When fraud fighters commit fraud

It might be incomprehensible to think someone entrusted with investigating fraud could be a fraudster. But cases of anti-fraud professionals who’ve committed fraud remind us of the importance of proper oversight during fraud examinations and how “trust but verify” is a maxim for fraud fighters to live by.

During a recent presentation I attended at my organization, I learned about a retired FBI agent, William Roy Stone, who was convicted of stealing $700,000 from a woman he and a coconspirator manipulated into believing she was on “secret probation.” Stone, who was based in Dallas, Texas, used his knowledge of the state’s probation system to extort the woman over an 11-month period by telling her that he’d been assigned to supervise her probation for drug-related crimes. Stone said that she needed to provide him with daily updates and pay him for his “supervisory services.” Stone told her that if she didn’t comply, her children would be taken from her and she’d be sent to prison.

Stone was eventually convicted of five counts of wire fraud, one count of conspiracy to commit wire fraud, engaging in monetary transactions in property derived from unlawful activity and impersonating a federal officer. He was sentenced to more than seven years in prison.

I was shocked by Stone’s scheme and couldn’t believe that someone who’d once worked to protect public safety would abuse public trust. I thought about Dr. Donald Cressey’s Fraud Triangle, which posits that someone is more likely to commit fraud if they are facing some sort of financial pressure, have the opportunity to perpetrate a scheme and are able to rationalize their actions. As an ex-FBI agent, Stone used his knowledge of the criminal justice system and the authority of his (old) position to defraud a woman. He never disclosed to her that he’d retired from the bureau. Stone used his ill-gotten gains to buy a house and cars. His rationalization for defrauding the woman isn’t clear from the information available on his case, but his victim had received a large family inheritance and was recovering from substance use, perhaps making her an easy target to defraud in Stone’s eyes. This case got me thinking about other instances in which investigators might hide behind their positions of trust to perpetrate schemes and what we can do to thwart them.

While we may dismiss people who commit fraud as greedy, selfish and immoral, that line of thinking isn’t sufficient when the perpetrator is someone who should know better. Here, I look at two cases of anti-fraud professionals who committed fraud and the lessons we can learn from them.

The case of the missing bitcoin

On the surface, Paul Chowles was an upstanding citizen. He was a family man and an officer with the U.K.’s National Crime Agency (NCA), and, in 2014, was part of the team that dismantled the darknet marketplace Silk Road 2.0. But Chowles had a secret: He’d been stealing bitcoin on the site he’d assisted in taking down. His secret life as a dark web crypto thief was discovered in 2017.

In 2011, Ross Ulbricht, operating under the pseudonym, “Dread Pirate Roberts,” launched Silk Road 1.0. It operated on the Tor network and provided users with anonymous access to a host of illicit services for sale, including stolen information, drugs and murder for hire. In October 2013, a joint task force with the FBI and Drug Enforcement Administration (DEA) arrested Ulbricht and shut down his operation. The task force seized an estimated 144,000 bitcoins, valued at $28.5 million.

But just a month after Silk Road was dismantled, another darknet marketplace sprouted up in its place. In November 2013, administrators of the original Silk Road, including Thomas White, who used the online handle “Cthulhu,” launched Silk Road 2.0. Operation Onymous, a joint task force between the FBI and NCA, worked to shut it down. One of the officers involved in White’s arrest was Chowles. 

When White was arrested in November 2014, law enforcement agencies seized his laptop and other devices containing 97 bitcoins. Chowles, with his expertise in cryptocurrency and the dark web, was tasked to analyze and extract relevant data and crypto from White’s seized devices. This was his opportunity to perpetrate the scheme for which he’d eventually be arrested and convicted.

According to the Crown Prosecution Service (CPS), in May 2017, 50 bitcoins (valued at approximately $80,000 at the time) disappeared from White’s private wallet. Members of the investigation team first thought White had transferred the cryptocurrency from his account. However, White noticed the bitcoin was missing and alerted NCA that a member of the investigation team had nabbed it, since they were the only ones with access to his wallet key.  

Chowles first tried to hide the theft and source of funds using Bitcoin Fog, a mixing service that could hide the origin of the funds. He then exchanged the bitcoin for British pounds using trading platforms, including Cryptopay. After White’s tip, NCA investigators seized Chowles’ personal devices and notebooks, where they found notes detailing White’s credentials and wallet details. Chowles was ultimately arrested and charged with 15 offenses related to the theft. He pleaded guilty in 2025 to theft, transferring criminal property and concealing criminal property. 

