The fraud generally entails the impersonator contacting the company's accounting department masquerading as an executive from the company or parent company.
We have received reports of cases in which trusted business partners were impersonated by name (e.g. legal counsel, notaries, statutory auditors, accountants, advisors, etc.).
Contact may be made by email (with a convincing but false e-mail address for the person or company being imitated), or more often by phone, with the impersonator perfectly imitating the executive's voice.
Evoking a highly confidential current operation, the impersonator requests an urgent transfer of funds to a foreign country. Due to the urgency and persuasiveness of the impersonator, the accountant obeys and makes the transfer. The transfers are usually made manually, with the accountant faxing documents bearing the executive's forged signature to the bank.
Although they do not comply with companies' usual payment procedures (generally via secure e-payment platforms provided by banks), manual transfers are still an alternative means of payment and most companies still use them from time to time, in an emergency and/or for flexibility.
This type of fraud is the work of highly efficient criminal organisations that prepare their operations carefully. They have extensive knowledge of the companies targeted (key people in the organisation, latest financial developments and ongoing operations) and are highly persuasive with the people they contact. They do not hesitate to use all means of manipulation to justify the strict confidentiality surrounding the transaction and the urgency for the transfers, often placing responsibility for the transaction failing on the accountant.
To prevent this type of fraud, all accounting and treasury staff should be repeatedly informed of the upsurge in fraud attacks. Chief accountants and treasurers are primary targets, so it is important to ensure that internal alerts and warnings are disseminated throughout the company to all accounting and financial staff and not only to key management personnel. The number of fraud attempts rises sharply during the school holidays.
Note that no individual within KPMG would ever contact your staff to request a transfer of funds on any grounds.
Accounting and financial staff should also be reminded of the need to strictly comply with usual payment procedures, and not to respond to any written or phone requests with instructions to make urgent transfers that are not in line with usual company procedure, even when they appear to come directly from Management. Such requests should be escalated to Management immediately.
Companies should also ensure that internal control procedures for bank transfers, including manual transfers, are sufficiently secure and robust to prevent and detect such attempts.
Please do not hesitate to contact us for further information by email : FR-FM-Information@kpmg.fr