lessons from hp

7/29/2019 Lessons From Hp

1/37

Lessons From HP:

Legal and Ethical Implications

for Investigating Suspected

Fraud

Presented by:

Fred Cantz, CPA CFE

U.S. Postal Inspection Service1979- 2004 Team Leader, Financial Crimes and Money

Laundering, U.S. Postal Inspection Service,Philadelphia Division (Retired)

Supervised Hundreds of Internal EmployeeCriminal Investigations in 26 Year Career

Certified Public Accountant

Certified Fraud Examiner


2/37

Director, Corporate Compliance,

AlliedBarton Security Services 2004-2006

Largest American Owned Private Security Services

Provider 48,000 employees $ 1.2 Billion Revenues

Licensing & Regulatory Affairs

Internal Corporate Investigations

Sarbanes-Oxley Compliance

Monitored Compliance with Corporate Code of

Ethics

Administered Whistleblower Hotline

SMART Business Advisory and Consulting,Philadelphia, PA, Senior Manager, Forensic

Accounting and Litigation Support

CPA, CFE, Licensed Private Investigator

Specializing in: Fraud Examination

White Collar Investigation

Corporate Compliance Issues

Whistleblower Hotline Advisory Services

Financial Litigation Support


3/37

Sr. Manager, Department of Internal Audit

Stratford, NJ Campus

President of Philadelphia Chapter ACFE

2007 ACFE Chapter of the Year

Adjunct Professor of Accounting La Salle University, Schoolof Graduate Studies

Presentation contains my views-not that of UMDNJ

Overview

The HP Way

Board Turmoil

Discovery that Confidential Info Was Leaked

Why it Was of Great Concern

Who Was Hired to Investigate

Tactics Used to Identify Leaks

Outing the Source

Importance of Executive Oversight (Tone at the Top)

Civil & Criminal Action


4/37

Key Areas to be Explored

Acceptable Investigative Techniques

Whats in Public Domain

Record Ownership Issues

Expectations of Privacy in Workplace

Employee Ethics and Code of Conduct

Importance of Continual Monitoring of

Outsourced Investigations

The HP Way

Founded by Bill Hewlett and David Packard January 1, 1939

A Core Ideology that Includes Corporate Culture with: A deep respect for the individual

A dedication to affordable quality and reliability

A commitment to community responsibility

A view that the company exists to make technical contributions for theadvancement and welfare of humanity

Contrast with everyones current corporate goals: Increased Earnings, Reduce Costs, Pump up Stock Price,

Currently # 11 on Fortune 500 - $ 87 Billion in Revenues for2006

One of 30 stocks comprising the Dow Jones Industrial Average


5/37

Inner Turmoil at HP

Carly Fiorina appointed CEO -1999

May 2002 HP merged with Compaq Computer

Heirs Walter Hewlitt and David Packard strongly opposedmerger and subsequently left board

Stock price stagnant $ 18-$22/share for three years after merger

Carly Fioina fired as Chairman & CEO in February 2005

Patricia Dunn replaced Fiorina as Chairman

HP DIRECTORS and COMPENSATIONFOR FISCAL 2005

Name

Patricia C. Dunn, Chairman of the Board . . . . . . . . . . . . . . . . . . . . . ..$ 236,399

Lawrence T. Babbio, Jr, Vice Chairman & President Verizon Communications . . . .....(Director ARAMARK) . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . $ 246,000

Richard A. Hackborn, EVP & General Manager, Nokia Corp. . . . . . . . . . . . . . . . . . . . . .(Retired HP Chairman of Board) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ 220,399

George A. Keyworth II, Chairman & Sr. Fellow Progress & Freedom Foundation . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . .. .$ 251,991

Thomas J. Perkins General Partner, Kleiner, Perkins Investment Partnership . . . . . . .(Director, News Corporation) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . $ 212,192

Robert L. Ryan, Retired SVP & CFO, Medtronic, Inc. Medical Technology . . . . . . . . . . . . . . .. . .(Director, United Health Group). . . . . . . . . . . . . . . . . . . . . . . . . $ 253,000Lucille S. Salhany President & CFO, JH Media Consulting. . . . . . . . . . . . . . . . . . .

.(Director, American Media, Inc.) . . . . . . . . . . . . . . . . . . . . . . . .$ 216,000


6/37

3 Separate Board Divisions

Identified Guidance Group - What do we need to compete

with Dell, IBM and other major competitors

Compliance Group - Focused on Sarbanes-OxleyCompliance, Social Responsibility and RegulatoryIssues

Technological Champions - Firmly understoodtechnological goals and obstacles in marketplace.Dunn wanted to eliminate.

Tom Perkins View of Board

three women, two minority members and

three technology geeks.

