Romance fraud, cryptocurrency risks and money laundering in Asia Pacific

The Asia Pacific region has become a hotbed for cyber romance scams. Hong Kong cybercrime alone has risen 565% since 2012. The region’s global financial centers also face increasing concerns about cryptocurrency and blockchain money laundering fueled by North Korean cybercrime.

He said he was an engineer from Britain who wanted to establish a relationship with a wealthy, 66-year-old Hong Kong businesswoman. What he really wanted to do was rip her off. And he did — to the tune of $23 million in four years. He claimed on the online platform Lovestruck that he had financial problems and repeatedly asked the woman for money. She transferred cash to bank accounts in Hong Kong, mainland China, Malaysia, Japan, Taiwan, Britain and Germany — in more than 200 transactions. This lonely-heart case set the record for Hong Kong’s largest romance scam. (See “Online romance scam record for Hong Kong as Wan Chai businesswoman loses US$23 million to ‘British engineer,’ ” by Clifford Lo, South China Morning Post.)

According to the Hong Kong Computer Emergency Response Team, cybercrime cost Hong Kong companies and residents more than $250 million in the first nine months of 2018 (a 565% increase from 2012) with businesses sustaining more than 9,000 attacks (a 55% increase from 2017). The true amount of attacks is likely much higher, which justifies Hong Kong’s presence in a LexisNexis Risk Solutions list of the top five cyberattack destinations. (See “With financial losses of HK$2.2 billion and more than 9,000 cyberattacks so far this year, Hong Kong finds itself a top target of hackers,” by Simone McCarthy, South China Morning Post, Dec. 8, 2018.)

Hong Kong police recorded 8,372 cases of deception in 2018, up 18 percent from 2017. Among the notable increases were cases of social media deception (2,064 cases and a 94 percent increase), online business fraud (2,717 cases and a 36 percent increase), email scams (894 cases and a 29 percent increase). Almost 600 of the social media deception cases consisted of romance scams that cost victims more than $57 million. (See “Overall law and order situation remained stable in 2018,” The Government of the Hong Kong Special Administrative Region, Jan. 29, 2019.)

During a recent interview with Fraud Magazine, Parag Deodhar, CFE, Asia Pacific director for information security at a multinational corporation, described the romance fraud phenomenon. “Romance fraud is one of the major scams prevalent in Hong Kong and Singapore,” Deodhar says. “Scammers target wealthy single women. Similarly, con artists — posing as part-time sex workers — target men.”

Though romance scams are common in Hong Kong and Singapore, they aren’t unique to the region, according to Barry Tong, CFE, advisory partner at Grant Thornton Hong Kong and president of the ACFE Hong Kong chapter.

“These kinds of scams are often cross-border frauds because many of the fraudsters are targeting victims from outside of Hong Kong,” says Tong.

In October 2018, authorities in Hong Kong, Malaysia and Singapore launched a joint operation targeting a romance scam ring that led to the arrests of 52 suspects who allegedly conned more than 140 victims out of $14 million. (See “Hong Kong, Malaysian and Singaporean police bust US$14 million online romance scam ring,” by Clifford Lo, South China Morning Post, Oct. 26, 2018.)

Crypto risks

The Asia Pacific region also faces prevalent risks associated with cryptocurrencies. A cryptocurrency promoter staged a particularly eye-catching stunt in December when he threw thousands of Hong Kong dollars off a rooftop. In an online video, he asked onlookers if they “believe money will fall from the sky” as the bills fluttered from buildings. Within months, Hong Kong police arrested the same man for allegedly selling specialized machines that mined his cryptocurrency, which wasn’t yet tradeable. (See “Hong Kong cryptocurrency promoter thought to be behind money-tossing stunt arrested for fraud over sale of digital coin ‘mining machines,’ ” by Danny Mok, South China Morning Post, March 1.)

In Singapore, authorities charged two company directors for promoting OneCoin, a fraudulent cryptocurrency, by using a multi-level marketing scheme. (See “Two Singaporean company directors charged for promoting ‘fraudulent cryptocurrency,’ OneCoin,” by Ketaki Dixit, AMB Crypto, April 11.)

Security researchers linked attacks on three South Korean cryptocurrency exchanges to the Lazarus group, which is believed to be a collective of hackers sponsored by the Democratic People’s Republic of Korea (North Korea). They used spearphishing attacks with tax-themed lures and then deployed malware linked to previous attacks on financial institutions including the Bangladesh bank heist that I covered in a previous column. (See “Why is North Korea So Interested in Bitcoin?” by Luke McNamara, FireEye, Sept. 11, 2017, and the “Global Fraud Footprint” column, Fraud Magazine, November/December 2018.)

