Diese Präsentation wurde erfolgreich gemeldet.
Wir verwenden Ihre LinkedIn Profilangaben und Informationen zu Ihren Aktivitäten, um Anzeigen zu personalisieren und Ihnen relevantere Inhalte anzuzeigen. Sie können Ihre Anzeigeneinstellungen jederzeit ändern.
+
Equity Funding of America
Computer Law and Ethics
Michael Heron
+
Introduction
 Crime – crime never changes.
 To paraphrase the opening sequence to the Fallout games.
 While computers...
+
Waves of Computer Crime
 1960s
 Hacking began as exploration and problem solving.
 Specialised fraud
 Blackmail
 19...
+
Waves of Computer Crime
 1980s
 Software piracy
 Copyright violations
 Viruses
 More phreaking
 Commercialisation ...
+
Waves of Computer Crime
 2000s
 Automated hacking
 Desktop forgery
 International industrial espionage
 Transnation...
+
Early types of computer crimes -
Damage
 Root access to a computer offers large scale access to the underlying
system.
...
+
Blackmail
 Value of data often more than the value of computers.
 And the software on which they run.
 Blackmail with...
+
Fraud
 Small scale fraud commonly involves very specific, very
personal adjustments to computer code.
 Slicing fractio...
+
Equity Funding Corporation of
America
 The Equity Funding Company of America (EFCA) was
responsible for one of the larg...
+
Equity Funding Corporation
 The company took out life insurance policies which paid out if a
person died.
 The premium...
+
Equity Funding Company
Mutual Fund
Life Insurance
Loan
PaymentonDeath
AnnualPremiums
Borrowagainststock
Investment
Value...
+
So far, so good
 The company started to expand by taking over new companies.
 And they had a huge sales force.
 The a...
+
But then…
 A problem with their mainframe meant they couldn’t extract
yearly revenue details for 1964.
 Oh no.
 The a...
+
Escalation
 Now he needed to find real money to back up those ‘sales’
 In order to pass the audit required by the Secu...
+
Escalation
 So
 The company created fake insurance policies.
 They then sold these faked policies as legitimate polic...
+
Enter the Mainframe
 Making up fake accounts had become too time consuming.
 Time to introduce a computer.
 At the ti...
+
Scale of the Crime
 This automation led to EFCA having $425M of life insurance
policies on their books in 1968.
 With ...
+
Whistleblowers
 It eventually came to light after an ex-employee blew the
whistle.
 Ronal Secrist.
 Securities analys...
+
Crime and Punishment
 Goldblum and 18 others pleaded guilty to taking part in the
fraud.
 Three others were convicted ...
+
Fooling the Auditors
 One night, an auditor left an unlocked briefcase.
 An EFCA executive, in full sight of others, o...
+
Why Did Nobody Notice?
 Auditor responsibilities fell to the State Audit Office.
 Responsible for identifying if busin...
+
Auditing Around a Company
Equity Funding Corporation
of America
INPUTSOUTPUTS
examine
examine
AUDITORS
+ Auditing Through a Company
Equity Funding Corporation
of America
INPUTSOUTPUTS
examine
examine
examine
AUDITORS
+
Why did it happen?
 Unchecked greed and territorialism of managers.
 A lack of ethics and professional standards among...
+
Why did it happen?
 The fraud was a massive scheme.
 Concocted by management.
 Supported by dozens of employees.
 Ea...
+
Auditors
 The auditors compromised their professional independence during
the investigations.
 One was earning $130k t...
+
Class Exercise
 In groups of 3-4
 Imagine yourself in a similar kind of company in the modern day.
 How would you use...
+
Conclusion
 This is not a new or especially novel crime.
 It was in no way sophisticated, or only possible because of
...
Nächste SlideShare
Wird geladen in …5
×

ETHICS03 - Equity Funding Scandal - Case Study

3.061 Aufrufe

Veröffentlicht am

An overview of an equity funding scandal from the early days of computing,

Veröffentlicht in: Bildung, Wirtschaft & Finanzen, Business
  • Als Erste(r) kommentieren

