The secret finally revealed "7.6" millions of euros: the amount of fraud that record KPMG SA was the victim in 2012

posted by on 2 comments


7.6 million euros is the amount of fraud that KPMG SA record was in 2012 This fraud victim, known as "the President", resulting methods and highly sophisticated technological tools.. It also commits a chain of responsibility that examines the internal control group itself responsible for its implementation at customer sites. Story of an incredible scam.
on the same topic
  KPMG: The below a fraud of € 7.6 million
  KPMG Jean-Luc Decornoy Swiss resident

The case started in May * 2012. BM accounting to management Rhône-Alpes KPMG in charge of supplier payments, receives a phone call from a caller posing as the identity of Jean-Luc Decornoy the CEO KPMG SA. This sum, under the seal of absolute confidentiality and worried after some personal problems she had really tried ... - putting the confidence - to carry out a transfer of € 252,848 needed to the completion of a study of consulting "which must remain completely secret." It emphasizes the inappropriateness of the request, but the persistence of the "big boss" must give way.

An IP address in the United States

The usurper puts her electronic relationship with a certain Marius Kohl - marius.khol @ financier.com, from an IP address that will prove later based in the United States - responsible to hand over the bank details for the transaction. Then he receives a similar to Jean-Luc Decornoy email - the original IP will later isolated in the Czech Republic - the request for official transfer order that he sends and returns blackened BM of strictly identical to the "real" Jean-Luc Decornoy signature.

An English company, Myr Group, located 12 Sherwood Street Piccadilly Circus in London, is expected to receive a transfer issued by the bank KPMG Enterprise Agency Defense BNP Paribas, the benefit of the Canary Wharf branch of Barclays Bank in London.

Transfers between 940 and 996 K

And thus 5 June, 13 days after the dating of the bill, leaving € 252,848 accounts KPMG and match those of an organized criminal group with particularly sophisticated methods. These laborers, mostly issued in the name of "redemption subsidiaries" and WB absolute prohibition, recalled by his so-called CEO, to share with "everyone", repeat 8 times until July 10. The seven invoices issued from 21 June to 10 July and honored are all between 967 350 and 996 641 euros ...

It will take almost trivial internal trade within the finance department and with BM for "case" hatched. The 10th order for transfer of 941 637 euros issued July 11 is blocked in extremis, and the Judicial Police seized this example of "fraud leaders" who begins to emerge in France. A few months later, in December, PY *, then responsible for administrative and accounting management Rhône-Alpes and his subordinate had been alone in the confidence, is dismissed.

Interventions Alain Chamak, director Rhône-Alpes (and chairman of the supervisory board until 2010) to clear himself of any responsibility and considering "inappropriate" eviction of "innocent people" and "scapegoating" trapped in the hierarchical discipline and "guilty" of having scrupulously the descending order, allowed, according to the defense of the company, to demote the grounds for dismissal of "serious" to "simple". The Regional Director also invited BM and PY to see the field a doctor and a psychologist.

An alarming spread

The investigations carried out by the Inter-Directorate of the Judicial Police in Lyon continues. The criminal investigation focuses on the qualifiers of "fraud and attempted organized fraud" and "forgery and use of false" and "identity theft". This scourge, which arose in 2012 in France, spreads and becomes an "extremely worrying" phenomenon observed investigators, is symptomatic of the sprawling and uncontrolled proliferation of new manifestations of cybercrime. Authors "play" of ultratechnologisation tools but also the evaporation became frontiers in this field, virtual, and finally the complexity of investigations induced internationalization of circuits - the investigations would lead mainly to China and especially Israel via binational criminals.

And methods of frightening; both BM and was the ideal professional to proceed directly to transfer, did not appear on any chart available to third parties of the company, heard the speaker talk on the phone on behalf of other employees of financial services at KPMG and even with accuracy, agenda Alain Chamak the first day of the fraud ...

suicide

The Central Office for the Suppression of the large financial crime (OCRGDF) and the Central Office for the fight against crime in the information technology and communication (OCLCIC) are mobilized. In Rhône-Alpes, the cumulative amount of twenty scams actually consumed and subject to procedures tutoierait, according to our information, the EUR 60 million. The implications are not only for financial and economic enterprises for jobs weakened by the extent of losses; they are also human instrumentalized for employees.

