The Billion Dollar Risk

How big is a big telecoms fraud? You may reasonably point out that ‘big’ is relative to the size of the company but for the sake of discussion, let’s say the question relates to the whole industry. So, how big is big? I’m thinking in round numbers here, but I’d say $1m is big, but not exceptional. $10m is big and $100m is exceptional, almost unique. So how do you feel about a $1 billion telecoms fraud? Would you say it’s incredible?

I agree. I can’t think of any fraud which has come anywhere near that, yet telecoms players are continuing to take hits of that scale because they’ve been charged with bribery and corruption. And whilst it may be tempting to characterise bribery as the action of cowboy operators or something confined to developing markets, it’s just not true.

Siemens

In 2008, the New York Times reported that Siemens had agreed to pay fines totalling USD 1.6 billion to US and European authorities to settle charges that it routinely used bribes to secure contracts around the world. Beginning in the mid-1990s, Siemens established slush funds to pay bribes and kickbacks to foreign officials for securing government contracts for projects like a national identity card project in Argentina, a nationwide cellphone network in Bangladesh and a United Nations oil-for-food program in Iraq under Saddam Hussein. Whilst Siemens admitted violating the Foreign Corrupt Practices Act (FCPA), it avoided either a guilty plea or a conviction for bribery, allowing it to maintain its “responsible contractor” status without which it could have been excluded from public procurement contracts.

Deutsche Telekom

In December 2011, the US Department of Justice (DoJ) announced that parallel enforcement actions by the DoJ and the U.S. Securities and Exchange Commission (SEC) had resulted in Magyar Telekom and Deutsche Telekom paying penalties of more than USD 95 million to resolve investigations under FCPA. According to court documents, Magyar Telekom executives established a number of sham contracts to pay EUR 4.875mn (USD 6mn) to entities owned and controlled by a Greek intermediary, knowing or believing that all or part of that money would be passed on to Macedonian officials. The transactions were recorded in Magyar Telekom’s books and Deutsche Telekom, which owned approximately 60 percent of Magyar Telekom, reported the results of Magyar Telekom’s operations in its consolidated financial statements.

VimpelCom

In February 2016, the SEC announced a global settlement along with the DoJ and Dutch regulators which committed VimpelCom to paying more than USD 795 million to resolve FCPA violations during its efforts to win business in Uzbekistan. The SEC said that VimpelCom had paid over USD 100 million to an official with significant influence over top leaders of the Uzbek government. The bribes, hidden through sham contracts and charitable contributions, meant VimpelCom’s books and records were riddled with inaccuracies.

Telia

Earlier this month, the Wall Street Journal reported that U.S. and Dutch authorities are asking Swedish telecom operator Telia Company AB to pay USD 1.4 billion to settle FCPA allegations that it paid hundreds of millions of dollars in bribes to secure business in Uzbekistan. Telia Chairwoman Marie Ehrling said the company’s entry into Uzbekistan “was done in an unethical and wrongful way, and we are prepared to take full responsibility.” However, she was understandably less enthusiastic about picking up the bill, “our initial reaction to the proposal is that the amount is very high.”

MTS

The case involving MTS (Mobile Telesystems PJSC) is slightly different to those above because there has been no prosecution or settlement so far. However, U.S. prosecutors have said they believe MTS also paid bribes to operate in Uzbekistan. A spokesman for MTS said the company continued to cooperate with the DoJ and SEC in their investigations. I bet they are. I don’t know if MTS violated FCPA but Uzbekistan was clearly a high stakes game and the other players paid $100m to get in and $1 billion to get out – so my money is on the DoJ.

You might wonder why U.S. agencies have overseas jurisdiction? It’s because the shares of Deutsche Telkom, VimpelCom and MTS are all traded on U.S. stock exchanges. Although Telia delisted about 10 years ago, it still has American depositary receipts registered with the SEC.

So what are the lessons from all this?

  1. First of all, it must be recognised that this is not effective risk management; what’s the point of mitigating external fraud risks and then getting poleaxed by something ten times bigger which originates inside your own company?
  2. Realising that the true cost is way more than the $1 billion fine. I know of one multi-national which was fined EUR 600m but calculated the cost of expert lawyers, accountants, advisers, etc. employed in defending the action as a further EUR 725m – yes, that’s more than the fine. And what about the hit to the share price; what does a 15 percent drop do to your cost of borrowing?
  3. It’s not just U.S. listed companies that are affected – you can still come under U.S. jurisdiction if your transactions are in dollars. And many countries are now enacting equivalent anti-bribery legislation, such as the UK Bribery Act.
  4. It’s avoidable! I guarantee that every business which finds itself the subject of an anti-bribery and/or corruption investigation immediately examines its anti-bribery policy and processes (if they exist) and invests in bringing them to the standard they should have been in the first place.

What should be included in policies to prevent bribery and corruption? The chapter headings are pretty ordinary:

  • Tone from the top
  • Risk based approach
  • Appropriate due diligence
  • Communication and training
  • Monitoring and review

Perfect anti-bribery controls don’t exist and no business can prevent bribery at all times. However, organisations which have put procedures in place to prevent bribery aren’t going to have to pay a $1 billion fine.

David Morrow
David Morrow
Dave has 35 years of law enforcement, investigation and fraud management experience including multiple international assignments. He is a recognised telecoms fraud expert and for a number of years chaired the GSMA workgroup responsible for Security & Fraud Risk Assessments.

Starting in HM Customs & Excise, Dave moved from uniformed duties to spend 5 years in Investigation before taking a commercial investigation role with Network Security Management. Amongst other assignments, this included a secondment to help establish the Jamaican Government’s Revenue Protection Division, where he made Jamaica’s largest ever financial recovery.

Following 6 years of commercial investigation, Dave joined Vodafone where, in the early days of mobile, he worked closely with law enforcement; he was one of the few civilians invited onto the Computer Crime Course at Bramshill. Dave’s counter-fraud initiatives saved millions in UK (e.g. £24m p.a. on credit card fraud) and he was seconded to help establish Corporate Security in the company’s largest networks, Turkey and India, and also performed fraud reviews for partner networks including Azerbaijan, Croatia, Libya and Ukraine. Dave now provides fraud management support as an independent consultant.