the use of technology to automate the registration process ... · the use of technology to automate...
TRANSCRIPT
The use of technology to automate the registration
process within the Torrens system and its impact on
fraud: An analysis Rouhshi Low LLB, LLM, MIT
School of Law, Queensland University of Technology
Academic qualification for which this thesis is submitted: Doctor of Philosophy
Year submitted: 2008
I
Keywords Torrens system – fraud – internet – information technology – computer security –
Internet security – identity fraud - conveyancing – registration process – land
registration system - National Electronic Conveyancing System – NECS – digital
signatures – security of title – electronic registration system – public key
cryptography – public key infrastructure – digital certificates – indefeasibility of title
Abstract
Improvements in technology and the Internet have seen a rapid rise in the use of
technology in various sectors such as medicine, the courts and banking. The
conveyancing sector is also experiencing a similar revolution, with technology touted
as able to improve the effectiveness of the land registration process. In some
jurisdictions, such as New Zealand and Canada, the paper-based land registration
system has been replaced with one in which creation, preparation, and lodgement of
land title instruments are managed in a wholly electronic environment. In Australia,
proposals for an electronic registration system are under way. The research
question addressed by this thesis is what would be the impact on fraud of
automating the registration process. This is pertinent because of the adverse impact
of fraud on the underlying principles of the Torrens system, particularly security of
title. This thesis first charts the importance of security of title, examining how
security of title is achieved within the Torrens system and the effects that fraud has
on this. Case examples are used to analyse perpetration of fraud under the paper
registration system. Analysis of functional electronic registration systems in
comparison with the paper-based registration system is then undertaken to reveal
what changes might be made to conveyancing practices were an electronic
registration system implemented. Whether, and if so, how, these changes might
impact upon paper based frauds and whether they might open up new opportunities
for fraud in an electronic registration system forms the next step in the analysis. The
final step is to use these findings to propose measures that might be used to
minimise fraud opportunities in an electronic registration system, so that as far as
possible the Torrens system might be kept free from fraud, and the philosophical
objectives of the system, as initially envisaged by Sir Robert Torrens, might be met.
II
Table of Contents
CHAPTER 1: INTRODUCTION
1.1 Introduction
1.1.1 The research question
1.1.2 Research hypothesis
1.1.3 Impetus for this research
1.1.4 The Torrens system in the digital age
1.1.5 The effect of fraud on security of title
1.1.6 Need for research
1.1.7 The aim of this research and its significance
1.2 Methodology
1.3 Scope of this research and its limitations
1.4 Chapter outlines
1.5 Conclusion
CHAPTER 2: THE IMPORTANCE OF MINIMISING FRAUD IN THE TORRENS
SYSTEM OF LAND REGISTRATION
2.1 Introduction
2.2 The principles and objectives of the Torrens system
2.2.1 The importance of achieving security of title and facility of transfer in
a land registration system
2.2.1.1 Conceptualising security of title and facility of transfer in terms of
static and dynamic security
2.2.2 In what way was Torrens able to achieve these two concepts of
security of title and facility of transfers?
2.2.2.1 Achieving security of title
2.2.2.2 Achieving facility of transfer
2.3 Fraud within the Torrens system
2.4 The effect of fraud on security of title and facility of transfer
2.4.1 How does the Torrens system deal with the conflict between static
and dynamic security?
2.5 Why is it important that fraud be minimised so that security of title can
be maintained?
III
2.5.1 Current lack of analysis of the impact on fraud of automating the
registration process and of possible measures to minimise fraud
within an electronic environment
2.6 Conclusion
CHAPTER 3: OPPORTUNITIES FOR FRAUD IN THE TORRENS SYSTEM USING
A PAPER BASED REGISTRATION PROCESS
3.1 Introduction
3.2 Incidence of fraud within the paper registration system
3.3 Implications from the incidence of paper-based frauds
3.3.1 Trends in fraud perpetration
3.3.2 Issues arising out of fraud trends which require further analysis
3.3.2.1 How is it that fraud may be perpetrated despite the existence of
certain conveyancing practices that are said to act as safeguards
against fraud?
3.3.2.1.1 Witnessing requirements
3.3.2.1.2 Use of the paper certificate of title
3.3.2.1.3 Examination process of instruments lodged for registration
3.3.2.2 Why are the majority of perpetrators known to the victim of the fraud?
3.3.2.3 Why is fraud perpetrated in this manner?
3.3.2.4 Why are mortgages and transfers the most common transactions
targeted?
3.3.3 Summary of issues for further analysis
3.4 Analysis of case examples
3.4.1 Forgery
3.4.1.1 Individual as victim of the fraud
3.4.1.1.1 Conclusions drawn
3.4.1.2 Corporation as victim of the fraud
3.4.1.2.1 Conclusions drawn
3.4.1.3 Forged power of attorney
3.4.1.3.1 Conclusions drawn
3.4.2 Alteration of document after execution
3.4.2.1 Conclusions drawn
3.4.3 Fraud by misleading or fraudulently inducing the victim into signing
relevant documentation
3.4.3.1 Conclusions drawn
IV
3.4.4 Fraud by impersonation of the victim or identity fraud
3.4.4.1 Conclusions drawn
3.5 Synthesis of findings
3.5.1 How is fraud perpetrated in the paper registration system?
3.5.2 Is the manner of perpetration of the fraud linked to certain
conveyancing practices and processes?
3.5.3 How are fraudulent persons able to circumvent certain conveyancing
practices that are said to act as a safeguard against fraud?
3.5.4 What factors may facilitate the perpetration of the fraud?
3.5.5 Do perpetrators act alone or do they act in collusion with others?
3.5.6 Why are the majority of frauds perpetrated by persons known to the
victim?
3.5.7 Are some types of fraud more susceptible to being perpetrated by
persons known to the victim while some types of fraud more
susceptible to those unknown to the victim?
3.5.8 Are some perpetrators better placed to perpetrate fraud than others?
3.5.9 Why does fraud normally involve mortgages or a combination of
transfers and mortgages?
3.6 How will automating the registration process within the Torrens
system impact on these findings?
3.7 Conclusion
CHAPTER 4: WHAT CHANGES MAY BE MADE TO CONVEYANCING
PRACTICES IF TECHNOLOGY WAS USED TO AUTOMATE THE REGISTRATION
PROCESS WITHIN THE TORRENS SYSTEM?
4.1 Introduction
4.2 Jurisdictional overview of the move towards an electronic registration
system
4.2.1 Proposed systems
4.2.2 Fully operational systems
4.2.2.1 Partial systems
4.2.2.2 Fully automated systems
4.3 Comparative analysis
4.3.1 Access
4.3.1.1 Who has access
4.3.1.2 How is access controlled
V
4.3.1.3 What is the process for obtaining access
4.3.1.4 Generation & transmission of the authentication mechanism used to
control access
4.3.1.5 System features: common and differing features
4.3.1.6 What will these changes mean for fraud opportunities?
4.3.2 Preparation, lodgement, examination and registration of land title
instruments
4.3.2.1 Preparation and lodgement
4.3.2.2 Examination
4.3.2.3 Registration – updating the register
4.3.2.4 System features: common and differing features
4.3.2.5 What will these changes mean for fraud opportunities?
4.3.3 Execution and witnessing of land title instruments
4.3.3.1 Technology used to replace handwritten signatures
4.3.3.1.1 System features: common and differing features
4.3.3.1.2 What will these changes mean for fraud opportunities?
4.3.3.2 Classes of authorised users entitled to digitally sign land title
instruments
4.3.3.2.1 System features: Common and differing features
4.3.3.2.2 What will this mean for fraud opportunities?
4.3.3.3 Client signing the authorisation form
4.3.3.3.1 System features: Common and differing features
4.3.3.3.2 What will these changes mean for fraud opportunities
4.3.3 The paper certificate of title
4.3.3.1 Use of the paper certificate of title
4.3.3.2 Use of a client identification process and certifications as to identity
4.3.3.3 System features: Common and differing features
4.3.3.4 What will these changes mean for fraud opportunities?
4.4 Conclusion
CHAPTER 5: CAN THE TYPES OF FRAUD PERPETRATED IN THE PAPER
REGISTRATION SYSTEM CONTINUE TO BE PERPETRATED IN AN
ELECTRONIC REGISTRATION SYSTEM?
5.1 Introduction
5.2 Forgery
VI
5.2.1 Method of perpetrating fraud by forgery in the paper registration
system
5.2.2 Likely changes due to automating the Torrens registration process
5.2.3 Impact of these changes on fraud by forgery
5.2.3.1 Individual as the client
5.2.3.1.1 Can this fraud be perpetrated in an electronic registration system?
5.2.3.1.2 Under what circumstances might this fraud be perpetrated?
5.2.3.1.3 Who might be the likely perpetrators of this fraud?
5.2.3.1.4 How might witnessing requirements be circumvented?
5.2.3.1.5 What factors may facilitate the perpetration of this type of fraud?
5.2.3.1.6 What are the transactions likely to be targeted by fraudulent persons?
5.2.3.1.7 Conclusions
5.2.3.2 Company as the client
5.2.3.2.1 Can this fraud be perpetrated in an electronic registration system?
5.2.3.2.2 Under what circumstances might this fraud be perpetrated?
5.2.3.2.3 Who might be the likely perpetrators of this fraud?
5.2.3.2.4 How might witnessing requirements be circumvented?
5.2.3.2.5 What factors may facilitate the perpetration of this type of fraud?
5.2.3.2.6 What are the transactions likely to be targeted by fraudulent persons?
5.2.3.2.7 Conclusions
5.2.3.3 Attorney as the client using falsified power of attorney
5.2.3.3.1 Can this fraud be perpetrated in an electronic registration system?
5.2.3.3.2 Under what circumstances might this fraud be perpetrated?
5.2.3.3.3 Who might be the likely perpetrators of this fraud?
5.2.3.3.4 How might witnessing requirements be circumvented?
5.2.3.3.5 What factors may facilitate the perpetration of this type of fraud?
5.2.3.3.6 What are the transactions likely to be targeted by fraudulent persons?
5.2.3.3.7 Conclusions
5.3 Fraudulent misrepresentations
5.3.1 Method of perpetrating fraudulent misrepresentation in the paper
registration system
5.3.2 Likely changes due to automating the Torrens registration process
5.3.3 Impact of these changes on fraud by fraudulent misrepresentations
5.3.3.1 Can this fraud be perpetrated in an electronic registration system?
5.3.3.2 Under what circumstances might this fraud be perpetrated?
5.3.3.3 Who might be the likely perpetrators of this fraud?
5.3.3.4 How might witnessing requirements be circumvented?
VII
5.3.3.5 What factors may facilitate the perpetration of this type of fraud?
5.3.3.6 What are the transactions likely to be targeted by fraudulent persons?
5.3.3.7 Conclusions
5.4 Fraudulent alterations
5.4.1 Method of perpetrating fraudulent alterations in the paper registration
system
5.4.2 Likely changes due to automating the Torrens registration process
5.4.3 Impact of these changes on fraud by fraudulent alteration
5.4.3.1 Can this fraud be perpetrated in an electronic registration system?
5.4.3.2 Under what circumstances might this fraud be perpetrated?
5.4.3.3 Who might be the likely perpetrators of this fraud?
5.4.3.4 What factors may facilitate the perpetration of this type of fraud?
5.4.3.5 What are the transactions likely to be targeted by fraudulent persons?
5.4.3.6 Conclusions
5.5 Identity fraud
5.5.1 Method of perpetrating identity fraud in the paper registration system
5.5.2 Likely changes due to automating the Torrens registration process
5.5.3 Impact of these changes on identity fraud
5.5.3.1 Can this fraud be perpetrated in an electronic registration system?
5.5.3.1.1 Systems where certificates of title are not used
5.5.3.1.2 Systems using electronic certificates of title
5.5.3.2 Under what circumstances might this fraud be perpetrated?
5.5.3.3 Who might be the likely perpetrators of this fraud?
5.5.3.4 What factors may facilitate the perpetration of this type of fraud?
5.5.3.5 What are the transactions likely to be targeted by fraudulent persons?
5.5.3.6 Conclusions
5.6 Fraud by solicitors
5.6.1 Opportunities for solicitors to perpetrate fraud in the paper
registration system
5.6.2 Likely changes affecting fraud by solicitors after automating the
Torrens registration process
5.6.3 Impact of these changes on the opportunities for solicitors to
perpetrate fraud in an electronic registration system
5.7 Synthesis of findings: what is the impact of automating the Torrens
registration process on the paper based frauds identified in Chapter
3?
VIII
5.7.1 Can the frauds currently being perpetrated in the paper registration
system continue in an electronic registration system?
5.7.2 Would the manner of perpetration be altered due to changes in
conveyancing practices?
5.7.3 Where conveyancing practices might act as safeguards against
fraud, how could these be circumvented?
5.7.4 Who might be the likely perpetrators of these types of fraud in an
electronic registration system?
5.7.5 Are these perpetrators likely to act alone or in collusion with others?
5.7.6 In an electronic registration system, which frauds could be
perpetrated by those known to the victim and which by those
unknown?
5.7.7 For frauds persisting in an electronic registration system, will
opportunistic fraud by those known to the victim continue to be the
more prevalent?
5.7.8 Which factors might facilitate the perpetration of these frauds in an
electronic registration system?
5.7.9 Will solicitors continue to have an opportunity to perpetrate fraud in
an electronic registration system?
5.7.10 In an electronic registration system, is it likely that mortgages or a
combination of mortgages and transfers will continue to be targeted?
5.8 Conclusion
CHAPTER 6: WILL AN ELECTRONIC REGISTRATION SYSTEM INTRODUCE
NEW OPPORTUNITIES FOR PERPETRATING FRAUD?
6.1 Introduction
6.2 A new opportunity for fraud?
6.3 How may this type of fraud be perpetrated?
6.3.1 Those with no access and unable to digitally sign instruments
6.3.1.1 Obtaining access
6.3.1.1.1 Circumventing the identification or registration process
6.3.1.1.2 Circumventing the authentication process
6.3.1.2 Being able to digitally sign instruments
6.3.1.2.1 Systems using PKI to control access and to digitally sign documents
6.3.1.2.2 Systems not using PKI to control access but to digitally sign
documents
IX
6.3.2 Access but no ability to digitally sign instruments
6.3.3 Conclusions
6.4 Could there be safety mechanisms to act as a check against this type
of fraud?
6.5 Who might be the likely perpetrators of this type of fraud
6.6 What are the likely factors that may facilitate this type of fraud
6.7 Conclusion
CHAPTER 7: THE TYPES OF MEASURES THAT MAY BE USED IN AN
ELECTRONIC REGISTRATION SYSTEM TO MINIMISE FRAUD
7.1 Introduction
7.2 Drivers of fraud
7.3 Forgery
7.3.1 Individual as client
7.3.1.1 Processes for executing the authorisation form
7.3.1.2 Compliance with witnessing requirements
7.3.1.3 Ensuring that the witness’ signature was not forged
7.3.1.4 Effectiveness in preventing fraud
7.3.2 Company as client
7.3.2.1 Effectiveness in preventing fraud
7.3.3 Attorney as client under false power of attorney
7.3.3.1 Effectiveness in preventing fraud
7.4 Fraudulent alterations
7.4.1 Notification of alterations
7.4.2 Tracking changes
7.4.3 ‘Locking’ and examination of instruments lodged for registration
7.4.4 Restricting access privileges
7.4.5 Effectiveness of technological measures in minimising fraud
7.5 Misleading the signatory
7.6 Identity fraud
7.6.1 Documents used to verify identity
7.6.2 Whose identity is to be verified?
7.6.3 Who verifies identity and when should identity be verified
7.6.4 Steps taken to verify identity
7.6.5 Effectiveness in preventing identity fraud
7.6.5.1 Improving the issuing process of identity documents
X
7.6.5.2 Improving the accuracy of identity information held on databases
7.6.5.3 Improving the security of identity documents
7.7 Fraudulently accessing, preparing, digitally signing & lodging
instruments for registration
7.7.1 Measures to secure the digital certificate/PSP for digital signatures
7.7.1.1 Strengthening the registration process for obtaining digital
certificates/PSPs
7.7.1.2 Secure methods for generating digital certificates/PSPs
7.7.1.3 Secure storage and usage of digital certificates/PSPs
7.7.1.4 Secure selection and usage of passwords
7.7.2 Measures to strengthen the de-registration process
7.7.3 Safety mechanisms
7.7.3.1 Permanent client identification numbers
7.7.3.2 One-off client identification numbers
7.7.3.3 Notification mechanism
7.8 Preventing internal fraud
7.8.1 Entry controls
7.8.2 Regular monitoring of personnel
7.8.3 Audit trails
7.8.4 Education and training
7.8.5 Creating an anti-fraud culture
7.8.6 Fraud reporting and response
7.8.7 A fraud control policy
7.9 Summary
7.10 Conclusion
CHAPTER 8: CONCLUSION
8.1 The importance of this research
8.2 Research findings
8.3 Areas for further research
Appendix A: Compensation claims made against the States of Queensland, South
Australia and Tasmania for the period 1989 to 2005
Bibliography
XI
Statement of original authorship:
The work contained in this thesis has not been previously submitted for a degree or
diploma at any other higher education institution. To the best of my knowledge and
belief, the thesis contains no material previously published or written by another
person except where due reference is made.
Signed:
Date:
Acknowledgments
I would like to thank my supervisors, Sharon Christensen, Bill Duncan and Ernest
Foo, for their support and encouragement throughout my candidature. I am
extremely grateful to Max Locke, Registrar of Titles (Queensland), for his help in
providing me with the requested data as well as involving me in the National
Electronic Conveyancing State Project Team. I also owe gratitude to the following
people: the Registrar of Titles in Victoria, Tasmania and South Australia for
supplying me with data on fraud compensation claims; Steve Smith, Thomas Cutler
and Rod Thomas for patiently answering all my queries; Darcy Hammett for not only
answering my numerous questions but also reading through a first draft of this
thesis; Bill Dixon, for ongoing help and encouragement; Michael Weir, for his helpful
comments; Geoff Foster, for proof-reading and editing this thesis at short notice
(thank you Geoff!); Frances Hannah, life-coach extraordinaire; Mark Burdon, for help
in formatting this thesis and lending a supportive ear whenever it was needed and
Tzyy Shang Low, for providing sage brotherly advice when it was required.
Katherine Samuelowicz, who provided me with love and support throughout my
university life and beyond – I am extremely grateful for this - thank you. Christian
Bernat, I couldn’t have done this without you, thank you for being there, for your
support and for your understanding. And finally, I would like to thank my parents for
their unwavering love and support; without them I would not be where I am today.
1
CHAPTER 1
INTRODUCTION
Table of contents
1.1. Introduction.........................................................................................................2 1.1.1 The research question ..................................................................................2 1.1.2 Research hypothesis.....................................................................................2 1.1.3 Impetus for this research...............................................................................2 1.1.4 The Torrens system in the digital age............................................................3 1.1.5 The effect of fraud on security of title.............................................................5 1.1.6 Need for research .........................................................................................7 1.1.7 The aim of this research and its significance.................................................8
1.2. Methodology .......................................................................................................9 1.3. Scope of this research and its limitations ..........................................................11 1.4. Chapter outlines................................................................................................12 1.5. Conclusion........................................................................................................16
2
Chapter 1: Introduction
1.1. Introduction
1.1.1 The research question
The research question addressed by this thesis is twofold:
• will automating the registration process within the Torrens system of land
registration have an impact on opportunities for perpetrating fraud?
• can fraud minimisation strategies be used to counter this fraudulent conduct?
1.1.2 Research hypothesis
The hypothesis to be tested by this research is as follows:
Automating the registration process will not alter the opportunities for
perpetrating frauds that are possible in the paper registration system, with
the possible exception of reduced opportunities for fraudulent alterations.
Moreover, automating the registration system will introduce new
opportunities for perpetrating fraud.
1.1.3 Impetus for this research
The lack of detailed and comprehensive analysis of the impact on fraud of using
technology to automate the registration process within the Torrens system in
Australia, or of the types of measures that might be used to minimise these frauds,
is the impetus for this research. This study is vital, given the importance of the twin
objectives of the Torrens system: providing for security of title and facilitating title
transfers. As will be shown in Chapter 2, fraud has a negative impact on both of
these, particularly on security of title. So it is imperative that critical analysis be
undertaken to examine the impact on fraud of automating the registration process of
the Torrens system, as well as investigating the ways by which these opportunities
for fraudulent conduct may be reduced.
3
1.1.4 The Torrens system in the digital age
The Torrens system of land registration has been in operation in Australia since it
was first introduced into South Australia in 1858 by Sir Robert Torrens.1 As will be
seen in the next chapter, Torrens wanted to create a system that “would be simple,
inexpensive, and fast” and capable of “giving a secure and accurate title”.2 To
achieve this, a central register containing records of the parcels of land coming
within the system was established. This register became the focal point of the
system since it was the register that provided the source of title and it was the act of
registration that created the legal interest in the land. It was established that the
‘register of title is a mirror which reflects accurately and completely and beyond all
argument the current facts that are material to a man’s title,’3 so that the information
that is shown on the mirror is deemed to be complete and accurate.4 A title that is
so registered is deemed ‘free from all adverse burdens, rights and qualifications
unless they are mentioned on the register’.5 Further, as the register was intended to
be the sole source of information for purchasers, they would have no need to look
beyond what was stated on the register.6 Torrens also recognised that ‘through
human frailty’7 a flaw might appear on the mirror of title. In these circumstances,
compensation would be provided to the person suffering loss as a consequence of
this flaw. These underlying principles have formed the basis of the Torrens system
since its inception in 1858.
Recent years have seen rapid improvements in information technology and an
increased reliance on its use in various sectors, such as banking, medicine,
construction, and the courts system. Within the conveyancing sector, it was as early
as 1967 that Whalan recognised the importance of technology in the land
registration system, calling for the use of technology to improve the effectiveness of
the registration process8 and in 1981, Kirby J wrote that:
1 The current Torrens legislation in each State in Australia is: Transfer of Land Act 1958 (Vic), Real
Property Act 1900 (NSW), Land Title Act 1994 (Qld), Real Property Act 1886 (SA), Land Title Act 2000 (NT), Land Titles Act 1925 (ACT), Land Titles Act 1980 (Tas) and Transfer of Land Act 1893 (WA).
2 Robert White, 'The Elements of a Torrens Title' (1973) 11 Alberta Law Review 392, 396. See also James Edward Hogg, The Australian Torrens System (1905), 2: “The Australian system has been said to aim at combining security of title to land with facility in its transfer” and Warrington Taylor, 'Scotching Frazer v Walker' (1970) 44 Australian Law Journal 248, 250.
3 Theodore Ruoff, An Englishman Looks at the Torrens System (1957), 8. 4 Ibid, 16. 5 Ibid, 8. 6 Ibid, 11. 7 Ibid,17. 8 Douglas Whalan, 'Electronic Computer Technology and the Torrens System' (1967) 40 Australian
Law Journal 413.
4
the system of Torrens title…and the specially rapid computerisation of the records of
local and other land use authorities, makes the penetration of land title conveyancing
by computers inevitable. The controversy is one about timing.9
Since then, technology has been making increasing inroads into land registration
systems. The extent to which technology has been incorporated into these systems
differs from jurisdiction to jurisdiction. In some jurisdictions, such as New Zealand, a
fully automated land registration process has replaced the traditional paper
registration process. In contrast, other jurisdictions have only partially automated
their registration processes. In Australia, whilst an electronic register to record title10
is used in all States and Territories, none of them have introduced a fully automated
registration to replace the paper registration process. Currently, two electronic
systems have been proposed. One is the National Electronic Conveyancing System
(NECS)11 which is being developed by the National Steering Committee, a
committee made up of government and industry representatives12 of all the States
and Territories in Australia. Another is a system being developed by the Department
9 Michael Kirby, 'The computer, the Individual and the Law' (1981) 55 Australian Law Journal 443,
455. 10 Transfer of Land Act 1958 (Vic) s 27: ‘(2) Subject to the regulations, the Registrar a) may keep the
Register-(i) in any form or combination of forms; and(ii) on any medium or combination of mediums; and (iii) in any manner that he or she thinks fit; and (b) may at any time vary the medium, form or manner in which the Register or a part of the Register is kept’; Real Property Act 1900 (NSW) s 31B: ‘(3) The Register may be maintained in or upon any medium or combination of mediums capable of having information recorded in or upon it or them. (4) The Registrar-General may, from time to time, vary the manner or form in which the whole or any part of the Register is maintained’; Land Title Act 1994 (Qld) s 8: ‘(1) A register kept by the registrar may be kept in the form (whether or not in a documentary form) the registrar considers appropriate. (2) Without limiting subsection (1), the registrar may change the form in which a register or a part of a register is kept’; Real Property Act 1886 (SA) s51B: ‘Where the Registrar-General is required by this or any other Act or any other law to register title to land or record any other information relating to land, the Registrar-General may register the title or record the information by an electronic, electromagnetic, optical or photographic process and, in that case, the provisions of this Act …and any other relevant Act will be construed so as to apply to, and in relation to, the registration of title or recording of information by that process and in particular-- (a) the term "Register Book" will be taken to include the records maintained by the Registrar-General pursuant to this section relating to the land’; Land Title Act 2000 (NT) s 6: ‘(3) The land register may be kept in the form (whether or not in a documentary form) the Registrar-General considers appropriate. (4) The Registrar-General may change the form in which the land register or a part of the land register is kept’; Land Titles Act 1925 (ACT) s 43: ‘(2) The registrar-general may – (a) keep the register – (i) in such form or combination of forms; and (ii) on such medium or combination of media; and (iii) in such manner; as the registrar-general thinks fit…(3) A reference to a medium in subsection (2) includes but is not limited to – (a) a computer’; Land Titles Act 1980 (Tas) s 33: ‘(3) Subject to any regulation under this section the Register may be kept wholly or partly – (a) on paper, on microfilm, or in or on such other medium as may be approved by the Recorder; or (b) in such device for storing or processing information as may be approved by the Recorder’; and Transfer of Land Act 1893 (WA) s 48: ‘(2) The Register may be maintained in any medium for the storage and retrieval of information or combination of such media — (a) whether or not the kind of medium is the same as that in which the information was originally presented for registration or lodgment’.
11 The website for the national electronic conveyancing system is: http://www.necs.gov.au/, and see National Electronic Conveyancing System, How the National Electronic Conveyancing System (NECS) Will Work (2005) <http://www.necs.gov.au/How-NECS-will-work/default.aspx> at 18 April 2006.
12 All States and Territories are represented in the National Steering Committee.
5
of Sustainability and Environment in Victoria. Both are in the proposal stage,
although the Victorian system is more advanced in its progress than the NECS.
1.1.5 The effect of fraud on security of title
The concept of a secure title and its importance generally for a growing economy, as
well as its importance within the Torrens system, has been well documented.13
Within the Torrens system, the concept of security of title, usually referred to as
‘indefeasible title’, has been referred to as the ‘foundation of the Torrens system of
title’,14 the ‘keystone’15 of the Torrens system and ‘is central in the system of
registration’.16 Generally, the literature on the need for certainty and security in
property rights concludes that there is a strong correlation between clearly defined
and secure property rights and efficient market investments. It has been reasoned
that the greater an individual’s security in his/her title, the less will be that
individual’s uncertainty in using and trading in those rights, hence an overall
increase in confidence in trading in them.17 However, in order for individuals to be
able to trade in these rights, the purchasers must also be secure in their
acquisitions, hence the importance of providing an environment that facilitates
transfers of title. As noted by O’Connor,18 existing owners of property must be
13 For example Armen Alchian and Harold Demsetz, 'The Property Right Paradigm' (1973) 33(1)
Journal of Economic History 16, Harold Demsetz, 'Towards a Theory of Property Rights' (1967) 57 American Economic Review 347, David Palmer, 'Security, Risk and Registration' (1998) 15 Land Use Policy 83, Joyce Palomar, 'Land Tenure Security as a Market Stimulator in China' (2002) 12(1) Duke Journal of Comparative and International Law 7, Joyce Palomar, 'Contributions Legal Scholars Can Make to Development Economics: Examples from China' (2004) 45(3) William and Mary Law Review 1011, Hernando deSoto, The Mystery of Capital (2000), Johan Torstensson, 'Property Rights and Economic Growth - An Empirical Study' (1994) 47 Kyklos 231, Arthur Goldsmith, 'Democracy, Property Rights and Economic Growth' (1995) 32(2) Journal of Development Studies 157, Gershon Feder and Akihiko Nishio, 'The Benefits of Land Registration and Titling: Economic and Social Perspectives' (1999) 15 Land Use Policy 25, Joel M Ngugi, 'Re-Examining the Role of Private Property in Market Democracies: Problematic Ideological Issues Raised by Land Registration' (2004) 25 Michigan Journal of International Law 467, Pamela O'Connor, Security of Property Rights and Land Title Registration Systems (PhD Thesis, Monash University, 2003), Frank Byamugisha, The Effects of Land Registration on Financial Development and Economic Growth: A Theoretical and Conceptual Framework (1999) <http://www-wds.worldbank.org/servlet/WDS_IBank_Servlet?pcont=details&eid=000094946_99122006330167> at 16 January 2006.
14 Bahr v Nicolay (No 2) (1988) 164 CLR 604, 613. 15 Douglas Whalan, The Torrens System in Australia (1982), 19. 16 Frazer v Walker [1967] 1 AC 569, 580–581. 17 See Timothy Besley, 'Property Rights and Investment Incentives: Theory and Evidence From
Ghana' (1995) 103(5) Journal of Political Economy 903 and Robert Ellickson, 'Property in Land' (1993) 102 Yale Law Journal 1315, Thomas Miceli, CF Sirmans and Geoffrey Turnbull, 'Title Assurance and Incentives for Efficient Land Use' (1998) 6(3) European Journal of Law and Economics 305, 306. See also Joyce Palomar, 'Land Tenure Security as a Market Stimulator in China' (2002) 12(1) Duke Journal of Comparative and International Law 7, Joyce Palomar, 'Contributions Legal Scholars Can Make to Development Economics: Examples from China' (2004) 45(3) William and Mary Law Review 1011, David Palmer, 'Security, Risk and Registration' (1998) 15 Land Use Policy 83, Otomunde Johnson, 'Economic Analysis, the Legal framework and Land Tenure Systems' (1972) 15 Journal of Law and Economics 259, 259.
18 Pamela O'Connor, Security of Property Rights and Land Title Registration Systems (PhD Thesis, Monash University, 2003).
6
secure in their title (that they will not be deprived of their property), but
correspondingly purchasers must also be secure in their acquisition of property (that
they are acquiring a title free of prior claims). These two types of security
correspond with Torrens’ objectives of devising a system that would facilitate
transfers of land as well as providing owners with security of title. Demogue19 terms
the first type ‘static security’ and the second ‘dynamic security’.
An occurrence where there has been a fraudulent dealing with a registered
proprietor’s title to land, and where a bona fide purchaser for value obtains title to
the subject land without notice of the fraud, causes a conflict between the owner
who has been deprived of title and the bona fide purchaser. Where this conflict
occurs, it has been said that a land registration system can be designed to enforce
one of the two competing interests – the owner deprived of title or the bona fide
purchaser20 but that it cannot protect both.21 The Torrens system, through the
principle of immediate indefeasibility, provides a stronger protection for innocent
purchasers of title but at the expense of the original owner deprived of title. Hence,
the impact of fraud is that it derogates from an owner’s static security and erodes
from the owner the confidence that he/she is able to hold title securely.
Correspondingly, the owner’s confidence in the system as a whole would also be
reduced.
Thus it is argued that it is critical, whether using paper or an electronic registration
process, that the Torrens system operates in such a framework that the occurrence
of fraud can be minimised. However, this can only be achieved after a detailed and
comprehensive analysis of the fraud risks within the Torrens system, including the
ways that fraud occurs and what factors may facilitate it. By understanding the fraud
risks faced by stakeholders in the Torrens system, strategies to minimise each of
them may be devised, to ensure that the twin objectives of the system can be
achieved.
19 Rene Demogue, 'Security' in A Fouillee (ed), Modern French Legal Philosophy (1986). 20 Baird defines this as ‘the person who last acquired the land via a sequence of consensual
transfers’: Douglas Baird and Thomas Jackson, 'Information, Uncertainty and the Transfer of Property' (1984) 13 Journal of Legal Studies 299, 301.
21 Baird ibid at 300: ‘In a world where information is not perfect, we can protect a later owner’s interest fully, or we can protect the earlier owner’s interest fully. But we cannot do both’. See also Mary-Anne Hughson, Marcia Neave and Pamela O'Connor, 'Reflections on the Mirror of Title: Resolving the Conflict Between Purchasers and Prior Interest Holders' (1997) 21 Melbourne University Law Review 460, 461: ‘[t]here are two main ways of resolving such conflicts. One approach is to protect the holder of an interest by preventing the transferor from passing a title which he or she lacks…The alternative approach, typified by systems of registration of title, is to protect innocent purchasers of interests, regardless of whether or not the transferor has a good title’.
7
1.1.6 Need for research
I submit that, at present, there is a lack of detailed and comprehensive analysis in
Australia of the impact on fraud of automating the registration process within the
Torrens system, as well as a lack of analysis of the types of measures that may be
used to minimise fraud. Given the importance of fraud minimisation, undertaking
such an examination is imperative.
It is within this context that this research is being undertaken. Thus far in Australia,
only two studies have analysed the impact of automating the registration process
within the Torrens system on fraud and have examined possible measures that may
be used to minimise these fraud risks. One was undertaken by Clayton Utz on
behalf of the National Electronic Conveyancing System Steering Committee22 in
response to proposals to implement a National Electronic Conveyancing System
(NECS) in Australia. The purpose of the assessment was to identify and assess all
of the risks associated with implementation of the National Electronic Conveyancing
System and to develop a cost-effective and equitable means of liability management
for all parties exposed to significant adverse outcomes. The second is an article by
me23 which compared the opportunities for fraud under the present paper-based
Torrens system with the proposed NECS, and also examined possible measures
that might be adopted to minimise fraud within NECS.
Both the Clayton Utz risk assessment and my article are relevant to this research, to
the extent that they both examine the various fraud risks associated with the
proposed NECS. In particular, both of them compare the occurrence of fraud under
the paper-based Torrens system with NECS and look at measures to minimise fraud
within NECS.
However, the analysis in both the risk assessment and the article were based on the
NECS, which at that stage was still in proposal form. Furthermore, the strategies
examined by the risk assessment to minimise fraud were restricted to examining the
various control strategies as provided for in the NECS Operations Description and
the NECS Business Model rather than investigating general strategies that might be
used for fraud prevention. 22 See National Electronic Conveyancing Office, Risk Assessment of the National Electronic
Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007.
23 Rouhshi Low, 'Opportunities for Fraud in the Proposed Australian National Electronic Conveyancing System: Fact or Fiction?' (2006) 13(2) Murdoch University Electronic Journal of Law 225.
8
1.1.7 The aim of this research and its significance
This study is intended to fill this gap in the literature by providing critical analysis of
how the perpetration of fraud may be altered by automating the registration process.
This is achieved by comparing fraud opportunities available in the Torrens system
where the registration process is conducted in a paper-based environment with a
corresponding automated registration process. However, rather than basing analysis
solely on the proposed NECS, this research will refer to electronic land registration
systems that are in operation in other Torrens jurisdictions. In this way a
comparative analysis may be undertaken to determine whether and, if so, in what
ways, various features of an electronic registration system24 might affect the
perpetration of fraud. Starting from this analysis, the study will then examine
possible measures to minimise fraud within the electronic registration system. It will
also analyse the fraud minimisation strategies used in the paper registration system
and their effectiveness, and discuss whether these strategies will still be relevant in
an electronic registration system.
Hence, the aim of this research is twofold:
• to identify the impact of automating the registration process on fraud within
the Torrens system, in particular to find:
� whether the types of fraud being perpetrated in the Torrens system
where the registration process is conducted in a paper-based
environment can continue to be perpetrated when registration has
been automated; and
� whether an electronic registration system might introduce new
opportunities for fraudulent conduct;
• to identify measures that might be used to minimise fraud in the electronic
registration system.
The significance of this research is that its findings may be used to inform
stakeholders within the conveyancing sector of the various fraud risks that can arise
in an automated registration process, as well as alerting them to measures that may
minimise these risks, thus assisting to ensure that the twin objectives of the Torrens
system are met in an electronic environment.
24 The term electronic registration system denotes the Torrens system where the registration process
has been automated. The term paper registration system will be used to denote the Torrens system where the registration process has not been automated.
9
1.2. Methodology
The primary research method used in this study is a comparison of the Torrens
system in Australia using a paper registration process with the Torrens system using
an automated registration process, to determine the following:
• the types of fraud that are currently being perpetrated in the paper
registration system;
• whether these types of fraud might continue to be perpetrated in an
electronic registration system;
• whether an electronic registration system will introduce a medium for new
opportunities for fraudulent conduct; and
• what measures could be implemented in the electronic registration system to
minimise fraud in that system.
The following steps were undertaken to enable this comparison to occur:
First, in order to establish a baseline for the types of frauds that might occur in the
paper registration system, data was obtained from various Land Title Offices in
Australia relating to claims made against the State for loss as a consequence of
fraud. This data was obtained by making a personal request to the Registrars of the
Land Titles Offices in all the States and Territories in Australia. The Registrars of
Titles for Victoria, Queensland, South Australia and Tasmania responded by
providing me with data covering compensation claims made during the period 1989
to 2005. For the States of Western Australia and New South Wales, this study will
use the data obtained by Hammond25 in her study in 2000 that examined the impact
on fraud of abolishing the paper certificate of title.
This data was used to find common trends in the perpetration of fraud in the Torrens
system using a paper based registration process, including a profile of the most
common perpetrators of these types of fraud and the types of transactions usually
targeted by them.
Case examples were then used to augment these findings by facilitating an in-depth
and comprehensive analysis of:
• the methods by which these frauds are perpetrated; 25 See Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on
Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115.
10
• the factors that facilitate the perpetration of the fraud;
• how certain practices that are meant to act as safeguards against fraud may
be circumvented by fraudulent persons;
• the reasons why certain perpetrators are more likely – or have a better
opportunity – to perpetrate fraud than others; and
• the reasons why certain transactions are targeted by these fraudulent
persons.
These case examples comprise reported Australian and International cases
involving loss of title due to fraud as well as compensation claims made against the
State of Queensland for loss caused by fraud. The reported cases were obtained
using library database search engines. Information about the compensation claims
made against the State of Queensland were provided to me by the Queensland
Registrar of Titles, Mr Max Locke, and reproduced in Appendix A of this research.
Due to the voluminous nature of these cases, it was not possible for this research to
examine in detail every case involving fraud. Instead, analysis is restricted to those
cases that best illustrate the characteristics of the types of fraud that may occur in
the paper registration system.
Second, salient features of those electronic land registration systems that are fully
operational, and those systems proposed in Australia, were examined to identify
changes that will be made to conveyancing practices and requirements of the paper
registration system if the paper registration system is replaced with an electronic
registration system. An internet-based search was conducted to determine which
Torrens jurisdictions are using an electronic registration system. From there, in-
depth information about the features of the system, including its operational
requirements, was obtained by various means. These include downloading
operational guides from the system’s websites and personally requesting additional
information from the system’s help desk.