According to CPS, Chowles ultimately stole an estimated GBP 613,147 (about $823,000) and spent GBP 79,884.11 (about $107,000). In July 2025, he was dismissed by the NCA and sentenced to five-and-a-half years in prison.

Chowles’ case underscores why the phrase “trust but verify” is essential to fraud examinations. Here was someone who, by all accounts, was a highly skilled expert. His mastery of a particular field where others lacked knowledge and skills afforded him levels of trust and freedom to undertake his duties with little supervision. Had Chowles been more closely monitored during his work, it’s possible that he wouldn’t have had the opportunity to perpetrate his scheme.

A case of stolen identity

Olabanji Otufale, a former New York City fraud investigator with the Department of Homeless Services, was convicted of stealing people’s identities and committing benefits fraud. Otufale’s job was to verify that people applying for aid were qualified for assistance from the department. He used his access to the department’s database, which contained personally identifiable information (PII) of applicants (i.e., names, medical records, government identification numbers, ethnicities and dates of birth), to steal the identities of people in need.  

Otufale had a coconspirator in Marc Lazarre. Their fraud was simple: Otufale would access information from the department’s database and sell it to Lazarre, who would then fraudulently apply for unemployment benefits from the New York State Department of Labor.

According to court records, in October 2020, Otufale sent a screenshot of the victims’ identification cards containing PII. Lazarre then applied for unemployment benefits from the Department of Labor using this information. The scheme was discovered when one of the victims attempted to apply for unemployment benefits and was notified that they were already receiving benefits.

In 2024, both Otufale and Lazarre were sentenced to 27 months and 30 months of prison, respectively. Otufale identified an opportunity, by virtue of his position, to access information that he could exploit. According to court documents, Otufale and Lazarre funded lavish lifestyles, including the purchase of a luxury car, with the proceeds from their scheme.

Knowledge and access

In both the Chowles and Otufale cases, the perpetrators were ultimately foiled by their victims. In the Chowles case, Thomas White, the subject of the criminal investigation, noticed that bitcoin was missing from his account and immediately alerted authorities that he thought an investigator was behind the theft. In Otufale’s case, the victim, someone in need of public assistance, couldn’t get help because someone else was receiving benefits using their stolen identity. 

The fact is people charged with combating fraud are often perfectly situated to commit it. After all, anti-fraud professionals have the requisite knowledge and training that affords them insight into gaps and weaknesses in the systems in which they work. Chowles was experienced in cryptocurrency investigations, and Otufale had professional access to a database full of potential victims. His coconspirator, Lazarre, was an experienced fraudster with a history of identity thefts. 

Considering the rationalization leg of the Fraud Triangle, it’s possible that both Chowles and Otufale were able to justify their crimes because their victims were on the margins of society. Chowles may have justified his theft from White’s wallet as a form of poetic justice, since White was behind the development of an online marketplace dedicated to selling illegal services. Similarly, Otufale may have rationalized stealing identities from homeless people who he perceived to have little power to fight back. 

Keeping them honest

Based on court documents and news reports, it appears that Chowles and Otufale had little segregation of duties for their work and little supervisory oversight, which provided them with ideal environments in which to execute their schemes. By virtue of their level of experience, supervisors may have assumed that Chowles and Otufale could effectively operate with little oversight. They were trusted to do their jobs. But, as anti-fraud professionals know, trust is not an internal control.

In Chowles’ case, he was the lead in the investigation and took advantage of it. While it’s not clear what, if any, controls were in place during the Silk Road 2.0 investigation, Chowles’ case accentuates the importance of segregation of duties and how one person shouldn’t be in control of every aspect of an investigation. Segregation of duties between the identification, tracing and recording of assets might’ve prevented Chowles from having complete access to White’s wallet and devices, ensuring that others could put a check on his activities. A detailed record of logging attempts on Chowles’ laptop and other devices could have highlighted some of his activities. Similarly, in Otufale’s case, a supervisor’s review of his logins to the system and access of applicants’ folders might have raised alerts about unusual activity. Having appropriate segregation of duties and controls in place, even for lead investigators, could help prevent them from abusing their positions.   

No one is exempt 

The cases in this column underscore the importance of the phrase “trust but verify.” Trust the experts to do their jobs but apply professional skepticism with proper controls to confirm they’re trustworthy. As the Fraud Triangle suggests, anyone can commit fraud if the conditions are right. Being trained to identify and prevent fraud doesn’t mean that one is immune to temptations in the ideal environment. Even the experts need oversight.

Gloria A. Osei-Anokye, CFE, CPA, FCMA, is a forensic and financial crime manager at Deloitte Bermuda. Contact her at gloriaaoanokye@yahoo.com.