conference's most widely anticipated, as it had been pulled a year ago over concerns that fixes for the ATMs would not be in place in time. He used the extra year to craft more dangerous attacks.

Jack, who works as director of security research for Seattle-based IOActive, showed in a theatrical demonstration two ways he can get ATMs to spit out money.

Jack found that the physical keys that came with his machines were the same for all ATMs of that type made by that manufacturer. He figured this out by ordering three ATMs from different manufacturers for a few thousand dollars each. Then he compared the keys he got to pictures of other keys, found on the internet.
He used his key to unlock a compartment in the ATM that had standard USB slots. He then inserted a program he had written into one of them, commanding the ATM to dump its vaults.

Jack also hacked into ATMs by exploiting weaknesses in the way ATM makers communicate with the machines over the internet. Jack said the problem was that outsiders were permitted to bypass the need for a password. He didn't go into much more detail because he said the goal of his talk "isn't to teach everybody how to hack ATMs. It's to raise the issue and have ATM manufacturers be proactive about implementing fixes".

The remote style of attack is more dangerous because an attacker doesn't need to open up the ATMs.

It allows an attacker to gain full control of the ATMs. Besides ordering it to spit out money, attackers can silently harvest account data from anyone who uses the machines. It also affects more than just the standalone ATMs vulnerable to the physical attack; the method could potentially be used against the kinds of ATMs used by mainstream banks.

Jack said he didn't think he'd be able to break the ATMs when he first started probing them.

"My reaction was, 'This is the game-over vulnerability right here,'" he said of the remote hack. "Every ATM I've looked at, I've been able to find a flaw in. It's a scary thing."

Kurt Baumgartner, a senior security researcher with anti-virus software maker Kaspersky Lab, called the demonstration a "thrill" to watch and said it was important to improving the security of machines that can each hold tens of thousands of dollars in cash. However, he said he does not think it will result in widespread attacks because banks don't use the standalone systems and Jack did not release his attack code.

Jack would not identify the ATM makers. He put stickers over the ATM makers' names on the two machines used in his demonstration. But the audience, which burst into applause when he made the machines spit out money, could see from the screen prompts on the ATM that one of the machines was made by Tranax Technologies, based in Hayward, California. Tranax did not respond to email messages from The Associated Press.

Triton Systems, of Long Beach, confirmed that one of its ATMs was used in the demonstration. It said Jack alerted the company to the problems and that Triton now had a software update in place that prevents unauthorised software from running on its ATMs.

Bob Douglas, Triton's vice-president of engineering, said customers could buy ATMs with unique keys but generally do not, preferring to have a master key for cost and convenience.

"Imagine if you have an estate of several thousand ATMs and you want to access 20 or so of them in one day," he wrote in an email to the AP. "It would be a logistical nightmare to have all the right keys at just the right place at just the right time."
Other ATM manufacturers contacted by the AP also did not respond to messages.
Jack said the manufacturers whose machines he studied were deploying software fixes for both vulnerabilities, but added that the prevalence of remote-management software broadly opened up ATMs to hacker attacks.

Source: Sydney Morning Herald

Central Bank of India recruiting Flying Squad Officer

Central Bank of India recruiting Flying Squad Officer