ZDNet News 2/27/07

The Maltese Falcon


7/37

What Happened at HP?

2004-2005- Confidential information only discussed inboardroom was revealed to several tech-industry publicationsand published

Info so confidential, it could only have come from a boardmember

Boardroom Leaks were Suspected by Patricia Dunn, Chairmanof Board

Dunn Ordered Investigation to Determine Source of Leaks Code Name: Kona (Location of Dunns Vacation Home)

How it Began-2005

Carly Fiorina outed as CEO and Chair in January2005

Confidential board discussions regarding Fiorinasouster were reported and published by several newsorganizations - CNET. COM & Wall StreetJournal

Investigation Launched by Dunn Furious withLeaks

Code Named Kona (Location of Dunns VacationHome)


8/37

Initial Targets- Board Members

Thomas J. Perkins

George A. (Jay) Keyworth

Robert Knowling

Carly Fiorina

Initial Attempts to Identify Leaker-

Unsuccessful

Kona II Continued In January2006

Suspects: Perkins

Perkins Wife

Lucille Salhany

Richard Hackborn

Shane Robison (HP Chief Technology Officer)

Patricia Dunn


9/37

Other Suspects

Nine Journalists (CNET WSJ)

Two additional HP employees

Larry Sonsini - H-Ps outside law firm

Wilson Sonsini Goodrich & Rosati

Note of Interest:

Ann Baskins, the

general counsel of H-P

at the time of the

investigation, is

married to Thomas

DeFilipps a partner at

Wilson Sonsini

Goodrich & Rosati


10/37

The Investigation

Security Outsourcing Solutions, Boston, MAoperated by Ron DeLia was hired by Anthony R.Gentilucci, Manager of Global Investigations forHP

Action Research Group FL- Joseph and Matt DePante was hired by DeLia to gather information(Personal Indentifier Information)

Bryan Wagner NE- hired by De Pante to obtainprivate phone records

Investigative Techniques

PretextingImpersonating another

individual in order to obtain personal

information

Contractors hired by HP posed as various

members of the board and contacted wireless

carriers to request their telephone records


11/37

Personal Data Compromised

24 Individuals, including Board members,

HP employees & Journalists

Records Compiled Included:1,750 phone calls made on 157 cellular phones and 413

landlines.

Pretexting- Legal or Illegal?

Gramm-Leach-Biley Act of 1999 makes it illegal to

obtain someone elses customer information using

false, fictitious or fraudulent statements

Federal Trade Commission Act provides FTC the

authority to generally prohibit pretexting for

sensitive consumer information

Violation of 18 USC 1028, Identity Theft


12/37

January 30, 2006 e-mail

From: Kevin Hunsaker (Chief Ethics Officer)

To: Anthony Gentilucci (Manager, Global Investigations)

KH: How does Ron (De Lia) get cell and home

phone records? Is it all above board?

AG: (De Lias investigators)call operators under

some ruseI think it is on the edge, but above

board. We use pretext interviews on a number of

investigations to extract informationin a sense, all

undercover operations.

KH: I shouldnt have asked.

Vince Nyes Concern

I have serious reservations about what we are

doing, Nye wrote to his boss, Tony Gentilucci, and

HPs chief ethics officer, Kevin Hunsaker. ...It

leaves me with the opinion that it is very unethical

at the least and probably illegal.

"I think we need to refocus our strategy and proceed

on the high ground course" (Feb 7)


13/37

Things You Should Not Say in an

e-Mail: We just received word that we will be hit with a

subpoena next week, so please clean up your filesbefore then

Can we push the numbers here?

(Insert CEOs name here) is such a (insertunfavorable description here)

I should never have put that in an e-mail

Does anyone know of any good file deletionsoftware?

Things You Should Keep in MindAbout e-Mails Like diamondse-mails are forever, especially if you are on a

network

A good computer forensics specialist can probably recover anydeleted e-mails and other private files from your non-networkedhard drive

What are the legal, ethical, personal implications to sending thise-mail

Assume it will be identified and discoverable at a later time

Think..before you hit the Send button


14/37

Ownership of Records

How is Ownership Determined?