Evidence for KPMG, the dismissal of the administrative and accounting manager, and the psychological trauma experienced by BM: a model employee for thirty years, become complicit in spite of herself, and abandoned to its fate by a president who showed no empathy and attention - never after the outbreak of the case it was in contact with the same which it was linked mischievously: Jean-Luc Decornoy. "I felt dirty because it has messed me," she confided to a friend. Another company in the region, the manifestations of this guilt were even more dramatic: an employee committed suicide.

An impregnable fortress

From July 12, 2012, KPMG made ​​the choice of omerta. For several months, only a bunch of leaders then fifty partners will be informed of the existence of fraud. The atomization of the group - compartmentalized by business and fractionated in 217 sites - but also the common interest of shareholders-owners to preserve the image of the company to safeguard their personal interests, promote waterproofing transfer and communication dissemination of information.

Seems impregnable fortress, but the strategy of a public silence padlocked no shortage of rumors ignite or catch in the corporation. No media except Letter A in a short article published December 19, 2013, there will be reference. More surprisingly, in the publication of its annual accounts closed in September 2012, KPMG Associates - the holding company, 80% owned by accountants and auditors and 20% by the descendants of the founding family Galtier, has 98% of the capital of KPMG SA - says "no event having a significant impact on the financial statements is to report." In its report submitted to the Combined General Meeting of 17 December the Supervisory Board of KPMG SA believes his side, "there is no particular comment to make."

Where are the remaining 5.3 million?

The examination of the chain of responsibilities and the underlying questions have, it is true, what harm the reputation of the firm. How the scale of the fraud, that is to say, the concentration, the unbridled acceleration and magnitude of transfers, she was able to escape the vigilance of co-director Bruno Paillard Rhône-Alpes, responsible for supporting accounting function, and especially the CFO of KPMG SA Thierry Lemarquis?

How operators BNP Paribas could they, too, do not ever blink to such transfers, the frequency (28 and 29 June, 2, 5, 9, 10, 11 July), payments (these dates never less than € 940,000 each), and even the objects were so unusual and disproportionate to the firm's activity - their combination corresponds to 1% of annual turnover? How should we interpret the evocation in the management report published for the Combined General Meeting of 17 December 2012, the "occurrence of a loss on an asset 'but the residual impact on the net result is "only" 2.3 million euros; what happened to the 5.3 million remaining? BNP Paribas and, to a lesser extent, Barclays Bank have they "shared" with KPMG financial liability of failure to stow that some carelessness?

ERP involved?

The extreme care that the direction of KPMG devoted successfully to claquemurer "case" and to curb any public disclosure, is due to the singularity of schizophrenic situation: a prestigious law firm, whose billing fees may peak, according an internal source, € 1000 per hour for partners, aims to ensure its customers in the application of a rigorous and transparent internal control of that device (see box at the end) which, with him , proved vulnerable, dysfunctional, opaque or even failing.

Since, moreover, the architecture of internal control - cracked by the simultaneous change of several IT processes and cracked by the fragility of the computer operating system (ERP) may be too hastily deployed and "guilty" of have unraveled from 2011 procedures prevailing hitherto - has been significantly enhanced, including the principle of double signature as centralized at the headquarters of all transfers abroad were adopted.

Two internal documents

More surprisingly, the management sent in 2014 to all staff two documents; a warning on a "d" scams wave the President "which many companies have recently been victims," ​​the other says "management has been informed that scammers posing as KPMG professionals to ask the urgent transmission elements relating to invoices customers "...

Both documents identify the procedures to be followed ... but no reference to the true origin of this communication: the fraud whose own business was a victim. "The case Chamak" appears, ultimately, be the tip of an earthquake whose multiple causes and groundwater and replicas, questioning the ethics, governance event. But the same exercise of accountancy professions or statutory auditors
Unknown

2 commentaires: