With the UN’s Intergovernmental Panel on Climate Change (IPCC) sounding a “code red” alarm on the future of humanity, the topic of environmental, social and corporate governance (ESG) is more current than ever.

Various surveys have demonstrated that consumers want companies to incorporate ESG practices and studies link higher ESG scores with lower cost of capital. Investors are also hopping on the train, as shareholder resolutions pushing for increased ESG efforts reached a record high in 2021. What’s more, the COVID pandemic has accelerated ESG adoption as global conglomerates, such as Carrier, start linking their ESG goals to executive compensation packages. All in all, a commitment to ESG appears to be a no-brainer for any company looking to improve its image and sales.

But committed as companies may be, they rarely operate in a vacuum. An ESG push that doesn’t ripple through the supply chain can hurt a company more than it helps it, especially if accusations of greenwashing or human rights violations ever surface. Corporations worldwide are suffering the consequences of not keeping a close eye on the practices of their suppliers. Fashion brand Boohoo is just one example, as it faces renewed backlash over the actions of its suppliers.

“Companies are more aware that the greater risk comes not from their T1 suppliers, but from their sub-tiers (…) when a brand gets boycotted because of forced labor in a factory thousands of miles away, for example, it’s their product and their company that gets hurt,” Nancy Clinton from SupplyShift writes in a piece for SpendMatters.com.

And while investors and customers alike are reacting with their wallets, governments are starting to act against greenwashing as well – with UK regulators “homing in on green claims made for consumer products,” as outlined in the Financial Times. The Oxford Business Group even argues for the introduction of universal ESG standards as “the absence of a globally recognised ESG reporting system has led to accusations that companies can easily misrepresent their sustainability performance.”

And the efforts don’t just stop with greenwashing. A report by the European Commission on due diligence requirements through the supply chain revealed that “just over one-third of business respondents indicated that their companies undertake due diligence which takes into account all human rights and environmental impacts, and a further one-third undertake due diligence limited to certain areas. However, the majority of business respondents which are undertaking due diligence include first tier suppliers only.” This is notable, as the sub-tier suppliers are often where the ESG issues occur, as pointed out by Clinton.

One way to mitigate those risks is to establish ESG due diligence processes that cover the sub-tiers and EU authorities are waking up to that. In March, the European Parliament adopted a legislative initiative report, calling for EU-wide rules that would “oblige companies to identify, address and remedy aspects of their value chain (all operations, direct or indirect business relations, investment chains) that could or do infringe on human rights (including social, trade union and labour rights), the environment (contributing to climate change or deforestation, for example) and good governance (such as corruption and bribery).” Once adopted, these rules would apply to all companies operating on the EU internal market, even if they are established outside of the Union.

On July 12, 2021, the EU followed up with practical guidance for companies on how to “implement effective human rights due diligence practices to address the risk of forced labour in their supply chains.” Here’s a glimpse at the six-step due-diligence framework, as proposed by the EU:

1. Embed responsible business conduct into the company’s policies and management systems
2. Identify and assess actual or potential adverse impacts in the company’s operations, supply chains and business relationships
3. Cease, prevent and mitigate adverse impacts
4. Track implementation and results
5. Communicate how impacts are addressed
6. Provide for or cooperate in remediation when appropriate

In light of all that, regulatory risk related to ESG is now ranked second in Gartner, Inc.’s latest Emerging Risks Monitor Report. And while the Centre for the Promotion of Imports from developing countries (CBI), estimates that the new EU rules likely won’t start coming into effect before 2023, companies shouldn’t drag their feet on setting up an accountability system. In fact, some EU members have already introduced such requirements, or are about to do so very soon. In 2017, France adopted legislation requiring multinational companies to prevent human rights abuses through due diligence on their supply chains. And Germany has just followed suit, with regulation that will come into effect as of January 01, 2023.

If the code red alarm on global warming, investor pressure, and consumer backlash are not enough to alert companies to the need for proper ESG due diligence perhaps the fines, outlined in the German Supply Chain Act (Lieferkettengesetz), which reach up 2 percent of the annual turnover for large companies, will do the trick.

Data science has reshaped many industries in the last two decades. But it has notably entered the government sector too, as regulators increasingly rely on analytical tools to uncover and prosecute violators.

One agency that seems to be at the forefront of data science adoption is the US Securities and Exchange Commission (SEC). The regulator has been using analytics to combat insider trading for some years now. A recent example is a charge against three former Netflix engineers, which the SEC detected using its data analysis tools that pick out “improbably successful trading over time.”

But the agency has more recently accelerated the use of such tools in the fight against another common securities law violation — financial reporting misconduct. Commentators see the move as one aspect of a broader shift in the SEC’s agenda since new chairman Gary Gensler took over in April. Under Gensler’s leadership, the agency is expected to direct more of its efforts towards enforcement.