Once these changes had been determined, their impact upon fraud opportunities
and the various strategies that might be used to minimise these opportunities could
then be analysed.
The findings from this analysis could then be used to answer the research question
posed by this thesis; they would also enable the hypothesis to be tested and
appropriate conclusions to be drawn.
11
1.3. Scope of this research and its limitations
This research is undertaken within the context of the Torrens system of land
registration as introduced by Sir Robert Torrens to South Australia in 1858. Although
there are jurisdictional differences in Torrens legislation across the various
Australian States and Territories, the underlying framework is essentially the same.
Accordingly, for the purposes of this research, any reference to the Torrens System
should be treated as a reference to the underlying framework introduced by Torrens,
having Australia-wide application.26
This study will analyse two different types of registration process: the registration
process conducted within a paper-based Torrens system, in which land title forms
are prepared on paper and physically lodged with the Land Titles Office; and the
registration process within an automated Torrens system, where land title
instruments are prepared and lodged in a wholly electronic environment.27
Within these distinct processes, the underlying principles of the Torrens system
remain the same, whether registration operates within a paper-based or electronic
environment.
The fraud that is the focus of this research is restricted to those cases where there
has been a fraudulent dealing with a registered proprietor’s title during the
conveyancing and registration process that has led to a claim for compensation as a
result of loss caused by the fraud. This research will not be examining every type of
fraud that may be involved in a land transaction, such as value fraud, where the
value of a property has been artificially inflated.
In proposing fraud minimisation measures for an electronic registration system, I am
not suggesting that implementing these measures will lead to the complete
prevention of fraud; I recognise that it may be impossible to eradicate it. My goal is
to identify measures that can operate to minimise its occurrence. Further, whilst the
measures suggested by this research will include technological measures, it is
recognised that, since technology is evolving at a rapid rate there may be various
types of technology that could be used to minimise fraud. Thus, identifying the
26 For the current Torrens legislation in each State in Australia, see footnote 1. 27 As noted above in footnote 24, for the purposes of this research, the term ‘electronic registration
system’ is used to describe the Torrens system using a fully automated registration process and the term ‘paper registration system’ to describe the Torrens system using a paper based registration process.
12
precise type of technology that may be used to prevent fraud in an electronic
registration system is beyond the scope of this study.
Finally, the scope of this research is restricted to analysing the effects on fraud of
automating the registration process within the Torrens system. This is not a
quantitative analysis to find whether there might be more or less fraud in an
electronic registration system. Rather, it is a comparative analysis between the
paper and electronic registration systems to determine whether there might be
differences between them in:
1. opportunities for fraud between these two systems;
2. the manner in which fraud may be perpetrated;
3. the types of factors that might facilitate fraud;
4. the types of transactions targeted by fraudulent persons; and
5. the types of perpetrator of fraud.
As noted earlier, data on compensation claims was available only from Victoria,
Queensland, South Australia and Tasmania for the period 1990 to 2005 and was
unavailable from Western Australia and New South Wales. For Western Australia
and New South Wales, the data analysed will rely on that obtained by Hammond in
her study conducted in 2000.28
1.4. Chapter outlines
Chapter 1 : This chapter has introduced the concepts and issues are examined in
this thesis; it has also set out the aims of this research, its scope, and the
methodology used to answer the research question.
Chapter 2 : This chapter will set the context within which this research is being
undertaken, demonstrating why fraud minimisation is such a vital concept for the
successful functioning of the Torrens system, in whatever environment. Chapter 2
will analyse sources that describe the underlying principles and objectives of the
Torrens system, as well as examining the importance of achieving these objectives,
in particular that of providing security of title. This chapter will also demonstrate the
importance of security of title, not only for the successful functioning of a land
registration system, including the Torrens system, but also for the economic
wellbeing of a modern economy. This chapter will then examine the concept of
28 See Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on
Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115.
13
fraud, to determine the scope of fraud that will be the focus of this research. The
impact of fraud on the goals and principles of the Torrens System will then be
examined; it will be shown that fraud has the effect of eroding the confidence of
registered proprietors in their ability to hold title securely and that this can lead to a
reduction in their confidence in the Torrens system. It will argue that the success of
the Torrens system depends on its ability to instil confidence in its users in the
security of their title, and that this confidence is well placed, whether in a paper or
electronic environment. Hence it is postulated that the registration process of the
Torrens system in Australia should not be fully automated until the risks of fraud
emerging from such a transition have been carefully analysed and examined. This is
the chief aim of this research. Finally, in setting the context within which this
research is being undertaken, this chapter will also provide an overview of the
literature that has an impact on this research to demonstrate the gaps in it that this
study intends to fill.
Chapter 3 : This chapter will analyse the ways in which fraud is currently being
perpetrated in the paper registration system. To do this, it will use data obtained
from the various Land Titles Offices in Australia relating to compensation claims
made against the State for loss caused by fraud, elucidating common trends in the
perpetration of fraud in the Torrens system in Australia, including profiles of the most
common perpetrators of these types of fraud and the kinds of transaction usually
targeted by them. Given these findings, case examples will then be analysed in this
chapter for the purposes of examining:
• the methods by which these frauds are perpetrated, including whether the
perpetrator works alone or in collusion with others;
• the factors that facilitate the perpetration of the fraud;
• how certain practices that are said to act as safeguards against fraud might
be circumvented;
• the reasons why certain perpetrators, such as those who are known to the
victim of the fraud, are more likely than others to perpetrate fraud, or have a
better opportunity to do so;
• which types of fraud are more susceptible to being perpetrated by persons
known to the victim of the fraud and which types of fraud are more
susceptible to being perpetrated by persons unknown to the victim of the
fraud; and
14
• the reasons why certain transactions are targeted by these fraudulent
persons.
The conclusions drawn from this analysis will be used in Chapter 5 when comparing
whether the types of fraud occurring in the paper registration system may continue
to occur in an electronic registration system.
Chapter 4 : Chapter 4 will review what changes would be made to current
conveyancing practices and requirements where the registration process within the
Torrens system is automated. This will be achieved by examining the salient
features of electronic registration systems in which the registration process has
been fully automated and operational and of the electronic registration systems
proposed in Australia, so as to find what changes, if any, will be made to current
conveyancing practices and requirements that act as a safeguard against fraud. The
conclusions drawn from this analysis will be used in Chapters 5 and 6 to determine
how these changes in conveyancing practices and requirements might impact upon
the manner in which fraud may be perpetrated in an electronic registration system.
Chapter 5 : This chapter will use the analysis of Chapters 3 and 4 to find whether the
types of frauds that may be perpetrated in the paper registration system may
continue to be perpetrated in an electronic registration system. For those frauds that
are found likely to continue being perpetrated in an electronic registration system,
the following analysis will be undertaken:
• will the manner of perpetration of the fraud in the electronic registration
system be similar to that in the paper registration system?
• what factors might facilitate the perpetration of these frauds?
• who might be the likely perpetrators of these frauds?
• are these perpetrators likely to act alone or in collusion with others?
• which types of fraud may be more susceptible to being perpetrated by
persons known to the victim of the fraud and which to persons unknown to
the victim of the fraud?
• will the types of transactions targeted by fraudulent persons in the paper
system continue to be targeted in an electronic registration system?
• will solicitors continue to have the same opportunities for perpetrating fraud
as in the paper registration system or will these opportunities be reduced or
increased?
15
The findings from this analysis will then be compared to the findings obtained in
Chapter 3 and conclusions drawn.
Chapter 6: Chapter 6 will examine whether automating the registration process
within the Torrens system might introduce methods for fraudulent conduct that are
different from those in the paper system. For these new types of fraud, the following
analysis will be undertaken in this chapter and conclusions drawn:
• how will these frauds be perpetrated in the electronic registration system?
• what factors might facilitate the fraud?
• who are the likely perpetrators?
• are the perpetrators likely to act alone or in collusion with others; and
• whether these types of fraud would be more susceptible to being perpetrated
by persons known to the victim or by those unknown to the victim.
Chapter 7 : This chapter will examine the types of measures that could be adopted
to minimise the types of fraud identified in Chapters 5 and 6 that might occur in an
electronic registration system. Chapter 5 would have shown that some types of
fraud currently occurring in the paper system may continue to occur in the electronic
registration system.
For these frauds, an examination will be conducted in this chapter as to whether the
conveyancing practices used in the paper registration system as a safeguard
against fraud may continue to be relevant in an electronic registration system. This
examination will utilise the analysis, undertaken in Chapter 3, of the manner in which
these conveyancing practices could be circumvented by fraudulent persons. If these
conveyancing practices might continue to be relevant in an electronic registration
system, then this chapter will also consider whether these practices may be made to
function more effectively as safeguards against fraud, and if so, how.
In addition, where appropriate, other practices and measures that may be used to
minimise opportunities for fraudulent conduct will also be suggested, having regard
to the factors identified in Chapter 5 that act to facilitate the perpetration of these
frauds.
Chapter 6 would have shown that new opportunities for fraudulent conduct might
arise from implementation of an electronic registration system due to changes made
to conveyancing practices. For these new types of fraud, this chapter will utilise the
16
analysis from Chapter 6 of how these frauds might be perpetrated and the factors
that might act to facilitate them to establish the types of measures that may be
adopted to minimise these opportunities for fraudulent conduct. Finally, conclusions
will be drawn in this chapter as to the likely effectiveness of these measures against
fraud.
Chapter 8 is the concluding chapter. It will provide a synthesis of the conclusions
drawn in Chapters 3, 4, 5, 6 and 7, highlighting areas where automation of the
registration process will cause the most impact on opportunities for fraud. This
chapter will also suggest new areas of research arising from the findings of this
thesis.
1.5. Conclusion
Successful implementation of a fully automated registration process within the
Torrens system requires that the occurrence of fraud be minimised so that security
of title, a key pillar of the Torrens system, is maintained. Whilst there has been an
increasing level of encroachment of technology into the registration process in the
Torrens system, to date there has been no comprehensive academic research or
analysis undertaken on the impact of using technology to automate the registration
process on fraud, nor has there been any comprehensive research or analysis on
the type of measures that may be incorporated into a registration system using a
fully automated registration process to minimise fraud.
This research proposes to fill this gap in the literature and thus provide an original
contribution to knowledge by providing a comprehensive analysis on:
• the types of fraud that may occur in the paper registration system, the
manner in which these frauds are perpetrated, the factors that allow the
fraud to occur, the likely perpetrators of these types of fraud including
whether certain perpetrators have a better opportunity to perpetrate the fraud
than others and the transactions that are likely to be targeted by fraudulent
persons;
• whether these types of fraud occurring in the paper registration system may
continue to be perpetrated in an electronic registration system, and if so, by
whom, the type of factors that might facilitate these frauds and whether those
perpetrators who have a better opportunity to perpetrate fraud in the paper
registration system may continue to have similar opportunities in an
electronic registration system;
17
• whether an electronic registration system may introduce different
opportunities for fraud to occur and if so, the manner in which these frauds
may be perpetrated, the likely perpetrators of these frauds, the likely factors
that may facilitate the perpetration of these frauds; and
• what measures may be adopted to prevent these fraud from occurring in an
electronic registration system.
The end result is to identify the various fraud risks that may arise in an electronic
registration system and corresponding measures that may be used to minimise
these risks so that the Torrens system can operate in an environment that is
capable of minimising fraud.
18
CHAPTER 2
THE IMPORTANCE OF MINIMISING FRAUD IN THE TORRENS SYSTEM OF
LAND REGISTRATION Table of contents 2.1 Introduction........................................................................................................19 2.2 The principles and objectives of the Torrens System .........................................19
2.2.1 The importance of achieving security of title and facility of transfer in a land registration system...............................................................................................21
2.2.1.1 Conceptualising security of title and facility of transfer in terms of static and dynamic security .......................................................................................25
2.2.2 In what way was Torrens able to achieve these two concepts of security of title and facility of transfers?.................................................................................26
2.2.2.1 Achieving security of title ......................................................................29 2.2.2.2 Achieving facility of transfer..................................................................30
2.3 Fraud within the Torrens system........................................................................30 2.4 The effect of fraud on security of title and facility of transfer...............................34
2.4.1 How does the Torrens system deal with the conflict between static and dynamic security? ................................................................................................35
2.5 Why is it important that fraud be minimised so that security of title can be maintained?.............................................................................................................38
2.5.1 Current lack of analysis of the impact on fraud of automating the registration process and of possible measures to minimise fraud within an electronic environment .........................................................................................................39
2.6 Conclusion.........................................................................................................47
19
Chapter 2: The importance of minimising fraud in th e Torrens system of land registration
2.1 Introduction
Chapter 2 will show that minimisation of fraud is vital for the successful functioning
of the Torrens system, in either a paper or electronic environment, using established
literature on the Torrens system to examine its underlying principles and objectives.
This analysis will show that the two objectives of the Torrens system are to facilitate
transfers of title and to provide owners with a secure title. This concept of a secure
title, more commonly known as an indefeasible title, is the hallmark of the Torrens
system; security of title is vital to the proper functioning of a modern economy.
The scope of fraud that will be the focus of this research is fraud that causes a
deprivation of title. This type of fraud has the effect of causing a conflict between
the two objectives of the Torrens system, which through the principle of immediate
indefeasibility, favours facility of transfer over security of title. The effect of this, as
will be shown, is a derogation of an owner’s security of title, eroding the owner’s
confidence in the ability to hold title securely. Consequently it is postulated that the
owner’s confidence in the system as a whole will also be reduced. Given this
negative effect of fraud on security of title, it is therefore vital that the Torrens
system operate in a framework where fraud is minimised. However, to see how to
achieve this, the fraud risks within the Torrens system must first be analysed.
This chapter will demonstrate that at present, whilst there is a push towards
automating the registration process of the Torrens system in Australia, there is a
lack of detailed and comprehensive analysis of the effects of this on fraud. Neither
has there been any study on the types of measures that might be used to minimise
the occurrences of fraud within an electronic registration system. The aim of this
research, as noted in Chapter 1, is to fill this gap in the literature and to provide the
necessary analysis.
2.2 The principles and objectives of the Torrens Sy stem
The Torrens system, named after Sir Robert Torrens who conceived and introduced
the system into South Australia in 1858, has been adopted in all the States and
Territories in Australia, and in many other parts of the world such as New Zealand
and Canada. There is an abundance of literature on the Torrens system, its
20
underlying principles and its objectives.29 Torrens conceived the Torrens system to
rectify the problems he encountered as Registrar in administering the deeds system
in operation in South Australia. These included30:
• its complexity,
• its heavy costs, losses and perplexity for purchasers and mortgagees
because of the uncertainty relating to the validity of titles,
• the slowness of the conveyancing process, and
• diminution of the value of land as a secure and convenient basis of credit.
Torrens thought that all these defects of the deeds registration system stemmed
from the underlying principle of the deeds system, that no man could confer on a
purchaser or mortgagee a better title than he had.31 This characteristic of the deeds
system meant that every time a piece of land was dealt with, each step in the
devolution of title had to be examined to make sure (as far as it was possible to do
so) that it was valid and there were no outstanding equitable interests. Transfers of
title could not be completed until the historical search of title was concluded, with
each dealing requiring a fresh examination. The more complex the chain of title, the
longer it took to examine the chain and thus the more expensive it became. This
slowed down the transfer process.
Furthermore, as proof of title depended on evidence in the documents of title
themselves, difficulties arose where there was accidental loss, destruction, forgery
or alteration of these documents. An interest holder might lose everything despite
searching, if the title turned out to be defective in some way. For example, if one of
the deeds in the chain of title was forged the particular purchaser and subsequent
29 These include: P Moerlin Fox, 'The Story Behind the Torrens System' (1950) 23 Australian Law
Journal 489, Carmel MacDonald, Les McCrimmon and Anne Wallace, Real Property Law in Queensland (1998), Douglas Whalan, The Torrens System in Australia (1982), Theodore Ruoff, An Englishman Looks at the Torrens System (1957), Barry Goldner, 'The Torrens System of Title Registration: A New Proposal for Effective Implementation' (1982) 29 UCLA Law Review 661, John McCormack, 'Torrens and Recording: Land Title Assurance in the Computer Age' (1992) 18 William Mitchell Law Review 61, AG Lang, 'Computerised Land Title and Land Information' (1984) 10 Monash University Law Review 196, Lynden Griggs, 'Torrens Title in a Digital World' (2001) 8(3) Murdoch University Electronic Journal of Law , Robert Stein, 'The "Principles, Aims and Hopes" of Title by Registration' (1983) 9(2) Adelaide Law Review 267 & Robert Stein and Margaret Stone, Torrens Title (1991).
30 AG Lang, 'Computerised Land Title and Land Information' (1984) 10 Monash University Law Review 196, 197.
31 See for example Robert Stein, 'Sir Robert Richard Torrens, 1814-1884: Select Documents. Transcribed and With an Introduction by Robert Stein' (1984) 23(1) South Australiana 2, 20-28 which is an extract of a lecture given by Sir Robert Torrens at Kapunda on the South Australian Real Property Act. In that lecture, Sir Robert Torrens provides examples of the defects of the English deeds system.
21
proprietors acquired no interest in the property. This meant that the purchaser could
never be certain about the security of his/her title.
Torrens sought to rectify these problems encountered by the deeds system by
creating a land registration system that would be capable of giving both a secure
and accurate title as well as a system that would facilitate transfers of land.32
Before examining the manner in which Torrens sought to achieve the twin aims of
secure title and efficiency of transfers, an analysis as to the importance of achieving
these aims will first be undertaken, to demonstrate that the operation of these two
concepts is vital for fostering economic growth. This will be used to lay down the
foundation that forms the basis of this research – that it is vital that the Torrens
system should operate in an environment where both these concepts are capable of
being achieved, rather than one to the detriment of the other.
2.2.1 The importance of achieving security of title and facility of transfer in a
land registration system
Generally speaking, it has been said that the need for security33:
is one of the most important of the desiderata of social and legal life. The idea of
providing for the security of individuals is at the base of very important principles with
respect to the sources of law, whether public or private law.
Specifically, in terms of land, the strongest arguments for achieving certainty and
security in property rights are economic ones. It is well accepted that the more
certain and clearly defined are property rights, the more efficient are market
investments.34
32 See Robert White, 'The Elements of a Torrens Title' (1973) 11 Alberta Law Review 392, 396:
Torrens’ objective was to create a system that ‘would be simple, inexpensive, and fast, while at the same time giving a secure and accurate title’. See also James Edward Hogg, The Australian Torrens System (1905), 2: ‘The Australian system has been said to aim at combining security of title to land with facility in its transfer’; Warrington Taylor, 'Scotching Frazer v Walker' (1970) 44 Australian Law Journal 248, 250, and Robert Stein, 'The "Principles, Aims and Hopes" of Title by Registration' (1983) 9(2) Adelaide Law Review 267, 273. It should be noted that these two objectives are not mutually compatible. This will be discussed below.
33 Rene Demogue, 'Security' in A Fouillee (ed), Modern French Legal Philosophy (1986), 419. 34 See Timothy Besley, 'Property Rights and Investment Incentives: Theory and Evidence From
Ghana' (1995) 103(5) Journal of Political Economy 903 and Robert Ellickson, 'Property in Land' (1993) 102 Yale Law Journal 1315.
22
As explained by Miceli, Sirmans and Turnbull35:
Well-defined property rights in land decrease the risk of land expropriation, thereby
increasing the expected returns from investments in capital improvements and
stimulating such investments. In addition, well-defined property rights decrease the
risk to mortgage holders of losing their collateral to expropriation or competing
claims. This decreased collateral risk, the argument goes, lowers the mortgage risk
premium, thereby lowering marginal financing costs of capital improvements and
stimulating investment. Well–defined property rights also reduce the costs of
foreclosure, should such action become necessary. Lower foreclosure costs reduce
overall financing costs, thereby increasing the liquidity of land transactions. Finally,
well-defined property rights simply reduce transaction costs, thereby increasing the
likelihood that efficient transactions will be consummated.
These rights must also be capable of being held securely because without security,
‘people tend to devote their energies to protecting their claims to land. They tend not
to make the necessary investments of capital and labor for improving productivity
and meeting the needs of society’.36
It is also well accepted that there is a range of sources from which security in
property rights may be acquired, such as through the community or polity,37 and that
each source may provide different levels of security.38 Most experts39 agree that a
high degree of certainty and security in property rights is achievable through
formalising property ownership, land registration systems being the highest level of
35 Thomas Miceli, CF Sirmans and Geoffrey Turnbull, 'Title Assurance and Incentives for Efficient
Land Use' (1998) 6(3) European Journal of Law and Economics 305, 306. See also Joyce Palomar, 'Land Tenure Security as a Market Stimulator in China' (2002) 12(1) Duke Journal of Comparative and International Law 7 and David Palmer, 'Security, Risk and Registration' (1998) 15 Land Use Policy 83.
36 J David Stanfield, 'Insecurity of Land Tenure in Nicaragua' (Research Paper 120, Land Tenure Center, University of Wisconsin-Madison, 1995)1. Also see Walter Fairchild, 'Economic Aspects of Land Titles' (1937) 22 Cornell Law Quarterly 229, 229 and Henri AL Dekker, The Invisible Line: Land Reform, Land Tenure Security and Land Registration (2003), [4.14].
37 David Palmer, 'Security, Risk and Registration' (1998) 15 Land Use Policy 83, 85. 38 For a discussion of these different ways in achieving tenure security, see Geoffrey Payne (ed),
Land, Rights and Innovations (2002). 39 For example, Thomas Miceli, CF Sirmans and Joseph Kieyah, 'The Demand for Land Title
Registration: Theory with Evidence from Kenya' (2001) 3 American Law and Economics Review 275, H Gensler, 'Property Law as an Optimal Economic Foundation' (1996) 35 Washburn Law Journal 50, 64.
23
formalisation.40 A land registration system, such as the Torrens system, is said to
provide certainty and security by providing a formal definition of property rights in
land evidenced by the issuing of title to the property41 and by enlisting the state to
enforce these rights. By providing land owners with certainty and security in property
rights, a land registration system is said to remove ‘the uncertainty about the
holder’s claim to the property’ so as to ‘allow the holder to engage in the full range of
behaviours we associate with ownership, such as sale, rental, use as collateral, and
upgrading investments’42 thereby promoting trade and investment and fostering
economic growth.
For individuals to be able to trade in these rights, individuals who are purchasers of
rights must also be secure in their acquisition of them. As explained by O’Connor,43
existing owners of property must be secure in their title (that they will not be
deprived of their property) but, correspondingly, purchasers must also be secure in
their acquisition of property (that they are acquiring a title free of prior claims). As
seen in the deeds system, a land registration system that is not capable of
guaranteeing to purchasers that the title acquired is free from prior defects and
encumbrances requires purchasers to conduct an examination of all previous
dealings relating to the title. Even with this examination, if the title were defective in
some way, that purchaser and all future owners would not acquire an interest in the
property. In that respect, a purchaser under the deeds system could never be sure
40 See Jean O Lanjouw and Philip Levy, 'A Difficult Question in Deed: A Cost-Benefit Framework for
Titling Programs' (2004) 45(3) William and Mary Law Review 889, 897: ‘Title registration guarantees all rights shown in the land register and represents the highest level of formalization’. The provision of security through the adoption of a land registration system has been the subject of numerous research papers. See for example:Tim Hanstad, 'Designing Land Registration Systems for Developing Countries' (1998) 13 American University International Law Review 647, discussing when a land registration system is necessary; Jean O Lanjouw and Philip Levy, 'A Difficult Question in Deed: A Cost-Benefit Framework for Titling Programs' (2004) 45(3) William and Mary Law Review 889, exploring the potential benefits and costs of a land titling program to individuals who occupy land informally; Gershon Feder and Akihiko Nishio, 'The Benefits of Land Registration and Titling: Economic and Social Perspectives' (1999) 15 Land Use Policy 25, providing a summary of the economic benefits of land registration; Thomas Miceli, CF Sirmans and Geoffrey Turnbull, 'The Dynamic Effects of Land Title Systems' (2000) 47(3) Journal of Urban Economics 370, examining how title systems affect urban development in a market economy; Thomas Miceli, CF Sirmans and Geoffrey Turnbull, 'Title Assurance and Incentives for Efficient Land Use' (1998) 6(3) European Journal of Law and Economics 305, developing an economic analysis of a general class of land title systems, focusing on incentives for efficient exchange and investment in land; David Palmer, 'Security, Risk and Registration' (1998) 15 Land Use Policy 83, looking at different ways in which tenure security can be acquired apart from using a land registration system.
41 Joyce Palomar, 'Land Tenure Security as a Market Stimulator in China' (2002) 12(1) Duke Journal of Comparative and International Law 7, fn 2.
42 Jean O Lanjouw and Philip Levy, 'A Difficult Question in Deed: A Cost-Benefit Framework for Titling Programs' (2004) 45(3) William and Mary Law Review 889, 899. Also see Otomunde Johnson, 'Economic Analysis, the Legal framework and Land Tenure Systems' (1972) 15 Journal of Law and Economics 259, 259.
43 Pamela O'Connor, Security of Property Rights and Land Title Registration Systems (PhD Thesis, Monash University, 2003).
24
of the security of his/her purchase. This type of system does not promote facility of
transfer, because the purchaser is not provided with security of his/her acquisition of
property. It also has the effect of increasing the cost of transactions, which may in
turn impede market efficiencies. Coase44 was the first to theorise about market
efficiencies and transaction costs, which cover expenses associated with market
dealings, such as the costs incurred by the purchaser in seeking out information
about the property and the vendor’s title, bargaining costs, and costs associated
with enforcing rights or remedies arising from the transaction.45 Coase used these
theories as a tool for resolving conflicts in property rights. According to Coase,
where transaction costs are high, true bargaining and efficient allocation may be
impeded.46 The result may be that the asset does not meet its potential to generate
new wealth. However, where these costs are low, market transactions are said to be
facilitated; low transaction costs make land transactions less expensive and less
time consuming. This in turn helps to increase the transferability of land from less
efficient to more efficient users thereby enhancing the overall allocation of land
resources.47
This overview of the literature shows that it is important that a land registration
system is able to provide its users with both security of title and facility of transfer so
44 See R.H Coase, 'The Problem of Social Cost' (1960) 3 Journal of Law and Economics 1. 45 Bruce Ziff, Principles of Property Law (2nd ed, 1996), 44. 46 Ibid, 44. 47 Frank Byamugisha, The Effects of Land Registration on Financial Development and Economic
Growth: A Theoretical and Conceptual Framework (1999) <http://www-wds.worldbank.org/servlet/WDS_IBank_Servlet?pcont=details&eid=000094946_99122006330167> at 16 January 2006, 4.
25
that the benefits that are said to yield from the establishment of such a system, most
notably economic benefits, will accrue to the country.48
2.2.1.1 Conceptualising security of title and facil ity of transfer in terms of
static and dynamic security
It is also possible to conceptualise these two concepts of security of title and facility
of transfer from the security perspective of the person holding title and from that of
the person acquiring it. Baird and Jackson explain it this way:
When we already own property, we want to ensure that we can control its disposition
– that a new owner will not come into existence without our consent. When we
acquire rights to property, we want these rights to be superior not only to those rights
of our immediate transferor but also to those of all third parties.49
Demogue describes these concepts as static and dynamic security. According to
Demogue, static security protects against the risk of being deprived of title by the act
of a third person through fraud, error or some other non-consensual means.50 On
the other hand, dynamic security protects against the risk of a registered owner’s
title being rendered defeasible or defeated by a prior claim. These two types of
security accord with the objectives of providing security of title and facilitating
48 For a discussion of other types of benefits that might accrue, see: Tim Hanstad, 'Designing Land
Registration Systems for Developing Countries' (1998) 13 American University International Law Review 647, 657; Gershon Feder and Akihiko Nishio, 'The Benefits of Land Registration and Titling: Economic and Social Perspectives' (1999) 15 Land Use Policy 25, 27-28 and Jean O Lanjouw and Philip Levy, 'A Difficult Question in Deed: A Cost-Benefit Framework for Titling Programs' (2004) 45(3) William and Mary Law Review 889, 900-901 & 903. It should be noted that literature has also shown that in certain cases, simply adopting a land registration system will not bring forth these economic benefits. These studies note that certain factors need to be present in order for a land registration system to yield these economic benefits sought after and that without these factors, simply adopting a land registration system may not in itself bring upon economic benefits. These factors include a stable government, well functioning financial markets and an economic environment that is conducive to business. See for example: Gershon Feder and Akihiko Nishio, 'The Benefits of Land Registration and Titling: Economic and Social Perspectives' (1999) 15 Land Use Policy 25; Henri AL Dekker, The Invisible Line: Land Reform, Land Tenure Security and Land Registration (2003); Joel M Ngugi, 'Re-Examining the Role of Private Property in Market Democracies: Problematic Ideological Issues Raised by Land Registration' (2004) 25 Michigan Journal of International Law 467; Tim Hanstad, 'Designing Land Registration Systems for Developing Countries' (1998) 13 American University International Law Review 647; Frank Place and S.E Migot-Adholla, 'The Economic Effects of Land Registration on Smallholder Farms in Kenya: Evidence from Nyeri and Kakamega Districts' (1998) 74(3) Land Economics 360; Steven E Hendrix, 'Myths of Property Rights' (1995) 12 Arizona Journal of International and Comparative Law 183, 185.
49 Douglas Baird and Thomas Jackson, 'Information, Uncertainty and the Transfer of Property' (1984) 13 Journal of Legal Studies 299, 300.
50 Demogue refers to static security as ‘when a person is entitled to a right it should not be possible for him to be legally deprived of it by the act of a third person’: Rene Demogue, 'Security' in A Fouillee (ed), Modern French Legal Philosophy (1986), 428. Note that according to O’Connor, ‘it is tempting but misleading to equate dynamic security with protection of purchasers, and static security with protection of owners. The question is not who is protected but against what risk’: Pamela O'Connor, Security of Property Rights and Land Title Registration Systems (PhD Thesis, Monash University, 2003), 98.
26
transfers. The first objective relates to static security and the second to dynamic
security.
The above analysis shows the importance of establishing a land registration system
that is capable both of providing users with security of title as well as promoting
efficiency of transfers, or static and dynamic security. How was Torrens able to
achieve these two concepts in the system he created in Australia?
2.2.2 In what way was Torrens able to achieve these two concepts of security
of title and facility of transfers?
In order to achieve these twin concepts of secure title and facility of transfer, Torrens
invented a system rooted in the idea that the very act of registration conferred a new
title. This new title was not historically based and the purchaser was subject only to
those encumbrances already registered on the title. Hence the focus of the Torrens
system was independence of title; that it was the register that provided the source of
title. The register would contain the records of all the parcels of land coming within
the system as well as the names of the registered owners of the parcel and any
other interests that were registered for it, and so could be searched to reveal the
registered owner and all registered interests existing in that parcel of land. In this
way, the register became the focal point of the system. The importance of the
register was noted by Edwards J in Fels v Knowles, stating that:
The cardinal principle of the statute is that the register is everything, and that, except
in cases of actual fraud on the part of the person dealing with the registered
proprietor, such person, upon registration of the title under which he takes from the
registered proprietor, has an indefeasible title against all the world. Nothing can be
registered the registration of which is not expressly authorised by the statute.
Everything which can be registered gives, in the absence of fraud, an indefeasible
title to the estate or interest, or in the cases in which registration of a right is
authorised, as in the case of easements or incorporeal rights, to the right
registered.51
Under the deeds registration system, the execution or delivery of the dealing or
instrument created or assigned the estate. Under the Torrens system, it is the act of
registration that creates the legal interest in the land, so that the “register ‘is the title’
51 Fels v Knowles (1906) 26 NZLR 604, 620. This passage was cited with approval by the Privy
Council in Wamiha Saw Milling Co Ltd (In liquidation) v Waiome Timber Co Ltd (1926) AC 101, 106.
27
and that title is obtained through the act of registration: ‘title by registration’.52
According to Torrens, this was akin to each registered proprietor holding directly
from the Crown ‘through a process of surrender of title and a new grant from the
Crown’53 thereby achieving independence of title. This characteristic of the Torrens
system was described by Sir Garfield Barwick in Breskvar v Wall:
The Torrens system of registered title, of which the Act is a form, is not a system of
registration of title but a system of title by registration. That which the certificate of
title describes is not the title which the registered proprietor formerly had, or which
but for registration would have had. It is the title which registration itself has vested
in the proprietor.54
The Torrens system also provided a guarantee to those registered titles that they
would be ‘absolute’ and immune from attack by persons claiming an adverse
interest (interests that have not been registered on the register). This guarantee of
title had both a positive and negative aspect. According to Hogg:
The warranty of title given by the statutory conclusiveness of the register operates in
two ways, and the register has two functions – affirmative and negative respectively.
Affirmatively, the register warrants that the title of the owner is as stated on the
register; and negatively, the warranty is that the owner’s title is not affected by
anything that is not stated on the register. This is equivalent for many purposes to a
warranty that the owner’s legal title is as it appears to be on the register, and that
there are no equitable interests enforceable against the owner, other than any
actually notified on the register.55
By guaranteeing that title of the registered owner is as stated on the register, the
system also removed the need for purchasers to perform retrospective
investigations of title. As explained by Hogg:
So far as it is affirmatively evidence of the owner’s title, the register puts him in much
the same position as if his title to the legal estate has been duly investigated and
52 Robert Stein and Margaret Stone, Torrens Title (1991), 31. 53 Rosalind Atherton, 'Donees, Devisees and Torrens Title: The Problem of the Volunteer Under the
Real Property Acts' (1998) 4 Australian Journal of Legal History 121, 123. 54 Breskvar v Wall (1971) 126 CLR 376. 55 James Edward Hogg, Registration of Title to Land Throughout the Empire (1920), 96. Also see
James Edward Hogg, The Australian Torrens System (1905), 13: ‘The Australian system gives both positive and negative warranty of title; the registered owner has a guarantee of indefeasibility, which saves him from the necessity of retrospective inquiries into his predecessors’ titles, and his negative warranty secures him from attack by any title of presumed equal validity’, and S Rowton Simpson, Land Law and Registration Book 1 (1976),176.
28
found satisfactory…The register, however, operates not merely by declaring good a
title found to be so, but confers the title stated, notwithstanding that, but for the
registration, the registered owner would have no title at all.56
Finally, the Torrens system also made provision for the situation where, despite the
guarantee given to the registered proprietor that his/her title on the register is
absolute, the registered proprietor suffers loss through the operation of the system.
In this situation, compensation is provided to the registered proprietor who has
suffered loss.
From this it can be said that the Torrens system rests upon three main principles57:
• The mirror principle which involves the proposition that the ‘register of title is
a mirror which reflects accurately and completely and beyond all argument
the current facts that are material to a man’s title’.58 It is a ‘perfect mirror of
the state of title’.59 According to Ruoff, the mirror does not show matters that
are incapable of registration; neither does the mirror show matters which are
capable of being registered but have not in fact been registered.60 However,
the information that is shown on the mirror is deemed to be complete and
accurate.61 Thus, a title that is registered on the register is “free from all
adverse burdens, rights and qualifications unless they are mentioned on the
register”62;
• The curtain principle which provides that the ‘register is the sole source of
information for proposing purchasers, who need not and, indeed, must not
concern themselves with trusts and equities which lie behind the curtain’63;
and
• The insurance principle which ‘declares that if through human frailty a flaw
appears in the mirror of title, anyone thereby suffering loss will be put in the
same position, so far as money can do it, as if the reflection were a true
one’.64
56 James Edward Hogg, The Australian Torrens System (1905), 96. 57 Theodore Ruoff, An Englishman Looks at the Torrens System (1957), 8. 58 Ibid, 8. 59 Marcia Neave, 'Indefeasibility of Title in the Canadian Context' (1976) 26(2) University of Toronto
Law Journal 173, 174. 60 Theodore Ruoff, An Englishman Looks at the Torrens System (1957), 8. 61 Ibid,16. 62 Ibid, 8. 63 Ibid, 11. 64 Ibid, 17.
29
2.2.2.1 Achieving security of title
It is by virtue of the mirror principle that Torrens was able to achieve his objective of
providing a secure title. This secure, or “indefeasible” title is achieved through the
act of registration, as it is the act of registration which triggers the warranty of title
that:
• the title is as that stated on the register and that the title cannot be set aside
on the ground of a defect existing in the title before registration; and
• the registered owner will not be subject to any interests that are not shown
on the register.
In the words of the Privy Council in Gibbs v Messer:
everyone who purchases, in bona fide and for value, from a registered proprietor,
and enters his deed of transfer or mortgage on the register, shall thereby acquire an
indefeasible right.65
However this protection afforded is not absolute, because in all States and
Territories in Australia, indefeasibility of title is subject to an extensive range of
statutory and non-statutory exceptions. Fraud66, for example, operates as a statutory
exception to indefeasibility. In this regard, the expression [indefeasibility of title]:
does not involve that the registered proprietor is protected against any claim
whatsoever…there are provisions by which the entry on which he relies may be
cancelled or corrected, or he may be exposed to claims in personam.67
The focus of this research is on security of title as provided by the positive aspect of
the conclusive register. The issues dealing with the negative aspects of the
conclusive register and the qualifications and exceptions to the negative aspect of
the conclusive register are beyond the scope of this study.68
65 Gibbs v Messer [1891] AC 248, 254. 66 Land Title Act 1994 (Qld) s 184; Transfer of Land Act 1958 (Vic) ss 42 & 43; Real Property Act
1900 (NSW) ss42 & 43; Real Property Act 1886 (SA) s69(b); Land Title Act 2000 (NT) s 188, Land Titles Act 1925 (ACT) s 58, Land Titles Act 1980 (Tas) s 40 and Transfer of Land Act 1893 (WA) s 168.
67 Frazer v Walker [1967] 1 AC 569, 580 – 581. 68 For an in depth discussion of the negative aspect of the conclusive register, see Pamela
O’Connor, ‘Information, Automation and the Conclusive Land Register’ in David Grinlinton (ed), Torrens in the Twenty–first Century (2003), 249 and S Rowton Simpson, Land Law and Registration Book 1 (1976), 176. O’Connor’s thesis discusses in detail the problems associated with the negative aspect of the register.
30
2.2.2.2 Achieving facility of transfer
In addition to security of title, the Torrens system promoted the facility of transfers of
land through the operation of the curtain principle and the guarantee, provided by
the State, that the title could not be set aside on the ground of any defect existing in
the title before registration. This meant that purchasers of title would not have to
undergo a retrospective examination of title, thereby facilitating transfers of land.
Having examined the manner in which the Torrens system provided for security of
title and promoted efficiency of transfers, the next step in the analysis is to examine
the concept of fraud and to delineate the scope of fraud for the purposes of this
research. This will permit the impact of fraud upon these two objectives of the
Torrens System to be examined – when fraud occurs, can the Torrens system
operate in such a manner so that both these objectives continue to be achieved or
does the Torrens system favour one objective at the expense of the other?
2.3 Fraud within the Torrens system
This section is an overview of fraud, and examines the concept of fraud in the
terminology of the Torrens system. Then it identifies the scope of fraud that is the
focus of this research.
It has been generally noted that ‘[H]uman ingenuity forms the basic ingredient of
fraud, and the variety of schemes is limited only by the imagination of the person
carrying it out’.69 This is evidenced by the plethora of studies on fraud across various
different sectors, such as insurance fraud, tax fraud, medical fraud, internet fraud. It
has also been noted that ‘[N]o definition of fraud can be attempted, so various are its
forms and methods’.70 Many of these studies on fraud have their own definition of
the meaning or scope of the fraud examined. For example, in the 2003 survey by
PricewaterhouseCoopers, fraud was defined as a ‘generic category of conduct that
involves the use of dishonest or deceitful means in order to obtain some unjust
advantage over another’71 and the Commonwealth Fraud Control Guidelines defined
69 Franklin Moskoff, 'Fraud: An Overview' (1981) 23(3) Criminal Law Quarterly 386, 386 See also
Hennessey Hayes and Tim Prenzler, 'Profiling Fraudsters: A Queensland Case Study in Fraudster Crime' (Crime Prevention Queensland, 2003), 2: ‘the types of behaviour qualifying as fraudulent can vary substantially’.
70 Stuart v Kingston (1923) 32 CLR 309, 359 per Starke J. 71 PricewaterhouseCoopers, 'Serious Fraud in Australia and New Zealand' (Australian Institute of
Criminology, 2003), 1.
31
fraud as ‘dishonestly obtaining a benefit by deception or other means’ and include in
their definition both tangible and intangible benefits.72
As noted by the Audit Office of New South Wales:
[T]here are many definitions of fraud available. At its simplest, fraud could be
regarded as any practice which involves the use of deceit to confer some form of
financial benefit upon the perpetrator (either directly or indirectly) AND which
results in some form of material loss to the entity defrauded.73
Thus it can be said that, while fraud may occur in many different circumstances, it
has generally been defined as involving some form of deceit, where there is an act
of deliberate dishonesty or an intention to deceive and there is loss suffered due to
that deceit.74 That this is the general conception of fraud is also evidenced in cases
dealing with fraud. In Beauman v ARTS75 for example, it was said that the term fraud
connotes dishonesty or deceit and in London and Globe Finance Corporation Ltd76
Lord Buckley noted that ‘[T]o defraud is to deprive by deceit: it is by deceit to induce
a man to act to his injury’. Similarly in R v Sinclair77 it was said that ‘[T]o cheat and
defraud is to act with deliberate dishonesty to the prejudice of another person’s
proprietary rights’.
So fraud usually connotes a dishonesty of some sort, intended to confer some form
of benefit, usually financial, on its perpetrator. The review of the literature also
shows that the effect of the fraud is usually a loss or prejudice to the person or entity
defrauded.
72 Commonwealth Attorney-General's Department, 'Fraud Control Guidelines' (2002), 1. 73 The Audit Office of New South Wales, Fraud Control: Developing an Effective Strategy (1994)
<http://www.audit.nsw.gov.au/publications/better_practice/1994/fraud_vol1/fraud_control_vol_1.pdf> at 1 February 2007, 5.
74 See also Ernst & Young International Fraud Group Survey on fraud in 2003 where it was said that ‘[B]y its very nature, fraud involves deceit and concealment’: Ernst & Young International Fraud Group, Fraud: The Unmanaged Risk 8th Global Survey (2003) <http://www.ey.nl/download/publicatie/8th_Global_Survey.pdf> at 1 February 2007, 2 and in the Queensland Crime and Misconduct Commission Report in 2005, fraud was said to ‘normally be characterised by some form of deliberate deception to facilitate or conceal the misappropriation of assets’: Crime and Misconduct Commission, 'Fraud and Corruption Control: Guidelines for best practice' (Crime and Misconduct Commission, 2005), xi.
75 Beauman v ARTS [1949] 1 KB 550. 76 London and Globe Finance Corporation Ltd [1900-3] 3 All ER Rep 891. 77 R v Sinclair [1968] 3 All Er 241, 246.
32
Within the Torrens system itself, there is no definition of ‘fraud’. Rather the term
‘fraud’ is used in Torrens legislation, as enacted in all States and Territories in
Australia, in two instances:
• within the statutory exceptions to indefeasibility of title, where fraud is listed
as an exception. In these provisions, fraud by the registered proprietor will
cause him/her to lose his/her indefeasible title78;
• within the compensation provisions,79 which list the circumstances in which a
person may have recourse to compensation because of a deprivation of an
interest or an estate in land caused by the operation of the Torrens system.
Loss as a consequence of fraud is one of these circumstances; when the
registered proprietor suffers loss through the operation of the insurance
principle of the Torrens system (as discussed earlier), despite the guarantee
given to him/her that his/her title on the register is absolute, then
compensation for the loss suffered is provided to the registered proprietor.
In both instances, there is no explanation or definition in the legislation as to what
fraud means or encompasses, so that it has been left to judicial interpretation to
decide what comprises fraud. The term ‘fraud’ in the first of these instances has
been restricted by the courts to mean actual fraud on the part of the registered
proprietor or the proprietor’s agent. As noted in Assets Co Ltd v Mere Roihi:
…by fraud in these Acts is meant actual fraud, ie, dishonesty of some sort, not
what is called constructive or equitable fraud.80
78 Transfer of Land Act 1958 (Vic) ss 42 & 43, Real Property Act 1900 (NSW) s 42(1), Land Title Act
1994 (Qld) s 184, Real Property Act 1886 (SA) s 69(b), Land Title Act 2000 (NT) s 188, Land Titles Act 1925 (ACT) s 58, Land Titles Act 1980 (Tas) s 40 and Transfer of Land Act 1893 (WA) s 68.
79 Transfer of Land Act 1958 (Vic) ss 109-110; Real Property Act 1900 (NSW) s 129; Land Title Act 1994 (Qld) ss173-175; Real Property Act 1886 (SA) ss201-219; Land Titles Act 1925 (ACT) ss 154-159; Land Titles Act 1980 (Tas) ss 150-159; Transfer of Land Act 1895 (WA) ss 201-211; Land Title Act 2000 (NT) ss 192-196.
80 Assets Co Ltd v Mere Roihi [1905] AC 176, 210. Also see Bahr v Nicolay (No. 2) (1988) 164 CLR 604, 614: ‘actual fraud, personal dishonesty or moral turpitude lie at the heart of the [fraud provisions]’ and Grgic v ANZ Banking Group Ltd (1994) 33 NSWLR 202, 221: ‘Fraud comprehends actual fraud, personal dishonesty or moral turpitude on the part of the registered proprietor of the subject estate or interest or of that registered proprietor’s agents’. Articles on the meaning of fraud under the statutory fraud exception to indefeasibility of title include: David Wright, 'Forgery and the Real Property Act 1886 (SA)' (1994) 16 Adelaide Law Review 227; Jeremy Walsh, 'Fraud and Personal Equities Under the Queensland Torrens System' (1992) 4(2) Bond Law Review 228; Sharon Rodrick, 'Forgeries, False Attestations and Impostors: Torrens System Morgages and the Fraud Exception to Indefeasibility' (2002) 7(1) Deakin Law Review 97; Peter Butt, 'False Attestations and Fraud' (2000) 74 Australian Law Journal 420; D McMorland, ‘Knowledge, Notice and Fraud in the Context of the Torrens System’ in David Grinlinton (ed), Torrens in the Twenty-first Century (2003) 67; Elizabeth Toomey, 'Fraud and Forgery in the 1990's: Can Our Adherence to Frazer v Walker Survive the Strain?' (1994) 5(3) Canterbury Law Review 424; Elizabeth Toomey, 'Certainty of Title in the Torrens System: Shifting Sands' (2000) 4 Flinders Journal of Law Reform 235.
33
In this regard, where there has been actual fraud on the part of the registered
proprietor or his/her agent and where the proprietor or agent has been privy to the
fraud, the fraud exception to indefeasibility of title operates to render the registered
title defeasible. This statutory fraud exception to indefeasibility of title has given rise
to an extensive body of literature examining the types of fraud that may fall within
it.81
In the second instance, the courts have not restricted the term ‘fraud’ to actual fraud.
Rather, it has been stated that the term used in the compensation provisions
encompasses all fraud, both legal and equitable, in its ordinary legal meaning.82
The fraud that will be examined in this study will be fraud that gives rise to a claim
for compensation from the State by the registered proprietor who has been deprived
of title because of the fraud. This situation will arise where there has been a
fraudulent dealing with a registered proprietor’s title to property and a bona fide
purchaser for value, without notice of the fraud, obtains this title and it is registered,
leading to a claim for compensation for deprivation of title. The reason for
examining this type of fraud is because it causes a conflict between the original
registered proprietor, deprived of title because of the fraud, and a bona fide
registered proprietor who, having acquired the title without notice of the fraud, gains 81 See for example, Sharon Rodrick, 'Forgeries, False Attestations and Impostors: Torrens System
Morgages and the Fraud Exception to Indefeasibility' (2002) 7(1) Deakin Law Review 97, Lynden Griggs, 'Torrens Title - Arise the Registered and Unregistered, Befall the Legal and Equitable' (1997) 4 Deakin Law Review 35, Lynden Griggs, 'Indefeasibility and Mistake - the Utilitarianism of Torrens' (2003) 10(2) Australian Property Law Journal 108, Mary-Anne Hughson, Marcia Neave and Pamela O'Connor, 'Reflections on the Mirror of Title: Resolving the Conflict Between Purchasers and Prior Interest Holders' (1997) 21 Melbourne University Law Review 460, Les McCrimmon, 'Protection of Equitable Interests under the Torrens System: Polishing the Mirror of Title' (1994) 20 Monash University Law Review 300, Robin Edwards, 'Indefeasibility - the Sting in theTale for Lenders Removed' (1998) 14(3) Australian Banking & Finance Law Bulletin 46, Jeremy Walsh, 'Fraud and Personal Equities Under the Queensland Torrens System' (1992) 4(2) Bond Law Review 228, Editorial comment, 'The Relevance of Indefeasibility of Torrens Title Land for Conveyancing' (1991) ANZ ConvR 496, Peter Butt, 'False Attestations and Fraud' (2000) 74 Australian Law Journal 420, Peter Butt, 'Unauthorised Alternation Not "Fraud"' (2005) 79 Australian Law Journal 77, Alexandra Finley, 'Indefeasibility of Title: When Is Conduct Not Fraud?' (1998) 12(8) Australian Property Law Bulletin 62, Sir Anthony Mason, ‘Indefeasibility – Logic or Legend?’ in David Grinlinton (ed), Torrens in the Twenty-first Century (2003) 3, Chris McKelvey, 'Fraudulent Deprivation and the Assurance Fund' (1993) 23 Queensland Law Society Journal 133, Fiona Spry, 'Indefeasibility of Title and the Fraud Exception: Bank of South Australia Ltd v Ferguson' (1998) 18(6) Queensland Lawyer 193, Elizabeth Toomey, 'Fraud and Forgery in the 1990's: Can Our Adherence to Frazer v Walker Survive the Strain?' (1994) 5(3) Canterbury Law Review 424, David Wright, 'Forgery and the Real Property Act 1886 (SA)' (1994) 16 Adelaide Law Review 227, Editorial comment, 'Indefeasibility of Title in Mortgage Transactions' (1995) ANZ ConvR 138, Jane Solly, 'Fraud and the Mortgagee - How a Registered Mortgage Can Be Undone' (2000) 14(8) Australian Property Law Bulletin 77, Anthony Lo Surdo, 'Fraud - In What Circumstances Will it Render a Mortgage Void?' (1998) 14(4) Australian Banking & Finance Law Bulletin 56.
82 See Parker v Registrar-General [1977] 1 NSWLR 22, 25 & 29-30; Registrar-General v Behn [1980] 1 NSWLR 589, affirmed on appeal on other grounds Registrar-General v Behn (1981) 148 CLR 562.
34
an indefeasible title upon registering the title. As will be shown later, this has the
potential to bring the twin objectives of the Torrens system into conflict.
I should point out that this research will not be examining all types of fraud that
might be involved in a land transaction, such as value fraud, where the value of a
property is artificially inflated, or frauds that lead to claims in personam.
Why, then, is it important for the type of fraud involving compensation to be
minimised within the Torrens framework? To answer this question, the impact of
fraud on the twin objectives of the Torrens system is examined.
2.4 The effect of fraud on security of title and fa cility of transfer
As discussed earlier, in the situation where there has been a fraudulent dealing with
a registered proprietor’s title and a bona fide purchaser for value obtains title to the
property without notice of the fraud, a conflict of interest arises between the original
registered proprietor who has been deprived of an interest and the bona fide
purchaser acquiring the title free from the fraud, or using the terminology of
Demogue, there is a conflict between static and dynamic security. Demogue
expresses the conflict in this way:
We see the idea of security turning against itself. Shall we prefer the security of
owners of rights or of those who acquire them? At bottom the struggle is more
inextricable than it seems, for the owner of to-day is the acquirer of yesterday.83
When this conflict occurs, it is said that a land registration system can be designed
to enforce one of the two competing interests – the current owner or the last rightful
owner84 (the claimant) but it cannot protect both. As Baird and Jackson explain:
In a world where information is not perfect, we can protect a later owner’s interest
fully, or we can protect the earlier owner’s interest fully. But we cannot do both.85
83 Rene Demogue, 'Security' in A Fouillee (ed), Modern French Legal Philosophy (1986) , 430. 84 Baird defines this as ‘the person who last acquired the land via a sequence of consensual
transfers’: Douglas Baird and Thomas Jackson, 'Information, Uncertainty and the Transfer of Property' (1984) 13 Journal of Legal Studies 299, 301. See also Mary-Anne Hughson, Marcia Neave and Pamela O'Connor, 'Reflections on the Mirror of Title: Resolving the Conflict Between Purchasers and Prior Interest Holders' (1997) 21 Melbourne University Law Review 460, 461: ‘[t]here are two main ways of resolving such conflicts. One approach is to protect the holder of an interest by preventing the transferor from passing a title which he or she lacks…The alternative approach, typified by systems of registration of title, is to protect innocent purchasers of interests, regardless of whether or not the transferor has a good title’.
85 Douglas Baird and Thomas Jackson, 'Information, Uncertainty and the Transfer of Property' (1984) 13 Journal of Legal Studies 299, 300.
35
Any measure designed to protect dynamic security will act to reduce static security
and vice versa. Through this it can be seen that the twin objectives of the Torrens
system are not mutually compatible or, as stated by Whalan:
to some extent in opposition with one another, for the protection given to a bona
fide purchaser for value is sometimes given at the expense of an “owner’s” secure
title.86
The deeds system deals with the conflict by restoring the land to the original owner.
This is through the underlying principle of the deeds system, nemo dat quod habet –
no one can pass a better title than he or she possesses – so that if there was a
defect in the title caused by fraud, the acquirer of that interest would not acquire any
rights at all. Thus the deeds system provided a very high level of security of
ownership (static security) but to the detriment of achieving efficiencies of transfer or
dynamic security. As explained by Mapp:
The virtue of the common law was that it provided security of ownership to a very
high degree, and the vice was that it did so at the expense of facility of transfer.87
2.4.1 How does the Torrens system deal with the con flict between static and
dynamic security?
The answer to this depends on the way in which Torrens legislation operates to
confer an indefeasible title upon the registered proprietor. The literature establishes
that there are two competing theories as to the manner in which Torrens legislation
confers indefeasibility – immediate indefeasibility and deferred indefeasibility.88
86 Douglas Whalan, The Torrens System in Australia (1982), 345. Also see Warrington Taylor,
'Scotching Frazer v Walker' (1970) 44 Australian Law Journal 248, 248: ‘It is very difficult to get near perfection in both fields, and the best we can expect is a carefully balanced compromise’.
87 Thomas Mapp, Torrens' Elusive Title (1978), 41. 88 For a discussion on the two competing theories and their merits see Sir Anthony Mason,
‘Indefeasibility – Logic or Legend’? in David Grinlinton (ed), Torrens in the Twenty-first Century (2003) 3, Warrington Taylor, 'Scotching Frazer v Walker' (1970) 44 Australian Law Journal 248, Roy Woodman, 'The Torrens System in New South Wales: One Hundred Years of Indefeasibility of Title' (1970) 44 Australian Law Journal 96, Robert White, 'The Elements of a Torrens Title' (1973) 11 Alberta Law Review 392, Les McCrimmon, Exceptions to the Indefeasibility of a Torrens Title: A Comparative Analysis (LLM Thesis, University of Queensland, 1988), Robert Stein and Margaret Stone, Torrens Title (1991), 87-99, Janice Gray and Brendan Edgeworth, Property Law in New South Wales (2003), 305-308, Pamela O'Connor, Security of Property Rights and Land Title Registration Systems (PhD Thesis, Monash University, 2003), 147, and Elizabeth Toomey, 'Fraud and Forgery in the 1990's: Can Our Adherence to Frazer v Walker Survive the Strain?' (1994) 5(3) Canterbury Law Review 424. The article by Marcia Neave, Marcia Neave, 'Indefeasibility of Title in the Canadian Context' (1976) 26(2) University of Toronto Law Journal 173, discusses the concept of indefeasibility of title within the Canadian context.
36
The theory of immediate indefeasibility can be stated as follows:
upon registering a transfer or other instrument, a person obtains an immediate title
to the estate or interest transferred or created by that transfer or other instrument,
even if it is void. The proprietor on becoming registered pursuant to a void transfer is
protected against action by the previous registered proprietor so long as the newly
registered proprietor has acted without fraud and has given valuable consideration
for the transfer.89
Under this theory, the purchaser’s title is indefeasible, so that the registered owner
who has been deprived of title cannot have the purchaser’s title set aside and the
title restored.
The theory of deferred indefeasibility, which has its roots in the decision in Gibbs v
Messer90, can be stated as follows:
the person registering a void instrument does not necessarily secure protection from
challenge by a second person seeking to set aside the registration even if the first
person has acted without fraud. Indefeasibility enures only in favour of a party who
purchases in good faith from the registered proprietor, acts on the faith of the
register, and registers a valid instrument executed by him.91
Under this theory, the purchaser’s title is defeasible so that the deprived owner can
be restored back to the register. However if the purchaser had transferred the title to
a second purchaser who acted without fraud and gave valuable consideration, and
the transfer is registered, then the second purchaser’s title is indefeasible and the
original owner can no longer be restored onto the register.
Before the decision in Frazer v Walker92, the theory of deferred indefeasibility
prevailed. Since that decision, this conflict between immediate and deferred
indefeasibility has now been resolved by the Australian courts in favour of the theory
of immediate indefeasibility.
89 Sir Anthony Mason ibid at p5. 90 Gibbs v Messer [1891] AC 248. 91 Sir Anthony Mason, ‘Indefeasibility – Logic or Legend’? in David Grinlinton (ed), Torrens in the
Twenty-first Century (2003) 3, 5. 92 Frazer v Walker [1967] 1 AC 569. See 'Torrens Foundations Stabilised' (1993) 67 Australian Law
Journal 535 and 'Shaking the Foundations' (1991) 65 Australian Law Journal 611. Note that Gibbs v Messer [1891] AC 248 has never been expressly overruled. Thus it is arguable that it is still good law in the situation where fraud involves the registration of the name of a fictitious proprietor.
37
Through the principle of immediate indefeasibility, it can be seen that, in contrast to
the deeds system, the Torrens system provides greater dynamic security, thereby
facilitating transfers of title but at the expense of providing owners with static
security – security of title.
In this situation where there is a conflict between static and dynamic security, the
third principle of the Torrens system, the insurance principle, as described by
Whalan, is used to ‘bridge this gap’.93 The insurance principle operates by providing
compensation to the owner who has been deprived of his interest or estate in the
land through the operation of the Torrens statute, where, as discussed above, fraud
of another person is generally listed as a circumstance in which compensation for
deprivation of an interest will be provided.94 Thus the owner who has been deprived
of title because of fraud could apply for compensation from the State for this
deprivation.
The analysis here has shown that the occurrence of fraud within the Torrens system
brings into conflict its twin objectives – security of title and facility of transfers. In this
situation, it is not possible to attain both; rather, the Torrens system through the
principle of immediate indefeasiblity favours facility of transfer (dynamic security) to
the detriment of security of title (static security).
Given the importance of security of title, as examined earlier in this chapter, what is
the effect of this erosion of security? The answer to this question will demonstrate
why I contend that it is essential that the Torrens system operate in a framework in
which fraud can be minimised.
93 Douglas Whalan, The Torrens System in Australia (1982), 345. Also see Peter Butt, Land Law
(5th ed, 2005), 802: ‘But this protection comes at a cost: for in conferring title on an incoming proprietor, registration extinguishes the title of the former proprietor…In this way, the Torrens system can work hardship on those who have been deprived of their land. And so, as a concomitant to indefeasibility, the Real Property Act creates compensation rights in favour of persons who have lost land or an interest in land through the operation of the Act’.
94 It is because of this insurance principle that Whalan suggests the term ‘state guaranteed’ title rather than indefeasible title as more accurately describing the nature of the title conferred by registration under the Torrens system: Douglas Whalan, The Torrens System in Australia (1982), 297. Using insurance is one method of resolving the conflict between dynamic and static security suggested by Demogue. The other is publicity. See Rene Demogue, 'Security' in A Fouillee (ed), Modern French Legal Philosophy (1986) , 431-433. For a comprehensive discussion on both these methods, see Pamela O'Connor, Security of Property Rights and Land Title Registration Systems (PhD Thesis, Monash University, 2003).
38
2.5 Why is it important that fraud be minimised so that security of title can be
maintained?
As shown earlier, the importance of providing owners of land with a secure title is
vital to fostering economic wellbeing and growth. Under the Torrens system, this
concept of secure or indefeasible title has been hailed as the ‘foundation of the
Torrens system of title’,95 the ‘keystone’ 96 of the Torrens system and ‘is central in
the system of registration’.97
However, the analysis in this chapter has also shown that fraud within the Torrens
system has the effect of eroding an owner’s security of title, because where fraud
occurs, the Torrens system favours facility of transfer over security of title. It is
argued that this erosion of an owner’s security of title will lead to a loss of
confidence in the Torrens system’s ability to provide security of title, particularly
when fraud occurs. It is also contended that this loss in confidence will in turn
reduce the benefits that are said to accrue from adopting a land registration system.
In particular, if owners were uncertain of their ability to hold title securely, they would
be reluctant to ‘engage in the full range of behaviours we associate with ownership,
such as sale, rental, use as collateral, and upgrading investments’.98
Although the Torrens system uses the insurance principle to ensure that owners
deprived of title through fraud are able to receive compensation from the State for
their loss, I submit that this is of little consolation to these owners. While the
operation of the insurance principle is beyond the scope of this study, it should be
noted that these owners deprived of their title by fraud have to undertake a process
to obtain compensation from the State for their loss, usually involving pursuing the
fraudulent person before they can apply to the State for compensation. Further, as
these compensation pay-outs are costly for the State, such claims are usually met
with resistance.
In this respect, it can be said that fraud has a negative impact:
• on the owner who has lost title and who must now undertake the process of
applying for compensation from the State;
95 Bahr v Nicolay (No 2) (1988) 164 CLR 604, 613. 96 Douglas Whalan, The Torrens System in Australia (1982), 19. 97 Frazer v Walker [1967] 1 AC 569, 580 – 581. 98 Jean O Lanjouw and Philip Levy, 'A Difficult Question in Deed: A Cost-Benefit Framework for
Titling Programs' (2004) 45(3) William and Mary Law Review 889, 899. Also see Otomunde Johnson, 'Economic Analysis, the Legal Framework and Land Tenure Systems' (1972) 15 Journal of Law and Economics 259, 259.
39
• on the owner’s confidence in his/her ability to hold title securely under the
Torrens system, which may lead to a general loss of confidence in other
owners as well;
• this loss in confidence in ability to hold title securely may also lead to a
general loss in the economic benefits that are said to accrue from adopting a
land registration system; and finally
• on the State which, if the claim is proved, has to pay compensation to the
owner for the loss.
Given this negative impact of fraud, the impact on fraud of automating the paper
registration in the Torrens system, as well as ways of minimising fraud within such a
system, should be examined in detail, so that the twin objectives of the Torrens
system can be met with minimum risk of fraud. The following section will
demonstrate that such an analysis has not, as yet, been undertaken in Australia.
2.5.1 Current lack of analysis of the impact on fra ud of automating the
registration process and of possible measures to mi nimise fraud within an
electronic environment
In recent years, various authors have questioned the impact on security and integrity
of using technology to automate the land registration process. For example, Perry99
in England in 2003 raised the issue of the security of using digital signatures in an
electronic conveyancing system proposed for England and Wales. This is pertinent
because using technology to automate the registration process within the Torrens
system will see digital signatures being used to replace handwritten signatures, so
an issue arising is the impact of this technology on fraud and how it might be made
99 Raymond Perry, 'E-Conveyancing-Problems Ahead?' (2003) 67 The Conveyancer and Property
Lawyer 215, 218. See also Raymond Perry, 'A Ticking Time Bomb?' (2003) New Law Journal 153, and Raymond Perry, 'Ready for Action?' (2003) 147(12) Solicitors Journal 336. Also see Phillip Kenny, 'The Conveyancing Revolution' (2002) 66 Conveyancer and Property Lawyer 3, 4: ‘Now that the advent of electronic conveyancing is certain the inevitable prophets of doom can be found who see scope for fraud, mischief and chaos in the new dawn. Much of this fretting has focussed upon digital signatures. Will there be even more scope for fraud than in the present conveyancing processes?’
40
more secure. Whilst much has been written about digital signatures100 and public
key infrastructure technology (PKI)101, as well as their limitations with respect to
fraud,102 this analysis is of digital signatures and PKI generally, rather than
specifically of their use within the conveyancing sector. Perry, although voicing
concerns about digital signatures, does not address how digital signature technology
may be made more secure against fraud. In New Zealand, Thomas echoed this
concern on the implementation of the New Zealand electronic registration system
and its potential for abuse by solicitors entrusted with its use,103 His comments are
relevant to the implementation of an electronic registration process in Australia.
Whilst Thomas does suggest a security measure which may be used to minimise
this abuse,104 he does not analyse the viability of implementing it within an electronic
registration system.
In Australia, as noted in Chapter 1, two studies have analysed the impact on fraud of
automating the registration process within the Torrens system and the possible
measures that might be used to minimise these fraud risks: the fraud risk
assessment undertaken by Clayton Utz on behalf of the National Electronic
100 For articles discussing generally the technology of digital signatures, see: Adrian McCullagh,
William Caelli and Peter Little, 'Electronic Signatures: Understand the Past to Develop the Future' (1998) 21(2) University of New South Wales Law Journal 453, Peter Moon, 'Everything You Always Wanted to Know About Digital Signatures' (1999) Law Society Journal 57, Bradley Freedman, Digital Signatures and Authentication Processes (2004) Continuing Legal Education Society of British Columbia <http://www.cle.bc.ca/CLE/Analysis/Collection/04-54321-signatures> at 10 May 2005 , Paul Barnett, 'The Write Stuff? Recent Developments in Electronic Signatures' (2001) (46) Computers and Law 15, Steve Orlowski, 'Electronic Authentication - More Than Just Digital Signatures' (2000) 16(1) Computer Law and Security Report 28, Ian Christofis, 'Myths of PKI' (2003) 53(1) Telecommunications Journal of Australia , Lorna Brazell, 'Electronic Security: Encryption in the Real World' (1999) 21 European Intellectual Property Review 17, Alan Davidson, 'Electronic Signatures' (2002) Proctor 32, Jane Winn, 'The Emperor's New Clothes: The Shocking Truth About Digital Signatures and Internet Commerce' (2001) 37 Idaho Law Review 353.
101 Articles discussing PKI generally include: Yee Fen Lim, 'Digital Signatures and PKI: The Technical and the Legal' (2004) 6(9) Internet Law Bulletin 116, Yee Fen Lim, 'Digital Signature, Certification Authorities and the Law' (2002) 9(3) Murdoch University Electronic Journal of Law, Entrust, 'White Paper: Trust Management in the Public-Key Infrastructure' (2003), Entrust, 'An Introduction to Cryptography and Digital Signatures' (2001).
102 See Carl Ellison and Bruce Schneier, 'Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure' (2000) 16(1) Computer Security Journal 1, James Backhouse, 'Assessing Certification Authorities: Guarding the Guardians of Secure E-Commerce?' (2002) 9(3) Journal of Financial Crime 217, Jamie Murray, 'Public Key Infrastructure, Digital Signatures and Systematic Risk' (2003) 1 Journal of Information, Law and Technology, Ian Christofis, 'Myths of PKI' (2003) 53(1) Telecommunications Journal of Australia, Adrian McCullagh, William Caelli and Peter Little, 'Signature Stripping: A Digital Dilemma' (2001) 1 Journal of Information, Law and Technology , Luke Smith, 'Public Key Infrastructures: Debunking the Myths' (2001) 3(9) Internet Law Bulletin 120, Ben Laurie, Seven and a Half Non-Risks of PKI: What You Shouldn't Be Told About Public Key Infrastructure <http://www.apache-ssl.org/7.5things.txt> 3 March 2004.
103 See Catriona MacLennan, 'Mortgage Frauds Prompt Calls for System Changes' (2006) 2 Law News 1 and Rod Thomas, ‘Fraud, Risk and the Automated Register’ in David Grinlinton (ed), Torrens in the Twenty-first Century (2003) 349.
104 Thomas, ibid.
41
Conveyancing System Steering Committee105 in response to the proposed Australia
National Electronic Conveyancing System (NECS), and an article of mine.106
However, as explained in Chapter 1, whilst both the Clayton Utz risk assessment
and my article are relevant to this study, since they examined fraud, both of them
were based on the NECS, which at this stage is still in proposal form.
Other articles that have addressed the impact on the security and integrity of the
system of automating the land registration process, include an article by
Christensen107 in 2004, examining the security safeguards required for maintaining
security and integrity of the register, focusing on:
• Access;
• The use of public key encryption to ensure integrity and security; and
• The need for certification of the identity of a client by the solicitor accessing
the electronic registration system on behalf of the client so as to improve
security.
Later in 2005, another article of mine108 provided a comparative overview of the
security safeguards for maintaining integrity of title used in the electronic land
systems in Canada, New Zealand, England and Singapore, focusing on:
• The ways that access to each system is controlled;
• The electronic signature infrastructure used by each system;
• Whether the ability to electronically sign documents is restricted to a
particular group of users of the system; and
• Whether the register is updated automatically once an electronic document
is submitted for registration.
105 See National Electronic Conveyancing Office, Risk Assessment of the National Electronic
Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007.
106 Rouhshi Low, 'Opportunities for Fraud in the Proposed Australian National Electronic Conveyancing System: Fact or Fiction?' (2006) 13(2) Murdoch University Electronic Journal of Law 225.
107 Sharon Christensen, 'Electronic Land Dealings in Canada, New Zealand and the United Kingdom: Lessons for Australia' (2004) 11(4) Murdoch University Electronic Journal of Law . Christensen also wrote an earlier article which discussed the suitability of digital signatures as a replacement to the traditional handwritten signature within the conveyancing process. This issue is beyond the scope of this research. See Sharon Christensen, William Duncan and Rouhshi Low, 'The Statute of Frauds in the Digital Age: Maintaining the Integrity of Signatures' (2003) 10(4) Murdoch University Electronic Journal of Law .
108 Rouhshi Low, 'Maintaining the Integrity of the Torrens System in a Digital Environment: A Comparative Overview of the Safeguards Used Within the Electronic Land Systems in Canada, New Zealand, United Kingdom and Singapore' (2005) 11(2) Australian Property Law Journal 155.
42
In 2006, an article by France-Hudson109 provided a comparative analysis of the
automated registration systems in Ontario, British Columbia, England, Australia and
New Zealand, highlighting differences between these systems, in particular, the
manner in which each is updated and its impact on fraud and mistake.
These articles are relevant to this research, to the extent that they provide a broad
discussion of the various security features that might be used to maintain the
integrity of the land registration system within an electronic environment. However,
they do not connect the usage of these security features with the perpetration of
fraud, for example, on how the method of control of access to the system might
impact on the ways by which fraud may be perpetrated.
There have also been several articles which examined claims made against the
State, primarily focusing on claims for loss caused by fraud. These include studies
by Hammond110 in 2000, Griggs111 in 2001 and Christensen and Stickley in 2000112.
Hammond studied claims made against the States of Western Australia,
Queensland and New South Wales for loss caused by fraud, focusing on the impact
on fraud of abolishing the duplicate certificate of title. Following up the Hammond
study, Griggs examined the situation in Tasmania, looking at a survey of 22
successful claims made on the assurance fund in Tasmania from 1993 to 2000 and
identifying the causes of the loss. Finally, the article by Christensen and Stickley
examined the Queensland position after the abolition of the paper certificate, noting
that at the time of writing, there had been no claims on the Assurance Fund in
Queensland that were linked to the absence of a paper certificate of title.113
It can be seen, then, that the primary focus of these studies, apart from the one by
Griggs, has been on the impact of abolishing the duplicate certificate of title on
compensation claims for loss caused by fraud. As will discussed in greater detail in
Chapter 3, the use of the certificate of title to perpetrate fraud may be seen as an
instance of identity fraud, where the fraudulent person falsely represents himself or 109 Ben France-Hudson, 'Living in Interesting Times - Landonline, Leader in its Field at What Cost?'
(2006) 12 Canterbury Law Review 121. 110 Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on
Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115. 111 Lynden Griggs, 'Torrens Title in a Digital World' (2001) 8(3) Murdoch University Electronic Journal
of Law . 112 Sharon Christensen and Amanda Stickley, 'Electronic Title in the New Millennium' (2000) Flinders
Journal of Law Reform 209. 113 Sharon Christensen and Amanda Stickley, 'Electronic Title in the New Millennium' (2000) Flinders
Journal of Law Reform 209, 218.
43
herself as either another person or a fictitious person, using genuine or falsified
identity documents.114 The Hammond and Christensen studies are relevant to this
research, to the extent that abolishing the duplicate certificate of title may be one
component of automating the Torrens registration process, so that analysis of
whether this may increase or reduce fraud is pertinent to this research. In particular,
the data obtained from the Hammond study and its analysis on the impact of
abolishing the certificate of title on fraud, can be used by this study in support of its
findings. However, apart from the use of the certificate of title, automating the
registration process of the Torrens system might influence other conveyancing
practices. How would these changes impact on fraud? Might not they introduce new
methods of fraudulent conduct? As the focus of these articles was on the impact on
fraud of abolishing the certificate of title, the impact on other types of fraud of
automating the registration process within the Torrens system was not considered,
nor did they consider whether automating the registration process within the Torrens
system might introduce new methods of perpetrating fraud.
The Hammond study did suggest a number of safety mechanisms that could be
introduced to minimise identity fraud. These were: additional attestation
requirements for witnessing documents and the issue of a folio identification number
(similar to a PIN) which would be required to be produced when the title to the land
is being altered.115 Again, these measures are specific to addressing identity fraud,
and hence relevant to this study; however, a broader range of measures that might
be used to minimise the spectrum of frauds that can occur in an electronic
registration system should also be considered. Griggs also mentioned the use of
digital signatures and the use of a ‘Landcard’ – that would operate like a credit card
and be verified by a password – as alternative safeguards.116 However, as noted
114 The increase in concern of this crime of identity fraud may be seen in volume of articles and
studies on identity fraud: Suresh Cugnasen and David Lacey, Identity Fraud in Australia: An Evaluation of its Nature, Cost and Extent (2003), Alan Davidson, 'Identity Fraud' (2005) Proctor 33, Alan Davidson, 'Phishing: The Identity Theft Epidemic' (2006) 26(3) Proctor 37, Jan Grijpink, 'Identity Fraud as a Challenge to the Constitutional State' (2004) 20(1) Computer Law and Security Report 29, Stephen Mason, 'Validating Identity for the Electronic Environment' (2004) 20(3) Computer Law and Security Report 164, Geoff Main and Brett Robson, 'Scoping Identity Fraud' (Attorney General's Department, 2001), Harry Pontell, 'Pleased to Meet You...Won't You Guess My Name?: Internet Fraud, Cyber-Crime, and White-Collar Delinquency'' (2002) 23 Adelaide Law Review 305, Gary R Gordon and Jr Norman A Willox, 'Identity Fraud: A Critical National and Global Threat' (2004) 2(1) Journal of Economic Crime Management , 7 and Holly K Towle, 'Identity Theft: Myths, Methods and New Law' (2004) 30 Rutgers Computer and Technology Law Journal 237
115 Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115, 132 and Lynden Griggs, 'Torrens Title in a Digital World' (2001) 8(3) Murdoch University Electronic Journal of Law , [35] & [36].
116 Griggs ibid [36] & [37].
44
above, there are security concerns with the use of digital signatures and these were
not addressed by Griggs. The use of a Landcard or similar mechanism is a security
measure that should be considered, however, a more detailed analysis would be
needed in terms of how these Landcards might be issued, who would be
responsible for issuing them and how they might operate within an electronic
registration system.
In other Torrens jurisdictions, notably Canada, there has been a growing concern
about the increase in land title fraud, evidenced by the increasing number of
informational papers, newspaper articles, conferences, and fraud awareness
sessions organised by various organisations involved in the land titling process,
such as the Law Society of Upper Canada, the Law Society of British Columbia, the
Canadian Association of Accredited Mortgage Professionals, the Ontario Bar
Association and the Canadian Mortgage and Housing Corporation. Discussions
ranged from how fraud is perpetrated, generally focusing on identity fraud, to
providing an overview of the measures that various stakeholders, such as solicitors,
45
within the conveyancing process could adopt to minimise fraud.117 These
discussions are relevant to this research in that they provide information on how
fraud, particularly identity fraud, can be perpetrated and what measures might be
used to minimise it. However, these discussions neither analyse whether or not the
implementation of an electronic registration system might alter the manner in which
fraud might be perpetrated nor whether or not implementation of an electronic
registration system might introduce new methods of perpetrating fraud.
It can be seen from this overview of the literature that currently the analysis of fraud
within the Torrens system is rather fragmented. Some studies, such as Hammond’s,
focus on identity fraud, where the certificate of title is the primary tool used to
perpetrate the fraud. Others, such as the article by Christensen, focus on the
various security features that might be used to maintain the integrity of the Torrens
system within an electronic environment. However, none of the studies have
examined the broad spectrum of frauds that might be perpetrated in a Torrens
system using an electronic registration process. For example, apart from identity
117 Simon Hally, 'How Secure is E-Registration' (2005) 29(7) Canadian Lawyer 47, Ben Hengeveld,
'Fraud Smarts - Identity/Personation/Mortgage Fraud' (Paper presented at the The 2nd Annual Real Estate Law Summit, Toronto, Canada, 6 & 7 April 2005), Brian Bucknall, Fraud and Forgery Under the Land Titles Act (2003) <http://www.firsttitle.com.au/Brian-Bucknall-Fraud-and-Forg_2.pdf> at 12 May 2007, Norman Siebrasse, 'Report on Land Title Practices and Fraud' (Canada Mortgage and Housing Corporation, 2003), Canadian Association of Accredited Mortgage Professionals, Consumer Information on Real Estate Fraud (2008) <http://www.caamp.org/fraud_intro.htm> at 16 April 2008; Norman Siebrasse, 'Report on Land Title Practices and Fraud' (Canada Mortgage and Housing Corporation, 2003), Law Society of British Columbia, Practice Tips: Fighting Back Against Fraud (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-16_Tips-fraud.html> at 6 June 2006, Law Society of British Columbia, Real Estate Fraud - A Prevention Primer (2005) <http://www.lawsociety.bc.ca/publications_forms/iissues/05-03_risk.html> at 4 September 2006, Law Society of British Columbia, Fighting Back Against Fraud - The Risks in Real Estate (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-16_Tips-fraud.html> at 4 September 2006, Law Society of British Columbia, Rules Require Lawyers to Guard Against Fraud (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-03_PCH-fraud.html> at 4 September 2006, Law Society of British Columbia, Curbing Risk in Real Estate Practice (2006) <http://www.lawsociety.bc.ca/publications_forms/iissues/06-02_risk.html> at 6 June 2006, Law Society of Upper Canada, Notice to the Profession - Law Society Warning to Real Estate Practitioners Re:Fraud (2004) <http://mrc.lsuc.on.ca/jsp/fightingRealEstate/noticeToProfession.jsp> at 24 May 2006, Law Society of Upper Canada, Fraud in Real Estate Transactions (2004) <http://mrc.lsuc.on.ca/pdf/fightingRealEstate/july2304_fraud_scenarios.pdf> at 24 May 2006, Law Society of Upper Canada, Qs and As - Fraud in Real Estate Transactions: Some Ethical Issues (2004) <http://mrc.lsuc.on.ca/pdf/fightingRealEstate/july2304_fraud_qa.pdf> at 24 May 2006, Law Society of Upper Canada, 'Report to Convocation: Mortgage Fraud' (Law Society of Upper Canada, 2005), Lawyers' Professional Indemnity Company, Fighting fraud: Organizations Collaborate (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_Org.pdf> at 4 September 2006, Lawyers' Professional Indemnity Company, Fighting fraud: Protect Security of PSPs (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_PSP.pdf> at 4 September 2006, Lawyers' Professional Indemnity Company, Fighting fraud: Implement Appropriate Internal Controls (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_Control.pdf> at 4 September 2006, Lawyers' Professional Indemnity Company, Managing the Security and Privacy of Electronic Data in a Law Office (2005) <http://www.practicepro.ca/practice/pdf/ManagingSecurityPrivacy4print.pdf> .
46
fraud, can other types of fraud currently being perpetrated in a paper-based Torrens
registration process persist under electronic registration? Will automating the
registration process within the Torrens system alter the manner in which fraud is
perpetrated? Will it introduce new methods of perpetrating fraud? None of these
studies have provided a comprehensive analysis on what factors, apart from the use
of the certificate of title, might facilitate the perpetration of fraud. Furthermore, none
of these studies have examined the likely types of perpetrators of fraud, the types of
transaction that are likely to be targeted by them and the range of measures that
could be used to minimise these within an electronic environment.
Given the importance of minimising fraud, so that the twin objectives of the Torrens
system may be achieved, this research intends to fill this gap in the literature by
building upon the findings of these studies and undertaking a much broader and
more detailed analysis by:
• providing a more comprehensive analysis of the types of fraud that are being
perpetrated in the Torrens system under a paper based registration process,
the methods of perpetration, the factors that facilitate the fraud, the likely
perpetrators and the transactions that are most commonly targeted;
• analysing the likelihood of these frauds occurring in a Torrens system that
uses a fully automated registration process. This will be achieved, rather
than restricting the analysis to the NECS and the proposed Victorian EC
system, by examining those electronic land registration systems that are
currently operational in other jurisdictions as well, to compare the likelihood
of fraud given various features of these systems;
• analysing the likelihood of new opportunities for fraud under these electronic
registration systems; and
• examining the type of measures that might be used to minimise these fraud
risks.
In filling this gap in the literature, this research will provide an original contribution to
knowledge; its findings could be used to inform stakeholders in the conveyancing
sector of the various fraud risks that might arise from using technology to automate
the Torrens registration process, as well as the possible measures that could be
implemented to minimise these risks, ensuring that the twin objectives of the
Torrens system can be met in an electronic environment.
47
2.6 Conclusion
This chapter has demonstrated the importance of minimising fraud for the
successful functioning of the Torrens system, both in a paper and an electronic
environment. Established literature on the Torrens system was used to examine
the underlying principles and objectives of the Torrens system, showing that the
Torrens system has two objectives, to facilitate transfers of title and to provide
owners with a secure title. Security of title was shown to be the hallmark of the
Torrens system and vital to the proper functioning of a modern economy.
This chapter has also examined the concept of fraud and defined the scope of fraud
that will be the focus of this research – that which causes deprivation of title. This
type of fraud has the effect of causing a conflict between the two objectives of the
Torrens system. It was shown in this chapter that the Torrens system, through the
principle of immediate indefeasibility, favours facility of transfer over security of title;
the effect being the derogation of an owner’s ability to hold title securely. It was
shown that this would lead to a loss of confidence in the Torrens system and a
corresponding reduction in the benefits that are said to accrue from adopting a land
registration system. Hence it is critical that the Torrens system should operate in a
framework within which fraud may be minimised.
This chapter has also shown that there is currently a lack of comprehensive
academic research or analysis in Australia of the impact on fraud of using
technology to automate the registration process within the Australian Torrens
system, nor has there been any comprehensive research or analysis on the type of
measures that might be used to minimise these fraud risks. Given the effect of fraud
on security of title and the importance of security of title for the successful
functioning of the Torrens system, it is vital that such an analysis be undertaken.
The aim of this research is to fill this gap in the literature.
To achieve this, the next step in the analysis is to examine the types of fraud that
are currently being perpetrated in the present Torrens system. This will be done in
the next chapter.
48
CHAPTER 3
OPPORTUNITIES FOR FRAUD IN THE TORRENS SYSTEM USING A PAPER
BASED REGISTRATION PROCESS
Table of contents
3.1 Introduction........................................................................................................49 3.2 Incidence of fraud within the paper registration system......................................50 3.3 Implications from the incidence of paper-based frauds ......................................54
3.3.1 Trends in fraud perpetration ........................................................................54 3.3.2 Issues arising out of fraud trends that require further analysis.....................54
3.3.2.1 How is it that fraud may be perpetrated despite the existence of certain conveyancing practices that are said to act as safeguards against fraud? .......55
3.3.2.1.1 Witnessing requirements ...............................................................55 3.3.2.1.2 Use of the paper certificate of title .................................................56 3.3.2.1.3 Examination process of instruments lodged for registration ...........57
3.3.2.2 Why are the majority of perpetrators known to the victim of the fraud?.57 3.3.2.3 Why is fraud perpetrated in this manner? .............................................58 3.3.2.4 Why are mortgages and transfers the most common transactions targeted?..........................................................................................................58
3.3.3 Summary of issues for further analysis........................................................58 3.4 Analysis of case examples.................................................................................59
3.4.1 Forgery .......................................................................................................59 3.4.1.1 Individual as victim of the fraud ............................................................60
3.4.1.1.1 Conclusions drawn ........................................................................64 3.4.1.2 Corporation as victim of fraud...............................................................66
3.4.1.2.1 Conclusions drawn ........................................................................71 3.4.1.3 Forged power of attorney .....................................................................74
3.4.1.3.1 Conclusions drawn ........................................................................75 3.4.2 Alteration of document after execution ........................................................77
3.4.2.1 Conclusions drawn...............................................................................79 3.4.3 Fraud by misleading or fraudulently inducing the victim into signing relevant documentation .....................................................................................................80
3.4.3.1 Conclusions drawn...............................................................................84 3.4.4 Fraud by impersonation of the victim or identity fraud .................................85
3.4.4.1 Conclusions drawn...............................................................................90 3.5 Synthesis of findings..........................................................................................91
3.5.1 How is fraud perpetrated in the paper registration system?.........................92 3.5.2 Is the manner of perpetration of the fraud linked to certain conveyancing practices and processes? ....................................................................................92 3.5.3 How are fraudulent persons able to circumvent certain conveyancing practices that are said to act as a safeguard against fraud?.................................93 3.5.4 What factors may facilitate the perpetration of the fraud?............................93 3.5.5 Do perpetrators act alone or do they act in collusion with others? ...............94 3.5.6 Why are the majority of frauds perpetrated by persons known to the victim?94 3.5.7 Are some types of fraud more susceptible to being perpetrated by persons known to the victim while some types of fraud more susceptible to those unknown to the victim?........................................................................................................97 3.5.8 Are some perpetrators better placed to perpetrate fraud than others?.........98 3.5.9 Why does fraud normally involve mortgages or a combination of transfers and mortgages?...................................................................................................99
3.6 How will automating the registration process within the Torrens system impact on these findings?.................................................................................................. 100 3.7 Conclusion....................................................................................................... 103
49
Chapter 3: Opportunities for fraud in the Torrens s ystem using a paper-based
registration process
3.1 Introduction
The context in which this research is being undertaken was set out in the previous
chapter. In particular, Chapter 2 found that the concepts of security of title and
facility of transfer are vital to fostering economic wellbeing and financial growth.
Chapter 2 also found that the occurrence of fraud has the effect of causing a conflict
between these twin concepts and that the Torrens system, through the principle of
immediate indefeasibility, favours facility of transfer over security of title. The effect
of fraud therefore is to derogate from an owner’s ability to hold title securely, leading
to a reduction in confidence in the Torrens system’s ability to provide for security of
title and a corresponding reduction in the benefits said to accrue from adopting a
land registration system. From this analysis, Chapter 2 argued that it is critical that
the Torrens system should operate in an environment in which fraud can be
minimised. Chapter 2 also showed that there has been little analysis of the impact
on fraud of automating the registration process of the Torrens system and the type
of measures that may be used to minimise these frauds.
The purpose of this chapter is to begin the first step in this analysis by examining the
types of fraud that are currently perpetrated in the Torrens system using a paper
based registration process. As set out in Chapter 2, the frauds that will be looked in
this chapter are those that lead to a claim for deprivation of title caused by fraud.
Data obtained from various State and Territory Land Title Offices will be used to
determine common trends in the perpetration of fraud in the Australian Torrens
system using a paper based registration process, including the manner in which
fraud is usually perpetrated in this system, the most common perpetrators of these
types of fraud, and the types of transactions usually targeted.
Given these findings, this chapter will then use case examples to undertake an in-
depth and comprehensive analysis to determine the following:
• the methods by which these frauds are perpetrated;
• the factors that facilitate the perpetration of the fraud;
• how certain practices which are said to act as safeguards against fraud may
be circumvented by fraudulent persons;
• the reasons why certain perpetrators are more likely or have a better
opportunity to perpetrate fraud than others; and
50
• the reason why certain transactions are targeted by these fraudulent
persons.
The analysis in this chapter will find that, in the Torrens system using a paper-based
registration process, the most common ways of perpetrating fraud are forgery,
impersonation, fraudulent alterations and fraudulently misleading the victim into
executing documents. It will be shown that these methods of perpetrating fraud are
linked to current conveyancing practices and to processes in the Torrens system.
Whilst certain conveyancing practices in the system are said to act as safeguards
against fraud, Chapter 3 will show that fraud continues to be perpetrated despite
them. The most common types of perpetrators will be found to be those who are
known to the victim, because this relationship provides them with an opportunity to
perpetrate fraud. This chapter will show that within this class of perpetrators,
solicitors are in a better position to perpetrate fraud; while fraud by persons
unknown to the victim are less prevalent. Some types of fraud, because of the
manner in which they are perpetrated, will be shown to be more liable to be
perpetrated by persons known to the victim, whereas others might be susceptible to
those both known and unknown. It will also be found that certain factors facilitate the
perpetration of the fraud. Finally this chapter will show that mortgages and transfers
are usually the most likely type of transaction targeted by fraudulent persons, acting
alone or in collusion with others.
3.2 Incidence of fraud within the paper registratio n system
As noted in Chapter 2, the focus of this research is on frauds giving rise to a claim
for compensation from the State by a registered proprietor who has been deprived
of title by the fraud. Thus data on compensation claims made against the State for
loss caused by a deprivation of title through fraud is relevant to this research. This
section will examine this data for common trends in the perpetration of fraud in
Australia.
I was able to obtain data on compensation claims made against the States of
Victoria, Queensland, South Australia and Tasmania for the period 1989 to 2005.
For the State of Queensland, a total of twenty one successful claims were made
during the period 1989-2005. They involved the following types of activity118:
118 The activities listed here is a representation of the most common types of claims made in
Queensland. Appendix A has a list of all the claims made during this period, including details of the fraudulent activity for each claim.
51
• forgery of signatures; fraudulent execution of the victim’s signature on an
instrument of mortgage;
• fraudulent execution of a power of attorney and subsequent mortgaging of
the family home using that power of attorney;
• fraudulent person either fraudulent executing or coercing execution of a
transfer of the subject property to the fraudulent person’s wife;
• misleading the registered proprietor into signing mortgage documents over
the subject property;
• impersonating the registered proprietor and fraudulently arranging for a
mortgage to be registered over the subject land.
Most of these claims involved family members119 as the fraudulent party and the
most common type of transaction was mortgages. The incidence of fraud evident in
that data from Queensland can be summarised as follows:
State Type of fraud Fraudulent party Transaction No. of
claims Total fraud
claims Forgery of signature Family member Mortgage 5
Fraudulently executing a Power of Attorney and using that power to mortgage the family home
Family member Mortgage 1
Forgery of signature
Solicitor Mortgage 6
Forgery of signature
Director of the company who had introduced the victims to purchase the property that was the subject of the fraud
Mortgage 7
The fraudulent person used the victim’s 18+ card of the victim to impersonate the victim and arranged for a mortgage to be registered over the subject land.
Trusted friend Mortgage One
Queensland (1989-2005)
Misleading the owner into signing mortgage documents
Accountant of the registered owner Mortgage One
21
119 The term ‘family member’ includes: husband/wife, brother/sister, son-in-law/daughter-in-law and
mother-in-law/father-in-law.
52
In addition to this data, it was also brought to my attention by the Queensland
Registrar of Titles that he had on at least one occasion come across a case where
fraud was perpetrated by altering a land title instrument after the instrument had
been executed.120 Whilst this type of fraud is not represented in the data, the
possibility exists that fraud may also be perpetrated this way.
For the State of South Australia, a total of seven successful claims were made
during the period 1990-2005. Out of these seven claims, four involved fraud. The
claims involved the following type of activities121:
• falsely inducing the victims of the fraud on two separate occasions to sign
the last page of what later became a memorandum of mortgage;
• forging the victim’s signature to mortgage the subject property;
• forging the victim’s signature on a transfer of a lease.
Most of these claims involved family members as the fraudulent party and the most
common type of transaction was mortgages. The incidence of fraud evident in that
data from South Australia can be summarised as follows:
State Type of fraud Fraudulent party Transaction No. of
claims Total fraud
claims Forgery of signature Family member Mortgage 1
Forgery of signature
Family member Transfer of a lease 1
South Australia (1990-2005)
Falsely inducing the claimant to sign the last page of what later became a memorandum of mortgage.
Friend Mortgage 2
4
In the State of Tasmania, during the period 1990 – 2005, only one claim involved
fraud, the rest involved office errors. The fraud involved a forgery of the signature of
the victim of the fraud, fraudulently transferring the property to a bona fide third
party. The fraudulent person was the ex-husband of the victim.
Finally, the information provided by the Registrar of Titles from Victoria was more
generalised, hence it has not been reproduced into a table. The report from Victoria
noted that almost all the fraud occurring in Victoria involved family members with
120 Max Locke, Registrar of Titles Queensland <[email protected]>, email (14 March
2007). The Registrar noted that the case was resolved by the parties concerned. 121 More complete details are available in Appendix A.
53
forged mortgages. Forged transfers rarely gave rise to claims, and usually in
situations involving family members.122
I requested data from Western Australia and New South Wales but was not provided
with any. Data on claims for these two States can be found in the study by
Hammond123 in 2000 which examined the impact on fraud of abolishing the paper
certificate of title.
Hammond was provided with information from the Western Australia Department of
Land Administration from 1990 to 1999, that showed that 41 claims against the
State were received. Of these, 17 were classed as fraud. The data showed that
family members were the most common perpetrators of the fraud, since five of the
17 were perpetrated by family members, while the rest were perpetrated by
mortgage brokers (two), mortgagees (three) or by persons unspecified. In terms of
the type of transactions that were most commonly targeted, the data showed that
mortgages were the most common; frauds involving mortgages amounting to 12 out
of the 17 claims.124
As for the New South Wales data, the New South Wales Land Titles Office provided
Hammond with data for claims against the New South Wales Assurance Fund from
1994 to 1998. According to Hammond, the report showed that for this period, 38
claims for fraud were made. The data showed that the most frequent perpetrators of
fraud were family members – 18 out of the 38. The remaining claims involved
solicitors (six), financial advisers (four), acquaintances (three), company directors
(two), third parties unknown to the registered proprietor (three), land dealer (one)
and trustee (one). The data also showed that the type of transaction most commonly
targeted involved mortgages, as 21 out of the 38 claims involved mortgages. The
next most commonly targeted transactions were transfers (12 out of the 38 claims).
While Hammond did include in her study a brief description of the fraudulent
activities engaged in, it is difficult to categorise them by inference from the
descriptions given. This is because Hammond’s study focused on the impact of
abolishing the certificate of title on fraud, so that the descriptions given of various
122 John Barry, Deputy Registrar of Titles, Victoria Land Registry <[email protected]>, email
(28 September 2005). 123 See Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on
Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115. 124 Included in this calculation are fraudulent activities involving mortgagee power of sale. In
Hammond’s article, this activity was listed separate to mortgages and amounted to two out of the 17 claims.
54
fraudulent activities centre on the use or non-use of the certificate of title. It does not
describe, for example, whether the fraudulent person, when using the certificate to
perpetrate fraud, had impersonated the registered proprietor or forged the registered
proprietor’s signature. The Hammond study is useful to the extent that the data
provided may be used by this research to confirm its findings in [3.4.4.1] below.
3.3 Implications from the incidence of paper-based frauds
3.3.1 Trends in fraud perpetration
Analysis of the above data revealed certain trends in fraud perpetration in Australia.
First, analysis shows that there are several ways in which fraud can be perpetrated.
The primary method appears to be forgery of the victim’s signature, including
fraudulently executing a power of attorney. Other methods include impersonating
the victim of the fraud125, misleading or fraudulently inducing the victim of the fraud
to sign the relevant documentation necessary for the perpetration of the fraud and
fraudulently altering a relevant land title document after its execution.
Second, the most common perpetrators of land title fraud in Australia appear to be
those known to the victim of the fraud, such as family members, relatives, close
friends, and the victim’s solicitor or accountant. This is also the conclusion drawn
from the Hammond study, although her study was focused on fraud involving the
use of the certificate of title.126 However, the statistics from the Hammond study for
claims made against the New South Wales assurance fund also show that fraud can
also be perpetrated by someone unknown to the victim.
Third, the data shows that the majority of fraud claims involve mortgages and
transfers, or a combination of these.
3.3.2 Issues arising out of fraud trends that requi re further analysis
Several issues arising from these trends may be identified, as follows:
125 It is noted that there is an overlap between forgery and impersonation. In impersonation cases, the
fraudulent person impersonating the victim would still be required to sign as the victim on the land title instrument and in that sense the victim’s signature is forged. It could also be said that in forging a person’s signature, the fraudulent is impersonating that person. For the purposes of this research, impersonation is restricted to the situation where the fraudulent person either uses identity documents (including certificate of title) which may be genuine or false to impersonate the victim for the purposes of perpetrating the fraud. Hence the main method of perpetrating the fraud is the use of the victim’s identity documents, the forgery of the signature is incidental. Forgery is restricted to the situation where the fraudulent person simply forges the victim’s signature.
126 Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115, 130.
55
3.3.2.1 How is it that fraud may be perpetrated des pite the existence of certain
conveyancing practices that are said to act as safe guards against fraud?
First, it appears that fraudulent persons are able to perpetrate fraud despite the
existence of certain conveyancing practices that have been touted as safeguards
against fraud. These include:
• requiring witnessing for certain instruments that are presented for
registration;
• requiring that the paper certificate of title must be produced to indicate a right
to deal with the land; and
• the examination process undertaken by the Land Titles Office of instruments
lodged for registration.
3.3.2.1.1 Witnessing requirements
The general requirement that certain land title instruments presented for registration,
such as transfers and mortgages, must be signed by the person creating or
transferring the interest, or by that person’s attorney, and attested by a witness, is
found in Torrens legislation in most States and Territories in Australia.127 Legislation
in some States and Territories in Australia also provide that these witnesses must
comply with certain obligations and procedures when witnessing signatures.128
While the wording of attestation clauses in the Torrens legislation may vary between
the different States and Territories, it has been said that the main purpose for
requiring witnessing of signatures to instruments produced for registration is to
prevent the registration of forged documents.
127 In Australian Guarantee Corporation v De Jager [1984] VR 483, Tadgell J found that in all
jurisdictions except Victoria there are specific requirements to the effect that instruments presented for registration must be signed by the registered proprietor and attested by a witness. In Victoria, his Honour found that although the Transfer of Land Act 1958 (Vic) was silent as to execution and attestation of instruments, many of the schedules to the Act contemplated that an attesting witness would be present when a person executed an instrument. There was also evidence that the practice of the Victorian Titles Office is to require attestation. Thus according to his Honour, the same attestation requirements in Victoria are implied: Australian Guarantee Corporation v De Jager [1984] VR 483, 497. A similar view has been taken of legislation that authorises the registrar to approve forms for use under the Act, if the forms approved by the registrar require attestation. See Beatty v Australia and New Zealand Banking Group Ltd [1995] 2 VR 301, 315.
128 For example, s162 of the Land Title Act 1994 (Qld) provides that ‘a person who witnesses an instrument executed by an individual must (a) first take reasonable steps to ensure that the individual is the person entitled to sign the instrument, and (b) have the individual execute the document in the presence of the person and (c) not be a party to the instrument’. Also see s36(1D)(b) Real Property Act 1900 (NSW), s267 Real Property Act 1886 (SA), s48(1)(a) Land Titles Act 1980 (Tas), s145 Transfer of Land Act 1893 (WA) and s160 Land Title Act 2000 (NT).
56
As noted by Tadgell J in Australian Guarantee Corporation v De Jager:
Early critics of the system predicted that proprietors would be deprived of their
estates because opportunities would open up for fraud and forgery and publication
of title. Strict provisions as to proof of execution were part of the answer to this
criticism.129
3.3.2.1.2 Use of the paper certificate of title
Another requirement that is said to act as a safeguard against fraud is the issuing
and production of the certificate of title. In the paper registration system generally
paper certificates of title are issued by the state, in duplicate. The original is included
in the register and the duplicate delivered to the person entitled to it, usually the
registered owner or the mortgagee. The certificate of title issued provided conclusive
evidence of the matter specified in the title. It is thus used to evidence ownership of
the land130 and generally the duplicate paper certificate of title had to be produced,
subject to certain exceptions,131 together with a completed transfer or mortgage
129 Australian Guarantee Corporation v De Jager [1984] VR 483, 497. Also Ratcliffe v Watters (1969)
89 WN (Pt 1) (NSW) 497, 502: ‘It seems necessary to remind solicitors, in view of the effect a void instrument has when registered, of the significance of identifying transferors or mortgagors with the persons who represent themselves to be authorised to transfer or mortgage. The statutory forms of transfer and mortgage themselves recognize the importance of identification, and purport to prescribe the only persons authorized to attest the transferor’s or mortgagor’s signature – a prescription which is…commonly disregarded…Faithful compliance with the directions in this regard on the statutory forms of transfer and mortgage will lessen the risk of loss through fraud or forgery’. Also see Arcadi v Whittem (1992 ) 59 SASR 515, 524 per Olsson J referring to Australian Guarantee Corporation v De Jager [1984] VR 483: ‘Having regard to the scheme of legislation I consider that the attestation required by the Act is mandatory not directory…and that it is fundamental to the integrity of the Torrens system’; and Debelle J in Arcadi v Whittem (1992 ) 59 SASR 515, 537 that attestation clauses are a ‘particular feature of the Torrens system designed to avoid fraud and forgery’.
130 This was noted by Muir: ‘custody of the duplicate title is often said to confer the ‘right to deal’, an assurance that the person purporting to deal with the land is in fact entitled to do so. The handing over of title documents is one of the longstanding rituals of settlement’: Robbie Muir, ‘Electronic Registration: The Legislative Scheme and Implications for the Torrens System in New Zealand’ in David Grinlinton (ed), Torrens in the Twenty-first Century (2003) 311, 316. Also see Russell Cocks and John Barry, 'Electronic Conveyancing: Challenges for the Torrens System' (2001) 8(3) Australian Property Law Journal 270, 276: ‘The current function of the paper title is to act as an entrée card into the system. It does this in two ways, or more correctly, at two stages of the transaction. At the beginning of the transaction it is used by the parties to informally establish the identity of the participant as being someone entitled to deal with the property. It is also formally used at the conclusion of the transaction when a party seeking registration is obliged to produce the paper title as an entrée card into the register. At both stages the primary function of the paper title is to establish the identity of the party as a person having the right to deal with the property’.
131 Refer to Land Title Act 1994 (Qld), s 154, Real Property Act 1900 (NSW), s 33(4); Transfer of Land Act 1958 (Vic), s 27E; Real Property Act 1886 (SA), s 98; Transfer of Land Act 1893 (WA), s 86; Land Titles Act 1925 (ACT), s 75; Land Title Act 2000 (NT), s 153.
57
form, before registration could proceed. This requirement was said to act as a
safeguard against fraud.132
3.3.2.1.3 Examination process of instruments lodged for registration
Finally, land title instruments lodged for registration in the Land Titles Office undergo
a process of examination by officers at the Land Titles Office before the register is
updated. It could be said that this manual examination also acts as a safeguard
against fraud, particularly where there had been any fraudulent alterations made to
the instrument, because these types of alteration would be noticeable to the
examining officer.133
However, despite these safeguards, the data quoted earlier show that fraudulent
persons are able to circumvent these safeguards and perpetrate fraud. How are
they able to do so? Is the perpetration of the fraud facilitated by certain factors and if
so, what type of factors might operate to facilitate these frauds?
3.3.2.2 Why are the majority of perpetrators known to the victim of the fraud?
Another issue arising from analysis of the above data is why are the majority of
perpetrators known to the victim of the fraud? Further sub-issues to consider
include:
• do these perpetrators usually act alone in the perpetration of the fraud, or do
they use a third party as an aid to its perpetration?
• are there certain types of perpetrators who are better placed to perpetrate
fraud within the system than others?
• might there be certain types of fraud that are more susceptible to being
perpetrated by persons known to the victim, while other types of fraud are
more susceptible to being perpetrated by persons unknown to the victim?
132 See SR Simpson ‘the strongest argument which is made out for a certificate of title is that it is
valuable for the prevention of fraud, since failure to produce it at once alerts the Registry’: S Rowton Simpson, Land Law and Registration Book 1 (1976), 166 and Hammond: ‘…to effect a legal transfer of Torrens land in Western Australia, a completed transfer form coupled with the duplicate certificate of title had to be lodged for registration. The requirement that both be produced effected a safeguard against fraud’: Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115, 115.
133 See Sharon Christensen, 'Electronic Land Dealings in Canada, New Zealand and the United Kingdom: Lessons for Australia' (2004) 11(4) Murdoch University Electronic Journal of Law , [78] and [80].
58
3.3.2.3 Why is fraud perpetrated in this manner?
A third issue to consider is: why are frauds perpetrated in this manner? Is the
method of perpetration linked to particular conveyancing processes, such as the
need to execute land title forms? This is an important issue to consider because, if it
is linked to certain conveyancing processes, then it is possible that if those
processes were altered, for an automated Torrens system for instance, the manner
of perpetrating fraud may be might also change.
3.3.2.4 Why are mortgages and transfers the most co mmon transactions
targeted?
The final question to consider is why are mortgages and transfers the most common
transactions targeted by fraudulent persons?
3.3.3 Summary of issues for further analysis
Thus whilst the above data reveal certain trends in the perpetration of fraud within
the Torrens system, these trends also raise certain questions that need to be
addressed while analysing the impact on fraud of automating the Torrens system:
• how is fraud perpetrated?
• is the method of perpetration of the fraud linked to certain conveyancing
processes, such as the need to execute land title forms?
• how can fraudulent persons circumvent the conveyancing practices that are
meant to be safeguards against fraud?
• do these perpetrators act alone in the perpetration of the fraud or are they
aided by a third party?
• what factors may facilitate the perpetration of fraud?
• why are most frauds perpetrated by persons known to the victim?
• are some types of fraud more susceptible to being perpetrated by persons
known to the victim, and are others more susceptible to being perpetrated by
persons unknown to the victim?
• are some perpetrators better placed than others within the system to
perpetrate fraud?
• why is it that fraud usually involve mortgages and transfers?
The next step in the analysis is to answer these questions by analysing various case
examples that illustrate the general categories of fraud as identified in [3.3.1] –
forgery, impersonation, fraudulent misrepresentation, and fraudulent alteration. As
will be seen later in [3.6], the answers to these questions provide a basis upon
59
which a comparative analysis may be undertaken to determine the extent of the
impact on fraud of automating the registration process within the Torrens system.
3.4 Analysis of case examples
3.4.1 Forgery
There is a general requirement that certain land title instruments presented for
registration must be signed and attested by a witness. For an individual, an
instrument is validly executed if it is executed in a way permitted by law,134 most
commonly by the individual’s signature appearing on the instrument. For companies,
under the Corporations Act 2001 (Cth), a company may execute a document in one
of two ways135:
• using the common seal of the company – the document is executed by fixing
the common seal to the document and the fixing of the seal is witnessed by
two directors of the company, or by the director of a proprietary company
who is its sole director and is also the company secretary;
• without using the company seal – the document is executed if the document
is signed by two directors, or by a director and a company secretary, or by
the director of a proprietary company who is its sole director and is also the
company secretary.
It is also possible for an attorney under a power of attorney to execute land title
instruments on behalf of the grantor of the power of attorney.
The following case examples illustrate how fraud may be perpetrated by forging the
execution of the person or company purporting to transfer or create an interest in a
lot; or by forging a power of attorney. I will divide this type of fraud into three
situations: the first is where the victim of the fraud is an individual, so that the
individual’s signature on the land title instrument is forged. The second is where the
victim is a company, so that it is the company’s execution that is forged. The third is
where there is a forgery of the victim’s signature on the power of attorney.
134 For example, s161 of the Land Title Act 1994 (Qld) provides that an instrument is validly executed
if it is executed in a way permitted by law or the instrument is sealed with the corporation’s seal in accordance with s 46 of the Property Law Act 1974 (Qld). Also see ss36D(1D)(b), 36(1)(1E) & 106 Real Property Act 1900 (NSW), ss267, 268, 270 Real Property Act 1886 (SA), s48(1)(a) Land Title Act 1980 (Tas), ss130 & 145 Transfer of Land Act 1893 (WA), ss48 & 172-177 Land Titles Act 1925 (ACT), and s159 Land Title Act 2000 (NT).
135 See s127 Corporations Act 2001 (Cth).
60
3.4.1.1 Individual as victim of the fraud
The following case examples were selected to illustrate this type of fraud.
In Young v Hoger,136 the parents of the fraudulent person were joint tenants of the
subject property. Without the knowledge of the father, the daughter and the mother
obtained a loan secured by a mortgage over the property, by forging the father’s
signature on the memorandum of mortgage. Default occurred and the daughter and
the mother sought to refinance the loan; in doing so, the daughter forged the
signatures of both her mother and father on the mortgage.137 In both cases, the
signatures on the mortgage were purportedly witnessed by a Justice of the Peace.
However that Justice of the Peace died before the trial, hence there was no
evidence on the circumstances of the execution.138
In addressing the issues highlighted above, this case illustrates the following:
• the fraud occurred because the daughter was able to forge the father’s
signature on the mortgage instrument;
• the fraud involved a mortgage because the daughter required finance and
used the property as security for the loan;
• the daughter acted in collusion with the mother in the perpetration of the
fraud;
• the fraud was perpetrated by someone known to the victim. The relationship
with the father facilitated the fraud. It was found in this case that the father
relied upon and trusted his wife and daughter. The wife attended to all of the
family dealings, the books of account, cheque-books and all money
matters;139
• finally, the perpetration of the fraud was also facilitated by certain factors,
including:
o all correspondence by the solicitor acting for the mortgagees were
addressed to the fraudulent person (the daughter) and her mother, or
just to the fraudulent person.140 More importantly, the mortgage
instrument was given to the daughter and the mother for procuring
execution. The solicitor did not have any dealings, direct or indirect,
with the father; had he attempted to contact the father, he might have
discovered that the father was being defrauded by his wife and
daughter. However, as pointed out by the Queensland Court of
136 Young v Hoger [2001] QSC 453. 137 Young v Hoger [2000] QSC 455, [21]. 138 Young v Hoger [2000] QSC 455, [22]. 139 Young v Hoger [2000] QSC 455, [8]. 140 Young v Hoger [2000] QSC 455, [20].
61
Appeal, as the transaction was a refinancing of an existing mortgage
over the same property by the same parties and as all the
mortgagors appeared to come from the same family, it was perhaps
not unreasonable for the solicitor to deal solely with the daughter and
the mother141;
o the solicitor acting for the mortgagee did not know the Justice of the
Peace and did not know anything about the circumstances of the
purported execution of the mortgage that the Justice of the Peace
supposedly witnessed. The solicitor did not speak with or make any
attempt to contact the Justice of the Peace.142 If he had done so, it is
possible that the fraud might have been uncovered. Having said that,
the solicitor did receive a mortgage instrument that appeared on its
face to be duly executed in the presence of a Justice of the Peace.
As witnessing officers have to follow certain procedures when
witnessing signatures143, it could be said that the solicitor was entitled
to rely on these provisions, assuming that requirements had been
met. Further, it is not usual business practice for solicitors to check
whether witnessing procedures have been complied with. As pointed
out by the Court of Appeal: ‘[T]here was no evidence that it was
considered to be a prudent or even a common practice among
solicitors to verify the authenticity of the signature of a party to a
document, or specifically of the signature of a party to an instrument
under the Land Titles Act, by speaking to the Justice of the Peace or
other person who appears to have witnessed that signature. And at
least in the specific case of instruments under the Land Titles Act it
141 Young v Hoger [2001] QSC 453, [20]. 142 Young v Hoger [2000] QSC 455, [23]. 143 For example in Queensland, a person who witnesses an instrument executed by an individual
must (a) first take reasonable steps to ensure that the individual is the person entitled to sign the instrument; and (b) have the individual execute the document in the presence of the person; and (c) not be a party to the instrument: see s162 Land Title Act 1994 (Qld). Also see s36(1D)(b) Real Property Act 1900 (NSW), s267 Real Property Act 1886 (SA), s48(1)(a) Land Titles Act 1980 (Tas), s145 Transfer of Land Act 1893 (WA) and s160 Land Title Act 2000 (NT).
62
might reasonably be thought that Justices of the Peace would be
aware of the provisions of s162 of that Act’. 144
Whilst it was unclear in Young v Hoger as to how witnessing requirements were
circumvented, the case of Sansom v Westpac Banking Corporation145 illustrates that
they can be circumvented if there is a breach of witnessing procedures. In this case,
a wife and her husband were the registered proprietors of their home, as well as
joint holders of an overdraft account with Westpac Banking Corporation. To secure
an increase in the overdraft limit, the wife caused the home to be mortgaged to the
bank by forging the husband’s signature on the mortgage instrument. Subsequently,
the wife fraudulently arranged further mortgages, again by forging her husband’s
signature on the mortgage documents. This case is useful for illustrating the
following:
• the fraud occurred because the wife was able to forge the signature of the
husband on the mortgage;
• the wife was able to circumvent attestation requirements, because the
witness (the bank officer) attested to the husband’s signature on the
mortgage instrument even though it was not signed in his/her presence;
• the fraud in this case also involved a mortgage, because the wife required
finance and used the property as security for a loan;
• the wife acted alone in the perpetration of the fraud;
• in a similar way to Young v Hoger, the fraud in this case was perpetrated by
someone known to the victim of the fraud. Her relationship with the husband
facilitated the fraud. It was found in this case that the wife looked after the
financial affairs; she controlled the cheque books and did all the banking,
144 Young v Hoger [2001] QSC 453, [26]. See also Vassos & Anor v State Bank of South Australia &
Anor [1993] 2 VR 316, 334 where two experienced solicitors gave evidence as to what they considered to be proper conveyancing practice in Victoria (in 1990). Mr O’Hanlon said that ‘in early to mid 1990 there was generally no specific enquiry made by solicitors to verify that documents had in fact been signed by the purported signatory. If a solicitor received a document apparently executed in the presence of a witness then unless there was some specific reason to do so, the solicitor would not go back to verify the signature. Especially would this be so if the document appeared to have been executed in the presence of a solicitor’.
145 Sansom v Westpac Banking Corporation (1996) Aust Torts Reports 81-383. Also see Russo v Bendigo Bank Ltd [1999] 3 VR 376 where the clerk employed by solicitor acting for mortgagee was given specific instructions by the solicitor not to attest unless in that person’s presence. However the clerk had attested to the signature although the registered proprietor was not present when the document was signed, thereby enabling the son-in-law to perpetrate the fraud by forging her signature on the mortgage. Note that in this case the court held that fraud on the part of the clerk was not established because the clerk was not aware of the legal significance of attestation clauses in the registration process. Ormiston J held that the clerk was not shown to the dishonest and that the claimant had failed to establish the requisite dishonesty or moral turpitude necessary to establish fraud within the Torrens system. The case is used here as an example of how dispensing with proper attestation procedure facilitated the fraud.
63
signing most of the cheques drawn on their joint account.146 In addition, the
wife had told the bank officer that her husband was ill with cancer and the
bank officer had believed her and had given her the mortgage documents to
be signed by her husband. This gave her the opportunity to forge the
husband’s signature on the mortgage and return it to the bank.
• finally, the perpetration of the fraud was also facilitated by certain factors,
including:
o the breach of the bank’s attestation procedure that execution of
signatures are to be witnessed in the presence of bank officers. Had
the bank officer insisted on the husband signing in the bank officer’s
presence, the fraud may not have occurred;
o the bank did not get in contact with the husband before the
mortgages were signed nor did the bank attempt to verify the truth as
to the husband’s illness.147 Perhaps if the bank had contacted the
husband to verify the mortgage transactions, the fraud might have
been uncovered. However as Rolfe J pointed out, the bank officers
were told by the wife that the husband was terminally ill with cancer
and ‘if a wife says her husband is suffering from terminal cancer, in
the absence of suspicious circumstances, there would be no reason
to query the assertion’.148
It is also possible for the fraudulent person to circumvent attestation requirements by
forging the signature of the witness and this may be a forgery of the signature of a
real person or of a fictitious person. For example, two claims made against the State
of Queensland in 2004 involved the fraudulent person forging the signatures of his
parents and mother-in-law on two mortgage instruments, fraudulently mortgaging his
parent’s property and his mother-in-law’s property. In each case the signature of the
witness that was forged was fictitious. In contrast, in Vassos v State Bank of South
Australia,149 the signature of the solicitor who had purportedly witnessed the
execution of a mortgage was found to be forged,150 though in this case the solicitor
was a real person.
