Fraud examiners can untangle the notes of music publishing royalties

The inner workings of the music publishing world might be unfamiliar terrain for fraud examiners, but their investigative skills can be beneficial to the field. The author offers a foundational overview of how music publishing royalties work and where fraud examiners may encounter risks, red flags, and opportunities to add value through audits, investigations and fraud prevention.

In 2024, the U.S. Attorney for the Southern District of New York (SDNY) charged North Carolina musician Michael Smith with a scheme that exploited music-streaming platforms, including Spotify, Apple Music and Amazon Music. Prosecutors say Smith used artificial intelligence (AI) to engineer thousands of fake songs with creative titles like “Zygotic Washstands” and “Zymotechnical” by bogus bands with names like Callous Post, Calorie Screams and Calvinistic Dust. He quickly generated and uploaded a vast catalog of music to the services. Smith then allegedly embedded each track with falsified metadata and distributed them through multiple accounts with digital aggregators. To boost the apparent popularity of the songs, he used bots to stream them millions of times, creating the illusion of real listeners. Smith allegedly concealed the operation by using shell companies and international accounts, structuring payments to evade detection.

According to SDNY, Smith collected more than $10 million in royalty payments over seven years by playing the system, which involved creating thousands of pseudo-streaming accounts (using email addresses he’d bought online) and employing software to play his music on repeat across multiple devices.

The scheme reached a crescendo in mid-2019 when Smith allegedly raked in about $110,000 per month. He expanded his operation to sell his services to other musicians who wanted to amplify their streams. The scheme went undetected for months due to the sheer volume of daily music uploads and inconsistent metadata verification protocols. Investigators later discovered that some tracks had plagiarized public domain works or random AI-generated sounds misclassified as commercial music.

The scheme unraveled when music distribution companies informed Smith that they’d received “multiple reports of streaming abuse,” to which Smith responded: “This is absolutely wrong and crazy! There is absolutely no fraud going on whatsoever! How can I appeal this?” Smith faces serious charges, including wire fraud and money laundering, and a prison sentence of up to 20 years per charge.

Only one person has been convicted of music streaming fraud to date. In March 2024, an unnamed Danish man was found guilty of profiting from artificially generated streams of music to the tune of at least 2 million Danish kroner ($194,331). Originally sentenced to 18 months for data fraud and copyright infringement, the man released edited versions of Danish artists’ music under his own name. Earlier this year, the Western High Court of Denmark increased his sentence to 24 months, citing “evidence of extensive fraud” that amounted to at least 3.5 million Danish kroner ($340,079).

Fraud in the music industry might not be a typical focus area for fraud examiners, but the financial misreporting, royalty diversion and contract manipulation that often occur in the industry share many characteristics with traditional fraud schemes. The music industry is more than just a cultural force — it’s a data-driven industry with billions of dollars in royalties exchanged across borders and platforms. This column provides an educational foundation for fraud examiners working with artists, publishers or entertainment businesses and highlights key risk areas where fraud can flourish.

The industry fights back

Global recorded music revenues reached $29.6 billion in 2024, according to IFPI’s Global Music Report 2025. Streaming accounts for a large portion of that growth, exceeding $20 billion for the first time last year. But fraudsters skim 10% from streaming revenues, diverting approximately $2 billion per year from royalties that should go to artists, according to data tracking firm Beatdapp Software.

Frustrated with what they describe as ineffective efforts to combat streaming fraud — encompassing bots, streaming click farms and imposters — stakeholders across the music industry formed the Music Fights Fraud Alliance in 2023. The alliance strives to create a fairer, more transparent digital music economy and counts influential rights holders (music creators, artists, labels, publishers), platforms and distributors among its membership. The alliance has formed four task forces focused on streaming fraud detection, prevention and mitigation, as well as enforcement. Among its initiatives, the Music Fights Fraud Alliance provides greater cross-platform collaboration and data sharing by coordinating with the National Cyber-Forensics and Training Alliance (NCFTA), a nonprofit partnership among private organizations, government and academia. NCFTA aims to provide a neutral environment for the identification, mitigation and disruption of cybercrime.