The latest example of the SEC’s increased reliance on analytics is its charge against Healthcare Services Group Inc. (HCSG), a provider of housekeeping and other services to healthcare institutions. The company’s agreement to a $6 million settlement made headlines last week after the SEC accused it of accounting violations that reportedly allowed it to inflate earnings per share (EPS) in its quarterly reports.

The commission credited the uncovering of the alleged misconduct to its Enforcement Division’s EPS Initiative, which uses risk-based data analytics. According to the official SEC release, HCSG failed to disclose certain loss contingencies, allowing it to report higher earnings.

The HCSG case is not the first time that the securities regulator has used analysis tools as part of its EPS Initiative. In September 2020, the agency announced that it had reached similar settlements with two other publicly traded firms — Interface Inc. and Fulton Financial Corp. And in April 2021, the SEC charged eight companies as part of a different initiative that focuses on Form 12b-25 filing lapses. The agency once again cited data analytics as the method for uncovering these irregularities.

But the analytical approach has long been a part of the SEC’s arsenal, albeit at varying sophistication levels. One curious example is the so-called case of the missing ‘4’. It goes back to 2009, when an academic team published a paper exploring the suspicious absence of the number 4 in companies’ financial reports. Researchers specifically looked at the first post-decimal digit of reported EPS and found that ‘4’ appears less often than would be expected by chance alone.

This finding led the study’s authors to suspect companies of improperly rounding up their EPS numbers to gain a strategic advantage and dubbed the phenomenon “quadrophobia.” Although the rounding itself might not amount to fraud, researchers found that it may be a red flag, as companies that practice it are more likely to have been charged with accounting violations.

The paper reportedly caught the SEC’s attention, which sought to implement the findings in its enforcement efforts. In 2010, the agency charged Dell Inc. with manipulating earnings and obtained a settlement of $100 million from the company. The investigation was prompted by the discovery that Dell didn’t report EPS with ‘4’ in the tenths place even once between 1988 and 2006.

With the SEC moving towards more enforcement through focused initiatives and data analytics, we’re bound to see more companies targeted in the near future. Time will tell if the latest charges represent the extent of typical accounting offenses or if these are just the tip of the iceberg.

Breaking into new markets and winning major government contracts can be a daunting task for even the largest corporations, doubly so in emerging markets that are in political transition or have gone through a recent major upheaval.

In the face of such challenges, some companies may decide that engaging in illegal activities, often taking the form of bribes to foreign government officials, is an acceptable cost of doing business. When caught, hefty fines and settlements serve as both punishment for and deterrent against corruption practices.

But even before sanctions are levied, an investigation or ongoing lawsuit will raise red flags in any thorough due diligence check. In the most egregious cases, allegations of bribery can haunt a company’s reputation for decades.

One such case in the news in recent months is a lawsuit in South Africa, in which French defense group Thales is accused of racketeering, corruption, and money laundering. The other defendant in that trial is former South African President Jacob Zuma, who faces charges on 16 counts of racketeering, corruption, fraud, tax evasion, and money laundering.

Zuma is alleged to have accepted more than 700 bribes over a period of 10 years, including cash payments from Thales. The accusations cover the time when Zuma was deputy president of South Africa from 1999 to 2005.

The charges relate to the 1999 military equipment deal signed by South Africa with a group of European defense companies, worth 30 billion rands, or nearly $5 billion at the exchange rate at the time. Zuma is accused of accepting bribes totaling 4 million rands from Thales in exchange for shielding the company from the investigation.

Two Thales subsidiaries, Thint Holding (Southern Africa) and Thint, were charged with corruption in 2005, but the only people convicted were the African National Congress (ANC) chief parliamentary whip at the time, Tony Yengeni, and financial adviser Schabir Shaik.

Yengeni went to prison in 2006 and served five months of his four-year sentence, while Shaik, who was found guilty of soliciting a bribe from Thint on behalf of Zuma, was released on medical parole in 2009, four years into his 15-year sentence.

Shortly before Zuma was elected president of South Africa in 2009, charges against him were dropped, only for the South African Supreme Court to rule in 2018 that they should be reinstated. Thales sued to have the charges against the company dropped, but the Kwazulu-Natal High Court in Pietermaritzburg ruled in January 2021 to dismiss its application.

For the record, Thales has said it had no knowledge of any transgressions by any of its employees in relation to the award of the contracts. On May 26, 2021, its representative pleaded not guilty to the racketeering, corruption, and money laundering charges against the company.

Thales is not the only company involved in the 1999 South African arms deal to face investigation. The Serious Fraud Office in the UK investigated British defense firm BAE Systems over several contracts and reached a 30 million pounds plea settlement in 2010, without pursuing a criminal case concerning the South Africa deal.

The same year, BAE Systems also pleaded guilty and agreed to pay a $400 million criminal fine following a US Department of Justice investigation. That settlement did not specifically mention the South Africa deal.