Phone Purchased by Company, Provided to

Employee for Official Use and Company Pays

Monthly Bill No Expectation of Privacy

Generally Phone Records are Property of

Company There Could be Exceptions

Ownership of Records

Phone Purchased by Individual, Who Submits Bill forReimbursement Generally Reasonable Expectation ofPrivacy Pretexting Would Not Be Permitted

Records Owned by Owner of Phone

Need for Clear Corporate Policy and Procedures andAcknowledgment by Employee OK for Policy to

Require Itemized Receipts


15/37

Acceptable Investigative

Tools/Techniques Reviewing/Cataloguing Print & Internet

Media Postings

Physical Surveillance (Public Property)

Conducting Background Investigations

Using Public Information

Dumpster Diving (At curbside)

Great Sources

Zoominfo.com, zabasearch.com

Archive.org

Sec.gov 10-Q & 10-K Reports

Company Web Pages

Choicepoint

Lexis/Nexis

Pacer County Clerk of Court Public Information


16/37

Other Good Investigative Sources

on a Computer E-mail reviews are an integral part of any internal

investigation

Temporary Internet Files

Cookies

Favorites

History

Unallocated Space

OLK Directory

Outlook PST Files

Registry Activity

Dubious Techniques Used

Placing tracer software in e-mail addressed

to a reporter to identify who he

communicated with

Forensic examination of a computer reported

stolen by Board Member George Keyworth.

This computer mysteriously was recovered

and analyzed with approval of HP


17/37

Social Engineering

The Human Element

The Weakest Link in Information Security

Using Deceptive and Manipulative Tactics on

Individuals to Gain Unauthorized Access to

Information

Examples of Social Engineering Attacks

Closing time bank transaction on a Friday, presented bad

check for cashingcould not locate drivers licensejust

received traffic ticket

Pretexting- Bryan Wagner posed as multiple individuals

under investigation. Contacted cell phone carriers.

Caller posing as credit card investigator in effort to obtain

personal identifier information

Caller posing as employee from same company from

another city

Phishing Schemes

Auditing procedures should be testing for social

engineering attacks


18/37

Expectations of Privacy

Important to have Corporate Policy and Procedures

Addressing Privacy Issues:

Comprehensive IT Policy

E-mail, voice mail, internet usage, ownership of

computer files and company owned computer and

cell phone access

Expectations of Privacy of Personal Property

brought on Company Property

Potential of Video Surveillance in Public Areas

Policy Example

An employee shall be responsible for all

Firm equipment and property assigned to or

requisitioned by, or in his or her custody and

care. The Firm reserves the right to inspect,

on occasion and without permission, the

work area of all employees.


19/37

Code of Ethics

Importance of Employee Handbook DetailingCorporate Policies

Initial and Periodic Annual Ethics Training

Policy of Disclosure of Employee Financial Conflicts

Acknowledgment of Receipt and Understanding of Codeof Ethics

Importance of Whistleblower Hotline

Tone at the Top Must be Supported by SeniorManagement

Issues of Importance Sarbanes Oxley - U.S. SentencingCommission Sentencing Guidelines


20/372

New York Times Report

September 20, 2006 HP conducted feasibility studies on planting

spies in San Francisco news bureaus of twomajor publications: CNET

The Wall Street Journal

Included possibility of placing investigatorsacting as clerical employees or officecleaners

House of RepresentativesSubcommittee Hearing

September 28, 2006

Ann Baskins HPs General Counsel resigned

prior to testifying

Exercised Fifth Amendment Rights Against Self-

Incrimination at Hearing

Received $ 3.7 Million Severance Pkg.

Worked at HP 24 Years Was not charged


21/372

Total Cost of Investigation

$ 325,000

Who Did It ?

George Keyworth

If someone had simplyasked, I would have told

them I was the leaker.


22/372

Tom Perkins

Keyworths Key Ally

Furious with tactics employed, furious with Dunn

and furious with direction the company was going,

especially stock price

Perkins learned that his phone information had been

provided by AT&T without his authority and

assumed the role asA Whistleblower

Perkins

Resigned from the board in May after learning

about the tactics used by HP's investigators.

Pressured the company to publicly disclose the

reason for his departure, leading to the regulatory

filing that revealed the investigators' use of

pretexting

Received an undisclosed financial settlement


23/372

Down Payment

Indictments to Date

Chairwoman - Patricia Dunn

Chief Ethics Officer- Kevin Hunsaker

Investigator - Ron Delia

Investigator Matthew De Pante

Investigator Bryan Wagner


24/372

Charges

Use of False or Fraudulent Pretenses toObtain Confidential Information from aPublic Utility

Unauthorized Access to Computer Data;

Identity Theft

Conspiracy

Settlement Agreement

Payment of $ 14.5 Million

Creation of Privacy and Piracy Fund for Law

Enforcement Activities Related to Privacy and

Intellectual Property Rights

Implementation of Corporate Governance Reforms

at HP to Ensure Compliance with Ethical & Legal

Standards


25/372

Criminal Progress to Date

Patricia Dunn All charges dropped. Diagnosed with Cancer inPoor Health

Felony Charges Dropped after Completion of 96 Hours CommunityService & Restitution- Plea of No Contest (Misdemeanor)

Kevin Hunsaker (Ethics Officer)

Ron De Lia Private Investigator

Matt De Pante Private Investigator

Bryan Wagner Pled Guilty to Identity Theft yet to besentenced Faces Mandatory 2 years Imprisonment

More Directly and Actively Involved in Pretexting than Dunn

No charges filed against Baskins

Civil Settlements Feb 2008

John Markoff

Peter Burrows, Ben Elgin and Roger Crockett


26/372

Five Additional Lawsuits Pending

HP Current Financial Status

Stock trading in low $ 20s

Stock now trading in low $40s

Mark Hurd CEO made great progress in

turning HP around


27/372

HP DIRECTORS Then & Now

Patricia C. Dunn, Chairman of the Board RESIGNED 09/2006

Lawrence T. Babbio, Jr.