As more artists, songwriters and entertainment entities seek financial accountability, demand for fraud examiners with industry-specific knowledge has grown. Fraud examiners who are familiar with the music industry’s unique financial structures and royalty distribution systems can investigate and uncover fraud, develop and implement robust anti-fraud strategies, and collaborate with industry stakeholders.

Rights, royalties and roles

Music publishing involves the ownership and licensing of the song’s composition, lyrics and melody, but not the sound recording itself. Songwriters (and often their publishers) hold rights to that intellectual property, entitling them to royalties whenever the song is used commercially. The three most common types of royalties are:

• Performance royalties: paid when songs are played on the radio, TV, streaming platforms or at live events.
• Mechanical royalties: paid to the songwriter and publisher when the composition is reproduced physically (CDs or vinyl records) or digitally (downloads or on-demand streaming).
• Synchronization royalties: generated when songs are licensed for use in film, TV, commercials or video games. For example, artist Kate Bush’s 1985 hit “Running Up That Hill (A Deal With God)” experienced a rebirth in popularity after she signed a synchronization royalty deal to license the song for the Netflix series “Stranger Things.” Bush wrote, composed and produced the song and owns the economic rights to it. The lucrative deal earned her $3.16 million in streaming royalties nearly 40 years after the song’s original release.

Each royalty stream flows through different intermediaries, including performing rights organizations (PROs), digital service providers (DSPs), music labels, aggregators and international collection societies before reaching the rights holder. A lack of centralized reporting and consistent standards across these players makes the system especially vulnerable to fraud, errors and omissions. Global collections add an extra layer of complexity. Not all countries have transparent or timely royalty distribution systems, making audits involving international works challenging.

Where fraud hides

One common source of fraud in music publishing involves underreporting or delaying royalty payments by intermediaries (DSPs, PROs, international collection societies). This may stem from vague contract terms, inconsistent accounting practices or inadequate systems for tracking song usage. Some publishers may lack the infrastructure to monitor global usage, leading to misreporting.

Undisclosed side agreements are another area of concern. Payments may be rerouted through third-party entities tied to insiders, diverting money without the rights holders’ knowledge. Rerouted payments usually happen when the intermediaries in the royalty chain (DSPs, PROs, international collection societies) are directed (via undisclosed side agreements) to send royalties to third-party entities connected to insiders instead of directly to the rights holder. The payments technically flow through legitimate channels, but the destination is manipulated, complicating the rights holder’s ability to detect the diversion.

Fraudulent claims of authorship or ownership are also common, particularly on digital platforms where song metadata is incomplete or intentionally altered. In an elaborate four-year music ownership scheme, Jose “Chenel” Medina Teran and Webster Batista made $23 million by stealing music royalties from artists who uploaded their work to YouTube. The two men purloined millions of dollars from Latin music artists, including Daddy Yankee and Julio Iglesias between 2017 and 2021. Medina Teran and Batista created a company called MediaMuv, which claimed to own 50,000 copyrights. The men used their fraudulent company and fake documents to partner with AdRev, a company that provided MediaMuv with direct access to YouTube’s content management system and content identification tools. They used this access to claim copyrights for music they didn’t own. Following an IRS investigation, Medina Teran pleaded guilty to conspiracy, wire fraud and money laundering in 2023. He was sentenced to 70 months in prison for his role in what the U.S. Department of Justice called “one of the largest music-royalty frauds ever perpetrated.” Batista pleaded guilty to one count of conspiracy and one count of wire fraud in 2022. He agreed to forfeit his property in Phoenix, Arizona, a 2017 Tesla X 100D, a 2014 BMW i8 and nearly $1 million seized from bank accounts. He also agreed to pay victims up to $25 million in restitution.

Fraudulent actors within the royalty chain (insiders at intermediaries, bad-faith business partners or individuals making false ownership claims) have used shell companies, offshore accounts and forged copyright assignments to launder or conceal royalty income. Because royalty payments often span multiple jurisdictions and currencies, tracing the full money trail requires careful fraud examination work.