Other recent corruption investigations resulted in even larger fines. Airbus agreed in January 2020 to pay $4 billion in fines as part of its settlement with authorities in France, the UK, and the US, after being investigated for allegedly using intermediaries to bribe public officials in numerous countries to buy its planes and satellites.

On September 6, The New Yorker published an exposé, authored by Pulitzer-winning journalist Ronan Farrow, chronicling both the hitherto unknown depth of Jeffrey Epstein’s involvement in fundraising for MIT’s Media Lab and the extent to which a small group of individuals sought to conceal this relationship. Farrow reported that, despite Epstein having been added to MIT’s list of “disqualified” donors following his 2008 conviction for solicitation and procurement of a minor for prostitution, “the Media Lab continued to accept gifts from him, consulted him about the use of the funds, and, by marking his contributions as anonymous, avoided disclosing their full extent, both publicly and within the university.” While Reif had apologized for accepting $800,000 from Epstein in known donations, the director of the MIT Media Lab, Joi Ito, later admitted to secretly accepting $7.5 million secured by Epstein from other donors, including Bill Gates, and over a million dollars from investment funds controlled by Epstein himself. According to Signe Swenson, an MIT fundraising coordinator turned whistleblower, the Media Lab kept donations from the blacklisted financier off-the-books in order to hide the relationship from MIT’s central fundraising office. Ito also hid meetings with Epstein, who would visit the lab accompanied by young female “assistants,” from critical faculty members. The day after the New Yorker article was published, Joi Ito resigned and Reif released another letter, this time promising an independent fact-finding investigation. Reif stated that MIT’s administration is “actively assessing how best to improve our policies, processes and procedures to fully reflect MIT’s values and prevent such mistakes in the future.”

The Epstein scandal has thrown the policy failures of numerous campus fundraising departments into sharp relief. As a September 9, 2019 article from the Associated Press noted, a number of other schools are struggling with how to handle tainted funds from Epstein. Ohio State University is reviewing over $2.5 million in gifts, and Harvard reported that it has already spent over $6.5 million in donations. Meanwhile, both the University of Arizona and the University of British Columbia were reportedly unaware that gifts they received from charitable foundations were linked to Epstein. The article noted that, while more universities “have been crafting policies to guide them when concerns about donors arise” and appointing “ethics boards to screen donors,” few hard and fast guidelines exist to help schools and other nonprofit entities protect their reputations. The case of MIT, wherein the University’s main fundraising office was unaware of the source of the monies solicited by the Media Lab, is a prime example of the need for stronger fundraising policies and oversight structures.

Some Strings Attached
In addition to corporate social responsibility issues deriving from unsavory sources of funding, charities and other not-for-profits must also be aware of unethical incentives and potential legal pitfalls created by reliance on major corporate donors. Such risks are exemplified in an ongoing federal whistle blower suit (United States of America et al v. Davita Health Care Partners et al) in which David Gonzalez, a long-time employee of the American Kidney Fund (AKF), contended that the AKF was providing preferential recommendations to its largest corporate donors, including DaVita Health Care Partners and Fresenius Medical Care. According to the complaint, which was filed in September 2016 and unsealed this August, the advantages that the AKF conferred on its major donors ran afoul of recommendations made by the Department of Health and Human Services’ Office of the Inspector General (OIG) and amounted to “illegal referrals and payments under the Anti-Kickback Statute.”

Allegedly, as part of its 1997 agreement with the OIG, the American Kidney Fund pledged to provide funding to people engaged in end stage renal dialysis based solely upon assessed need, without taking the identity of the referring facility into account as part of the assessment. The OIG’s requirements sought to ensure that donations made by dialysis facilities to the American Kidney Fund would function as gift contributions and would not be used as a means of influencing the AKF’s recommendations when guiding patients in selecting dialysis facilities.

According to the whistleblower’s complaint, the American Kidney Fund’s adherence to the OIG’s stipulations began to break down in 2008 and 2009 as the AKF struggled to maintain adequate funding. Reportedly, the AKF would frequently turn to DaVita and Fresenius, both of whom are major national administrators of outpatient dialysis clinics, when short on funds. According to Gonzalez, “DaVita and Fresenius were asking why the AKF was letting all the [dialysis] providers use the program, when they were the one providing most of the funds” which led Gonzalez’ superiors to begin tracking the identities of its corporate donors in 2009 and linking this information to the individual grants awarded to patients and the facilities where these patients received treatment. Ultimately some patients were labelled as “Free Riders” because their treatment grants exceeded the money brought in to the AKF as donations by their treatment providers. To eliminate the so-called “Free Riders,” the AKF began to restrict grants based upon the patient’s treatment provider, in violation of its agreement with the OIG.

Beginning in 2010, the AKF was allegedly steering patients toward its largest funding providers, including DaVita and Fresenius, and blocking the applications of patients using non-contributing providers, with one of Gonzalez’ superiors specifically referring to the system as “pay to play.” By some time around 2012, the AKF was allegedly conducting weekly “training calls” with non-donating dialysis providers. As the complaint stated, “The substance of the training… was really a quid pro quo solicitation of a donation in exchange for patient support.” Internally the AKF referred to these calls as the “Recoupment Effort.” Patients who transferred from a sanctioned provider to a “blocked” non-donating provider, were also allegedly unable to transfer their AKF coverage, also in violation of the OIG’s stipulations. The complaint contended that the AKF’s efforts to tie patient grants to the contributions made by their providers, coupled with steering patients toward their largest contributors amounted to a kick-back scheme in the guise of a charity, (which received donations to the tune of $275 million in 2015). Additionally, since each AKF grant “triggers vast amounts of payments to the providers” via government programs, the complaint alleged that the Defendants were also acting in violation of the False Claims Act.

The Takeaway
As seen in the above two examples, dependence on charitable donations as a source of funding presents a unique set of risks. On the one hand, the promise of large sums of money can lead to what MIT President Rafael Rief described as a “mistake in judgment” in accepting large sums from controversial donors or from charities or foundations with unknown financial backing. On the other hand, dependence on a few demanding donors may create internal pressure or incentives to bend policy in order to ensure the continued support of these donors. While various organizations will have different levels of tolerance with regard to these risks, all not-for-profit entities should have clearly articulated social responsibility and ethics policies with regard to fundraising in order to provide guidance and structure to the fundraising process and to minimize exposure to unethical or controversial funding sources.

Recent years have seen numerous scandals revolving around high profile philanthropists. This spring, the Guggenheim, the New York Metropolitan Museum of Art, and the Tate Modern Museum in London all returned funds donated by the Sackler family (whose ownership of Purdue Pharma, maker of OxyContin, has proven controversial following growing concern over Purdue’s role in the opioid crisis).  In 2017, the University of Southern California’s School of Cinematic Arts rejected a $5 million endowment for female filmmakers from Harvey Weinstein, following a change.org petition which described the donation as “blood money.” Meanwhile, Harvard has notably bucked the trend by refusing to return funds from Epstein and Sackler, as well as Saudi Prince Mohammed bin Salman, despite public pressure and student consternation. These organizations were forced to make the difficult choice of turning away valuable, and perhaps already spent funds, or keeping the money at the risk of public outrage. As Texas A&M Law Professor Terri Lynn Helge pointed out in The Conversation, returning tainted funds can prove to be a daunting task. By giving back donated funds, charities can run afoul of state regulators; gift agreements, which may include naming rights, e.g. for dedicated buildings, can be legally binding as well. Clearly delineated best practices, including a robust screening process for potential donors, can preempt these no-win situations. In certain circumstances it may be wise to look a gift horse in the mouth. The security of your organization’s hard-earned reputation may depend upon it.

The Kreller Hot Topics Report is a monthly publication dedicated to insights on international issues and incidents.

On September 6, The New Yorker published an exposé, authored by Pulitzer-winning journalist Ronan Farrow, chronicling both the hitherto unknown depth of Jeffrey Epstein’s involvement in fundraising for MIT’s Media Lab and the extent to which a small group of individuals sought to conceal this relationship. Farrow reported that, despite Epstein having been added to MIT’s list of “disqualified” donors following his 2008 conviction for solicitation and procurement of a minor for prostitution, “the Media Lab continued to accept gifts from him, consulted him about the use of the funds, and, by marking his contributions as anonymous, avoided disclosing their full extent, both publicly and within the university.” While Reif had apologized for accepting $800,000 from Epstein in known donations, the director of the MIT Media Lab, Joi Ito, later admitted to secretly accepting $7.5 million secured by Epstein from other donors, including Bill Gates, and over a million dollars from investment funds controlled by Epstein himself. According to Signe Swenson, an MIT fundraising coordinator turned whistleblower, the Media Lab kept donations from the blacklisted financier off-the-books in order to hide the relationship from MIT’s central fundraising office. Ito also hid meetings with Epstein, who would visit the lab accompanied by young female “assistants,” from critical faculty members. The day after the New Yorker article was published, Joi Ito resigned and Reif released another letter, this time promising an independent fact-finding investigation. Reif stated that MIT’s administration is “actively assessing how best to improve our policies, processes and procedures to fully reflect MIT’s values and prevent such mistakes in the future.”