146 Sansom v Westpac Banking Corporation (1996) Aust Torts Reports 81-383, 63,320. 147 Westpac Banking Corporation v Sansom & Anor (Unreported, Supreme Court of New South
Wales, 22 November 1994), 36 (Rolfe J). 148 Westpac Banking Corporation v Sansom & Anor (Unreported, Supreme Court of New South
Wales, 22 November 1994), 36 (Rolfe J). 149 Vassos & Anor v State Bank of South Australia & Anor [1993] 2 VR 316. 150 Vassos & Anor v State Bank of South Australia & Anor [1993] 2 VR 316, 319-320 (Hayne J).
64
Whilst these case examples exemplify family members as perpetrators of fraud,
fraud may also be perpetrated by other categories of persons, such as solicitors.
This is illustrated in the case examples below.
In Registrar of Titles v Franzon and Finance Corporation of Australia Ltd151, the
solicitor of the registered proprietors of the subject land had applied, without their
authority, for a loan; when it was approved, the solicitor forged the signatures of
both husband and wife to a mortgage over their land to secure the loan. Similarly in
Gibbs v Messer152, the registered owner of property had executed a power of
attorney in favour of her husband and left the power of attorney and the duplicate
certificate of title with their solicitor for safekeeping. Their solicitor then forged the
signature of the husband on an instrument that transferred the land to a fictitious
person; the transfer was registered. The solicitor then purported to act for this
fictitious person and arranged a loan on security of the land. He executed the
necessary mortgage by signing it as the fictitious person and attesting to the
signature as himself. The mortgage was registered and the solicitor absconded with
the moneys.
These two cases illustrate the following:
• the fraud occurred because the fraudulent person was able to forge the
signature of the victim on the mortgage instrument or as in Gibbs v Messer,
on both the transfer and mortgage instruments;
• since the fraudulent person was a solicitor, he was able to attest as a
witness;
• the fraud in these cases also involved mortgages; the fraudulent person
required finance and used the property as security for the loan. However, as
illustrated in Gibbs v Messer, the fraud can also involve a combination of a
transfer and mortgage where the fraudulent person first transfers the
property to a third party (who may be fictitious) and then, purporting to act for
that third party, mortgages the property as security for a loan;
• the solicitor in both cases was also someone known to the victim of the fraud
and in both cases had acted alone in the perpetration of the fraud.
3.4.1.1.1 Conclusions drawn
The following conclusions may be drawn from the above analysis:
151 Registrar of Titles of the State of Western Australia v Franzon & Others (1975) 132 CLR 611. 152 Gibbs v Messer [1891] AC 248.
65
First, it appears that the method of perpetrating this type of fraud is linked to the
conveyancing requirement that instruments, such as mortgages, that create or
transfer an interest in a lot must be executed by the person creating or transferring
the interest. For individuals, since the most common method of execution is for the
individual’s signature appearing on the instrument, one way of perpetrating fraud is
to target the individual’s signature by forging it.
Secondly, in this type of fraud, the fraudulent person is able to perpetrate it because
he or she has obtained the necessary documentation, particularly the relevant land
title instrument, from the victim of the fraud in order to procure its execution. So this
type of fraud can only occur in situations where the fraudulent person has the
relevant unexecuted land title instrument in his or her possession, since it is only in
these situations that the fraudulent person could forge the victim’s signature.
Thirdly, the fraud usually involves persons known to the victim of the fraud, such as
family members and solicitors. This class of perpetrators can perpetrate the fraud
because their relationship with the victim gives them the opportunity to perpetrate
the fraud, in that:
• the relationship between the fraudulent person and the victim may
encourage the belief that the fraudulent person is acting or speaking on
behalf of the victim;
• the relationship may also encourage a certain amount of trust in the
fraudulent person;
• correspondence and relevant documentation, particularly the land title
instrument, may be given by the victim to the fraudulent person for the
purposes of procuring execution;
• if the fraudulent person is a solicitor, he or she can witness the forged
signature. Hence solicitors do not have to undertake the additional step of
having to circumvent witnessing requirements. In this regard it is postulated
that out of all the classes of perpetrators known to the victim, including family
members, the victim’s solicitors are best placed to perpetrate the fraud. This
notion that solicitors have a greater opportunity than others to perpetrate
fraud will be discussed further below.
Whilst it may be possible for the fraud to be perpetrated by persons unknown to the
victim, it would seem to be more difficult for this category of perpetrators to
perpetrate fraud because of the lack of relationship with the victim. The fraudster
66
would have to convince the other party that he/she is acting on behalf of the victim,
who needs the land title documents to procure execution.
The case examples also show that it is just as common for a fraudulent person to
act alone or in collusion with others.
The fourth conclusion that may be drawn is that despite attestation requirements
which are said to act as a safeguard against fraud, the fraudster is able to
circumvent this by either forging the signature of the witness (which could be of a
genuine or a fictitious person) or where the witness attests to the signature even
though it was not signed in his/her presence. Here, non-compliance with witnessing
requirements is facilitative for this type of fraud.
Fifthly, certain factors facilitate the perpetration of this type of fraud, such as the
normal conveyancing practice that a party, who receives land title instruments that,
on the face of it, appear to be executed and witnessed, is entitled to assume that the
signatures were signed in the presence of the witness, without having to contacting
attesting witnesses to verify their authenticity. This facilitates fraud when the
witness’ signature has been forged, or where the witness has not complied with
witnessing requirements. Short of contacting the purported witness or the
signatories to the land title instrument, it would be difficult to detect this type of fraud.
Fraud is also facilitated where, as in Young v Hoger, no contact is made with the
victim, although the victim is a party to the transaction. While, as pointed out by the
Court of Appeal in Young v Hoger, there may be some circumstances where it may
be considered reasonable to deal with certain parties only, rather than all parties to
the transaction, the problem with this is that it facilitates fraud because it provides
the opportunity to perpetrate fraud and to conceal this from the victim. As seen in
Young v Hoger, had the mortgagee’s solicitor contacted the father, the fraud might
have been discovered.
The final conclusion that may be drawn is that mortgages and transfers are the
transactions normally targeted by fraudulent persons. This is because the usual
purpose of the fraud is to obtain finance, with the property used to secure a loan. In
the case of transfers, the fraudulent person may abscond with the proceeds of the
sale.
3.4.1.2 Corporation as victim of fraud
The following case examples illustrate this type of fraud.
67
In Northside Developments Pty Ltd v Registrar General and Others153, Northside
was the registered proprietor of the subject land. The fraudulent person, a director of
Northside, caused an instrument of mortgage to be executed under the common
seal of Northside for the purposes of securing a loan. The other directors of
Northside had not authorised, by resolution at a meeting, the affixing of the seal to
the instrument of mortgage, nor had the directors other than the fraudulent person
approved or assented to the execution of the mortgage. The affixing of the seal was
attested to by the fraudulent person and by his son, who purported to sign as
“Company Secretary”. The appointment of the son as secretary of Northside was
improper, as it did not comply with Northside’s articles of association. Hence the
affixing of Northside’s common seal had not been witnessed in the way required by
the articles of association.
This case illustrates the following:
• the fraud occurred because the fraudulent person was able to affix the
company seal upon the mortgage instrument and the affixing of the seal was
witnessed by the fraudulent person and his son acting as the secretary. The
mortgage is a forgery, although the seal was the actual seal of the company
and the signatures were genuine, because it was sealed in fraud of the
company;154
• the fraud involved a mortgage because the fraudulent person needed
finance and used the property as security for a loan;
• the fraudulent person acted in collusion with his son;
• the fraud was perpetrated by someone known to the victim of the fraud – the
fraudulent person was a director of Northside. This relationship between the
fraudulent person and the victim facilitated the fraud, since:
o the other two directors of Northside permitted the fraudulent person
to run the company, and the day-to-day activities necessary for the
book work were left to him and his accountants; regular meetings
were not held;155
153 Northside Developments Pty Ltd v Registrar General and Others (1990) 170 CLR 146. 154 Dawson J in Northside Developments Pty Ltd v Registrar General and Others (1990) 170 CLR
146, 194 discussed two types of forgeries. One is where the seal or signature itself is a counterfeit. The other is where a document which is false and is sealed or signed in fraud of a company will be a forgery notwithstanding that the seal is the actual seal of the company or the signature is the actual signature of the person signing.
155 Northside Development Pty Ltd v Registrar General (1987) 11 ACLR 513, 519 (finding of Young J in the Supreme Court of NSW).
68
o as a director of Northside, the fraudulent person also had access to
the company seal and to the certificate of title to the subject land,
which was obtained from the company’s former solicitors;
• the fraud was also facilitated by the fact that, when the person acting as
secretary for Northside tendered his resignation, the son, at his father’s
request, signed a letter consenting to act as secretary of the company. A
statutory return of the change was signed and filed with the Corporate Affairs
Commission, making it difficult to detect that the appointment of the
fraudulent person’ son as secretary was invalid, because if a search had
been made at the Corporate Affairs Commission, it would have disclosed the
son as Northside’s secretary.
Similar facts occurred in Pyramid Building Society (in liq) v Scorpion Hotels Pty
Ltd,156 where the fraudulent person, a director of Scorpion, caused the company
seal to be affixed to an instrument of mortgage for the purposes of securing a loan.
The affixing of the seal was witnessed by the fraudulent person and his wife, as
directors of Scorpion. However, the wife had been improperly appointed as director
and the execution of the mortgage had not been authorised by Scorpion.157 This
case illustrates the following:
• the fraud occurred because the fraudulent person was able to affix the
company seal upon the mortgage instrument without the knowledge of the
other directors of Scorpion and the affixing of the seal was witnessed by the
fraudulent person and his wife purportedly acting as directors of Scorpion;
• the fraud involved a mortgage because the fraudulent person wanted to
secure a loan;
• in perpetrating the fraud, the fraudulent person had acted in collusion with
his wife;
• the fraud was perpetrated by someone known to the victim of the fraud – he
was a director of Scorpion. This relationship between him and the company
facilitated the fraud. In particular, as a director of the company, the mortgage 156 Pyramid Building Society (in liq) v Scorpion Hotels Pty Ltd [1998] 1 VR 188. 157 The fraudulent person and his wife had purported to conduct a meeting of directors of Scorpion at
their home and the purported minutes of the meeting recorded that the fraudulent person and his wife as being present and the fraudulent person elected chairman at the meeting. They also reported that a written consent to act having been received and tabled, it had been resolved that the wife be appointed as director of the company. The minutes of the meeting were signed by the fraudulent person. This purported meeting to appoint the wife as director was not a proper meeting of Scorpion as none of the other directors or unit holders were notified of the meeting and it was not held at the usual places for meetings. Further, the articles of Scorpion required a meeting to be held in the presence of two directors. At the time of this meeting, only one director, the fraudulent person, was present: Pyramid Building Society (in liq) v Scorpion Hotels Pty Ltd (1996) 20 ACSR 214, 220.
69
documents were given to the fraudulent persons’ solicitor for execution. This
provided him with the opportunity to fraudulently affix the company seal and
to conceal this from the other directors;
• the fraud was also facilitated because the solicitors acting for the
mortgagees, having obtained a company search of Scorpion in the morning
on settlement day, had failed to check the part which listed the directors of
Scorpion against the names who attested to the affixing of the common seal.
The company search showed that the wife was not a director of Scorpion.
Thus, unlike Northside, had the solicitor checked the searches, this anomaly
would have been detected. However the solicitor gave evidence that it was
not the procedure in his firm to check the search as to the names or identity
of the directors.158 The search had been done as part of the firm’s normal
practice, to see whether any charges or encumbrances had been registered
against Scorpion that could affect the value of Pyramid’s security.
Both these cases illustrate fraud perpetrated by a director of the company. The case
of Macquarie Bank Ltd v Sixty-Fourth Throne Pty Ltd159 illustrates fraud perpetrated
by a former director of the company in collusion with his wife. At the time of the
fraud, the wife’s parents were the directors of the company. The fraudulent person
caused the company seal to be affixed to an instrument of mortgage over property
owned by the company, attested by him and his wife. He had falsified a minute
purporting to record a meeting when he and his wife, as directors, approved the
affixing of the seal. Evidence at the trial suggested that the seal that was used was
not the current seal but a superseded one that the fraudulent person had probably
retained after ceasing to be a director of the company.
This case illustrates the following:
• the fraud occurred because the fraudulent person was able to affix the
company seal, albeit an superseded one, upon the mortgage instrument
without the authority of the company and the affixing of the seal was
witnessed by him and his wife, both purportedly acting as directors of the
company;
• the fraud involved a mortgage because the fraudulent person wanted to
secure a loan;
158 Pyramid Building Society (in liq) v Scorpion Hotels Pty Ltd (1996) 20 ACSR 214, 222. 159 Macquarie Bank Ltd v Sixty-Fourth Throne Pty Ltd [1998] 3 VR 133.
70
• in perpetrating the fraud, the fraudulent person acted in collusion with his
wife;
• the fraud was perpetrated by someone known to the company. As a former
director of the company, the fraudulent person had access to the company
seal – albeit a superseded one;
• the perpetration of the fraud was also facilitated by certain factors, including:
o neither the mortgagee nor the mortgagee’s solicitors addressed any
communication at any time to the corporate address of Sixty-Fourth
Throne;
o further, all the mortgage documents were given to the fraudulent
person to arrange for their execution. This provided him with the
opportunity to affix the company seal on the mortgage instrument;
• like the Scorpion case, a company search conducted by the mortgagee’s
solicitors showed the wife’s parents as current directors, not the fraudulent
person and his wife. Had these solicitors compared the signatures of the
fraudulent person and his wife against the company search, the fraud might
have been uncovered; however they did not do so, and hence did not realise
that the fraudulent person and his wife had no authority to affix the company
seal. The mortgagee’s solicitor in his evidence said he did not read the
search upon receiving it;
• the terms of the loan required a condition precedent that providers of security
seek independent legal advice confirmed in writing (by a certificate of
independent legal advice) and that the mortgagee must have evidence that
this condition has been satisfied. However this condition was waived by the
mortgagee, because the fraudulent person had informed the mortgagee’s
solicitors that a firm of solicitors would act for Sixty Fourth Throne Street Pty
Ltd, whereas in fact it was never authorised to do so. Neither the mortgagee
nor its solicitor ever sought confirmation from the genuine Directors of Sixty
Fourth that the firm of solicitors were to act as Sixty Fourth Throne’s
solicitors. They simply believed the fraudulent person’s statement that the
firm of solicitors was so authorised.
Finally, the case of Schultz v Corwill Properties Pty Ltd160 illustrates fraud by the
secretary of a company. In that case, Corwill Properties Pty Ltd were the registered
proprietors of land. The firm had two other directors, one of which was the
perpetrator’s mother. The secretary, without authority from Corwill Properties, 160 Schultz v Corwill Properties Pty Ltd (1969) 90 WN (Pt 1) (NSW) 529.
71
affixed the seal to the memorandum of mortgage over the land, forging his mother’s
signature, as director of Corwill Properties, on the memorandum of mortgage,
purporting to authenticate the affixing of the seal, himself signing as secretary.
This case illustrates the following:
• the fraud occurred because the fraudulent person was able to affix the
company seal upon the mortgage instrument and to forge his mother’s
signature on the mortgage so that it appeared that the affixing of the seal
was witnessed by the mother, as director, and himself, acting as secretary;
• in perpetrating the fraud, the fraudulent person acted alone, but had to forge
his mother’s signature so that it appeared that the fixing of the seal was
witnessed;
• the fraud was perpetrated by someone known to the victim of the fraud – the
secretary of Corwill. This relationship facilitated the fraud because, as
secretary, he was able to affix the seal as well as acting as witness to this
act. Further, the other two directors had placed complete trust in his
competence and integrity in connection with the company’s affairs. The
common seal was left in his custody, as well as the certificate of title relating
to the land.
3.4.1.2.1 Conclusions drawn
The following conclusions may be drawn from the above analysis:
First, the method of perpetrating the fraud arises from the requirement that
instruments creating or transferring an interest must be executed by the person
creating or transferring the interest; the most common manner in which companies
execute land title instruments being to affix the company seal to the instrument, with
the affixing of the seal witnessed by two directors, or a director and the secretary.
Hence fraud is perpetrated by forging the company’s execution upon the instrument;
by fraudulently affixing the seal to the instrument, and purporting that the affixing
was witnessed by two directors, or by a director and a secretary.
Whilst the above cases do not illustrate this, it is also possible for fraud to be
perpetrated by simply forging the signatures of the directors and/or company
secretary, because, as has been noted above, under s127 of the Corporations Act
2001 (Cth), documents may be executed by a company without using the company
seal. As the manner of perpetration is similar to forgery of an individual’s signature,
the earlier discussion on forgery of an individual’s signature would apply.
72
Secondly, in this type of fraud, the fraudulent person is able to perpetrate the fraud
because he or she is given the documentation, particularly the relevant land title
instrument, needed to procure execution by the company. Hence this type of fraud
will only occur in situations where the fraudulent person has the relevant unexecuted
land title instrument in his or her possession, as it is only then that he or she would
have the opportunity to forge the company’s execution of the land title instrument.
Thirdly, the perpetrators of the fraud are usually the director or former director or
secretary of the company. Their position with the company facilitates the fraud
because:
• they will normally have access to the company’s common seal or a former
seal;
• they are able to attest to the affixing of the seal by virtue of their position as
director or secretary;
• their position with the company would mean that the relevant land title
instruments, such as the mortgage, would be given to them to procure
execution from the company, providing them with the opportunity to falsely
affix the company seal and to arrange for the affixing of the seal to be
witnessed;
• in some cases, the day-to-day running and management of the company
may be entrusted to them, giving them an opportunity both to perpetrate the
fraud and to conceal it from the other directors.
Fourthly, the fraud is often perpetrated in collusion with another person, such as the
secretary or another director. This is because of the requirement that the affixing of
the seal has to be witnessed by two directors, or a director and a secretary. As
illustrated in Pyramid Building Society (in liq) v Scorpion Hotels Pty Ltd, if this other
person is not already a secretary or director of the company, the fraudulent person
would usually arrange for the person to be appointed, either falsely or genuinely.
Thus, false minutes may also be produced, to authorise the affixing of the company
seal and/or the appointment of those colluding. Fraud can also be perpetrated by
the a person acting alone without colluding with another person, meaning that he or
she would then also have to forge the second signature attesting to the affixing of
the seal, as illustrated in Schultz v Corwill Properties Pty Ltd.
Whilst the case examples above do not illustrate fraud perpetrated by persons
unknown to the company and those who do not have a relationship with the
73
company, it may be possible for this to occur. However, these people would find it
more difficult to perpetrate the fraud than those who have a relationship with the
company, because:
• they may not have access to the company seal;
• they may also have to falsify company minutes to appoint themselves as
directors and to authorise the affixing of the seal;
• it might be difficult for them to obtain the necessary land title instruments,
such as the mortgage, needed to procure execution by the company.
Fifthly, other factors may facilitate the perpetration of this type of fraud, particularly
when no attempt has been made to obtain company searches or, even if one was
obtained, to compare the names listed on the company search with those of the
persons who attested to the affixing of the company seal. As illustrated in the case
examples for both Pyramid and Sixty Fourth Throne, had the mortgagee’s solicitors
done this, the fraud might have been discovered. However, there is no compulsion
to do this, since section 129(6) of the Corporations Act 2001 (Cth) allows a person
to assume that a document has been duly executed by the company if the
company’s common seal appears to have been fixed to the document in accordance
with s127(2) and the fixing of the common seal appears to have been witnessed in
accordance with s127(2); this also applies to the execution of a document without
use of the common seal.161 Thus it would not be unreasonable for a party, upon
receiving a mortgage instrument that appears, on the face of it, to have been duly
executed by the company, to assume that it was properly executed, without taking
further steps to verify that the persons affixing the seal or attesting to the affixing of
the seal did indeed have the authority to do so.162
Finally, the transactions normally targeted by fraudulent persons are mortgages and
transfers. This is because the purpose of the fraud is usually to obtain finance and
so the property is used to secure a loan. In the case of transfers, the fraudulent
person sometimes absconds with the proceeds of the sale.
161 Section 129(5) of the Corporations Act 2001 (Cth) allows a person to assume that a document has
been duly executed by the company if the document appears to have been signed in accordance with s127(1). Section 129(5) also allows a person to assume that anyone who signs the document and states next to their signature that they are the sole director and sole company secretary of the company occupies both offices. This assumption has been in operation since I July 1998 and is a consequence of the common seal being optional.
162 The assumptions in ss129(5) and s129(6) may be relied on despite fraud: s129(3). Issues pertaining to these sections in the Corporations Act are beyond the scope of this research.
74
3.4.1.3 Forged power of attorney
In most Australian jurisdictions, it is possible for an attorney to execute land title
instruments under a power of attorney on behalf of its donor. Generally speaking,
the requirement under Torrens legislation in all States and Territories in Australia is
that the power of attorney must be registered with the Land Titles Office before any
land title instrument executed under its authority may be accepted for registration.163
As shown in the statistics earlier, fraud can occur where the fraudulent person is
able to falsify a power of attorney and to use it, purportedly with the authority and
consent of its donor, to execute land title instruments so that they are registered.
This is illustrated in the case examples below.
In Igarashi v APC International Pty Ltd,164 the fraudulent person forged the signature
on a power of attorney of the victims, who were registered proprietors of
unencumbered land. The power of attorney, with a bill of mortgage over the land
executed by him as attorney for the registered proprietors, were delivered to a firm
of solicitors he had retained. Relying on these documents, the solicitors delivered
the power of attorney and mortgage instrument together with the certificate of title165
to the mortgagee’s solicitors who lodged the bill of mortgage with the Titles Office
where it was registered. It is unclear from a reading of the case whether the
fraudulent person acted alone or in collusion with others and what was the nature of
his relationship with the victim.
In Household Realty Corporation Limited v Liu,166 the fraudulent person was a
woman who developed a gambling addiction and fell into debt. To secure funds, she
forged her husband’s signature on a power of attorney, which she used to obtain a
line of credit from a bank, secured by a mortgage over the property. The woman
continued to use the forged power of attorney to secure further lines of credit from
different banks by mortgaging the property as she accumulated more debts. Neither
the husband nor the banks knew about the fraudulent power of attorney. In Yaktine
v Perpetual Trustees Victoria Ltd167, the fraudulent person was the son. He forged
the signatures of his parents to a power of attorney and then used it to raise a
163 See s132 Land Title Act 1994 (Qld), s94 Transfer of Land Act 1958 (Vic), s155 Real Property Act
1886 (SA), s143 Transfer of Land Act 1893 (WA), s139 Land Titles Act 1925 (ACT), and s148(4) Land Title Act 2000 (NT).
164 Igarashi v APC International Pty Ltd [1996] 1 Qd R 26. 165 The certificate of title was originally held by the victims’ solicitors. The fraudulent person had
forged the victims’ signatures authorising the solicitors to deliver the certificate of title to the firm of solicitors been retained by the fraudulent person. Based on this authority, the certificate of title was delivered to this firm of solicitors.
166 Household Realty Corporation Limited v Liu (2005) Court of Appeal for Ontario C41837 and C41838.
167 Yaktine v Perpetual Trustees Victoria Ltd [2004] NSWSC 1078.
75
mortgage and obtain a loan. In this case, the relevant documentation, including a
draft mortgage, was ostensibly sent to the parents, whereupon the son obtained
possession of the documents and took them to a solicitor who witnessed the son’s
signature on the mortgage, signing as attorney for the parents.
Fraud may also be perpetrated by the victim’s solicitor. In Damdounis v Hatzis168 the
solicitor forged the registered proprietors’ signatures upon a document purporting to
give him power of attorney, and then used the forged power of attorney to execute a
contract of sale of the land to a third party.
These cases may be used to illustrate the following:
• the fraud occurred because the fraudulent person was able to successfully
falsify a power of attorney by forging the victim’s signature, purportedly
giving him or her power of attorney;
• the fraud in Igarashi, Liu and Yaktine involved a mortgage because the
fraudulent person intended to use the property as security for a loan. In
Damdounis, the fraud involved a transfer. It is reasonable to speculate that
by executing the contract of sale and transferring the property to a third
party, the solicitor in Damdounis was able to abscond with the proceeds of
the sale;
• whilst unclear in Igarashi’s case, the fraudulent person in Liu, Yaktine and
Damdounis knew the victim – in Liu, the fraudulent person was the wife, in
Yaktine, it was the son and in Damdounis, the victim’s solicitor; and
• whilst it is unclear in Igarashi’s case, it appears that in the other cases, the
fraudulent person acted alone in perpetrating the fraud.
3.4.1.3.1 Conclusions drawn
The following conclusions may be drawn from the above analysis:
First, the method of perpetrating the fraud depends on the conveyancing
requirement that instruments creating or transferring an interest must be executed
by the party creating or transferring the interest, and that someone under a power of
attorney may execute the instrument on behalf of its donor. Thus fraud may be
perpetrated in circumstances where the fraudulent person is able to successfully
falsify a power of attorney by forging the donor’s signature on the power of attorney
and purporting to act as attorney under it.
168 Damdounis v Recorder of Titles for the State of Tasmania; Damdounis v Hatzis (2002) 11 Tas R
185.
76
Whilst the above case examples do not illustrate this, since the donor’s signature on
the power of attorney must be witnessed, the fraudulent person, in falsifying the
power of attorney, would need to circumvent these witnessing requirements. This
may be by:
• forging the signature of the witness; or
• the witness attesting to the signature even though it was not signed in the his
or her presence.
Secondly, as illustrated in the case examples, a perpetrator of this type of fraud may
be someone known to the victim of the fraud. However, while the case examples
have not illustrated fraud perpetrated by those unknown to the victim of the fraud, it
is possible for this to occur, so long as the fraudulent person is able to successfully
falsify the power of attorney. However, it could be said that it is more likely that
perpetrators of this type of fraud would be those known to the victim, since forgery of
the victim’s signature is required so the fraudster must be familiar with it; this is
easier when he or she knows the victim.
As illustrated in the case examples, fraud can be perpetrated by one person acting
alone. However, it is also possible that this type of fraud can be worked in collusion
with others.
Thirdly, as with fraud by forgery of signatures or forgery using a company seal, the
transactions normally targeted by fraudulent persons are mortgages and transfers.
This is because the purpose of the fraud is usually to obtain finance and the
property is used as security for a loan. In the case of transfers, the fraudulent person
may abscond with the proceeds of the sale;
Finally, it can be argued that these frauds might have been prevented by some form
of check on the authenticity of the power of attorney, before acting upon it.
Examples include:
• contacting the grantor of the power of attorney; however this is not common
practice, particularly if the power of attorney appears, on the face of it, to be
duly executed and witnessed and registered with the relevant Land Titles
Office. As argued in Yaktine v Perpetual Trustees Victoria Ltd ‘the whole
point of a power of attorney is that people deal with the donee and do not
77
consult the donor. People must expect to be able to treat donees of powers
of attorney as prima facie having authority to do what they have to do’.169
• contacting the person who purportedly witnessed the power of attorney.
Again, however, this is not common practice. The Queensland Court of
Appeal in Young v Hoger observed that it is not common practice among
solicitors to verify the authenticity of the signature of a party to a document
by speaking to the Justice of the Peace or other person who appears to have
witnessed that signature, because it may be assumed that witnesses would
comply with witnessing requirements; this point would be equally applicable
to powers of attorney. Having said that, there may be circumstances
whereby it may be prudent to verify the authenticity of the power of attorney.
An example may be where ‘one can see that the donor of the power of
attorney is to receive no benefit at all from a transaction and yet the donee is
to receive a considerable benefit. One can rationalise that this is because it
is a family dealing, but a prudent solicitor when he or she sees a red light,
makes enquiries.’170
3.4.2 Alteration of document after execution
The current conveyancing practice is that anyone may prepare and lodge land title
forms for registration, so that anyone with access to these forms has the opportunity
to perpetrate fraud by altering a land title document that has been executed by the
victim. The following two cases illustrate this type of fraud.
In National Australia Bank Ltd v Maher,171 the victim of the fraud was the sole
registered proprietor of three properties, one in Clayton and two in Buchan. All three
properties were mortgaged to a bank by a single instrument. At the time the victim
signed the mortgage, the title details to the Clayton property were on the document,
but not the details of the Buchan properties. The particulars of the Buchan lots were
added to the mortgage instrument by the bank manager after it was signed and
without the knowledge of the registered proprietor or his wife.172 Whilst it is unclear
from a reading of the case why the fraud was perpetrated, or whether the fraudulent
person knew the victim, this case does illustrate the following:
169 Yaktine v Perpetual Trustees Victoria Ltd [2004] NSWSC 1078, [65]. In this case, it was alleged
that the son had forged the signatures of his parents to a power of attorney and then used that forged power of attorney to raise a mortgage and obtain a loan which the son misappropriated.
170 Yaktine v Perpetual Trustees Victoria Ltd [2004] NSWSC 1078, [65]. 171 National Australia Bank Ltd v Maher & Anor [1995] 1 VR 318 appealed on grounds of assessment
of damages: National Australia Bank Ltd v Maher (No 2) [1999] 3 VR 589. 172 National Australia Bank Ltd v Maher & Anor [1995] 1 VR 318, 320.
78
• the fraud occurred because the perpetrator was able to fraudulently insert
additional information into the mortgage instrument. In this case, he, as a
bank officer, had access to the executed mortgage instrument, hence had
the opportunity to perpetrate the fraud;
• the current practice of officers employed by the Land Titles Office to visually
examine instruments lodged for registration before accepting the instrument
for registration may be said to act as a safeguard against this type of fraud
as any alteration of an instrument may leave some form of physical mark
which could then be noticed by the officer. However in this case, fraudulent
information had been inserted into the executed instrument, rather than
existing information being altered. In contrast to an alteration, the insertion of
information would probably not leave any physical marks on the instrument,
so that the officers not have noticed the insertion;
• it appears that the fraudulent person acted alone;
• the transaction targeted in this case was a mortgage (although, as noted
above, the motive was unclear).
In Robinson v Registrar General173 it was agreed that the registered owners of the
subject land would sell it to repay a loan to the Robinsons. It was also agreed that
the legal work to effect the sale would be done by a law clerk acting for both parties.
The title deeds were handed over to the Robinsons by the registered proprietors and
taken to the law clerk to enable him to effect the sale. The registered proprietors
signed a blank form of contract and a memorandum of transfer on the basis that the
instrument would be used to transfer the land to the Robinsons. The Robinsons then
signed the same contract of sale and a blank memorandum of transfer that the law
clerk said he would have the details typed onto later. The law clerk then substituted
his own name on the memorandum of transfer, obtained registration in his favour
and later fraudulently executed a mortgage over the property. This case illustrates
the following:
• the fraud occurred because additional information could be inserted into the
mortgage instrument. In this case, the fraudulent person, being a law clerk,
had access to executed land title instruments, and so was able to make use
of his part in the conveyancing process, and of the fact that both parties to
the transaction trusted that he would perform his duties in effecting the
transfer. Given the position occupied by him in the conveyancing process, it
was not unreasonable for the parties to leave the executed instrument with 173 Robinson v Registrar-General (1982) BPR 9634.
79
him. This provided him with access to an executed instrument and hence the
opportunity to perpetrate the fraud;
• as with National Australia Bank v Maher, the perpetrator in this case had
inserted fraudulent information into the executed instrument so that the
officers inspecting the lodged instrument may not have noticed the insertion
as there would probably not have been any physical mark left by it;
• it appears that the fraudulent person acted alone;
• the transaction targeted was a transfer and mortgage. The transfer was used
to transfer the property into the fraudulent person’s name and as registered
proprietor, he was then able to mortgage the property, presumably to secure
a loan.
3.4.2.1 Conclusions drawn
The following conclusions may be drawn from the above analysis.
First, the manner of perpetrating the fraud is linked to the conveyancing practice that
permits anyone to prepare and lodge land title forms for registration. Thus this type
of fraud is possible where the fraudulent person has access to land title forms that
have been prepared and executed and where the alteration remains undetected.
Secondly, unlike cases involving forgery of signatures, where the most common
perpetrators are known to the victim, and where this relationship is a facilitating
factor, in these types of fraud, it appears that the critical factor is whether the
perpetrator has access to executed land title instruments or is able to gain it. It is
this ability to gain access that provides the opportunity, rather than the relationship
with the victim. Thus examples of persons who may have this opportunity would
include bank officers, solicitors, law clerks and Land Registry employees, because
these people have access to these documents, due to their role in the conveyancing
process. In these cases, the fraudulent person can either act alone or in collusion
with others.
Thirdly, the current practice of Land Titles Office employees, in visually examining
instruments lodged for registration before accepting them for registration, acts as a
safeguard against this type of fraud, since any alteration of an instrument would
leave some physical mark that could then be noticed during this inspection. The
examining officer may also notice any discrepancies on the instrument that may
80
suggest fraud.174 It is arguable that lack of diligence during this examination process
may act to facilitate this fraud. However, as observed earlier, it would be more
difficult to notice an alteration where information was inserted than where existing
information was altered. So it may be easier to perpetrate fraud by inserting
information into an already executed instrument than by altering existing information,
because the insertion is less likely to leave a physical mark that may be noticed
during inspection.
Finally, the transactions targeted by fraudulent persons are likely to be mortgages
and transfers, because the purpose of the fraud is usually to obtain finance and the
property is used to secure a loan. In the case of transfers, the fraudulent person
may abscond with the proceeds of the sale.
3.4.3 Fraud by misleading or fraudulently inducing the victim into signing
relevant documentation
As noted before, under current conveyancing practice, anyone may prepare and
lodge land title forms for registration, so anyone who is able to mislead or induce the
victim into executing relevant land title instruments and who can then lodge them for
registration may perpetrate fraud. Several case examples illustrate this.
In Arcadi v Whittem175, the victim was the registered proprietor of an unencumbered
property. The fraudulent person, a trusted friend of the victim, wanted to obtain a
loan using the victim’s house as security; he suggested that the victim set up a
family trust and engage a solicitor for this purpose and that the certificate of title was
required for this. The fraudulent person and the victim then went to the bank where
the certificate of title was kept in order to obtain it. At the bank, the fraudulent person
asked the victim to sign two blank sheets of paper, which he said he would take with
the certificate of title to the solicitor, so that the property could be transferred to the
family trust; the victim believed him and signed the blank sheets. The fraudulent
person then left with the certificate of title and the signed blank sheets. It later turned
out that the two blank sheets were actually page 7 of a memorandum of mortgage
174 See Sharon Christensen, 'Electronic Land Dealings in Canada, New Zealand and the United
Kingdom: Lessons for Australia' (2004) 11(4) Murdoch University Electronic Journal of Law , [80]. 175 Arcadi v Whittem (1992 ) 59 SASR 515. See also Daniell v Paradiso (1991) 55 SASR 359 and
Public Trustee v Paradiso & Anor (1995) 64 SASR 387.
81
that were then used to fabricate a false mortgage document.176 The fraudulent
person had also forged the signature of the witness to the victim’s signatures on the
mortgage document. The trial judge found that the forged signature was that of a
fictitious person.177
This case illustrates the following:
• the fraud occurred because the fraudulent person was able to mislead the
victim into signing several blank sheets that he used to fabricate a mortgage
instrument;
• the fraudulent person was able to circumvent witnessing requirements by
forging the signature of the witness, a fictitious person;
• the fraud involved a mortgage as the fraudulent person required finance and
used the property to secure a loan;
• the fraudulent person acted alone;
• the fraud was perpetrated by someone known to the victim of the fraud. The
relationship between the fraudulent person and the victim and the trust
placed upon the fraudulent person by the victim facilitated the fraud. In fact, it
could be said that this relationship of trust was the critical factor in facilitating
the fraud. The victim here could only speak passable English, and signed
the blank pages because the fraudulent person explained that it was
necessary transferring the property to the family trust. The victim could not
read the printed text.178 The victim had also entrusted the fraudulent person
with the certificate of title, which was required to perpetrate the fraud; he
would not have done so had he not trusted him.
The trust reposed upon a fraudulent person by the victim as a facilitative factor in
the perpetration of a fraud is also evidenced in Registrar of Titles v Fairless.179 In
that case, the victim of the fraud was the registered proprietor of two properties. His
neighbour, the fraudulent person, was able to persuade the victim to transfer his
properties to the fraudulent person and his wife. The fraudulent person then
mortgaged the properties to a bank. The victim remained ignorant of the fact that he 176 The fraudulent person had taken the ‘common form mortgage documents consisting of double
pages numbered from 1 to 7 and sliced portion of each of them down the spine, so as to convert that portion into single, individual pages which could be stapled together with certain inner pages which had not been so severed. It was by that means that he was able to separate out page 7 of each of them and, at a later date, staple them to the other six pages so as to recreate a single document’: Arcadi v Whittem (1992 ) 59 SASR 515, 518.
177 Arcadi v Whittem; Whittem v Arcadi, Nield and Mortimer (Unreported, Supreme Court of South Australia, 12 April 1991), [5]; Arcadi v Whittem (1992 ) 59 SASR 515, 518.
178 Arcadi v Whittem (1992 ) 59 SASR 515, 518. 179 Registrar of Titles v Fairless [1997] 1 VR 404.
82
had signed documents disposing of both properties to the fraudulent person and his
wife, or that both properties were now mortgaged to the bank. The victim did not
receive any part of the proceedings from the sales. This case illustrates the
following:
• the fraud occurred because the fraudulent person was given the transfer
instrument and was able to induce the victim into signing the it without the
victim understanding its nature;
• as with Arcadi v Whittem, the fraud was perpetrated by someone known to
the victim of the fraud. Similarly to Arcadi v Whittem, it could be said that the
trust reposed on the fraudulent person by the victim was the critical factor in
facilitating the fraud. The trial judge in this case found that the fraudulent
person impressed the victim as a Christian person; and that the victim
regarded him as a respectable person who seemed to know everything. The
victim did not know in detail what he did, but he appeared successful.180 Due
to his trust of the fraudulent person, the victim signed the documents
presented to him without knowing or questioning what they were;181
• the fraud in this case involved a transfer and a mortgage. The transfer was to
enable the fraudulent person and his wife to be registered as proprietors,
enabling them to mortgage the property to secure a loan;
• the fraudulent person acted alone in the perpetration of the fraud;
• other factors facilitating the fraud include:
o neither of the solicitors engaged by the fraudulent person to prepare
the contracts of sale and transfer instruments contacted the victim to
verify instructions. The solicitor engaged by the fraudulent person for
the sale of one of the properties did write a letter addressed to the
victim concerning the property but it did not refer to the sale of the
property to the fraudulent person and his wife. The trial judge found
(and this was accepted on appeal) that this omission was deliberate,
based upon the fraudulent person’s instructions.182 For the other
property, the solicitor was instructed by the fraudulent person to act
for both purchaser and vendor. A letter was prepared by the solicitor
180 Fairless v Official Trustee in Bankruptcy; Australia & New Zealand Banking Group v Doran
(Unreported, Supreme Court of Victoria, 20 June 1994), [1]; Registrar of Titles v Fairless [1997] 1 VR 404, 407.
181 Fairless v Official Trustee in Bankruptcy; Australia & New Zealand Banking Group v Doran (Unreported, Supreme Court of Victoria, 20 June 1994), [12] & [32]; Registrar of Titles v Fairless [1997] 1 VR 404, 411 & 419.
182 Fairless v Official Trustee in Bankruptcy; Australia & New Zealand Banking Group v Doran (Unreported, Supreme Court of Victoria, 20 June 1994), [12]-[16]; Registrar of Titles v Fairless [1997] 1 VR 404, 412 (Philips JA).
83
confirming that the instructions were by the fraudulent person and the
letter was addressed to the victim. However, although directed to the
victim, the letter was addressed to the victim at the fraudulent
person’s address so that the victim never received it. Hansen J
accepted the victim’s evidence that he had not received any
instructions from the firm nor had any communication with them.183
Had either of the solicitors contacted the victim to explain the
transfer, the fraud may have been discovered.
o both solicitors gave the fraudulent person the necessary documents
for procuring execution from the victim.
Finally in Registrar-General v Behn184, the fraudulent person was a person known
and trusted by the victim and in whom the victim had trust and confidence, because
of previous satisfactory transactions. The fraudulent person and a number of
companies with which he was associated, including Cornic Loans and Credit Pty
Ltd, were in financial difficulties. The fraudulent person proposed to the victim that
she sell land she owned as registered proprietor to Cornic. She was induced to
deliver her duplicate certificate of title to the fraudulent person on the pretext that it
was required to prepare the contract of sale. He also managed to have her execute
the contract of sale and a memorandum of transfer, which was witnessed by his
employee. Using this memorandum of transfer, the fraudulent person obtained
registration of Cornic as proprietor of the land. He then used the land as security for
a loan to Cornic from a bank. These transactions took place before the victim was
paid the balance of the purchase money. This case illustrates the following:
• the fraud occurred because the fraudulent person was able to induce the
victim into signing the memorandum of transfer;
• as with Arcadi v Whittem and Registrar of Titles v Fairless, the fraud was
perpetrated by someone known to the victim of the fraud. It was because of
the trust held by the victim in the fraudulent person that the victim allowed
the fraudulent person to retain the certificate of title and signed the
memorandum of transfer. As in Arcadi v Whittem, it was this relationship of
trust that was the critical factor in facilitating the fraud;
• it appears that the fraudulent person acted alone;
183 Fairless v Official Trustee in Bankruptcy; Australia & New Zealand Banking Group v Doran
(Unreported, Supreme Court of Victoria, 20 June 1994), [18]-[21]; Registrar of Titles v Fairless [1997] 1 VR 404, 413 (Philips JA).
184 Registrar-General v Behn (1981) 35 ALR 633.
84
• the fraud in this case involved a transfer and a mortgage. The transfer was to
enable the fraudulent person to transfer the property to Cornic and then as
registered proprietor, via his association with Cornic, he was then able to
mortgage the property to secure a loan to assist Cornic in its financial
difficulties. Holland J found that the fraudulent person’s intention was to trick
the victim into putting Cornic into a position where, without paying the
contract price, Cornic could become the registered proprietor of her land185
and once registered as proprietor, he could then mortgage the land for the
benefit of his companies, including Cornic.
3.4.3.1 Conclusions drawn
The following conclusions may be drawn from the analysis above.
First, the manner of perpetrating the fraud is linked to the current conveyancing
practice that anyone may prepare and lodge land title forms for registration. Fraud
may be perpetrated in circumstances where:
• the fraudulent person himself/herself prepares the necessary land title
instruments and succeeds in misleading or inducing the victim to execute the
necessary instrument and lodges the instrument for registration; or
• the relevant instruments are prepared by another party (such as a solicitor
engaged by the fraudulent person, as in Registrar of Titles v Fairless) and
the fraudulent person is given the instruments for the purpose of procuring
execution by the victim, and these instruments are lodged for registration.
Thus what is important is that the fraudulent person has possession of the relevant
unexecuted instruments, as this provides him or her with the opportunity to mislead
or persuade the victim to execute the instrument.
Secondly, in these types of fraud, it is the relationship of trust between the victim
and the fraudulent person that is the critical factor in facilitating the fraud. In a similar
way to forgery, the fraud is usually perpetrated by someone known to the victim. In
perpetrating the fraud, whilst the case scenarios above are those of fraudulent
persons acting alone, it is possible for them to act in collusion with others.
Thirdly, whilst witnessing requirements are said to act as a safeguard against fraud,
the fraudulent person may circumvent them by forging the signature of the witness
or when the witness attests to the signatures even though there were not signed in
185 Behn v Registrar-General [1979] 2 NSWLR 496, 506.
85
his/her presence. This is illustrated in Arcadi v Whittem, The signature of the witness
may be of a genuine or fictitious person. Witnessing requirements may also be
circumvented if the witness does not comply with the requirements. Thus, as with
forgery of signatures, non-compliance with witnessing requirements will facilitate
fraud. In addition, the conveyancing practice that a party on receiving land title
instruments that appear on its face to be executed and witnessed is entitled to
assume that the signatures were signed in the presence of the witness will also
facilitate fraud. Fraud may also be facilitated where, for example, the solicitor
retained by the fraudulent person to effect the transaction deals solely with the
fraudulent person and does not make any genuine attempts to contact the victim of
the fraud to confirm instructions.
Finally, the transactions normally targeted by fraudulent persons are mortgages and
transfers. This is because the purpose of perpetrating the fraud is usually to obtain
finance, with the property used to secure a loan. In the case of transfers, the
fraudulent person may abscond with the proceeds of the sale.
From these conclusions it may be observed that this type of fraud is similar to
forgery of signatures. The manner of perpetration is different, since in forgery cases,
the signature is forged, whereas in this type of fraud the signature is genuine.
However, the circumstances in which the fraud may occur, the type of perpetrators
and the factors facilitating the fraud, are similar.
3.4.4 Fraud by impersonation of the victim or ident ity fraud
As in the cases discussed above, the paper certificate of title is generally used to
evidence a right to deal with the land, and so the practice is that the certificate of title
has to be produced, or the mortgagee holding the certificate of title has to consent to
the transaction, before dealings in land can be registered. The statistics presented
earlier show that fraud may be perpetrated in situations where the fraudulent person
is able to assume the identity of the victim and therefore assert a right to deal with
the land. As noted in Chapter 2, this may be termed identity fraud. Whilst a review of
the literature shows that there is no consistent definition of the terms identity fraud
and identity theft186, for the purposes of this study, the term ‘identity fraud’ is defined
as arising when ‘a person falsely representing himself or herself as either another
person or a fictitious person’ and the term ‘identity theft’ is defined as the ‘unlawful
186 See Australasian Centre for Policing Research and AUSTRAC, 'Standardisation of Definitions of
Identity Crime Terms: Discussion Paper' (Australasian Centre for Policing Research & AUSTRAC, 2004) and Australasian Centre for Policing Research, 'Standardisation of Definitions of Identity Crime Terms: A Step Towards Consistency' (Australasian Centre for Policing Research, 2006).
86
taking of another person’s details without their permission’ and using that identity to
commit a crime.187 Using this definition, the term identity fraud covers a wider range
of crimes than identity theft, which is restricted to stealing a real identity. I will use
the term ‘identity fraud’ to describe frauds where the fraudulent person impersonates
the victim and assumes a right to deal with the land.
The following case examples have been selected to illustrate this type of fraud.
In Grgic v ANZ Banking Group Ltd188, a father was the registered owner of the
subject property. When he refused to enter into a guarantee for his son’s new
business, the mother colluded with a third party to impersonate the father. The son,
his wife and the third party went to the bank, where the third party was introduced to
the bank manager by the son as his father. The third party was able to produce the
certificate of title and other documents relating to the land. A form of mortgage was
then prepared and signed by the third party as the father, and the signature was
witnessed by an officer of the bank.
This case illustrates the following:
• the fraud occurred because the third party had the certificate of title in his
possession, and the bank officer assumed that he was the registered
proprietor of the land and had a right to deal with the land. The bank
manager did not ask for further identification. It could be said that possession
of the certificate of title was instrumental to the perpetration of the fraud,
because it aided the bank officer’s belief that the third party was the father
and therefore the owner of the property. If the bank manager had asked the
third party to produce other identification to substantiate the claim, the fraud
may not have occurred;
• the fraud involved a mortgage, because the fraudulent person wanted to use
the property as guarantee for his new business;
• the fraudulent person acted in collusion with a third party to perpetrate the
fraud;
187 See Harry Pontell, 'Pleased to Meet You...Won't You Guess My Name?: Internet Fraud, Cyber-
Crime, and White-Collar Delinquency'' (2002) 23 Adelaide Law Review 305, 306; Gary R Gordon and Jr Norman A Willox, 'Identity Fraud: A Critical National and Global Threat' (2004) 2(1) Journal of Economic Crime Management 7; Holly K Towle, 'Identity Theft: Myths, Methods and New Law' (2004) 30 Rutgers Computer and Technology Law Journal 237 and Harry Pontell, 'Pleased to Meet You...Won't You Guess My Name?: Internet Fraud, Cyber-Crime, and White-Collar Delinquency'' (2002) 23 Adelaide Law Review 305, 306.
188 Grgic v ANZ Banking Group Ltd (1994) 33 NSWLR 202.
87
• the fraud was perpetrated by someone known to the victim of the fraud. The
relationship between the victim and the fraudulent person was a facilitative
factor in the perpetration of the fraud, since it was because of this
relationship that the fraudulent person was able to easily obtain the
certificate of title. The father had agreed to support an earlier loan application
that was made to the Commonwealth Bank of Australia. The father had
accompanied the son and his wife to the bank, taking with him the certificate
of title and other documents relating to the property. The certificate of title
and other documents, including the form of mortgage executed by the father
were left with the bank pending application of the loan. The loan was not
approved and the son and his wife then went to bank to collect the certificate
of title and the other documents that were left with the bank.
As in Grgic, in Ratcliffe v Watters189 the father of the fraudulent person was the
registered proprietor of certain land. His daughter wanted to use her father’s land as
security for a loan. She told the solicitor that the land would be passed to her by her
father. A meeting was arranged and the daughter introduced an impostor to the
solicitor as her father. The daughter also had in her possession the certificate of title.
At that meeting, a contract of sale and a memorandum of transfer were signed, with
the impostor signing as the father, their signatures being attested by the solicitor.
The daughter also signed a memorandum of mortgage and both the transfer and the
mortgage were lodged for registration. The moneys to be lent in the mortgage
transaction were advanced to the daughter. This case illustrates the following:
• as in Grgic, the solicitor regarded the possession of the certificate of title by
the impostor as evidence that the impostor had a right to deal with the land.
Possession of the certificate of title helped to substantiate the daughter’s
story to the solicitor;190
• the fraud involved a mortgage, because the fraudulent person wanted to use
the property as security for a loan;
• the fraudulent person acted in collusion with a third party to perpetrate the
fraud;
189 Ratcliffe v Watters (1969) 89 WN (Pt 1) (NSW) 497. 190 In that case, the daughter had also told the solicitor that she would meet all expenses involved in
the transfer. Thus the solicitor had no reason to contact the father. Further, the daughter had been recommended by a person known to the solicitor – the officer of the finance company, hence the solicitor had reason to believe her. In fact, Street J found that at the interview on 3rd May 1967, ‘the persons present deliberately set about creating an atmosphere which would set at rest any doubts the solicitor might otherwise have had concerning the identity of the individual who represented himself to be the registered proprietor’: Ratcliffe v Watters (1969) 89 WN (Pt 1) (NSW) 497, 502.
88
• the fraud was perpetrated by someone known to the victim of the fraud. The
daughter had in her possession the certificate of title because she had
forged an authority purporting to be signed by the father and used the false
authority to obtain the certificate of title to the subject land from the solicitors
who were holding the certificate of title on her father’s behalf. It could be said
that the fact that the fraudulent person was the daughter of the victim made
her story to the solicitor more credible.
These two cases illustrate how fraud can be perpetrated with the aid of a third party.
It is also possible without such aid; a claim made against the State of Queensland,
whilst it does not involve the paper certificate of title, illustrates this situation. In that
case, the victim of the fraud was the registered proprietor of the subject land and the
fraudulent person was the trusted friend of the registered proprietor, who
impersonated the victim using the victim’s 18+ card. The trusted friend also had
access to various other documents belonging to the victim, such as rates notices
and other household bills. The documents were genuine documents. This case may
be used to illustrate the following:
• this case did not involve the production of the certificate of title because in
Queensland, after 1994, certificates of title were no longer automatically
created and issued.191 In Queensland, other documents may be used to
evidence a right to deal with the land. In this case, an 18+ card, rates notices
and other household bills were used. It is likely that, had the certificate of title
been issued, the fraudulent person would have been able to use it to assume
a right to deal with the land. As it was not, other identity documents were
used instead;
• the fraudulent person acted alone in the perpetration of the fraud;
• as with to Grgic and Ratcliffe v Watters, the fraud was perpetrated by
someone known to the victim as a trusted friend, and it was this relationship
that enabled her to gain access to the identity documents instrumental in the
perpetration of the fraud;
• finally it could be said that the fraud also occurred because of inadequate
verification of identity by the lender. The trusted friend was able to use the
18+ card to impersonate the registered proprietor even though she was
female and the registered proprietor was male.
191 See s 42 Land Title Act 1994 (Qld).
89
The Grgic and Ratcliffe v Watters cases illustrate the situation where advantage
could be taken of a relationship with the victim to obtain the certificate of title.
Challenger Managed Investments Ltd and Anor v Direct Money Corporation Pty Ltd
and Others192 illustrates the situation where the victim did not know the fraudulent
person and where the fraud was perpetrated by obtaining a new certificate of title,
rather than using a pre-existing one. In Challenger, the fraudulent person made an
application to the New South Wales Land Titles Office for a new certificate of title for
lands owned by the victims of the fraud. The application was supported by statutory
declarations purportedly made by the registered proprietors contending that the
certificate of title had been lost when a house in which they were stored was
destroyed in a cyclone some years ago. In fact the certificates of title were in the
custody of solicitors on behalf of the registered proprietors. The Land Titles Office
acted on the application and issued the duplicate certificates of title the following
day. The new certificates of title were then used to secure a loan. This case
illustrates the following:
• use of the certificate of title was instrumental in the perpetration of the fraud;
• fraud may be perpetrated by fraudulently obtaining a new certificate of title,
rather than using a pre-existing one;
• if the Land Titles Office had been more vigilant in verifying the details of the
claim the fraud might not have occurred, as a searching inquiry might have
uncovered that the various details and circumstances referred to in the
application and statutory declarations were false.193
The certificates of title used in the above cases were genuine. Fraud may also be
perpetrated using falsified or counterfeit certificates of title, which can be copies or
forgeries of genuine certificates of title, or a wholly fabricated certificate of title
naming the fraudulent person as the owner of the land. For example, in 2002, Land
and Property Information New South Wales uncovered a scheme that involved the
creation of counterfeit certificates of title as well as the assembling of fraudulent
personal identification documents for presentation to various financial institutions to
secure mortgages.194 Recently in Sydney, fraudulent persons were able to forge title
deeds, falsely claiming ownership of a property in Sydney and using that to secure a
192 Challenger Managed Investments Ltd and Anor v Direct Money Corporation Pty Ltd and Others
(2003) 59 NSWLR 452. 193 Challenger Managed Investments Ltd and Anor v Direct Money Corporation Pty Ltd and Others
(2003) 59 NSWLR 452, 454. 194 Twelve such cases were uncovered by the NSW Land and Property Information. See Land and
Property Information NSW, Counterfeit Certificates of Title (2003) <http://www.lands.nsw.gov.au/NR/rdonlyres/A8A51A22-E276-459D-9059-0EB59F9F73BB/0/2003_05.pdf> at 10 January 2006.
90
mortgage.195 In R v Belias196, blank certificates of title were obtained from a Titles
Office employee. False details were then forged on to them and the certificates were
used to obtain a loan.
3.4.4.1 Conclusions drawn
The following conclusions may be drawn from the above analysis:
First, the manner of perpetrating identity fraud is linked to the conveyancing practice
that production of the certificate of title indicates a right to deal with the land. Identity
fraud may be perpetrated in circumstances where a fraudulent person is able to
produce the certificate of title to the victim’s property and the other party assumes
that he or she is the owner of the land and has a right to deal with the land without
asking for additional identity or positively establishing that the person in possession
of the certificate of title is indeed the person named on it.
Thus it could be argued that lack of verification of identity may be a factor facilitating
this type of fraud. This was the experience in Queensland, where it was found that
where lenders made little or no attempt to ensure that the person they were dealing
with and/or the person who signed the mortgage documents were, in fact, the
registered proprietor of the property over which security was taken, the lack of
identity checks facilitated the fraud.197 It should be noted that, in cases where the
certificate of title was falsified and the forgery is of high quality, asking for additional
identity to verify that the person in possession of the certificate of title is the same
person who is named on it, might not prevent the fraud, because the counterfeit
certificate of title may bear the actual name of the person holding it. Further, as seen
in the fraud schemes uncovered by the New South Wales Land and Property
Information in 2002, other types of identity documents could also be counterfeited,
so that even if further verification of identity were sought to link the person with the
certificate of title, the fraudulent person would already have these other identity
documents ready198.
Secondly, the fraud may involve persons known to the victim, such as family
members and trusted friends. In these situations, such perpetrators are able to
195 Philip Cornford, 'Gold Bars Just a Whisker From Crooks' Grasp', Sydney Morning Herald (Sydney),
22 July 2006, 1. 196 R v Belias (Unreported, Supreme Court of Victoria Court of Criminal Appeal, Crockett, Southwell
and McDonald JJ, 15 December 1994). 197 Explanatory Memorandum, Natural Resources and Other Legislation Amendment Bill 2005 (Qld),
[32]. 198 The manner in which this type of fraud may be minimised and the effectiveness of these measures
will be discussed in more detail in chapter 7.
91
perpetrate the fraud because their relationship with the victim gives them access to
the certificate of title and other necessary documents. Where the fraudulent person
is related to the victim, such as where he or she is the son or daughter of the victim,
this relationship may make their claims more credible. It is also possible for the fraud
to be perpetrated by persons unknown to the victim. In these cases, the manner in
which the certificate of title is obtained may differ from the situation where the fraud
is perpetrated by someone known to the victim with access to the certificate of title.
To obtain the certificate of title, the fraudulent person could:
• forge a certificate of title;
• apply for a new certificate of title;
• steal a certificate of title.
In these cases, the fraudulent person has to take the extra step of acquiring or
creating a certificate of title. This finding also accords with the study conducted by
Hammond in 2002, which found that the majority of fraudulent dealings were
committed by people acquainted with the registered proprietor who had access to
the duplicate certificate of title. Where fraud was committed by an ‘unknown third
party’ without access to the duplicate certificate of title, a more complex procedure
was needed: an application for the issue of a new duplicate certificate of title.
Hammond found that these types of fraud were rare.199 However, this study was
conducted in 2002; it may be that with the advance of technology, it is now easier to
make false or counterfeit certificates of title, as in the cases discussed above.
In perpetrating identity fraud, the case examples show that the fraudulent person
may act alone or act in collusion with others.
Finally, the transactions normally targeted in frauds are mortgages and transfers.
This is because their purpose is usually to obtain finance, and the property is used
to secure a loan. In the case of transfers, the fraudulent person may abscond with
the proceeds of the sale.
3.5 Synthesis of findings
The following provides a synthesis of the findings from the analysis above,
organised in terms of the issues raised in [3.3.2] and summarised in [3.3.3]. These
findings answer the questions raised in [3.3.2].
199 Celia Hammond, ‘The abolition of the duplicate certificate of title and its potential effect on
fraudulent claims over Torrens land’ (2000) 8 Australian Property Law Journal 115, 130.
92
3.5.1 How is fraud perpetrated in the paper registr ation system?
Fraud may be perpetrated in a variety of ways. The most common methods as
evidenced by the statistics produced above appear to be forgery, identity fraud,
fraudulent misrepresentation and fraudulent alteration.
3.5.2 Is the manner of perpetration of the fraud li nked to certain conveyancing
practices and processes?
As stated above, in every Australian jurisdiction it is the person wanting to transfer
or create an interest, or his or her attorney, who must execute the appropriate land
title instruments to create or transfer the interest. However, anyone may prepare
and lodge land title instruments for registration. In addition, the production of the
paper certificate of title is generally used to demonstrate a right to deal with the land.
The perpetration of fraud is linked to these practices and processes. The
requirement that it is the person wanting to transfer or create an interest, or that
person’s attorney, who must execute the appropriate land title instruments in order
to create or transfer the interest, means that fraud may be perpetrated by forging the
execution of that person (an individual or a company). Since the person’s attorney
may execute the instruments on behalf of the donor of the power of attorney, fraud
can also be perpetrated by someone falsifying a power of attorney and purporting to
act on its strength.
As anyone may prepare and lodge land title forms for registration, anyone who has
access to land title instruments that have been prepared and executed, potentially
has the opportunity to fraudulently alter them. The fraudulent person may also
prepare the relevant land title instrument and mislead or induce the victim into
executing it and lodging it for registration. Alternatively, even if the land title
instrument was prepared by someone else, fraud may still be perpetrated if the
instrument is given to the fraudulent person to procure its execution by the victim.
Finally, as the practice is to use the paper certificate of title to demonstrate a right to
deal with the land, identity fraud is perpetrated when the fraudulent person is able to
produce the certificate of title and is assumed to be the person named on it, who
therefore has a right to deal with the land.
93
3.5.3 How are fraudulent persons able to circumvent certain conveyancing
practices that are said to act as a safeguard again st fraud?
Whilst certain conveyancing practices exist in the paper registration system, which
are said to act as a safeguard against fraud, it is possible to circumvent these
practices. For example, witnessing requirements are circumvented, either by forging
the signature of the witness or by the witness attesting to the signature even though
it was not signed in his or her presence. The requirement that the paper certificate of
title be produced to demonstrate a right to deal with the land, is simultaneously a
safeguard and a facilitator of fraud because anyone with access to the certificate of
title can claim to have a right to deal with the land. Close examination of land title
instruments lodged for registration is also another safeguard against fraud because
it guards against fraudulent alterations. However, as seen in the above case
examples, it is possible for fraud to be perpetrated by fraudulently inserting
information into an executed instrument. Insertion of information, as opposed to
alteration of existing information may not leave any physical mark that can be
detected by the examining officer.
3.5.4 What factors may facilitate the perpetration of the fraud?
Various factors that facilitate the perpetration of fraud were identified in the above
analysis. These include:
• where the fraudulent person is given, by the victim, all the necessary
documentation, particularly the land title instrument, to procure execution;
• where all correspondence is addressed to the fraudulent person;
• where the victim has not been contacted to confirm or verify instructions,
even though a party to the transaction;
• in the case of fraud involving companies, where company searches have not
been conducted to confirm that the persons purporting to attest to the
affixing of the company seal do indeed have the authority to do so (or where
searches have been conducted and the names thus found have not been
checked against the names of the attesting persons);
• where the witness fails to comply with witnessing requirements by attesting
to signature(s) on the land title instrument even though they were not signed
in his or her presence;
• where the practice is followed that a party on receiving land title instruments
that appear on the face of it to be executed and witnessed is entitled to
assume that they were signed in the presence of the witness; and that it is
94
not usual to contact attesting witnesses to verify the authenticity of the
signatures on the land title instrument;
• where companies follow the assumptions that may be made under s129
Corporations Act 2001 (Cth) – that a document has been duly executed by
the company if the company’s common seal appears to have been fixed to
the document in accordance with the Act and the fixing of the common seal
appears to have been witnessed in accordance with the Act; and
• where there has been a failure to request additional identity to positively
establish that the person in possession of the certificate of title is indeed the
person named on the it, but merely accepting that a person in possession of
the certificate of title is the owner of the property and has a right to deal with
it.
3.5.5 Do perpetrators act alone or do they act in c ollusion with others?
The case examples show that fraud may be perpetrated by a person acting alone or
in collusion with a third party. For example, some of the impersonation cases
involved the fraudulent person using a third party to impersonate the victim and in
Young v Hoger, the daughter colluded with the mother in forging the father’s
signature on the mortgage instrument.
3.5.6 Why are the majority of frauds perpetrated by persons known to the
victim?
Fraud can be perpetrated by persons with different degrees of opportunity. Some of
the perpetrators, such as family members, close friends or the victim’s solicitor, may
be known to the victim and trusted, while others may not be known.
Perpetrators who are known to the victim are usually helped to perpetrate the fraud
by this relationship. They are usually trusted by the victim and hence have access,
or can gain it, to documents required for the perpetration of the fraud, such as the
certificate of title or other documents.200 The trust reposed in the fraudulent person
by the victim is also an enabling factor in cases where the fraud is perpetrated by
inducing or misleading the victim into signing certain documents which can then be
used to perpetrate the fraud. Further the fraudulent person’s relationship with the
victim may also encourage the view that he or she is acting on behalf of the victim,
so that all correspondence and documentation, including the relevant land title 200 As noted by Bransgrove: ‘Family members…have inside knowledge of where the certificate of title
or birth certificates are kept’: Matthew Bransgrove, 'What Can Solicitors Do To Reduce Mortgage Fraud?' (2004) 42(10) Law Society Journal 52, 52.
95
instrument, are given to him or her. Hence it is the relationship between the
fraudulent person and the victim that provides a readily available opportunity to
perpetrate the fraud. We can classify this fraud as ‘opportunistic fraud, perpetrated
by someone who knows the victim’.201 It has also been said that opportunistic fraud
would usually be unplanned, that is, where ‘the offense is carried out on the spur of
the moment, when an opportunity presents itself’.202
Perpetrators unknown to the victim cannot make use of a relationship with the victim
as help in perpetrating the fraud. The opportunity must be ‘created’, for instance by
forging certificates of title or applying to the Land Titles Office for a new certificate of
title. It could be said that this class of perpetrators have to take an ‘extra step’ in
order to perpetrate the fraud. It may be possible to classify this fraud as
‘professional fraud, perpetrated by con artists who are not known to the victim’.203 It
has also been said that professional or calculated fraud would usually be planned,
that is, where ‘offenders actually plan their offenses, exploiting opportunities that
present themselves’.204
The problem with classifying frauds as opportunistic or calculated (or planned or
unplanned), is that there are fine lines between what may be regarded as
opportunistic, calculated, planned and unplanned.205 For example, in the Grgic case,
the son had to obtain the certificate of title and arrange for a third party to
impersonate the father. It could be said this fraud was opportunistic, since the son
was able to use his relationship with the father to obtain the certificate of title – the
opportunity was there and the offence was unplanned. However, it could also be
argued that the fraud was calculated, because the son had to make plans to obtain
201 This classification was used by Siebrasse in the context of identity fraud, but it is possible to apply
this classification to other types of fraud. See Norman Siebrasse, 'Report on Land Title Practices and Fraud' (Canada Mortgage and Housing Corporation, 2003), 40 discussing fraud by impersonation.
202 Graeme Newman and Megan McNally, 'Identity Theft Literature Review' (2005), 38. 203 Again, this classification was used by Siebrasse in the context of identity fraud but it is possible to
apply this classification to other types of fraud. See Norman Siebrasse, 'Report on Land Title Practices and Fraud' (Canada Mortgage and Housing Corporation, 2003), 40.
204 Graeme Newman and Megan McNally, 'Identity Theft Literature Review' (2005), 38. 205 See also Graeme Newman and Megan McNally, 'Identity Theft Literature Review' (2005), 38,
noting that it is possible to view both planned and unplanned offences as ‘opportunistic’. Also see United Kingdom Cabinet Office, 'Identity fraud: A study' (Cabinet Office, 2002), 10 discussing ‘individual’ as opposed to ‘organised’ crime. The study notes that ‘care must be taken to maintain a fairly loose interpretation of “organisation” in this context. Any individual seeking to commit identity fraud is likely to need outside help – whether to purchase genuine, forged or counterfeit documents or to help them make use of documents obtained by deceit. But such help can be fairly small scale and informal in nature’ (p38). Instead of using the terms ‘individual’ and ‘organised’, the terms ‘acting alone’ and ‘acting in collusion with others’ are used in this thesis to signify when the fraud is perpetrated by the fraudulent person alone and when others are used to aid in the perpetration of the fraud.
96
the certificate of title and to arrange for the third party to impersonate the father –
the opportunity was created and the offence was planned. Does this mean then that
the fraud was opportunistic, perpetrated by someone known to the victim, and
unplanned or was it calculated, perpetrated by someone known to the victim, and
planned? I note and acknowledge the difficulty in organising fraud into these
categories.
For the purposes of this research, the term ‘opportunistic fraud’ will be used to
indicate frauds that are perpetrated by those who have a readily available
opportunity to perpetrate them, who may be known or unknown to the victim. For
example, a law clerk employed by a solicitor may have access to land title
instruments. The law clerk may alter an instrument executed by the victim, with
whom the law clerk has had no previous dealings, before lodging the instrument for
registration. In this study, I would classify this as opportunistic, perpetrated by
someone unknown to the victim of the fraud. The term ‘calculated fraud’ will be used
to indicate fraud where the opportunity must be created; it will usually be perpetrated
by those unknown to the victim of the fraud.
To answer the question of why the majority of frauds are perpetrated by those
known to the victim of the fraud; it may be that this is because these persons have a
readily available opportunity to perpetrate fraud, whereas for persons unknown to
the victim, an extra step of creating the opportunity must be taken. Hence, it is
easier for persons known to the victim to perpetrate fraud because they need fewer
steps.
On a broader level, it is also possible to compare the prevalence of opportunistic
fraud with calculated fraud. The statistics that I have obtained seem to indicate that
opportunistic fraud is more prevalent than calculated fraud, and within this category
of opportunistic fraud, it is those perpetrators known to the victim who are the most
common. This seems also to be the experience of the Victorian Land Titles Office; in
their report, they observed that ‘most land title fraud is desperate and opportunistic
rather than calculated. The stereotypical fraudster, approximately 90% of all claims,
is a son-in-law with a failing small business who is willing to register a forged
mortgage over the house of his wife's parents’206 and that ‘the overwhelming
206 John Barry, Deputy Registrar of Titles, Victoria Land Registry <[email protected]>, email
(28 September 2005).
97
proportion of our frauds are intra-family. They are not well thought out crimes and it
is relatively easy to determine the fraudulent party’.207
Whilst this may be the trend nowadays, improvements in technology, both in print
and multi-media, may see a rise in calculated fraud, particularly identity fraud, which
is a crime on the rise. In Australia, it was identified as a priority matter in the
Commonwealth and States and Territories Agreement on Terrorism and Multi-
Jurisdictional Crime on 5 April 2002. In 2003, the AUSTRAC Steering Committee on
Proof of Identity undertook to commission and fund research that developed a
credible, point in time, estimate of the costs of identity fraud to Australia. This study
estimated the cost of identity fraud to Australia for 2001-2002 to be 1.1 billion
dollars.208 Whether this general rise in identity fraud may be followed by a
corresponding rise in identity fraud within the land title sector remains to be seen.
3.5.7 Are some types of fraud more susceptible to b eing perpetrated by
persons known to the victim while some types of fra ud more susceptible to
those unknown to the victim?
Some types of fraud will be more susceptible to being perpetrated by those known
to the victim of the fraud whilst other types of fraud may be perpetrated by persons
both known and unknown to the victim. This is because in some types of fraud, the
manner of perpetration and the opportunities available are closely tied to the
relationship between the fraudulent person and the victim. In these types of fraud, it
is the relationship of trust that provides the opportunity as well as the means.
Forgery and fraudulent misrepresentations for example, are more likely to be
perpetrated by someone known to and trusted by the victim because the relationship
of trust provides the opportunity to perpetrate the fraud. In forgery cases, family
members usually perpetrate this type of fraud because they can use their
relationship with the victim to persuade another party to provide them with the
necessary documentation for procuring execution from the victim. In fraudulent
misrepresentations, the relationship of trust with the victim can be used to induce or
mislead him or her to sign the necessary documents.
In contrast, identity fraud cases may be perpetrated by persons both known and
unknown to the victim, because, under the paper registration system, the critical
207 John Barry, Deputy Registrar of Titles, Victoria Land Registry <[email protected]>, email
(28 September 2005). 208 Suresh Cugnasen and David Lacey, Identity Fraud in Australia: An Evaluation of its Nature, Cost
and Extent (2003), 55.
98
factor in identity fraud is production of the certificate of title. Whilst persons known to
the victim, such as family members, may have easy access to the victim’s certificate
of title due to this relationship, it is also possible for the fraudulent person to falsify
the certificate of title, when a relationship with the victim is not needed.
3.5.8 Are some perpetrators better placed to perpet rate fraud than others?
Certain perpetrators will be better placed to perpetrate fraud than others. Family
members, for example, are shown in the above statistics to be frequent perpetrators
of fraud. They can forge the victim’s signature, collude with a third party to
impersonate the victim, or induce the victim to sign certain documents to be used to
perpetrate the fraud. It is also possible to speculate that employees at Land Title
Offices may be potential perpetrators of fraud, by fraudulently altering documents
lodged for registration, however, as yet, no case of such nature has arisen. Other
types of perpetrators include directors of companies, trusted friends, financial
advisers, bank officers and solicitors. Out of this group of perpetrators, solicitors
may be in a better position to perpetrate fraud, since they perform certain functions
within the conveyancing process. For example, in most cases a person purchasing
or selling property engages a solicitor to act on their behalf and to prepare and lodge
documents to give effect to that transaction. Usually the certificate of title is held by
the solicitor for safe keeping. Where the solicitor is retained by a client, the solicitor
has a duty to discharge his duties and responsibilities, and the client trusts the
solicitor accordingly.209 This would also include the trust reposed by other
stakeholders within the conveyancing process. As noted by Hayne J:
I doubt very much that a solicitor confronted with another solicitor who claims to be
acting for a borrower owes the borrower a duty to take care that the solicitor is right
in the assertion that he or she has been properly retained by the borrower. What is
the solicitor for the lender to do? Is the solicitor for the lender to meet the assertion
that the borrower has retained a solicitor with the statement “prove it” or is the
solicitor for the lender to go behind the solicitor for the borrower and make his or her
own enquiries about the retainer?210
Solicitors also generally fall within the class of persons qualified to act as witnesses
and as attorneys. This position occupied by solicitors, and the trust reposed upon
the solicitor by their clients and by other stakeholders within the conveyancing
209 See Sharon Christensen and William Duncan, Professional Liability and Property Transactions
(2004) for a discussion on the relationship between the solicitor and the client in the context of property transactions and the solicitor’s duties and responsibilities to the client.
210 Pyramid Building Society (in liq) v Scorpion Hotels Pty Ltd [1998] 1 VR 188,195.
99
process, provides solicitors with greater opportunities than other people to
perpetrate fraud. The solicitor is able to forge the signature of his or her client on a
land title instrument or on a power of attorney, and also to mislead or persuade his
or her client to sign certain documents, to perpetrate fraud. As it is the duty of the
solicitor to prepare and lodge land title instruments, the solicitor is also able to alter
documents after they have been executed by the client.
It is because of this unique position occupied by solicitors in the conveyancing
process that this study will focus on solicitors as a separate category of perpetrators
to determine whether solicitors will continue to have the same opportunities to
perpetrate fraud in an electronic registration system or whether these opportunities
might be increased or reduced.
3.5.9 Why does fraud normally involve mortgages or a combination of
transfers and mortgages?
Fraud is usually perpetrated to obtain finance, hence the types of transactions that
are usually targeted are mortgages or a combination of transfers and mortgages. It
is by fraudulently taking out a mortgage over the property that the fraudulent person
is able to receive the required funds. Similarly, he or she could fraudulently transfer
the property to himself or herself or to another person, sell the property and abscond
with the proceeds of the sale. In this regard it can be said that this motivation to
obtain finance is a prime driver of fraud; however for the fraud to occur, this
motivation must be coupled with an opportunity to perpetrate it. As discussed above,
fraudulent persons perpetrate fraud when they have an opportunity, either a ready-
made opportunity or an opportunity that can been created. This finding accords with
the general literature on fraud, which identifies motivation, opportunity and perceived
worthwhile outcome as the main causes of fraud.211 As opportunity is a critical factor
in whether fraud may be perpetrated, reducing the opportunity to perpetrate fraud
may be one way of minimising its occurrence. This will be discussed further in
Chapter 7.
211 See for example KPMG, 'Fraud Survey 2004' (KPMG, 2004), 17; Russell Smith and Adam
Graycar, 'Identifying and Responding to Corporate Fraud in the 21st Century' (Paper presented at the Australian Institute of Management, Sydney, 2003), 1 - 2; and Steve Albrecht, Conan Albrecht and Chad Albrecht, Fraud Examination (2nd ed, 2006), 31 – Albrecht adds a fourth factor, the ability to rationalise the fraud as being acceptable.
100
3.6 How will automating the registration process wi thin the Torrens system
impact on these findings?
The question raised here is whether automating the registration process within the
Torrens system will alter any of the above findings. For example, will automating the
registration process alter current conveyancing practices? If so, how will this impact
upon the manner in which fraud is perpetrated? Can the types of fraud identified in
this chapter continue to be perpetrated in the Torrens system using a fully
automated registration process? Will automating the registration process within the
Torrens system introduce new or different opportunities for perpetrating fraud?
Other issues that require consideration include:
• would the factors identified in this chapter to facilitate fraud continue to play a
role in an electronic registration system?
• will the majority of frauds in an electronic registration system continue to be
perpetrated by persons known to the victim?
• will opportunistic fraud continue to be the more prevalent type of fraud or
might automating the registration process create certain opportunities that
may see it overtaken by calculated fraud?
• for the types of fraud that may occur in an electronic registration system,
which will be more susceptible to being perpetrated by persons known to the
victim and which by persons unknown to the victim?
• will solicitors continue to have the same opportunities to perpetrate fraud in
an electronic registration system or will these opportunities be increased or
reduced?
An examination of these issues furthers the objective of this thesis, since it
determines the extent of the impact of automating the registration process within the
Torrens system on fraud. These issues will be addressed in Chapters 5 and 6. As
an aid to this comparative analysis, the findings from this chapter are represented in
the table below.
101
Type of fraud Likely perpetrators
Manner of perpetration Factors enabling the fraud to occur
Forgery of signature (individual) Conveyancing practice: instruments creating an interest must be executed by the person creating the interest and the person in whose favour the interest is being created. Most common method of execution = signature on the land title instrument.
Safeguard: witnessing requirements. * Likely transaction: mortgage and transfer or a combination of both.
Usually opportunistic, perpetrated by persons known to and trusted by the victim. Examples include: - *family members; *trusted friends; *victim’s solicitor. May be acting alone or in collusion with others.
* Forgery of victim’s signature. * To circumvent witnessing requirements: either - forge signature of the witness. This can be of a real person or a fictitious person; or - persuade the witness to attest to the signature even though it was not signed in the presence of the witness. * Would only occur if land title instrument is given to the fraudulent person to procure execution by the victim of the fraud.
* Relationship between victim & fraudulent person – fraudulent person is trusted by the victim. * Easy access to the paper certificate of title and various other documents. * Fraudulent person is usually seen as speaking for or on behalf of the victim. * All correspondences addressed to the fraudulent person. * Land title instrument provided to the fraudulent party to procure execution from the victim. * The victim is not contacted or dealt with even though the victim is a party to the transaction. (eg: Young v Hoger) * The witness to the signature(s) on the instrument attests to the signature(s) even though the signature was not signed in front of the witness (eg. Sansom). * The conveyancing practice that a party on receiving documents that appear on its face to be executed and witnessed is entitled to believe that the signatures were signed in the presence of the witness and that it is not usual practice to contact the attesting witness to ensure that witnessing requirements have been complied with.
Forgery of signature (company) Conveyancing practice: company may execute an instrument by affixing the company’s seal to the instrument and the affixing of the seal is witnessed by two directors or by a director and secretary. Company may also execute instruments by signing the instrument so that fraud can occur by forging the relevant signatures in the manner described above. * Likely transaction: mortgage and transfer or a combination of both.
Usually opportunistic, perpetrated by persons occupying a position with the company, such as: * the company director; * the company secretary. * Could also be a former director. Generally in collusion with others.
* Affixing the company seal on the instrument, usually a mortgage, without authority from the company; * Fraudulent person and person colluding with fraudulent person attesting to the affixing of the seal; * Fraudulently appointing the person colluding with the fraudulent person as director/secretary so that this person appears to have the authority to attest to the affixing of the seal; * In some cases producing false minutes of meeting authorising the affixing of the seal and/or the appointment. * If acting alone, the fraudulent person would need to forge the signature of the other signatory attesting to the affixing of the company seal. * Would only occur if the land title instrument is provided to the fraudulent person for execution by the company.
* Access to the company seal. * Access to the paper certificate of title. * Land title documents provided to the fraudulent party for execution by the company. * Trust placed upon the fraudulent party by other directors, day to day running of the company entrusted to the fraudulent person. * Where no attempt made to obtain company searches or if company searches were obtained, to compare the signatures of the witnesses purporting to witness the fixing of the company seal against the company search. However, s129 of the Corporations Act 2001 (Cth) allows the assumption that a document has been duly executed by the company if the company’s common seal appears to have been fixed to the document in accordance with s127(2) and the fixing of the common seal appears to have been witnessed in accordance with s127(2). This assumption also applies to situations where a document was executed without use of the common seal. Hence perhaps not unreasonable for a party, upon receiving an instrument that appears on its face to have been duly executed by the company, to assume that it was duly executed, without taking further steps to verify that the persons affixing the seal or attesting to the affixing of the seal did indeed have the authority to do so.
102
Type of fraud Likely perpetrators
Manner of perpetration Factors enabling the fraud to occur
False power of attorney Conveyancing practice: an attorney under a power of attorney may act on behalf of the grantor of the power of attorney. * Likely transaction: mortgage and transfer or a combination of both.
May be both opportunistic and calculated, perpetrated by persons known or unknown to the victim, so long as the fraudulent person is able to falsify the power of attorney. Arguably more likely that the perpetrator would be someone known to the victim as the perpetrator would need to know the victim’s signature for forgery purposes. Examples include: * Wife; * Solicitor; * Son. May be acting alone or in collusion with others.
Forging the victim’s signature on the power of attorney and using that power of attorney to perpetrate the fraud. Witnessing requirements for the power of attorney may be circumvented in the same manner as in forgery of signatures on the land title instrument.
* Not verifying the authenticity of the power of attorney, such as by contacting the donor or the witness to the power of attorney. * However, it is not common or usual practice that this is done.
Fraudulent misrepresentations Conveyancing. practice: Anyone may prepare and lodge land title forms for registration. * Likely transaction: mortgage and transfer or a combination of both.
Usually opportunistic, perpetrated by persons known to and trusted by the victim. Examples include: * trusted friend; * solicitor May be acting alone or in collusion with others.
Fraudulent person misleading or inducing the victim into signing documents used to perpetrate the fraud. The fraudulent person himself/herself may prepare the necessary instruments, induce the victim to sign them, and lodge them for registration. OR the instrument is prepared by another party who gives to the fraudulent person the instrument for the purposes of procuring execution from the victim. The instrument is then lodged for registration. If need be, witnessing requirements may be circumvented by either: * forging the witness’s signature. This can be of a real person or a fictitious person; or * the witness attests to the signature even though it was not signed in the presence of the witness.
* Victim’s trust placed upon the fraudulent party. * Fraudulent party’s access to the certificate of title and other identity documents. *Where the fraudulent person has or is given relevant land title instruments for the purposes of procuring execution from the victim. + all correspondences are addressed to the fraudulent person, and the victim, although a party to the transaction, is not contacted to confirm instructions. * The conveyancing practice that a party on receiving documents that appear on its face to be executed and witnessed is entitled to believe that the signatures were signed in the presence of the witness.
103
Type of fraud Likely perpetrators
Manner of perpetration Factors enabling the fraud to occur
Fraudulent alterations Conveyancing. practice: Anyone may prepare and lodge land title forms for registration. Safeguard: manual examination by Land Registry officer. * Likely transaction: mortgage and transfer or a combination of both.
Usually opportunistic, perpetrated by someone who has access to executed documents. These persons may or may not be known to the victim. Examples include: * solicitor * land registry staff * law clerk * bank officer May be acting alone or in collusion with others.
* Altering details in the land title instrument which has been executed by the victim. * Insertion of information rather than alteration of existing information may be more prevalent because an alteration may be more visible than an insertion of information.
* Position occupied by the fraudulent person providing him/her with access or ability to gain access to executed land title instruments. * Manual examination at the Land Titles Office may not notice alterations where additional information has been inserted.
Identity fraud Conveyancing practice: production of the certificate of title indicates a right to deal with the land. This is both a safeguard and a facilitator of fraud.
* Likely transaction: mortgage and transfer or a combination of both.
May be opportunistic, perpetrated by persons known to the victim. Examples include: * Family member * Trusted friend May be acting alone or in collusion with others.
* Fraudulent person, with or without the aid of a third party, claiming that he/she has a right to deal with the land by producing the certificate of title to the subject land. * In some cases, other documents are produced to substantiate this claim. * Generally the certificate of title and other documents are genuine.
* Fraudulent person’s relationship with the victim provides the fraudulent person with access to the certificate of title and other identity documents. * Where the fraudulent person colludes with a third party to impersonate the victim, the fraudulent person’s relationship with the victim may make their claim that the third party is the victim more credible. * Lack of vigilance by the other party in verifying the identity of the person purporting to deal with the land and assuming that the person with the certificate of title is indeed the person named on the certificate of title.
May be calculated, perpetrated by persons unknown to the victim. Fraudulent person may be acting alone or in collusion with others.
* Fraudulent person, with or without the aid of a third party, claiming that he/she has a right to deal with the land by producing the certificate of title to the subject land. * The certificate of title may be forged or genuine. * Example of obtaining a genuine certificate of title – making an application to the Land Titles Office for a new certificate of title. * In some cases, other documents are produced to substantiate this claim.
* Ability to forge the certificate of title and other identity documents. * Lack of vigilance by the Land Titles Office in verifying the application for a new certificate of title. * Lack of vigilance by the other party in verifying the identity of the person purporting to deal with the land by requesting for additional identification and assuming that the person with the certificate of title is indeed the person named on the certificate of title.
3.7 Conclusion
This chapter has analysed how frauds giving rise to a claim for compensation may
be perpetrated under the paper registration system. Analysis of compensation
claims data and of case examples has revealed that there are essentially four ways
in which fraud is perpetrated in the paper registration system – forgery, fraudulent
alterations, fraudulent misrepresentations and identity fraud.
104
It was found that the manner of perpetrating the fraud is linked to current
conveyancing practices and while certain requirements exist that are said to act as
safeguards against fraud, these may be circumvented. Certain factors may also
facilitate the perpetration of the fraud, such as the land title instrument being given
by the victim of the fraud to the fraudulent person for the purpose of procuring
execution. This chapter found that, in perpetrating the fraud, fraudulent persons may
act alone or in collusion with others. Opportunistic fraud was found to be the more
prevalent type of fraud with fraudulent persons known, rather than unknown, to the
victim to be the more common perpetrators of fraud. Within this class of perpetrators
it was found that solicitors are in the better position to perpetrate fraud. Some frauds
were found to be more susceptible to being perpetrated by persons known to the
victim because in these types of fraud, the manner in which the fraud is perpetrated
and the opportunities available to perpetrate the fraud were found to be closely tied
to the relationship between the fraudulent person and the victim. Finally, fraud was
found to involve mortgages or a combination of transfers and mortgages, most likely
because it is through these types of transactions that fraudulent persons are able to
obtain finance, which is the prime motivator for perpetrating fraud.
In what manner might these findings be altered if the registration process of the
Torrens system were to be automated? To answer this question, the next chapter
will examine electronic registration systems in various Torrens jurisdictions, to
determine what changes, if any, would be made to current conveyancing practices
and processes if the registration process of the Torrens system were to be fully
automated. The impact of these changes upon the findings in this chapter will then
be analysed in Chapters 5 and 6.
105
CHAPTER 4
WHAT CHANGES MAY BE MADE TO CONVEYANCING PRACTICES IF
TECHNOLOGY WAS USED TO AUTOMATE THE REGISTRATION PR OCESS
WITHIN THE TORRENS SYSTEM?
Table of contents
4.1 Introduction........................................................................................................... 106 4.2 Jurisdictional overview of the move towards an electronic registration system...... 107
4.2.1 Proposed systems.......................................................................................... 107 4.2.2 Fully operational systems............................................................................... 109
4.2.2.1 Partial systems........................................................................................ 109 4.2.2.2 Fully automated systems......................................................................... 110
4.3 Comparative analysis............................................................................................ 114 4.3.1 Access ........................................................................................................... 115
4.3.1.1 Who has access...................................................................................... 115 4.3.1.2 How is access controlled ......................................................................... 116 4.3.1.3 What is the process for obtaining access ................................................ 116 4.3.1.4 Generation & transmission of the authentication mechanism used to control access..................................................................................................... 122 4.3.1.5 System features: common and differing features..................................... 123 4.3.1.6 What will these changes mean for fraud opportunities?........................... 124
4.3.2 Preparation, lodgement, examination and registration of land title instruments ............................................................................................................. 125
4.3.2.1 Preparation and lodgement ..................................................................... 125 4.3.2.2 Examination ............................................................................................ 126 4.3.2.3 Registration – updating the register......................................................... 127 4.3.2.4 System features: common and differing features..................................... 128 4.3.2.5 What will these changes mean for fraud opportunities?........................... 129
4.3.3 Execution and witnessing of land title instruments.......................................... 129 4.3.3.1 Technology used to replace handwritten signatures ................................ 131
4.3.3.1.1 System features: common and differing features.............................. 137 4.3.3.1.2 What will these changes mean for fraud opportunities?.................... 137
4.3.3.2 Classes of authorised users entitled to digitally sign land title instruments ......................................................................................................... 138
4.3.3.2.1 System features: Common and differing features ............................. 139 4.3.3.2.2 What will this mean for fraud opportunities? ..................................... 140
4.3.3.3 Client signing the authorisation form........................................................ 140 4.3.3.3.1 System features: Common and differing features ............................. 142 4.3.3.3.2 What will these changes mean for fraud opportunities...................... 142
4.3.3 The paper certificate of title ............................................................................ 143 4.3.3.1 Use of the paper certificate of title ........................................................... 143 4.3.3.2 Use of a client identification process and certifications as to identity ....... 144 4.3.3.3 System features: Common and differing features.................................... 148 4.3.3.4 What will these changes mean for fraud opportunities?........................... 148
4.4 Conclusion............................................................................................................ 149
106
Chapter 4: What changes might be made to conveyanci ng practices if
technology were used to automate the registration p rocess within the Torrens
system?
4.1 Introduction
In the previous chapter, the question was raised as to how and in what manner its
findings would change were the registration process within the Torrens system to be
automated. The purpose of this chapter is to address this by examining the effect of
automation on current conveyancing practices, and on the requirements in the
registration process that are said to act as safeguards against fraud. This is
necessary, since, as was postulated in Chapter 3, it is possible that changes may
affect the manner in which fraud may be perpetrated.
This chapter will first provide a brief overview of the extent to which the land
registration systems in various jurisdictions have been automated, and will identify
those that are fully automated and operational.212 The salient features of these
systems, along with those proposed in Australia, will be compared with the paper
registration system to determine what changes, if any, would be made to current
conveyancing practices and to conveyancing requirements, were the paper
registration process to be automated.
This chapter will find that automating the registration process within the Torrens
system will introduce certain changes to current conveyancing practices and to
those requirements that are said to act as safeguards against fraud:
• the key changes to conveyancing practices will be those relating to the ways
by which the system may be accessed, the manner in which documents may
be prepared and lodged for registration, the manner in which documents
may be executed and changes to the use of the paper certificate of title;
• the changes that may be made to the requirements that act as safeguards
against fraud will be those relating to the examination process at the Land
Titles Office, the process for updating the register, witnessing requirements
and use of the certificate of title.
212 For a discussion of these systems, see Rouhshi Low, ‘Maintaining the Integrity of the Torrens
System in a Digital Environment: A Comparative Overview of the Safeguards Used Within the Electronic Land Systems in Canada, New Zealand, United Kingdom and Singapore’ (2005) 11 Australian Property Law Journal 155.
107
This chapter will conclude by highlighting the potential impact of each change upon
the findings of Chapter 3.
4.2 Jurisdictional overview of the move towards an electronic registration
system
It was as early as 1967 that the importance of technology and its potential for
improving the effectiveness of the land registration process was recognised.213
Since then, improvements in technology and the increased use of the Internet have
led to the incorporation of technology into the land registration systems of each
State and Territory in Australia, as well as in other jurisdictions such as Canada,
New Zealand and England. The extent to which technology has been incorporated
into these systems differs from jurisdiction to jurisdiction; in some cases a fully
automated land registration system has replaced the traditional paper registration
system, while in others there has only been partial replacement. The discussion
that follows, on the extent of automation via technology in various jurisdictions, is
divided into two categories: systems in the proposal stage and fully operational
systems. Within the second category, registration systems will be sub-divided into
partial systems that predominantly utilise a paper based registration process but
with some degree of automation enabled and fully automated systems where the
creation and lodgement of land title instruments is done in an electronic
environment.
4.2.1 Proposed systems
Some jurisdictions are in the planning stages of developing an electronic registration
system. In Australia, for example, two systems have been proposed. One is called
the National Electronic Conveyancing System or NECS, proposed in 2006.214 The
other is a system proposed by the State of Victoria, called the Electronic
Conveyancing (EC) System215. Unlike the EC system, which is specific to the State
of Victoria, NECS is an Australia-wide initiative, available to all States and Territories
in Australia.216 It is proposed that NECS will enable the online preparation of land
213 Douglas Whalan, ‘Electronic Computer Technology and the Torrens System’ (1967) 40 Australian
Law Journal 413. 214 See Andrew Perry, 'Building the Home Page' (2005) (262) Lawyers Weekly 16, Alan Davidson,
'The National Electronic Conveyancing System' (2006) 26(1) Proctor 33 and Shaun Drummond, 'Victorian E-Conveyance Should Go National' (2005) (267) Lawyers Weekly 10.
215 John Barry, Electronic Cheques and Balances - Paper Gone To Bytes (2005) Internet Law Bulletin <http://www.landexchange.vic.gov.au/ec/newsroom/articles.html> at 2 May 2006.
216 The website for the national electronic conveyancing system is: http://www.necs.gov.au/.
108
title instruments and dealings, lodgement of these instruments and electronic
financial settlement.217 Thus far, a National Steering Committee, with government
and industry representatives and a National Electronic Conveyancing Office to
support it, has been established.218 A National Business Model for the Electronic
Conveyancing System, drawn up in 2006 and discussed in consultation forums held
throughout 2006, has since been endorsed by the Steering Committee.219
The system proposed by the State of Victoria is more advanced in its development
than the NECS. The system is being developed by the Department of Sustainability
and Environment in Victoria, through Land Victoria. As with NECS, the proposed EC
system is aimed at providing online preparation of electronic land title documents,
lodgement of those documents and financial settlement. At the time of writing, a
version of the Victorian system is being operated by Land Exchange, a business unit
of the Department of Sustainability and Environment, Victoria.220 Stage one of the
system (EC Release 1.0) was launched with limited functionality on 21 August
2006.221 It involved a small number of financial institutions and allowed only for
processing discharges of mortgage and mortgages.222 EC Release 2.0 was released
on 16 November 2007.223 It provides for electronic financial settlement and enables
the processing of a range of conveyancing transactions.224
Other jurisdictions in the developmental stage include England and Scotland. In
England, the project to develop and implement an electronic land registration
system began in 1998, when the Law Commission and Land Registry published a
report entitled ‘Land Registration for the 21st Century: A Consultative Document’225
for the purpose of considering how the systems of property transfer in England and
217 For more information about how the NECS will work, see National Electronic Conveyancing
System, How NECS Will Work (2005) <http://www.necs.gov.au/default.aspx?ArticleID=50#WHAT%20NECS%20DOES%20NOT%20COVER> at 5 June 2007.
218 National Electronic Conveyancing System, About the National Electronic Conveyancing System (NECS) (2005) < http://www.necs.gov.au/About-NECS/default.aspx> at 7 April 2008.
219 National Electronic Conveyancing System, Overview of Progress (2005) < http://www.necs.gov.au/Progress-on-NECS/default.aspx> at 4 June 2007.
220 Land Exchange, Electronic Conveyancing Legal Framework (2007) <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 7 April 2008.
221 See Land Exchange, What is EC? (2007) <http://www.landexchange.vic.gov.au/ec/about/index.html> at 7 April 2008.
222 Land Exchange, Key Milestones (2007) <http://www.landexchange.vic.gov.au/ec/about/milestones.html> at 7 April 2007.
223 Land Exchange, What is EC? (2007) <http://www.landexchange.vic.gov.au/ec/about/index.html> at 7 April 2008.
224 Land Exchange, Key Milestones (2007) <http://www.landexchange.vic.gov.au/ec/about/milestones.html> at 7 April 2007.
225 UK Law Commission & HM Land Registry, 'Land Registration for the Twenty-First Century: A Consultative Document' (No 254, HM Land Registry, 1998).
109
Wales could be updated. The findings from that consultation document culminated
in a report published in 2001: ‘Land Registration for the 21st Century: A
Conveyancing Revolution’.226 A consultation exercise on electronic conveyancing
was also held between May 2002 and August 2002227, seeking the views and
opinions of those who would be affected by any change to the conveyancing
process. Legislative changes were also made in the form of the Land Registration
Act 2002 (UK), which came into force on 13 October 2003 to enable the
implementation of e-conveyancing services. At present, it appears that the plan in
England is to introduce automated services incrementally.228
4.2.2 Fully operational systems
4.2.2.1 Partial systems
For the purposes of this research, partial systems are systems that predominantly
use a paper based registration process but within this paper based process, some
level of automation is enabled. An example of this type of system is the system
currently operating in Queensland. In Queensland, one of the objectives of
introducing the Land Title Act 1994 (Qld) in 1994 was to enable the use of
information technology in the maintenance of the Land Registry.229 To achieve this
objective230, during 1994 and 1995, 600,000 registered survey plans and 2.7 million
certificates of title were imaged. From January 1997, the Queensland Titles Office
commenced scanning all other registered instruments. This allowed registered
instruments in the Titles Office to be retrieved automatically via a public access
system. By late 1997, scanning equipment had been installed at various lodgement
centres throughout the State to enable documents to be imaged immediately after
being lodged and then transmitted electronically to the examinations and
registrations staff at the Titles Office. Once received, the imaged documents are
226 UK Law Commission & HM Land Registry, 'Land Registration for the Twenty-First Century: A
Conveyancing Revolution' (No 271, HM Land Registry, 2001) 227 See Land Registry, 'E-conveyancing: A Land Registry Consultation' (Land Registry, 2003) and the
results of the consultation exercise Land Registry, 'E-conveyancing: A Land Registry Consultation Report' (Land Registry, 2003)
228 See Land Registry, E-conveyancing: The Story So Far (2007) < http://www.landregistry.gov.uk/www/wps/portal/!ut/p/c1/04_SB8K8xLLM9MSSzPy8xBz9CP0os3gfN1MTQwt381DL0BBTAyNjY0cTE19PQwN3M6B8JB55A2J0G-AAjoR0-3nk56bqF-SGRpQ7KioCALdDEtQ!/dl2/d1/L2dJQSEvUUt3QS9ZQnB3LzZfTEY1NDE4RzdVOVVUNTAyMzNBNDRNSTEwRzU!> at 7 April 2008 and Land Registry, ’E-conveyancing: The Strategy for the Implementation of E-conveyancing in England and Wales’, 12 October 2005 < http://www1.landregistry.gov.uk/assets/library/documents/e-conveyancing_strategy_v3.0.doc/> at 7 April 2008.
229 Land Title Act 1994 (Qld), s3. 230 The description here of the implementation of the Queensland system was obtained from Sharon
Christensen and Amanda Stickley, 'Electronic Title in the New Millennium' (2000) Flinders Journal of Law Reform 209.
110
acknowledged electronically and scanned to extract essential data for recording on
the Register. As land title instruments still need to be prepared in paper format
before they are scanned in by officers at the Land Titles Offie, the Queensland
system is categorised as a partial system.
4.2.2.2 Fully automated systems
For the purposes of this research, fully automated registration systems are
registration systems that allow for a completely paperless transaction, from the
preparation of land title documents to the lodgement of such documents for
registration. Thus far, only two jurisdictions have implemented a fully automated
system for the electronic lodgement of instruments. These are New Zealand and
Canada.
In Ontario, Canada, the development of an electronic registration system began in
the 1980s, when the Ontario Ministry of Consumer and Commercial Relations
(MCCR) began building POLARIS (the Province of Ontario Land Registration
Information System) with the objective of automating Ontario's land registration
system.231 Following the automation of the land registration records came the
introduction of electronic remote search services and later, the electronic registration
of land titles documents. This was achieved through software called Teraview.232
This electronic land registration system (known as the e-reg system) was developed
by Teranet Inc233 in consultation with the MCCR, real estate lawyers and other
stakeholders.234 The e-reg system was launched as a pilot project by the
government in 1999 and implementation is progressing across the province county
by county.235 As of December 2005, approximately 82 percent of registrations were
231 Government of Ontario, Canada, Electronic Land Registration (2008) Ministry of Government
Services Ontario, Land Registration Information: Electronic Land Registration (2005) <http://www.cbs.gov.on.ca/mcbs/english/5GRLDX.htm> at 18 April 2006< https://www.gov.on.ca/ont/portal/!ut/p/.cmd/cs/.ce/7_0_A/.s/7_0_GTS/_s.7_0_A/7_0_GTS/_l/en?docid=STEL02_165314> at 7 April 2008.
232 Teraview’s website is http://www.teraview.ca. 233 In 1991, MCCR entered into a 50-50 joint venture with Teramira Holdings Inc to form Teranet Land
Information Services Inc : Gerry Blackwell, 'Teraview-Ontario's New Searchable Electronic Land' (1997) 21(1) Canadian Lawyer 32, 32. Since 2003 the Ontario government has divested its interest in Teranet Inc and Teranet Inc is now a privately owned company: Teraview Inc., Who is Teranet? <http://www.teraview.ca/whois.html> at 4 June 2007. Teranet’s website is http://www.teranet.ca.
234 Government of Ontario, Canada, Electronic Land Registration (2008) Ministry of Government Services Ontario, Land Registration Information: Electronic Land Registration (2005) <http://www.cbs.gov.on.ca/mcbs/english/5GRLDX.htm> at 18 April 2006< https://www.gov.on.ca/ont/portal/!ut/p/.cmd/cs/.ce/7_0_A/.s/7_0_GTS/_s.7_0_A/7_0_GTS/_l/en?docid=STEL02_165314> at 7 April 2008.Ministry of Government Services Ontario, Land Registration Information: Electronic Land Registration (2005) <http://www.cbs.gov.on.ca/mcbs/english/5GRLDX.htm> at 18 April 2006
235 For the e-reg roll out schedule see: Teranet Inc, Electronic Registration Rollout Schedule <http://www.teraview.ca/ereg/ereg_rollout_schedule.html> at 18 April 2006.
111
being received electronically.236 The types of documents accepted by the system
include transfers, charges, mortgages, discharges and documents generally. The
use of Teraview is optional in some areas within Ontario but mandatory in others.237
Initially Teranet Inc. was formed as a partnership between the Ontario government
and the private sector. Since 2003 however, the Ontario government has divested
its interest in Teranet Inc.,238 resulting in Teraview being owned by Teranet Inc. as a
privately owned company.
The system used in New Zealand is modelled on the Ontario system. The system is
called Landonline239, and is administered by Land Information New Zealand
(LINZ).240 The progress towards an electronic land titles system in New Zealand
began in the late 1980s with the development of the electronic journal and titles
index and the conversion of title records, instruments and plans into electronic
format. Following on from this, the electronic preparation and lodgement of routine
conveyancing dealings was made possible.241 The New Zealand Landonline system
has been operational since 2002, when the Land Transfer Act 1952 (NZ)242 was
amended to support the introduction of electronic lodgement of title transactions.
The plan is to phase out paper-based lodgements, and to move towards complete
electronic lodgement via Landonline by 2008.243
Both these systems are fully automated systems, because they allow for a
completely paperless transaction, from the preparation of land title documents to
their lodgement for registration. They may both be regarded as centralised systems,
because electronic land title instruments are created and stored on a central
database; users must log on to the system in order to create and access land title
236 Government of Ontario, Canada, Electronic Land Registration (2008) <
https://www.gov.on.ca/ont/portal/!ut/p/.cmd/cs/.ce/7_0_A/.s/7_0_GTS/_s.7_0_A/7_0_GTS/_l/en?docid=STEL02_165314> at 7 April 2008. Also see Simon Hally, 'How Secure is E-Registration' (2005) 29(7) Canadian Lawyer 47, 47.
237 See Teranet Inc, Electronic Registration Rollout Schedule <http://www.teraview.ca/ereg/ereg_rollout_schedule.html> at 18 April 2006.
238 Teranet Inc., Who is Teranet? <http://www.teraview.ca/whois.html> at 18 April 2006. 239 The website for Landonline is: http://www.landonline.govt.nz/. 240 For more information about the history behind the Landonline project and the personnel involved,
see John Greenwood and Tim Jones, ‘Automation of the Register: Issues Impacting on the Integrity of Title’ in David Grinlinton (ed), Torrens in the Twenty-first Century (2003) 323. The website for LINZ is http://www.linz.govt.nz/rcs/linz/pub/web/root/home/index.jsp.
241 Land Information New Zealand, Landonline Survey and Title Service <http://www.linz.govt.nz/rcs/linz/pub/web/root/core/TitlesAndRecords/landonline/index.jsp> at 18 April 2006.
242 The Act was amended by the Land Transfer (Computer Registers and Electronic Lodgement) Amendment Act 2002 (NZ).
243 See Landonline, Roadmap for 100% E-Lodgment <http://www.landonline.govt.nz/elodgement/elodgement-roadmap.asp> at 7 April 2008.
112
instruments. In Ontario, for example244, users access Teraview E-Reg to create the
relevant land title instrument. Certain fields of information, such as the owner’s
name and address, are automatically pre-populated into the document from the
POLARIS database. The user can then make the land title instrument available to
other participating users by granting them access. Finally, when all information is
entered into the instrument, and it has been digitally signed, it may be electronically
submitted for registration via Teraview. While the Teraview software is installed on
the user’s computer,245 the instruments created using Teraview do not reside on the
user’s machine, but on secure servers. Similarly, the New Zealand Landonline
system is a centralised system maintained by LINZ. Users log onto the Internet to
connect to Landonline. Once connected, land title instruments called e-dealings may
be created in an electronic workspace, which is a ‘cyberfile’ used to create and
manage e-dealings. As with Teraview, certain information is pre-populated into the
e-dealing. In the workspace, users can view and manage e-dealings created by
themselves, or by other users if they have been given access to them. The e-dealing
is electronically submitted to LINZ using Landonline. In the New Zealand system,
Landonline runs on the LINZ server,246 hence Landonline software does not need to
be installed on the user’s computer.
In contrast, the system in British Columbia, Canada, whilst fully operational, may be
categorised as a decentralised rather than a centralised system because the
relevant land title instruments are stored locally on users’ machines, rather than on a
central database.
The British Columbia Land Titles Office first identified the electronic submission of
land title documents in electronic format as a priority in 1997.247 In 1998 an
Electronic Filing Committee248 was formed, comprising representatives from the
244 For a description of how these systems operate, see Rouhshi Low, ‘Maintaining the Integrity of the
Torrens System in a Digital Eenvironment: A Comparative Overview of the Safeguards Used Within the Electronic Land Systems in Canada, New Zealand, United Kingdom and Singapore’ (2005) 11 Australian Property Law Journal 155.
245 The Teraview Reference Guide contains instructions on how to download the Teraview software: Teranet Inc, Teraview Reference Guide 5.3.3 (2007) <http://www.teraview.ca/resupgrades/ru_manuals.html> at 28 April 2008.
246 Land Information New Zealand, Landonline E-Dealing Teaching Guide (2008) 6 <http://www.landonline.govt.nz/edealing/training-resources/education-resources/index.asp> at 7 April 2008.
247 Land Title and Survey Authority of British Columbia – Land Title Division, Pacific Legal Technical Conference: Electronic Filing System <http://www.ltsa.ca/documents/presentations/PacificLegalTechnicalConf.pdf> at 7 April 2008.
248 Land Title and Survey Authority of British Columbia – Land Title Division, Electronic Filing System Committee <http://www.ltsa.ca/electronic-filing-system/electronic-filing-system-committee> at 7 April 2008.
113
Canadian Bar Association, the Law Society of British Columbia, the Society of
Notaries Public, the Continuing Legal Education Society, and the Land Title Branch
to assist in the development of an electronic filing system.249 In 2002, the Land Title
Division entered into a contract with MacDonald, Dettwiler and Associates for the
development of an electronic filing system (EFS).250 The EFS was successfully
implemented by the Land Titles Office in 2004, enabling lawyers, notaries and
surveyors to use the Internet to submit land title documents and land survey plans
for registration.251
The British Columbian system may be categorised as a decentralised system
because EFS form templates must be downloaded by users from BCOnline and
saved onto the user’s computer. Once saved, a user, such as the purchaser’s
lawyer, then fills in certain fields on the form. The form may be electronically
forwarded to other users, such as the vendor’s lawyer, who may also fill in relevant
fields on the form. Once there is agreement on the form and it is digitally signed, the
electronic form may then be electronically submitted for registration by any party
who has access to BC Online. Hence, unlike the Ontario and New Zealand systems,
electronic land title instruments are not created and stored on a central database.
Rather, they are downloaded and stored locally on the user’s computers and may be
electronically transferred, for instance via email, to other users. Users do not log on
to a central database to access the electronic land title forms.
From this jurisdictional overview it can be seen that currently the only operational
systems that are fully automated are the systems in New Zealand and Canada.
This chapter will examine and compare the salient features of these operational
automated registration systems, as well as the electronic registration systems
proposed for Australia, with the existing paper-based registration system, to identify
their common and differing features. This analysis will then be used to determine
what changes, if any, would be made to current conveyancing practices and
requirements were the registration process within the Australian Torrens system to
be automated. Questions about the implications of these changes for fraud
249 Land Title and Survey Authority of British Columbia - Land Title Division, Pacific Legal Technical
Conference: Electronic Filing System <http://www.ltsa.ca/documents/presentations/PacificLegalTechnicalConf.pdf> at 7 April 2008.
250 Ibid. 251 Land Title and Survey Authority of British Columbia, Electronic Filing System (EFS) <
http://www.ltsa.ca/electronic-filing-system/introduction > at 8 April 2008.
114
opportunities will also be raised in this chapter and will be the subject of further in-
depth analysis in Chapters 5 and 6.
Whilst the British Columbian system differs from the New Zealand and Ontario
systems in that it is decentralised, it may still be regarded as a fully operational and
automated system. Hence, it will be included in this comparative analysis.
4.3 Comparative analysis
As was seen in Chapter 3, the ways in which fraud may be perpetrated under the
paper system registration are related to the following conveyancing processes and
practices:
• processes related to execution and witnessing. The current practice that
instruments that create or transfer an interest must be executed by the
person creating or transferring the interest, and that the most usual method
of execution for individuals is the placing of a signature on the instrument,
means that fraud may be perpetrated by forging the signature of the person
entitled to create or transfer the interest. For companies, the usual method of
execution is to affix the company’s seal to the instrument, and the fact that
this affixing of the seal is witnessed by two directors, or by a director and
secretary, means that fraud may be perpetrated by affixing the seal without
the company’s authority and purporting to witness its affixing. Also, since it is
possible for an attorney to execute an instrument on behalf of the grantor of
the power of attorney, fraud may be perpetrated by falsifying that power of
attorney;
• processes related to access, preparation, lodgement and examination of
land title instruments. The current situation, that the system is open, with no
restrictions as to who may prepare and lodge land title forms, means that
fraud may be perpetrated, by fraudulently alteration of land title forms, by
anyone with access to forms that have been prepared and executed. It also
means that fraud may be perpetrated if a fraudulent person prepares the
necessary forms, or obtains them from someone else who has prepared
them, and misleads or induces the victim to execute them, and they are then
lodged for registration;
• use of the certificate of title. Finally, the use of the certificate of title,
indicating a right to deal with the land, means that fraud may be perpetrated
when the fraudulent person is able to produce the certificate of title and it is
115
assumed that he or she is the person named on the certificate of title and
therefore has a right to deal with the land.
Chapter 3 also found that, although there are safeguards against fraud in the paper
registration system that require:
• witnessing of executions;
• production of the paper certificate of title; and
• examination by the Land Titles Office of instruments lodged for registration,
these safeguards can be fraudulently circumvented.
The following analyses the changes that might be made to conveyancing practices
and requirements if the registration process were to be automated. How these
changes may impact on fraudulent practices will be flagged for further analysis in
Chapters 5 and 6. The analysis is divided into the following categories:
• access to the system;
• preparation, lodgement, examination and registration of instruments;
• execution and witnessing of instruments; and
• use of the paper certificate of title.
4.3.1 Access
4.3.1.1 Who has access
In the electronic land registration systems in New Zealand, Ontario and British
Columbia only those with an account or license for the system may use it to prepare
and lodge instruments.252 At the time of writing, it is envisaged that access to the
proposed NECS will be similarly restricted to users who have established their
252 In Ontario, it is also possible for individuals to do their own conveyancing. For example, a
homeowner who wants to discharge their mortgage could go the Land Registry Office with their paper discharge from the bank. These ‘onetime’ users do not have to obtain a license. They simply present the completed paper document and photo identification as well as completing an Identification and Authorization form for the staff member authorising the staff member at the Land Registry Office to transcribe the document into an electronic format for the person and to sign on behalf of the client. As well, the individual must select the applicable electronic statements for the document without the assistance of the staff member as staff members may not provide legal advice on the completion of documents: Thomas Cutler of the Ministry of Consumer and Business Services <[email protected]>, email (6 December 2006). Thus although it may still be possible for individuals to do their own conveyancing in Ontario, these individuals do not actually access the system; this is why the Ontario system is categorised in this research as being access restricted.
116
credentials with the NECS.253 And access to the proposed Victorian system will also
be restricted to authorised users, known as subscribers, of the system.254
4.3.1.2 How is access controlled
Whilst access is controlled in all systems, the way of achieving it differs from system
to system. In Ontario and New Zealand, access is controlled by the same
technology that is used to digitally sign documents – public key cryptography.255
Thus in Ontario the personal security package or PSP, consisting of a personal
security profile with an encrypted digital identity and pass phrase, is used not only to
access Teraview but also to digitally sign documents.256 In New Zealand, it is the
Digital Certificate, a unique electronic identifier, that is created and stored on the
individual user’s computer257 that is used to access Landonline and to digitally sign
documents. In contrast to this, British Columbia does not use public key
cryptography to control access, but only to digitally sign documents. In the British
Columbia system, users only need an account with BC Online258 to use the EFS
system and access is controlled via unique user identifications (usernames) and
passwords. At the time of writing, it appears that the proposed NECS and Victorian
EC Systems will follow the British Columbia pattern – so that user IDs and
passwords will be used to access the system. 259
4.3.1.3 What is the process for obtaining access
The processes for becoming an authorised user of the system also differ from
system to system. In Ontario, in order to use Teraview e-reg, the organisation
purchasing the Teraview software (called an account holder) must nominate eligible
253 National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic
Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [7.3]. 254 Department of Sustainability and Environment, Fact Sheets (2008)
<http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 8 April 2008 – Who Can Use the Electronic Conveyancing (EC) System? Also see Department of Sustainability and Environment, EC System Rules Release 2 (2007) 6 & 36 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008.
255 This technology is discussed further below in [4.3.3.1]. For the purposes of this research, these users who are authorised to use the system are termed ‘authorised users’.
256 See Teranet Inc, Personal Security Package <http://www.teraview.ca/ereg/ereg_PSP.html> at 20 April 2006.
257 Land Information New Zealand, Landonline Security <http://www.landonline.govt.nz/content/general/security.asp> at 17 January 2006.
258 BC OnLine provides access to a variety of provincial government computer systems over the Internet. The website is at https://www.bconline.gov.bc.ca.
259 See National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [7.4]; Department of Sustainability and Environment, Overview of the EC System (2007) 11 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008 and Department of Sustainability and Environment, EC System Rules Release 2 (2007) 29 & 37 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008.
117
individuals within the organisation who will need to use the Teraview software.260
The organisation must also arrange for licensing261 of each computer that will have
the Teraview software installed and must obtain a personal security license (PSL)262
for each user who will require access to Teraview, who must complete a personal
security licence application form,263 providing information such as their first and last
names and, if a lawyer, their Law Society of Upper Canada number. The applicant is
also required to appear in person before a ‘designated representative’ whose role is
to validate the applicant’s identity. Persons who may act as designated
representatives include lawyers, notaries, designated Land Registry Office (LRO)
representatives, designated Teranet representatives and financial institution signing
officers.264 For validating the applicant’s identity, two current pieces of identification
must be provided, one of them bearing a current photograph of the applicant.265 The
designated representative validating the applicant’s identity must enter the
information provided onto the application form and acknowledge that he/she has
reviewed and validated the two pieces of identification. The designated
representative also acts as witness to the applicant’s signature on the personal
security licence application form,266 so the applicant’s signature on the form is
witnessed by the same person who validated his or her identity. Upon receiving the
PSL application form, Teranet verifies each applicant’s identification before issuing
the applicant with a PSL; the applicant can then use the PORTAS website to
initialise his/her PSP.267
New Zealand has a similar process to Ontario, that a firm who wishes to use
Landonline must nominate the individuals needing access, as well as the number of
260 Teranet Inc, Purchase Teraview Software <http://www.teraview.ca/purchase/purchase.html> at 7
December 2006. 261 The licensing form, Form 100, is available at: Teranet Inc, Teraview Authorized Services
Application and Payment Form (Form 100) (2006) <http://www.teraview.ca/purchase/downloads/Form100.pdf> at 19 April 2006.
262 The form to complete to obtain the Personal Security Licence is: Teranet Inc, Teranet Authorized Group Services Form 200 (2006) <http://www.teraview.ca/purchase/downloads/Form200.pdf> at 19 April 2006.