Richard A. Hackborn

George A. Keyworth II RESIGNED 09/2006

Thomas J. Perkins - RESIGNED 05/2006

Robert Knowling RESIGNED 09/2005

Robert L. Ryan

Lucille S. Salhany

Four New Directors Appointed

Mark Hurd Chairman & CEO

Thomas Nolan- Hunsakers Attorney:

All these people acted in good faith. They

believed that what they were doing was right

and legal.

Was it ethical????


28/372

Ongoing Federal Investigation

Investigation is Continuing

No comment by Feds

Federal Laws Relating to Pretexting and

Identity Theft are Generally More Specific

than California State Law

SEC Recently Announced They Ended Their

Investigation

Know Your Investigator

Are they Licensed?

Obtain their Bio and CV

Obtain a List of References

Vet their Qualifications and Experience

Civil Actions

Continually Monitor their Progress andPerformance


29/372

Lessons Learned from HP

www.philacfe.com/whats new

SOS Newsletter July 1999


30/373

PRACTICAL EXERCISE

Hotline Call: Allegation Accuses CurrentExecutive of Misconduct

Executive Purchased a Capital Asset

Asset Subsequently Provided to Client

Client Billed by Executives Employer

Employer Did Not Know Asset Was Owned

by their Own Executive

Asset Provided by Limited LiabilityCompany Authorized Vendor


31/373

Access to Records

Identified Vendor as LLC

W-9 Form Request for Taxpayer ID

Cross Matched TIN (SSN) to an Existing Employee

Secretary of State Corporate Formation Documents Executive was Identified as President of the LLC

Reviewed Official Personnel Folder of Executive

Reviewed Corporate Code of Conduct & EmployeesAcknowledgment

Payment History

Scheduled Out Payment History to Vendor and

Compared to Other Vendors Supplying Similar

Assets

Executive Personally Approved Payments to LLC

under their control

Payments Were Substantially Higher Than Market

and Continued Much Longer Than Asset Was

Actually Needed


32/373

Investigative Steps

LLC address was P.O. Box Can I Obtain BoxApplication?

Pulled Copies of Cancelled Checks from Co.

All Checks Were Deposited to Same Bank Account

Personnel Folder Contained Executives Bankingand Direct Deposit Account Information SameAccount as LLC

Access to Executives Banking Info?

E-mail Review

Executive Had Computer Assigned by Company Can I Review Hard Drive?

IT Policy Published Policy States: All e-mails areSubject to Monitoring- Can I Review e-mails?

Some e-mails Were Sent From Corporate Account toAol Account Can I Review AOL e-mails?

Executive Has Cell Phone Personally Purchased Submitted Allowance on Expense Report Can I

Review Calls Records Traced to this Phone?


33/373

Surveillance

Can I Follow in a Public Place?

Can I Photograph?

Install Covert Recording Equipment in Office?

Pretexting?

Nonconsensual Electronic Surveillance-Including:Recording Telephone Calls, Conversations w/oConsent of Party Recorded ----DONT DO IT !!!

Additional Steps for CriminalInvestigation

Use of Law Enforcement Databases- Motor

Vehicle & Criminal History Databases

Forensic Laboratories

Court-Ordered Electronic Surveillance

Grand Jury Subpoenas

Search Warrants


34/373

Presentation to Law Enforcement

Agencies/Prosecutors

What is Company Policy?

Is Company Willing to Prosecute?

Company Policy

Desire to Publicize

Recovery of Loss

Reimbursement of Investigation

Reporting Identification of Internal Control

Deficiencies and Corrective Action Taken


35/37


36/373

Conclusion

Cost to HPs Reputation Far Greater to thatpaid to Investigators

Deep Price Paid for Loss in CorporateReputation, Employee Morale, Ability toAttract and Retain Leadership

Dont Do Anything Illegal to Tarnish YourProfessional Reputation and That of YourClient

All investigations should be conductedlegally and ethically


37/37

QUESTIONS/COMMENTS ?

Fred Cantz, CPA, CFE

Sr. Manager, Department of Internal Audit

University of Medicine and Dentistry of New

Jersey

[email protected]