The Epstein scandal has thrown the policy failures of numerous campus fundraising departments into sharp relief. As a September 9, 2019 article from the Associated Press noted, a number of other schools are struggling with how to handle tainted funds from Epstein. Ohio State University is reviewing over $2.5 million in gifts, and Harvard reported that it has already spent over $6.5 million in donations. Meanwhile, both the University of Arizona and the University of British Columbia were reportedly unaware that gifts they received from charitable foundations were linked to Epstein. The article noted that, while more universities “have been crafting policies to guide them when concerns about donors arise” and appointing “ethics boards to screen donors,” few hard and fast guidelines exist to help schools and other nonprofit entities protect their reputations. The case of MIT, wherein the University’s main fundraising office was unaware of the source of the monies solicited by the Media Lab, is a prime example of the need for stronger fundraising policies and oversight structures.

Some Strings Attached
In addition to corporate social responsibility issues deriving from unsavory sources of funding, charities and other not-for-profits must also be aware of unethical incentives and potential legal pitfalls created by reliance on major corporate donors. Such risks are exemplified in an ongoing federal whistle blower suit (United States of America et al v. Davita Health Care Partners et al) in which David Gonzalez, a long-time employee of the American Kidney Fund (AKF), contended that the AKF was providing preferential recommendations to its largest corporate donors, including DaVita Health Care Partners and Fresenius Medical Care. According to the complaint, which was filed in September 2016 and unsealed this August, the advantages that the AKF conferred on its major donors ran afoul of recommendations made by the Department of Health and Human Services’ Office of the Inspector General (OIG) and amounted to “illegal referrals and payments under the Anti-Kickback Statute.”

Allegedly, as part of its 1997 agreement with the OIG, the American Kidney Fund pledged to provide funding to people engaged in end stage renal dialysis based solely upon assessed need, without taking the identity of the referring facility into account as part of the assessment. The OIG’s requirements sought to ensure that donations made by dialysis facilities to the American Kidney Fund would function as gift contributions and would not be used as a means of influencing the AKF’s recommendations when guiding patients in selecting dialysis facilities.

According to the whistleblower’s complaint, the American Kidney Fund’s adherence to the OIG’s stipulations began to break down in 2008 and 2009 as the AKF struggled to maintain adequate funding. Reportedly, the AKF would frequently turn to DaVita and Fresenius, both of whom are major national administrators of outpatient dialysis clinics, when short on funds. According to Gonzalez, “DaVita and Fresenius were asking why the AKF was letting all the [dialysis] providers use the program, when they were the one providing most of the funds” which led Gonzalez’ superiors to begin tracking the identities of its corporate donors in 2009 and linking this information to the individual grants awarded to patients and the facilities where these patients received treatment. Ultimately some patients were labelled as “Free Riders” because their treatment grants exceeded the money brought in to the AKF as donations by their treatment providers. To eliminate the so-called “Free Riders,” the AKF began to restrict grants based upon the patient’s treatment provider, in violation of its agreement with the OIG.

Beginning in 2010, the AKF was allegedly steering patients toward its largest funding providers, including DaVita and Fresenius, and blocking the applications of patients using non-contributing providers, with one of Gonzalez’ superiors specifically referring to the system as “pay to play.” By some time around 2012, the AKF was allegedly conducting weekly “training calls” with non-donating dialysis providers. As the complaint stated, “The substance of the training… was really a quid pro quo solicitation of a donation in exchange for patient support.” Internally the AKF referred to these calls as the “Recoupment Effort.” Patients who transferred from a sanctioned provider to a “blocked” non-donating provider, were also allegedly unable to transfer their AKF coverage, also in violation of the OIG’s stipulations. The complaint contended that the AKF’s efforts to tie patient grants to the contributions made by their providers, coupled with steering patients toward their largest contributors amounted to a kick-back scheme in the guise of a charity, (which received donations to the tune of $275 million in 2015). Additionally, since each AKF grant “triggers vast amounts of payments to the providers” via government programs, the complaint alleged that the Defendants were also acting in violation of the False Claims Act.

The Takeaway
As seen in the above two examples, dependence on charitable donations as a source of funding presents a unique set of risks. On the one hand, the promise of large sums of money can lead to what MIT President Rafael Rief described as a “mistake in judgment” in accepting large sums from controversial donors or from charities or foundations with unknown financial backing. On the other hand, dependence on a few demanding donors may create internal pressure or incentives to bend policy in order to ensure the continued support of these donors. While various organizations will have different levels of tolerance with regard to these risks, all not-for-profit entities should have clearly articulated social responsibility and ethics policies with regard to fundraising in order to provide guidance and structure to the fundraising process and to minimize exposure to unethical or controversial funding sources.