ETHICS03 - Equity Funding Scandal - Case Study

  1. 1. + Equity Funding of America Computer Law and Ethics Michael Heron
  2. 2. + Introduction  Crime – crime never changes.  To paraphrase the opening sequence to the Fallout games.  While computers have enabled an awful lot of crime, very little of it is truly new.  People trespassed before computers.  People made illegal copies of things before computers.  Even things like ‘rights management’ were in place long ago.  Map makers used to include identifying ‘mistakes’ to help police copyright infringement.  What computers have mostly done is increase the scope and scale of crime.
  3. 3. + Waves of Computer Crime  1960s  Hacking began as exploration and problem solving.  Specialised fraud  Blackmail  1970S  Privacy violations  Salami slicing  Phone phreaking  Distribution of illegal materials.
  4. 4. + Waves of Computer Crime  1980s  Software piracy  Copyright violations  Viruses  More phreaking  Commercialisation of illicit material distribution  1990s  IP spoofing  FTP abuse  Phantom nodes  Protocol flaws
  5. 5. + Waves of Computer Crime  2000s  Automated hacking  Desktop forgery  International industrial espionage  Transnational organised crime  Terrorism  2010s  ???  As computers evolve, so too does the sophistication of crimes committed.
  6. 6. + Early types of computer crimes - Damage  Root access to a computer offers large scale access to the underlying system.  Who watches the watchers?  Real risk when employees are terminated.  Hard to keep an angry sysadmin in line.  One of the reasons why IT employees are often escorted from the premises as soon as they are dismissed.  Limits the danger of retaliation.  But doesn’t eliminate it entirely.  Systems can be highly tailored.  Systems can be full of valuable data.  Some types of computer damage cannot be repaired.
  7. 7. + Blackmail  Value of data often more than the value of computers.  And the software on which they run.  Blackmail with computers often involves holding data ransom.  For example, one of the programmers working on Concorde demanded £250,000 for the backups of the test data he destroyed.  Data can be costly or impossible to replace.  Nothing new in the crime, only new in the details.  And the ease with which it can be done.
  8. 8. + Fraud  Small scale fraud commonly involves very specific, very personal adjustments to computer code.  Slicing fractions of pennies off of thousands of transactions and siphoning them off into another account.  A programmer coding an accounting system that ignores withdrawals on a specific set of accounts.  A programmer writing a program that scans for ‘dead’ accounts and then transfers the money elsewhere.  Losses usually too small for a large company to worry about.  Most banks have a threshold at which they say ‘We expect to lose this amount to fraud every year’  Too costly for zero tolerance.
  9. 9. + Equity Funding Corporation of America  The Equity Funding Company of America (EFCA) was responsible for one of the largest corporate frauds in American History.  Something like an Enron of the 1970s  Dramatized in the BBC Horizon programme ‘the billion dollar bubble’  Functioned through investing in mutual funds.  Put money in a mutual fund.  A collective pot of money produced by investors clubbing together.  This pot is then invested in a portfolio of stock managed by a mutual fund company.
  10. 10. + Equity Funding Corporation  The company took out life insurance policies which paid out if a person died.  The premiums for this are paid annually.  The company borrowed against the mutual fund to pay the annual premiums.  After ten years, the fund ‘matures’ and gives out the accumulated incresed value.  This is used to pay back the loans that were taken out against the fund.
  11. 11. + Equity Funding Company Mutual Fund Life Insurance Loan PaymentonDeath AnnualPremiums Borrowagainststock Investment Value after 10 yearsPROFIT
  12. 12. + So far, so good  The company started to expand by taking over new companies.  And they had a huge sales force.  The acquisitions cost lots of money.  Which were funded largely through Equity Funding’s stock price.  New companies were bought with stock in EFCA  To keep the value up, generating yearly earnings growth was important.  This would allow for more acquisitions and more wealth.
  13. 13. + But then…  A problem with their mainframe meant they couldn’t extract yearly revenue details for 1964.  Oh no.  The annual report was not going to be ready on time.  During the delay, the company co-founded (Stanley Goldblum) came up with an idea to use a creative accounting method to ‘temporarily’ increase sales figures.  He directed the company CFO to make fictitious ‘advance’ entries with regards to income.  Essentially saying ‘Here’s money we’ll be getting in the future, now’
  14. 14. + Escalation  Now he needed to find real money to back up those ‘sales’  In order to pass the audit required by the Securities and Exchange Commission.  Then came the idea…  Let’s take out real insurance policies on fictional people.  Originally done by a handful of trusted employees doing overtime.  The process worked through the value of ‘reinsurance’  A company sells a portion of its policies to another company.  This creates instant cash flow.  It also mitigates against future catastrophes.
  15. 15. + Escalation  So  The company created fake insurance policies.  They then sold these faked policies as legitimate policies to insurance companies.  They then used the income to pay a portion of the fake policies premiums.  Making the sales seem credible to the auditors.  This created cash flow out of nowhere.  And also hugely jacked up the stock price for the EFCA  As of yet, this isn’t a computer crime.
  16. 16. + Enter the Mainframe  Making up fake accounts had become too time consuming.  Time to introduce a computer.  At the time, auditors couldn’t audit computer systems.  Too specialised.  No auditing meant that program code never went examined.  This meant that the computer could be used to streamline the process of defrauding the reinsurance companies.  Goldblum paid a programmer to write a program that created fake policies.  Access to the program was restricted based on a secret password.
  17. 17. + Scale of the Crime  This automation led to EFCA having $425M of life insurance policies on their books in 1968.  With $100M in mutual funds sold.  From 1969 to 1973:  64k faked accounts were created.  Reported revenues of $1.8B  Every so often, a few policies would be ‘killed off’  Brining that money in from the reinsurers.  Plans were afoot to automate even that.  Killing off fake policy holders at a statistically appropriate rate.
  18. 18. + Whistleblowers  It eventually came to light after an ex-employee blew the whistle.  Ronal Secrist.  Securities analysts Ray Dirks also came forward with evidence.  And was later rewarded with insider trading charges being filed against him.  He was eventually acquitted by the Supreme Court.  Fraud was unsustainable.  Eventually they would have had to be insuring the whole country.
  19. 19. + Crime and Punishment  Goldblum and 18 others pleaded guilty to taking part in the fraud.  Three others were convicted in a 1975 trial.  Goldblum served jail time for his part in the fraud.  He never learned his lesson.  At the age of 72, he was arrested for submitting false information to obtain a $150k loan.  Crime remains one of the most significant in terms of scale.  Computers serve a role in managing scale.
  20. 20. + Fooling the Auditors  One night, an auditor left an unlocked briefcase.  An EFCA executive, in full sight of others, opened the case and got access to the confidential audit plan.  This allowed EFCA to have plans in place to deal with audit requests.  One auditor wished to send out policy confirmations to a sample of policyholders.  ECFA did the clerical work for the auditor.  Letters were instead addressed to branch managers and agents of ECFA, who filled out the information for the fictional policyholders.
  21. 21. + Why Did Nobody Notice?  Auditor responsibilities fell to the State Audit Office.  Responsible for identifying if businesses are acting according to the law.  Auditors responsible for checking inputs and outputs.  Sales of insurance policies  Money coming in  Reported earnings  However, auditors couldn’t audit everything.  Accountants did not have the specialised knowledge required to audit systems.  IBM protected proprietary secrets, and were the ones producing the mainframes used to perpetuate the fraud.
  22. 22. + Auditing Around a Company Equity Funding Corporation of America INPUTSOUTPUTS examine examine AUDITORS
  23. 23. + Auditing Through a Company Equity Funding Corporation of America INPUTSOUTPUTS examine examine examine AUDITORS
  24. 24. + Why did it happen?  Unchecked greed and territorialism of managers.  A lack of ethics and professional standards amongst management and involved employees.  The philosophy of the management.  The independence of the auditors and their inability to audit computer systems.  Lack of effective oversight by the auditors.  Letting the company do some of the work? Come on, guys.
  25. 25. + Why did it happen?  The fraud was a massive scheme.  Concocted by management.  Supported by dozens of employees.  Each of which knew or suspected that something was going on.  Why did no-one report until so late into the scandal?  The management were intent at becoming a huge conglomerate at all costs.  Without worrying about the risks of these activities.  Rampant territorialism drove much of the acquisitions.
  26. 26. + Auditors  The auditors compromised their professional independence during the investigations.  One was earning $130k to $150k, because they were contracted by EFCA and were the largest quiet.  A second auditor was given shares in the funding, which he kept under his wife’s former name until they were cashed in 1967.  Another auditor received a loan of $2,000 from the company.  All three auditors were later found guilty of fraudulent activities.  Some auditors were at least partially complicit in the incident.  Allowing for the company to take a direct hand in auditing violated accountability.
  27. 27. + Class Exercise  In groups of 3-4  Imagine yourself in a similar kind of company in the modern day.  How would you use computers to perpetuate economic fraud?  Outline a company structure, significant individuals who would be involves, risks and points of weakness.  You’ll get some time to come up with this plan, and then:  Swap your plans with another group  Try to identify how you’d effectively audit their system.  Identify skillsets needed  Identify weakness in your auditing.  Identify ‘human factors’
  28. 28. + Conclusion  This is not a new or especially novel crime.  It was in no way sophisticated, or only possible because of computers.  There was no grand plan behind it all.  And no escape route – escalation was mandatory because of the pyramidal nature of the acquisitions.  Crimes committed nowadays are usually far more organised and significant.  We have a better idea of what people might do and how we should counter it as a society.  That doesn’t mean that fraud is dead, of course.

×