According to a United Nations Security Council panel of experts convened in March, North Korea has amassed more than $670 million through cybercrime by using cryptocurrencies and blockchain technology to launder the proceeds. The panel singled out at least five successful attacks on crypto exchanges in Asia between January 2017 and September 2018, with losses totaling $571 million. (See “North Korea stole cryptocurrency via hacking: UN panel,” by Kaori Yoshida, Nikkei Asian Review, March 8.)

The prospect of North Korea laundering proceeds of crime in the region doesn’t lack precedent. In November 2018, the U.S. Department of Justice (DOJ) filed a civil suit alleging that companies in Hong Kong, Singapore and China helped launder more than $3 million for sanctioned North Korean banks. The Singaporean company involved agreed to forfeit funds to the U.S. government and claimed a Chinese money remitter directed it to send payments to North Korean companies when the Singaporean company sought discounted rates for exchanging currency. (See “U.S. Files Suit to Seize Assets Tied to Alleged North Korean Money Laundering,” by Samuel Rubenfeld, The Wall Street Journal, Nov. 29, 2018.)

“The [North Korean] money launderers in this case chose Hong Kong as the destination probably because it is one of the closest international financial centers for North Korea,” Tong says.

According to the Global Financial Centres Index, Hong Kong, Singapore and Shanghai together are closing in on the top two financial centers, New York City and London, rounding out the index’s top five while making it 60 percent Asian. (See “The Global Financial Centres Index 24,” Z/Yen, China Development Institute, September 2018.)

In January 2018, well before the UN panel met or the DOJ civil suit, U.S. Treasury officials warned Hong Kong that it needed to do more to combat North Korean smuggling and money laundering, including strengthening company formation and registration rules. (See “US official warns Hong Kong over North Korea smuggling, money laundering,” by Joshua Berlinger, CNN, Jan. 25, 2018.)

“The Hong Kong Monetary Authority (HKMA) has been amending the anti-money laundering/counter-terrorism financing regime and guidelines to tackle the changing trends of money laundering,” Tong says. Their efforts include incorporating updates to government statutes.

“For example, the Anti-Money Laundering Ordinance (AMLO) extended the due diligence and record-keeping requirements of financial institutions to designated non-financial businesses and professions (DNFBPs) in March 2018,” says Tong. “We also notice that the SFC has been launching more investigation cases in 2017 and 2018 than in 2016 and before.”

More recently, a London-based think tank issued a report pointing out Southeast Asia’s vulnerability to North Korea’s sanction-evading activities, including those enabled by cryptocurrencies, because of North Korea’s proximity and the availability of sophisticated trade and finance infrastructure, plus the wide variations in the nature and scope of regulation from country to country. (See “Closing the Crypto Gap,” by David Carlisle and Kayla Izenman, Royal United Services Institute for Defence and Security Studies, April 2019.)

“The governments in Asia have set up task forces,” says Deodhar. “Financial regulators, banks and the police are also doing lot of public awareness campaigns. [Hong Kong] police set up the Anti-Deception Coordination Center (ADCC) and an anti-scam telephone helpline.”

Tong said ADCC’s goal “is to step up combat actions against deception and increase public awareness of various kinds of scams.”

Additionally, the SFC will now oversee cryptocurrency exchanges, traders and other related companies. The SFC also will require investment funds with more than 10% cryptocurrency assets to obtain a license and only allow initial coin offerings for tokens that have fulfilled SFC requirements, such as existence of at least 12 months. (See “Hong Kong to tighten cryptocurrency rules,” by Takeshi Kihara, Nikkei Asian Review, Dec. 17, 2018.)

Authorities also took steps to curb illicit crypto mining by making such operations punishable by up to $500,000 fine or five years in jail. (See “Hong Kong: Illicit Crypto Mining Operations Are Punishable by Fine or Imprisonment,” by Ana Berman, Cointelegraph, April 4.)

A little further to the west, Japan’s Financial Services Agency will require stronger internal oversight from cryptocurrency exchanges on their offline “cold wallets” used to store digital money after restricting use of online “hot wallets” (where virtual currencies are stored on platforms directly connected to the internet) because of a series of security lapses. (See “Japan to require crypto exchanges to bolster internal oversight: source,” by David Dolan and Takahiko Wada, Reuters, April 16.)

Takeaways for fraud examiners

Increases in cybercrime across the Asia Pacific region require fraud examiners to maintain awareness of the threats and schemes so they can help prevent their organizations from becoming victims.

Although regional governments and regulatory agencies are adapting to cryptocurrency risks, fraud examiners should be proactive in understanding and combating these fraud risks rather than waiting for new compliance requirements.

The region is uniquely positioned to face increased risks of North Korean money laundering of cybercrime proceeds with negative repercussions on a global scale awaiting organizations that enable the activity.

Mason Wilder, CFE, is a research specialist with the ACFE. Contact him at mwilder@ACFE.com.