Recent years have seen numerous scandals revolving around high profile philanthropists. This spring, the Guggenheim, the New York Metropolitan Museum of Art, and the Tate Modern Museum in London all returned funds donated by the Sackler family (whose ownership of Purdue Pharma, maker of OxyContin, has proven controversial following growing concern over Purdue’s role in the opioid crisis).  In 2017, the University of Southern California’s School of Cinematic Arts rejected a $5 million endowment for female filmmakers from Harvey Weinstein, following a change.org petition which described the donation as “blood money.” Meanwhile, Harvard has notably bucked the trend by refusing to return funds from Epstein and Sackler, as well as Saudi Prince Mohammed bin Salman, despite public pressure and student consternation. These organizations were forced to make the difficult choice of turning away valuable, and perhaps already spent funds, or keeping the money at the risk of public outrage. As Texas A&M Law Professor Terri Lynn Helge pointed out in The Conversation, returning tainted funds can prove to be a daunting task. By giving back donated funds, charities can run afoul of state regulators; gift agreements, which may include naming rights, e.g. for dedicated buildings, can be legally binding as well. Clearly delineated best practices, including a robust screening process for potential donors, can preempt these no-win situations. In certain circumstances it may be wise to look a gift horse in the mouth. The security of your organization’s hard-earned reputation may depend upon it.

The Kreller Hot Topics Report is a monthly publication dedicated to insights on international issues and incidents.

As outlined in the filing, PrivatBank, which came to be one of the largest banks in Ukraine, was founded in 1992 by oligarchs Igor Kolomoisky and Gennadiy Bogolyubov and former Vice Prime Minister of Ukraine, Serhiy Tihipko; the bank was majority-owned by Kolomoisky and Bogolyubov until its nationalization in 2016. During the period spanning from 2006 until 2016, the oligarchs presided over what the complaint described as a “Shadow Bank,” operating alongside the institution’s licit activities.

Four Steps to Shady Financing
First, the oligarchs’ loyalists within the so-called Shadow Bank would issue business loans to entities controlled by Kolomoisky and Bogolyubov. These loans were typically issued for purported “general corporate financing” and these entities would subsequently deposit the loan money into corporate accounts overseen by PrivatBank’s Cypriot branch.

Then, in step two, with the aid of several Cypriot law firms, the Shadow Bank created dozens of anonymized corporate entities, the “Laundering Entities” (ultimately controlled by Kolomoisky and Bogolyubov) each with numerous PrivatBank Cyprus accounts, through which the various loans could be comingled and moved across the various entities and accounts in a complex shell game, meant to obscure the origin of the funds. As stated in the complaint, although these entities “had billions of dollars moving in and out of their accounts, in reality, the entities had no business, assets, operations, or employees and were shell entities deployed for money laundering purposes.”

In step three the laundered money originally acquired through “general corporate financing” loans, was channeled to a group of related Delaware LLCs and used to purchase commercial assets in the United States (more on this later), contravening the stated purpose of the loans.

Finally, in step four, the bank’s accounting was squared by repeating the first two steps and using the laundered funds from the second round of loans to pay off the first round of loans, in a Ponzi-like process known as “loan recycling.” As a July 17, 2019 article from the Financial Times put it, this scheme continued within PrivatBank until “regulators found a $5.5bn black hole in its balance sheet,” at which time Kolomoisky departed first for Switzerland, and later for Israel (where he also possesses citizenship), in the hope of avoiding possible extradition to the United States.

The Optima Group
While Kolomoisky and Bogolyubov oversaw PrivatBank and its shadow functions from Ukraine, three of the oligarchs’ lieutenants, Uriel Laber, Mordechai Korf, and Korf’s son-in-law Chaim Schochet (also named as Codefendants in the May suit), allegedly oversaw the Delaware LLCs, known as the Optima group of companies, from Optima’s headquarters in Miami. The Optima Group’s primary function was to acquire various commercial and industrial real estate holdings on behalf of Kolomoisky and Bogolyubov. The holdings acquired through the misappropriated funds varied both in geography and use, from Stemmons Tower and the former CompuCon headquarters in Dallas, to the former Motorola manufacturing facility in Harvard, IL, to PNC Plaza in Louisville, to steel manufacturing facilities in Detroit, West Virginia, and Ashland, KY.

Perhaps most notably, according to the complaint, one Optima entity, Optima Ventures LLC (owned equally by Kolomoisky, Bogolyubov, and Korf and managed by Schochet), became “the largest holder of commercial real estate in Cleveland” with major holdings dotting the Cleveland skyline including: One Cleveland Center, 55 Public Square, the Huntington Building, the Crowne Plaza Building, and the AECOM/Penton Media Building. A February 5, 2012 profile of Chaim Schochet in Cleveland’s Plain Dealer, labelled Schochet as “The most important guy you’ve never heard of,” and the man “responsible for roughly 2.8 million square feet of office space” owned by the Miami-based Optima and ultimately controlled by the Privat Group, a “Ukrainian business conglomerate.” While the article described the then-25-year-old as “engaging” when discussing his investment goals in the rebounding city, it also characterized Schochet as “circumspect” in describing Optima’s structure and investors.