Signs of trouble

Although not all royalty discrepancies stem from fraud, there are a few common red flags to know:

• Large, unexplained fluctuations in royalty payments may point to problems with reporting accuracy or intentional misallocation.
• Incomplete or missing contracts, especially those that lack clear audit clauses, can limit transparency and make it difficult for fraud examiners to determine fair distribution of royalties.
• Frequent or sudden changes in ownership or rights assignments, particularly to obscure entities, can indicate attempts to reroute income.
• Royalties paid to shell entities with no visible operational role also merit closer scrutiny.

An often overlooked red flag is metadata inconsistencies. Missing song identifiers such as International Standard Recording Code (ISRC) and International Standard Musical Work Code (ISWC) may result in lost income to legitimate rights holders or misdirected payments. ISRC is “a unique and permanent identifier for a specific recording, independent of the format on which it appears (CD, download, stream, etc.) or the rights owners involved.” ISWC is a “unique, permanent and internationally recognized reference number used to identify musical works.” 

Multiple red flags emerged in the Smith case, including an unusually high volume of uploads, metadata that didn’t align with any real-world artists and streaming activity originating from patterns consistent with bot networks. In some cases, the same devices or IP ranges (a contiguous set of IP addresses grouped together for various purposes) were responsible for thousands of daily plays. These anomalies went undetected for months due to the lack of strong controls in how platforms validate metadata and monitor traffic behavior.

Fraud examiners reviewing royalty statements (documents containing information about usage, earnings and payment), platform logs or contracts should look for trends or discrepancies that don’t match an artist’s historical performance or contractual expectations. A single data point may not raise concerns, but patterns of unusual activity should prompt a deeper investigation.

Investigations and internal controls

Anti-fraud professionals can provide enormous value in combatting royalty fraud by applying their investigative skills and expertise in internal controls. For example, fraud examiners can review artist and publishing agreements to verify that royalty splits (agreed-upon distribution of earnings from a song or recording among its collaborators) are accurate, licensing scopes are defined and audit rights are enforceable. These reviews should be paired with royalty reconciliation, comparing statements issued by platforms, PROs and collection societies with usage data.

A crucial area of inquiry is the chain of rights. Rights may change hands multiple times through acquisitions, catalog transfers or side agreements, and fraud examiners should trace the progression of ownership to ensure royalties are reaching the correct parties. Metadata auditing is also key. Verifying ISRC, ISWC and songwriter registration identifiers across multiple systems helps ensure accurate royalty attribution by song and contributor.

Internally, companies should establish protocols for metadata quality control, define roles responsible for updating ownership data, and ensure that royalty statements include sufficient backup detail to support reconciliation and audits. Technology continues to evolve, with some organizations exploring blockchain- and AI-powered tools to verify ownership and automate royalty distributions. Although these solutions show promise, widespread adoption is a work in progress. In the meantime, fraud examiners’ investigation skills are in demand.

Fraud examiners may advise clients to include contract clauses that allow for periodic third-party audits, set standards for reporting timelines and define dispute resolution mechanisms. Having these measures in place reduces risk and improves transparency, protecting the rights of creators and the credibility of publishers and platforms alike.

Building fraud awareness in a creative industry

The music publishing world may seem far removed from traditional fraud landscapes, but its structure and growing revenues make it an increasingly relevant domain for financial scrutiny. As licensing becomes more global and streaming continues to dominate, fraud risks tied to data manipulation and digital exploitation will likely increase. So too does the need for examiners who can read a royalty statement as confidently as a bank ledger.

The Smith case highlights just how sophisticated these schemes can be, especially when fueled by AI and executed across multiple jurisdictions. Fraud examiners face the challenge and opportunity to apply foundational fraud detection techniques to a rapidly evolving creative economy. Music is art, but it’s also a business. Where there’s money, there’s risk. Fraud examiners who step into this industry can help ensure that financial creativity never overshadows artistic integrity.

Bilarys Ramírez-Pizarro, CFE, is comptroller at Rimas Publishing and a professor at AGM University in Florida. Contact her at bilarysramirez@yahoo.com.