Schochet’s reticence to discuss the Optima Group appears clearer in hindsight as subsequent accounts have demonstrated how little Optima cared for its “investment” properties in Cleveland. Following the nationalization of PrivatBank, which put an end to Kolomoisky and Bogolyubov’s control of the bank’s Supervisory Board and access to its lending portfolio, Optima began divesting its assets in Cleveland. As a June 11, 2019 piece in Cleveland Scene described, most of these properties “have fallen into disrepair and suffer from high vacancy rates.” The AECOM Building was purchased by Optima in 2010 with 90% occupancy; it was sold in 2018 “in need of significant renovation” with a mere 57% occupancy at an $8.5 million loss. Reportedly, One Cleveland Center has also suffered from poor tenant retention and diminished valuation. While Optima purchased the property in 2008 for $34 million, it was appraised in 2018 at only $20 million. According to the article, Optima continues to shop the building after a prospective buyer pulled out “calling the project unworkable.”

Fifty-five miles east of Cleveland, the Warren Steel plant may have closed, but its owner, Warren Steel Holdings LLC, continues to haunt Kolomoisky, Bogolyubov, and Mordechai Korf. On June 15, 2015, Warren Steel Holdings LLC’s minority beneficial shareholder, Vadim Shulman, filed suit against the trio and related business entities in the Trumbull County Court of Common Pleas. While the suit was dismissed on jurisdictional grounds, a similar suit was reportedly filed on August 23, 2019 in the Delaware Court of Chancery.

Shulman’s Trumbull County complaint, which includes details which dovetail with those found in the bank’s May 2019 suit, contends that Kolomoisky, Bogolyubov, and Korf sought to gain near-total control over Warren Steel through a “long-running, self-dealing, debt-accumulation scheme.” They did so by moving to restructure Warren Steel’s debt through a new lender. While the total value of Warren Steel’s assets was reported to be $27 million, $25 million in additional loans were advanced by the new lender, the identity of which was only revealed to Shulman after the restructuring was greenlit. The mystery lender? Optima Acquisitions LLC (indirectly owned by Kolomoisky). As the Trumbull County complaint summarized, “If the assets of Warren Steel were valued at only $27 million, Optima Acquisitions (and therefore Kolomoisky alone or together with Bogolubov) would have the benefit of security over almost all of the assets of Warren Steel which, if enforced, would leave approximately $2 million for the other lenders and obviously nothing for the Plaintiffs.”

While Kolomoisky and company were allegedly attempting to wrest full control of the plant away from its minority owner through a self-dealing lending scheme, the complaint contends that the Defendants were knowingly siphoning capital and resources away from the plant through a parallel “undervaluation scheme” in which sweetheart deals were made with other ferroalloy companies controlled by the oligarchs. Allegedly, “as a way to transfer funds away from Warren Steel, [the Defendants] sell goods to Related Parties for less than their true value and purchase goods from Related Parties for more than their true value.” These trading partners: Optima Group entities and their holdings. The Warren Steel plant “continued to operate at a loss” and closed six months after Shulman’s initial complaint was filed. If Shulman’s allegations are to be believed, the official reasons for the closure – a faltering industry and lack of financing – look more like pat excuses, trading on the well-worn economic tropes of the region and obscuring more nefarious causes.

The Purchase of a President
Back in Ukraine things are looking bright for Kolomoisky and Bogolyubov. Both of the oligarchs have returned from their extended stay in Israel following the April 2019 election of comedian Volodymyr Zelensky as President of Ukraine. According to the Financial Times, Zelensky “rose to fame playing a fictional president” on a TV channel owned by Kolomoisky. The oligarch is also believed to be Zelensky’s largest financial backer and Andriy Bogdan, an attorney who has represented Kolomoisky in the PrivatBank litigation, is serving as Zelensky’s Chief of Staff. Kolomoisky himself was reported as boasting, “People come to see me in Israel and say, ‘Congrats! Well done!’ I say, ‘For what? My birthday’s in February.’ They say, ‘Who needs a birthday when you’ve got a whole president.’” Mere days before Zelensky’s electoral “landslide,” a Ukrainian court ruled against the PrivatBank nationalization, raising concerns that Zelensky will return to bank to his political patrons. While in Ukraine the fate of PrivatBank hangs in the balance, Kolomoisky may find his own fortunes still tied to Ohio. As The Daily Beast reported on April 7, 2019, the FBI and the U.S. Attorney’s Office in the Northern District of Ohio have initiated a probe into the oligarch’s possible financial crimes.

The Kreller Hot Topics Report is a monthly publication dedicated to insights on international issues and incidents.

According to the FTC, by August 2013, “Facebook was aware of the privacy risks posed by allowing millions of third-party developers to access and collect Affected Friend data” through the Graph API. Facebook subsequently commissioned an audit of its third party apps and found that “third-party developers were making more than 800 billion calls to the API per month and noted that permissions for Affected Friends’ data were being widely misused” [emphasis in complaint]. According to the complaint, Facebook ultimately decided to discontinue the access third-party developers would have to the data belonging to the app users’ friends and the company announced this decision on April 30, 2014, as part of a campaign to give “people power and control over how they share their data with apps.” However, unbeknownst to its users, Facebook continued to give pre-existing apps access to friend data for a full year following these statements. Reportedly, some so-called “Whitelisted Developers” were provided Graph API access without consumer knowledge through June 2018. According to the FTC’s related complaint against Cambridge Analytica, LLC, University of Cambridge researcher, Aleksandr Kogan controlled one of these whitelisted apps, through his company, Global Science Research, Ltd., which would go on to provide Graph API data to Cambridge Analytica and its UK-based parent group, SCL Group Ltd. Kogan’s app, which was originally developed as part of the University of Cambridge’s Prosociality and Well-Being Lab, operated in conjunction with “an algorithm that could predict an individual’s personality based on the individual’s ‘likes’ of public Facebook pages.” Reportedly, over the course of the project, which ended in May 2015, Kogan’s app harvested data from 250,000-270,000 users and 60-65 million of the users’ friends. The FTC alleged that this data was collected “through false and deceptive means” in violation of the EU-US Privacy Shield framework.

The Federal Trade Commission touted the $5 billion penalty against Facebook as “the largest ever imposed on any company for violating consumers’ privacy and almost 20 times greater than the largest privacy or data security penalty ever imposed worldwide.” Indeed, the FTC fine eclipses a January 2019 fine of €50 million ($57 million), imposed by France’s National Data Protection Commission (CNIL) on Google for similarly opaque data collection practices. In the press release, FTC Chairman Joe Simons stated that the “unprecedented” fine is meant to demonstrate that “The Commission takes consumer privacy seriously.” The fine also coincides with the public’s increasing awareness of both the value of personal identifying information and the precarious control individuals are able to exercise over this information. This awareness has culminated in the General Data Protection Regulation (GDPR) in Europe, the Digital Privacy Act in Canada, and increasingly vociferous calls from tech leaders, including Tim Cook, for similar legislation in the United States. As discussed in a March 29, 2019 post by The National Law Review, members of congress appear increasingly concerned with developing data privacy legislation.

Investigative Challenges and Strategies
As might be expected, the increased focus on digital privacy presents a number of challenges for online open source investigations. On the most general level, individuals have grown more circumspect about the information they provide online, ranging from abiding by the SEC’s advice to limit the amount of biographical and identifying information made public on social media, to a growing interest, perpetuated by tech theorists such as Jaron Lanier, in deleting social media accounts all together. More specifically, privacy concerns have altered some common tools used in open source research. As discussed in a June 10, 2019 Vice article, Facebook has recently disabled a search feature known as “Graph Search,” wherein investigators could construct very specific Facebook searches so as to identify, for example, overlapping check-ins by two Facebook users or all the photos commented on by a user. As noted in the article, while such features have been abused by bad actors, they have also been used by journalists and members of the open source intelligence (OSINT) community to investigate everything from sex trafficking to airstrikes in Yemen. As another example, domain name registration research can also be an invaluable tool for open source research. A record of a domain registrant can provide breadcrumbs linking a known website to an unknown individual or business, thus providing additional insight into a subject entity’s business affiliations. In the past year, many registrars have chosen to redact domain registrant (WHOIS) information, including the registrant’s name, address, telephone, and contact email, in compliance with European GDPR guidelines.

However, such challenges need not pose a serious threat to the viability of open source investigations, particularly in the field of corporate compliance. While some governments are moving to protect consumer privacy, many are simultaneously acting to increase corporate transparency, especially in response to concerns regarding money laundering. These moves toward transparency are a boon to investigations operating beyond the parameters of social media. For example, as noted by the BBC on June 19, 2019, the crown dependencies of Jersey, Guernsey, and the Isle of Man have announced that they will be taking steps to publicize their corporate beneficial ownership registers by 2023. Identifying information regarding the owners and directors of certain types of private companies is already available in many European corporate registries. Land/deed registries and legal filings can also be rich sources of publicly available information, both in the United States and abroad. In the U.S., due diligence research in the service of fraud prevention or detection is allowed under the Drivers’ Privacy Protection Act (DPPA) and Gramm-Leach-Bliley Act (GLBA), providing additional avenues of research to licensed and vetted firms. Finally – and especially in jurisdictions where public information is thin – proper due diligence may call for the human touch, i.e. contacting references, visiting a business to verify its operations, conducting character inquiries, etc. A Facebook profile may tell you what an individual “likes,” but with a few discreet phone calls, a good investigator can get a sense of what an individual is like.

The Kreller Hot Topics Report is a monthly publication dedicated to insights on international issues and incidents.