263 Ibid see Form 300. 264 Teranet Inc, Securing Your Information <http://www.teraview.ca/ereg/security_brochure.html> at
20 April 2006. 265 See Teranet Inc, Teranet Authorized Group Services Form 200 (2006)
<http://www.teraview.ca/purchase/downloads/Form200.pdf> at 19 April 2006. The types of photographic identity accepted by Teranet include: valid Canadian driver’s licence, valid Canadian Firearms Acquisition Card, valid Canadian passport, and valid Canadian permanent resident card: Teranet Inc, Teranet Authorized Group Services Form 200 (2006) <http://www.teraview.ca/purchase/downloads/Form200.pdf> at 19 April 2006.
266 Ibid. 267 The process for initialising the PSP is discussed below in [4.3.1.4].
118
licences required by the firm.268 A licence covers as many people as the firm
nominates, and each licence only allows one connection at a time with
Landonline,269 so that firms which want several people to use Landonline services
concurrently will need to apply for as many licences as are required.270 Only users
from licensed firms are issued with the digital certificates needed to access
Landonline. To obtain a digital certificate, the applicant must provide a current proof
of identity271 in any of three forms, the options being a passport, a driver’s licence or
a firearms licence.272 The proof of identity form273 must be completed on paper,
certified274 and mailed to LINZ, who will verify identity before digital certificates can
be issued.275
In British Columbia, users need to obtain an account with BC Online in order to use
the EFS system.276 A firm only needs to have one BC Online account, even if
several individuals at the firm require access to BC Online, because each BC Online
account can have several user IDs associated with it, although it is recommended
that each individual using EFS should have their own user ID to access the
system.277 To obtain a BC Online account, the user has to complete an application
form from the BC Online website and fax or mail the completed form back to BC
Online for processing. For commercial and professional applicants, a business or
personal name, address, phone number, fax number and account contact name as
well as the full name, e-mail, phone number and fax for each BC Online user within
268 See Land Information New Zealand, How to Become a Landonline User: Signing Up Or Upgrading
(2005) <http://www.landonline.govt.nz/content/general/become_a_lol_user_apr_05.pdf> at 19 April 2006 and Land Information New Zealand, Sign-up: Introduction <http://www.landonline.govt.nz/content/signup/index.asp> at 19 April 2006.
269 Land Information New Zealand, Licenses <http://www.landonline.govt.nz/content/general/licenses.asp> at 19 April 2006.
270 Ibid. 271 See Land Information New Zealand, How to Sign-Up
<http://www.landonline.govt.nz/content/general/how-to-sign-up.asp> at 20 April 2006 and Land Information New Zealand, Sign-Up Checklist <http://www.landonline.govt.nz/content/signup/what-you-need.asp> at 21 April 2006.
272 Ibid. 273 The form is available at: Land Information New Zealand, Proof of Identity Form
<http://www.landonline.govt.nz/registereduser/newforms/registereduser/changeforms/poid.pdf> at 21 April 2006.
274 All named groups under the Oaths and Declarations Act 1957 (NZ) may act as proof of identity certifiers. These include Justices of the Peace, Solicitors and Commissioners for Oaths: Land Information New Zealand, Survey and Title Automation: Landonline Certificate Policy (2004) <http://www.landonline.govt.nz/content/signup/certificate_policy.pdf> at 10 January 2006.
275 See Land Information New Zealand, How to Sign-Up <http://www.landonline.govt.nz/content/general/how-to-sign-up.asp> at 20 April 2006.
276 Land Title and Survey Authority of British Columbia - Land Title Division, Getting Started Checklist <http://www.ltsa.ca/documents/ltd/Getting_Started_Apr05.pdf> at 19 April 2006.
277 Land Title and Survey Authority of British Columbia - Land Title Division, 'Land Titles Electronic Filing System (EFS) User’s Guide' (26 July 2006), 8.
119
that account must be provided.278 Unlike the systems in New Zealand and Ontario,
independent verification of identity is not required when applying for a BC Online
account. However, independent verification of identity is required for users who wish
to obtain a digital certificate for digital signing purposes. The process for obtaining
these is described below.
In terms of the proposed NECS, it appears that the proposed NECS will be
categorising its users into three broad categories279:
• subscribers: that is, corporations, partnerships, associations, government
agencies and natural persons, being employing or contracting industry
practitioners, and others meeting the minimum requirements for representing
clients280 in using the NECS to prepare and/or certify and sign instruments,
information reports and settlement statements. Subscribers are represented
by an authorised officer.281 The NECS Operations Description divides
‘subscribers’ into three sub-categories: representative subscribers, principal
subscribers and responsible subscribers.282
• users: that is, employees or contractors authorised by a subscriber to
prepare transaction workspaces under supervision. Only users who are also
Certifiers can certify and sign instruments and settlement statements;
• certifiers: that is, industry practitioners employed by or contracted to a
subscriber and authorised by that subscriber to certify and sign instruments,
settlement statements and information reports on behalf of the subscriber or
the subscriber’s clients. Certifiers are also users by default. The NECS
Operations Description divides ‘certifiers’ into further sub-categories –
industry certifiers, accredited certifiers and restricted certifiers.283
At the time of writing the application process for becoming a subscriber, user and
certifier of the proposed NECS is as follows284:
278 See BC Online, BC Online Application Form <https://www.bconline.gov.bc.ca/account.html> at 4
June 2007. 279 See National Electronic Conveyancing Office, 'Draft Operations Description for a National
Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [4.4]. 280 In the proposed NECS, the term ‘client’ means registered proprietors, vendors, purchasers,
caveators, mortgagees, mortgagors and others with interests in land or parties to a transaction in land: ibid [4.4].
281 ‘Authorised Officer’ is a natural person authorised by a corporation, partnership, association or government agency to represent it as a Subscriber: ibid [4.4].
282 Ibid [4.4]. 283 Ibid [4.4]. 284 Ibid [9.1.2.1] – [9.1.2.5].
120
Applying to become a subscriber requires the practitioner, or an officer of a business
entity authorised to make the application, to complete an online application form and
to sign it with his/her digital signature certificate285. Completing the application
requires the officer to provide certain information, including the identity of the legal
entity that will be the subscriber.
When these details have been reviewed and any necessary enquiries made to verify
particular aspects, the subscriber or authorised officer is informed by email of the
outcome of the application. Successful applicants are immediately added to the
NECS list of registered subscribers. If the applicant is a sole trader the applicant’s
name is also added to the NECS list of users under that subscriber, and if the
applicant is both a sole trader and a legal practitioner or licensed conveyancer, to
the NECS list of certifiers authorised by that subscriber.
Becoming a user of the NECS on behalf of a subscriber requires nomination by that
subscriber, or an officer authorised by the subscriber. Nomination requires the
subscriber to provide certain information, including the nominee’s full name, date of
birth and contact details.
Once nominated, either in conjunction with an application to become a subscriber or
subsequently, the user’s named is added to the list of nominated users for that
subscriber and the user is sent a user-id and first-time password by email.
A nominated user can be authorised, by a principal subscriber or an authorised
officer for the principal subscriber, as a restricted certifier able to certify and sign
documents on behalf of that principal subscriber only.
To become an industry certifier, the applicant must already by a subscriber or user,
and have a digital certificate. An online application form must be completed and
certified by the applicant as true and correct and signed his or her the digital
signature. Completing the application requires the applicant to provide certain
information, including full name, date of birth and contact details, legal practitioner or
licensed conveyancer status and latest practice certificate renewal details.
285 The manner in which the digital signature certificate may be obtained is discussed further below in
[4.3.3.1].
121
When these details have been reviewed and any necessary enquiries made to verify
particular aspects, the applicant is informed by email of the outcome of the
application. Successful applicants are immediately added to the NECS’ list of
industry certifiers but before being able to certify and sign any documents, the
Industry certifier must be specifically authorised to do so by a subscriber or
authorised officer.
To become an accredited certifier for a particular jurisdiction, the applicant must
already be a certifier registered with NECS. The applicant must complete an online
application form and certify the application as true and correct and sign it with the
digital signature. Completing the application requires certain information, including
the applicant’s full name, address and contact details, legal practitioner or licensed
conveyancer status, and the jurisdiction(s) for which accreditation is being sought.
The completed, certified and signed application is forwarded by the NECS to the
relevant jurisdictions and when the details have been reviewed and any necessary
enquiries made to verify particular aspects, the applicant is informed by email of the
outcome of the application. Successful applicants are immediately added to the
NECS lists of accredited certifiers for the relevant jurisdictions.
The proposed Victorian EC system, as stated above, can be accessed only by
subscribers. To become a subscriber, the applicant must satisfy certain eligibility
requirements determined by the Registrar. At the time of writing, these are specified
in the Electronic Conveyancing Registrar’s Requirements and include, for example,
possession of adequate levels of insurance.286 In terms of the application process, at
the time of writing, it is envisaged that the application process287 will require the
applicant to submit an application form, which must be signed in front of an LX
(Land Exchange) Identifying Authority Officer. All signatories will be subject to a
100-point identification check by the LX Identifying Authority Officer before he or she
signs the form. A secret word is added to the form by the applicant in the presence
of the LX Officer. The form is then submitted to the Registrar of Titles for
consideration. Once the Registrar approves the application, notice will be given to 286 See Department of Sustainability and Environment, Electronic Conveyancing – Registrar’s
Requirements Release 2 (2007) 3 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008.
287 Department of Sustainability and Environment, Fact Sheets (2008) <http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 8 April 2008 (How to Subscribe to the EC System) and Department of Sustainability and Environment, Overview of the EC System (2007) 4 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008.
122
the applicant by the LX Administrator. A link will be provided for the applicant to
create his or her online subscriber account.
The person creating the online Subscriber account, known as the Subscriber
Administrator, administers the system on behalf of the Subscriber. The Subscriber
Administrator can also create and edit other users.
4.3.1.4 Generation & transmission of the authentica tion mechanism used to
control access
Finally, the manner in which the mechanism used for controlling access, the digital
certificate, PSP, or userID as the case may be, is transmitted to the user also varies
from system to system. For example, in the Ontario system, after the application
process to Teranet, successful applicants initialise their security profile and pass
phrase with a tool created by Teranet called the Portas Administration Self-Service
(PASS).288 The applicant must register with PASS by answering two questions,
whose answers were provided by the applicant during PSL application.289 After this
step, PASS requires the applicant to answer two other questions as well as creating
two further questions that must be different to the previous questions asked. To
initialise the security profile, the applicant is forwarded to a window where he or she
has to answer three personal security questions, drawn from the questions asked
earlier and from those just created by the applicant. In initialising the security profile,
the applicant is also asked to set a pass phrase and re-enter it for verification. It is
only then that the security profile may be downloaded by the applicant and saved
onto a removal storage device.290
In the New Zealand system, to load the digital certificate, the user requires two
codes – the authorisation code and a reference number. The authorisation code is
emailed to the user by the digital certificate support team and the reference number
288 Teranet Inc, PASS (PortasTM Administrative Self-Service): Automated Security Key Activation
Recovery Service <http://www.teraview.ca/mediaCentre/portasPass.html> at 20 April 2006. 289 Examples include providing the first four characters of the applicant’s Canadian drivers licence. 290 See PORTAS, Portas Administration Self Service (PASS) Guide
<https://www.portaspass.ca/pdfHelp/help.pdf> at 20 April 2006.
123
is emailed to the firm’s trusted contact. 291 With both these codes, the user is then
able to use a tool called the DC loader wizard, which is available from the
Landonline website, to download the digital certificate to the user’s web browser.292
The authorisation code and reference number are ‘one use only' codes so that if for
whatever reason the digital certificate loading process is interrupted or stopped, the
process cannot be re-started. The digital certificate support team must then issue
new codes.293
In British Columbia, the BC OnLine account IDs are sent via e-mail to the applicant
and are not encrypted. The e-mail also includes a default password, which the
client may change to one of their own choice by using BC Online.294
For the proposed NECS, it appears that registered users will be issued by email with
a user-id and first-time password. It is however unclear what level of security, if any,
protects this email.295 In the proposed Victorian EC system, as noted above, a
secret word must be added to the form in the presence of the LX Officer, so that LX
may identify the Subscriber Administrator when supplying the password for
accessing the EC System.296
4.3.1.5 System features: common and differing featu res
It can be seen that, in all the electronic registration systems discussed, access to
and use of the system will be controlled. This differs from the paper registration
system where anyone can prepare and lodge land title dealings. However, this
discussion also shows that within an electronic registration system, the manner in
291 See Land Information New Zealand, Loading Your Digital Certificate
<http://www.landonline.govt.nz/content/registeredusers/digital-certificates-loading.asp> at 22 January 2006. If the user is a single-person firm or the user is the firm's trusted contact, then the user must contact the Digital Certificate Support team for the reference code. The trusted contact is the person in the firm who will receive part of the digital certificate code for each individual user of the firm and who will be the person LINZ will contact if questions about identity arise: Land Information New Zealand, How to Sign-Up <http://www.landonline.govt.nz/content/general/how-to-sign-up.asp> at 20 April 2006 and Land Information New Zealand, Survey and Title Automation: Landonline Certificate Policy (2004) <http://www.landonline.govt.nz/content/signup/certificate_policy.pdf> at 10 January 2006.
292 Land Information New Zealand, Loading Your Digital Certificate <http://www.landonline.govt.nz/content/registeredusers/digital-certificates-loading.asp> at 22 January 2006.
293 Ibid. 294 Darcy Hammett, Director Strategic Operations, Land Title and Survey Authority of British Columbia
<[email protected]>, email (19 March 2007). 295 National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic
Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.1.2.2]. 296 Department of Sustainability and Environment, Fact Sheets (2008)
<http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 8 April 2008 (How to Subscribe to the EC System).
124
which access may be controlled, the processes by which applicants may apply to be
authorised users and the manner in which the mechanism used to control access is
transmitted to the user, may differ between systems.
4.3.1.6 What will these changes mean for fraud oppo rtunities?
How will these changes in access affect the ways by which fraudulent persons may
perpetrate fraud?
Will fraud by fraudulent misrepresentation or inducement be restricted to those who
have access to the system and are able to prepare and lodge instruments? If so, will
this reduction in opportunity to perpetrate this type of fraud see a shift to other types
of fraud where there is a greater opportunity?
Will fraud by fraudulent alterations be restricted to those who have access to the
system and hence to documents prepared on the system? Will this mean that the
opportunity to perpetrate this type of fraud in an electronic registration system will be
less than in the paper registration system, or might there be other ways to
fraudulently access the system so as to perpetrate fraud, such as by hacking into
the system, or targeting users who have access, or circumventing the application
process for gaining access? How may users be targeted for the purpose of gaining
access to the system? What is the impact of this change upon the likely perpetrators
of the fraud? In the paper registration system it was postulated, in Chapter 3, that
frauds by alteration are mainly opportunistic and may be perpetrated by those, both
known and unknown to the victim of the fraud, such as a solicitor, a law clerk or an
employee of the Land Titles Office. Will this also be the case in the electronic
registration system? Further, as there are various methods of controlling access and
various ways by which applicants may apply for access, which access control
mechanism is likely to provide a better security against fraudulent access to an
electronic registration system and which application process might be more robust
against fraud? If this type of fraud is capable of being perpetrated in an electronic
registration system, what factors might facilitate its perpetration?
These issues will be examined in greater detail in Chapter 5.
125
4.3.2 Preparation, lodgement, examination and regis tration of land title
instruments
4.3.2.1 Preparation and lodgement
In all three systems currently operating, land title instruments are prepared and
lodged electronically. For example, in Ontario, conveyancing documents are
prepared directly on an office computer using a series of prompts built into the
Teraview e-reg system.297 Certain fields of information such as the municipal
address, the current owner’s name and the legal description of the property are
automatically pre-populated into the document from the POLARIS database. Once
completed, the electronic instrument may be lodged electronically via the system for
registration. Similarly, in the New Zealand system, the electronic dealing, called an
e-dealing, is created electronically using electronic templates in a shared electronic
workspace maintained by LINZ,298 as the first screen a user sees after logging on to
Landonline. As noted above, the workspace is used to create and manage e-
dealings. It is maintained by LINZ.299 Within it, users can view and manage
Landonline dealings created by themselves or by other users. The workspace is
also where details such as current owner’s name, are entered automatically onto the
electronic template from the titles register. Once an e-dealing is completed, it may
be lodged electronically via the system to LINZ. At the time of writing, it is envisaged
that the proposed NECS and Victorian EC system will be similar to the New Zealand
system in that electronic instruments will be created in electronic workspaces and
lodged electronically via the system.300
297 Law Society of Upper Canada, Electronic Registration: Making It Work For You - Procedures and
Practice Standards For Electronic Real Estate Conveyance (2000) <http://mrc.lsuc.on.ca/jsp/eReg/index.jsp> at 5 June 2007 and Kate Murray, 'Modernization of Land Registration Records' (Ministry of Consumer and Business Services, 2003)
298 New Zealand Law Society, EDealing Guidelines (for Electronic Registration) (2007) <http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008 - there are three categories of e-dealings: automatically registrable e-dealings, lodged e-dealings and scanned or attached electronic file to a lodged e-dealing. Also see Robbie Muir, ‘Electronic Registration: The Legislative Scheme and Implications for the Torrens System in New Zealand’ in David Grinlinton (ed), Torrens in the Twenty-first Century (2003) 311.
299 Land Information New Zealand, Landonline E-Dealing Handbook for Students (2008) <http://www.landonline.govt.nz/edealing/training-resources/education-resources/index.asp> at 8 April 2008.
300 In the Victorian system, the electronic workspace is called an Electronic Lodgement File (ELF). It is generated by the EC System. The ELF is a shared electronic workspace for each separate electronic transaction that is completed by participating Subscribers. See Department of Sustainability and Environment, EC System Rules Release 2 (2007) 31 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008 and Department of Sustainability and Environment, Overview of the EC System (2007) 4 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008. For NECS, see National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.25] – [9.26].
126
In the British Columbia system, while instruments are prepared and lodged
electronically, the system does not use the concept of a shared workspace. Instead,
the client’s lawyer or notary must download the required forms from BC OnLine.
The forms are in Adobe Acrobat (.pdf) format. The downloaded forms must be
saved onto the lawyer’s computer system. The lawyer can then fill in the pre-
determined fields on the form.301
4.3.2.2 Examination
In terms of examination of instruments that have been lodged at the Land Titles
Office, it appears that in both Canadian systems, manual intervention, by Land Titles
Office staff examining the electronic document lodged for registration, is still
required.302 In the New Zealand system, it appears that whether or not LINZ will
intervene to manually process e-dealings lodged for registration will depend on the
category of e-dealing. An automatically registrable e-dealing (AUTO REG) that is
electronically lodged in Landonline is automatically registered on submission without
manual intervention from LINZ.303 In contrast, a lodged e-dealing (LODGE WITH
TEMPLATE) is electronically lodged in Landonline but manually processed by LINZ
before being registered in Landonline. Similarly a scanned or attached electronic file
to a lodged e-dealing (LODGE WITH IMAGE) is also manually processed by LINZ
before being registered in Landonline.304 However, the Landonline system will run
automatic checks on submitted e-dealings to ensure that legal requirements for
registration are complied with. It is only after running these checks that Landonline
updates the land titles register.305
301 See Land Title and Survey Authority of British Columbia - Land Title Division, Pacific Legal
Technical Conference: Electronic Filing System <http://www.ltsa.ca/documents/presentations/PacificLegalTechnicalConf.pdf> at 7 April 2008, 4.1.03.
302 Rouhshi Low, 'Maintaining the Integrity of the Torrens System in a Digital Environment: A Comparative Overview of the Safeguards Used Within the Electronic Land Systems in Canada, New Zealand, United Kingdom and Singapore' (2005) 11(2) Australian Property Law Journal 155, 176.
303 In this sense it could be said that the New Zealand system is currently the only truly fully automated system as it allows for the creation, preparation, lodgement as well as registration of land title instruments in a wholly electronic environment. The Canadian systems as well as the proposed NECS and Victorian system, whilst allowing for the paperless creation and lodgement of land title instruments, still require manual intervention in the form of staff at the Land Titles Office examining and updating the register. It was noted in [3.3.2.1.3] that this examination process by staff at the Land Titles Office could be said to act as a safeguard against fraud, particularly in preventing fraudulent alterations. The impact of removing this safeguard on fraud in an electronic registration system will be examined in greater detail in Chapters 5 and 7.
304 New Zealand Law Society, EDealing Guidelines (for Electronic Registration) (2007) <http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008.
305 Land Information New Zealand, Landonline E-Dealing Handbook for Students (2008) <http://www.landonline.govt.nz/edealing/training-resources/education-resources/index.asp> at 8 April 2008.
127
In the proposed NECS, it is envisaged that when instruments are lodged with the
relevant Land Registry, they will be:
• transmitted in hashed form
• accompanied by the workspace’s data
• conveyed in a standard data transfer format known as the National
Electronic Conveyancing Data Standard (NECDS).
When received by the Land Registry, the workspace data will be used to re-create
the instrument using the Land Registry’s required template. The re-created
instrument is hashed and the instrument hash is compared with the hash of the
received instrument.
If the received instrument hash does not exactly match the re-created instrument
hash, the instrument is rejected and not accepted for lodgement. According to the
NECS Operations Description, ‘this pre-lodgement check ensures that neither the
instruments nor the workspace data have been tampered with since the instrument
was signed’.306 Whilst the proposed NECS envisages using automated checks run
by the system, it is unclear whether manual examination of instruments lodged for
registration will also be continued, in addition to the automated checks run by the
system.
At the time of writing it is unclear whether the EC system will run automated checks
and if so, what type of checks will be conducted.
4.3.2.3 Registration – updating the register
Finally, in terms of updating the register (registration), the systems in both British
Columbia and Ontario are limited to the electronic submission of documents and do
306 See National Electronic Conveyancing Office, 'Draft Operations Description for a National
Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.3.5] & [9.3.6]. The Draft Operations Description at [9.3.5.2] describes the hashing mechanism. It is noted that processes for checking and confirming the digital signature of the certifier who digitally signed the instrument that is lodged for registration occurs when the digital signature is applied by the certifier. According to the NECS Operations Description, once the certifier has applied his/her digital signature certificate, the signing process proceeds without further involvement by the certifier and the certifier’s accreditation status is checked and confirmed, the digital signature certificate name is matched to the user-id of the Certifier, the digital signature certificate is checked with its issuing Certification Authority and confirmed as current and unrevoked, the Certifier’s accreditation confirmation and the digital signature certificate confirmation is stored in the workspace, the instrument is signed and hashed ready for lodgement, a read-only version of the instrument is made available in the workspace for viewing or download, the instrument status is updated in the workspace and all data items in the workspace used in preparing the instrument are locked in read-only mode: National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.3.3].
128
not make provision for electronic registration nor the making of any entry in the
register by a user external to the land title system. Manual intervention by staff of the
Land Titles Office in processing the electronic document is still required.307 This is in
contrast to the system in New Zealand where it is possible, depending on the
category of e-dealing, that upon lodgement of the electronic dealing, it is registered
immediately and the titles register automatically updated without manual intervention
by LINZ.308 For the proposed NECS and the Victorian EC system, at the time of
writing, it is envisaged that the systems will be similar to Ontario and British
Columbia in that there will be no automatic registration of documents but that staff at
the Land Titles Office will make an entry into the register to update it.309
4.3.2.4 System features: common and differing featu res
This discussion shows that in all the electronic registration systems examined, land
title instruments are prepared and lodged electronically with the Land Titles Office.
This differs from the paper registration system where land title forms are prepared in
paper format and lodged manually with the Land Titles Office. The register in these
electronic registration systems is also in electronic format. All these electronic
registration systems are able to run automated checks on land title instruments
lodged for registration. In some of them, such as those in British Columbia and
Ontario, the Land Titles Offices continue manually examining lodged instruments.
However, as in the New Zealand system, it is possible that the Land Titles Office will
be able to do away with this manual examination altogether.
Finally, in some of the electronic registration systems examined, manual updating of
the register will continue. However, the New Zealand system demonstrates that
automatic registration without any manual intervention is also possible.
307 According to Thomas Cutler of the Ministry of Consumer and Business Services: ‘the register is
automatically updated for most instruments when they are registered. However, Land Registry staff must certify the document before it is officially "registered". If the document is a transfer or other change of ownership document, the ownership field of the register must be updated by Land Registry staff’: Thomas Cutler of the Ministry of Consumer and Business Services <[email protected]>, email (25 August 2004). Also see Rouhshi Low, 'Maintaining the Integrity of the Torrens System in a Digital Environment: A Comparative Overview of the Safeguards Used Within the Electronic Land Systems in Canada, New Zealand, United Kingdom and Singapore' (2005) 11(2) Australian Property Law Journal 155, 177.
308 New Zealand Law Society, EDealing Guidelines (for Electronic Registration) (2007) <http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008.
309 For NECS, see: National Electronic Conveyancing System, How NECS Will Work (2005) <http://www.necs.gov.au/default.aspx?ArticleID=50#WHAT%20NECS%20DOES%20NOT%20COVER> at 5 June 2007. For the Victorian EC System, see Department of Sustainability and Environment, Fact Sheets (2008) <http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 8 April 2008 (Online lodgement using EC).
129
4.3.2.5 What will these changes mean for fraud oppo rtunities?
How will these changes affect the ways fraud may be perpetrated in an electronic
registration system? Will the electronic preparation of instruments make it easier to
perpetrate fraud by alteration? As postulated in Chapter 3, whilst it is possible that
fraud may be perpetrated by fraudulently altering documents that have been
executed by the victim, the physical notation of information onto a paper document
may make it more difficult to perpetrate this type of fraud because any alteration will
be visible to land title officers during the examination process. However if
documents are prepared electronically in an electronic workspace, will this make
fraud easier, since, unlike a physical alteration, an electronic alteration will not leave
any physical evidence of the alteration?
What features of an electronic registration system may act as safeguards against
fraudulent alterations. For example, will automated checks run by the system
provide the same or a better level of security than manual examinations? Should
manual examinations be continued? Is it more secure to require a manual update of
the electronic register than to allow automatic registration of instruments?
These issues will be examined in detail in Chapters 5 and 7.
4.3.3 Execution and witnessing of land title instru ments
In the systems in New Zealand and Ontario, clients310 no longer physically sign land
title instruments for lodgement and registration. Rather it is the authorised user with
signing privileges311 who will sign the relevant instruments electronically lodged for
registration. This signature by the authorised user with signing privileges is a digital
signature and is not witnessed.
In order to authorise the user to digitally sign the electronic instrument, all three
systems require evidence of client authorisation. The handwritten signature of the
client on the authorisation form must be witnessed, also with a handwritten
signature.
310 The term ‘client’ will be used in this research to denote those who wish to deal with property. It
would include registered proprietors, purchasers, mortgagees, mortgagors and any other person with an interest in land or a party to a transaction in land. It would also include attorneys acting on behalf of the donor of the power of attorney.
311 The term ‘signing privileges’ refer to authorised users who are able to digitally sign instruments. This is discussed further below in [4.3.3.2].
130
In British Columbia, unlike Ontario and New Zealand, there is no separate
authorisation form. Rather, clients sign a printed copy of the electronic land title
instrument. In the British Columbia system, only the transferring party has to
execute the printed copy. In contrast, in the New Zealand and Ontario systems,
when the transaction involves multiple parties, all parties must sign an authorisation
form. The printed copy signed by the client in the British Columbian system is not
lodged with the Land Titles Office. It is evidence of the signing party’s intention to be
bound and is an instruction to his or her lawyer or notary to authorise submission for
registration. This is discussed further below in [4.3.3.3].312
In this respect, an electronic registration system will differ from the paper registration
system by:
• replacing the handwritten signature with an electronic signature;
• the client no longer signing land title instruments to be lodged for registration
but the authorised user with signing privileges digitally signing the electronic
instrument for lodgement. The signature of the authorised user is a digital
signature, and is not witnessed; and
• the client having to authorise the relevant authorised user to digitally sign the
land title instrument for lodgement and registration by signing a type of
authorisation form,313 with this signature witnessed; both of these signatures
are handwritten.
How will these changes affect the ways fraud may be perpetrated in an electronic
registration system? In particular:
1. will requiring authorised users with signing privileges to digitally sign land title
instruments for registration present a new opportunity for fraud by forging the
authorised user’s digital signature?
a) is it possible to ‘forge’ a digital signature?
b) if so, how?
312 Also refer to Rouhshi Low, ‘Maintaining the Integrity of the Torrens system in a Digital
Environment: A Comparative Overview of the Safeguards Used Within the Electronic Land Systems in Canada, New Zealand, United Kingdom and Singapore’ (2005) 11 Australian Property Law Journal 155.
313 For the purposes of this research, the use of the term ‘authorisation form’ would encompass the process in British Columbia where the client signs the printed copy of the land title instrument – that the signing of the printed copy is an authorisation. It is accepted that this is not a separate authorisation form, unlike the forms used in the New Zealand or Ontario system.
131
The answer to these questions requires an examination of the type of technology
used to replace the handwritten signature, and this is provided later in this chapter.
2. will all users be able to digitally sign land title instruments or will only certain
users be given signing privileges? Would solicitors be authorized to digitally
sign instruments, so that it could be said that they have a greater opportunity
for fraud?
3. if clients no longer sign land title instruments for registration, will this see an
end to fraud by forgery, or might fraudulent persons continue to perpetrate
fraud by forging the signature of the client on the authorisation form?
4. will fraud by forgery of the power of attorney continue in the same way under
an electronic registration system?
These last two issues require an examination of the various processes for executing
authorisation forms and witnessing requirements, and this is provided later in this
chapter.
4.3.3.1 Technology used to replace handwritten sign atures
In the electronic land registration systems in New Zealand, British Columbia and
Ontario, public key cryptography administered via a public key infrastructure (PKI)
system is the technology used for digitally signing electronic instruments.314 At the
time of writing, it appears that both the proposed NECS and Victorian EC system will
be using public key cryptography in this way.
Generally speaking the technology behind this is a form of encryption technique
using two sets of mathematically related keys – the public key and the private key.
The following outlines the steps required to digitally sign a message315:
• a mathematical process called a hashing algorithm is used to create a
unique summary of the message; it is highly improbable that two different
messages will produce the same message summary. The message
summary is usually referred to as a hash value or a message digest. The
hashing mechanism is not reversible and the same message summary is
produced every time the algorithm is used on the same text;
314 See Rouhshi Low, 'Maintaining the Integrity of the Torrens System in a Digital Environment: A
Comparative Overview of the Safeguards Used Within the Electronic Land Systems in Canada, New Zealand, United Kingdom and Singapore' (2005) 11(2) Australian Property Law Journal 155.
315 The following steps were taken from Sharon Christensen, William Duncan and Rouhshi Low, 'Moving Queensland Property Transactions to the Digital Age: Can Writing and Signature Requirements Be Fulfilled Electronically?' (Centre for Commercial and Property Law Queensland University of Technology, 2002), 51-52.
132
• the sender then encodes the message summary with his or her private key;
• the recipient is sent the coded summary together with the plain text of the
message;
• on receiving the message, the recipient first creates a new summary of the
plain text message using the same mathematical process (the hashing
algorithm) that was used in the first stage by the sender;
• the recipient then uses the sender’s public key to decode the coded
message summary. The two summaries will be compared. If they are the
same, the recipient can say that:
o the document sent by the sender has not been altered; and
o the document was digitally signed using the private key that
corresponds to the public key that was used to decode the message.
However it should be noted that this only proves which private key
was used. It does not prove the identity of the sender. As noted by
McCullagh: ‘[T]he identity of the sender is based upon the
presumption that the signer is the only person who has access to the
private key’.316
Thus in public key cryptography the integrity of the private key is vital:
Provided the sender is the only person who has access to the private key then it
must have been the sender who encrypted the associated summary (message
digest). This is because the public key used by the receiver to decrypt the digital
signature could only correctly decrypt a digital signature that had been encrypted
using the private key associated with the key pair. The main assumption here is that
the sender has not compromised the private key.317
PKI systems are used to manage the distribution and verification of private/public
keys and usually the services of a trusted third party are used to perform this
function. The trusted third party is generally called a certification authority (CA). Its
main function is to verify the relationship between the identity of the sender and the
316 Adrian McCullagh, William Caelli and Peter Little, 'Signature Stripping: A Digital Dilemma' (2001) 1
Journal of Information, Law and Technology , [4.2]. 317 Ibid [4.2].
133
public key of the sender through the issuance of certificates.318 The certificate issued
by the trusted third party certifies that the public key is indeed the valid public key for
that sender. Thus in the steps describing the method to digitally sign a message, if a
PKI is used, the recipient would not only receive the coded summary together with
the plain text of the message, the recipient would also receive a certificate from the
CA. The certificate contains the sender’s public key. It also contains the digital
signature of the CA, that is, the CA uses its private key to digitally sign the
certificate. Thus when the recipient receives the coded summary and the certificate,
the recipient can use the CA’s public key to verify the CA’s signature on the
certificate. If that is successful, the recipient can have confidence that the sender’s
public key is what it purports to be, that is, the sender’s public key actually did come
from the sender. This is because of the recipient’s trust in the CA’s certificate. The
recipient can then use the sender’s public key in the certificate to decrypt the
message.
While all three operational systems, and likely the two proposed systems, use public
key cryptography administered via PKI infrastructure, the way they implement this
differs. An in-depth description and analysis of the exact technology used in each
system is beyond the scope of this study. What is provided here is a general
description of the technology used, particularly the way that the system might
operate, and an analysis of how this might impact upon fraud.
As for the operational systems, Teranet in Ontario acts as both the registration and
certification authority,319 LINZ in New Zealand acts as the registration authority and
a third party vendor called beTRUSTed acts as the certification authority320 and in
British Columbia, Juricert has the duty of verifying the identity and professional
status of applicants. In the proposed NECS and Victorian EC system, it will be the
318 It is possible for one entity to be involved in both the issuing of the certificates and the identification
process. In some PKI systems, this role is divided between two different entities, with the CA issuing the certificates and another entity called the registration authority (RA) carrying out the identification process.
319 Teranet developed its own Certification Authority for the Teraview software in 1998: Teranet, Securing Your Information <http://www.teraview.ca/ereg/security_brochure.html> at 5 June 2007.
320 Land Information New Zealand, Survey and Title Automation: Landonline Certificate Policy (2004) <http://www.landonline.govt.nz/content/signup/certificate_policy.pdf> at 10 January 2006.
134
Gatekeeper accredited entity, issuing Gatekeeper-compliant digital certificates,
which will act as the certification authority.321
Different terminology is used by each system to refer to the digital signature
process. In Ontario, the ‘personal security package’ or PSP, consisting of a personal
security profile and a pass phrase, is the mechanism used to digitally sign
documents. In New Zealand, it is the ‘Digital Certificate’ that is used to digitally sign
instruments and in British Columbia, it is the ‘Juricert authenticated digital
certificate’. In both the proposed NECS and the Victorian EC system, it appears that
a Gatekeeper-compliant public key digital certificate will be used. Specifically in both
proposed systems, it is envisaged that a Grade 2 Gatekeeper-compliant Digital
Signing Certificate (DSC), in particular the Australian Business Number-Digital
Signature Certificates (ABN-DSCs), will be used.322 For the purposes of this
research, the term ‘digital certificate’ will be used for the instrument used to digitally
sign documents in New Zealand, British Columbia, NECS and Victorian EC, while
the term ‘PSP’ will be used for the Ontario system.
Since the digital certificate or PSP is used to digitally sign documents, if the
fraudulent person is able to use a user’s digital certificate or PSP, then the digital
signature attached to the instrument will appear to be that of the digital signature of
the user, while in reality, it is the fraudulent person who is using it. Thus it could be
said that unlawfully using the user’s digital certificate or PSP to digitally sign
documents is analogous to forging the user’s signature. The difference is that in the
paper system, given a sample handwritten signature, anyone can make an attempt
at forging that signature (but handwriting analysis may be used to help detect the
forgery). In contrast, in the digital environment, a person will not be able to use
someone else’s digital certificate/PSP to digitally sign a document unless he or she
has access to it and can activate it appropriately. However, once the fraudulent
party is able to do so, he or she could use the digital certificate/PSP to digitally sign
321 For the Victorian EC system, see Department of Sustainability and Environment, Fact Sheets
(2008) <http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 8 April 2008 (Signing Electronic Documents in EC) and Department of Sustainability and Environment, EC System Rules Release 2 (2007) 24 & 31 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008. For NECS, see National Electronic Conveyancing Office, 'Draft National Business Model for the establishment of a National Electronic Conveyancing System V.10' (National Electronic Conveyancing Office, 2007), [11].
322 National Electronic Conveyancing Office, 'Draft National Business Model for the establishment of a National Electronic Conveyancing System V.10' (National Electronic Conveyancing Office, 2007), [11] and see Department of Sustainability and Environment, Fact Sheets (2008) <http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 8 April 2008 (Signing Electronic Documents in EC).
135
documents without it being possible to detect that the person using it is someone
other than its legitimate owner. Unlike the traditional handwritten signature, there is
nothing biometrically linking the digital signature to its legitimate owner.323
The manner in which the digital certificate/PSP is generated, issued to the user, and
kept by the user has a vital influence on the use of a user’s digital certificate/PSP for
fraudulently signing digital instruments, since various means of key generation,
issue and storage provide different levels of security. Also critical is whether the
digital certificate/PSP incorporates security mechanisms that seek to prevent
unlawful usage. For example, the digital certificate may be password protected, so
that only a person with the correct password could activate the digital certificate for
use. However, if passwords are used, then the type of password will be critical to the
level of security provided by that mechanism. Thus whether or not a user’s digital
certificate can be used to perpetrate fraud will depend on these issues, which will be
examined in greater detail in Chapter 6.
In addition to this, the process that users have to go through to obtain the digital
certificate/PSP may also open up further opportunities for fraud. As noted earlier,
each system utilises an entity to perform identity checks before issuing users with a
digital certificate/PSP.
In British Columbia, lawyers or notaries who wish to digitally sign instruments must
apply to Juricert324 to obtain a digital certificate. Juricert’s task, as noted above, is to
323 Articles discussing the potential for digital signatures to be forged include: Jane Winn, 'The
Emperor's New Clothes: The Shocking Truth About Digital Signatures and Internet Commerce' (2001) 37 Idaho Law Review 353, 366 noting the ‘problems raised by trying to tie an identity described in a digital signature certificate with the intention of the identified party to be bound to the contents of an electronic record. These include whether the correct person has accessed the private key associated with the digital signature being used’; Peter Moon, 'Everything You Always Wanted to Know About Digital Signatures' (1999) Law Society Journal 57, 58: ‘Can a digital signature be forged? To sign your digital signature on a document without authority, a person needs two things: the secret computer file that generates your signature and knowledge of the secret password that prevents unauthorised use of that secret file if it does escape. Without both of those things, your digital signature is unforgeable’; Ian Yates, 'Authenticating Yourself in the Virtual World: Digital Signatures' (2004) 42(7) Law Society Journal 20, 20: ‘The (critical) assumption is that the owner of the private key really does keep it totally secure’; John Halvey, 'Hazards on the Information Superhighway: The Virtual Marketplace' (1996) 45 Emory Law Journal 959, 978: ‘As with paper signatures, digital signatures can be forged. For digital signatures, forgery differs from traditional forgery in a very important way. The only way a digital signature can be forged is if the holder of the private digital signature key loses control of it’ and M.H.M Schellekens, Electronic Signatures: Authentication Technology from a Legal Perspective (2004), 106.
324 Land Title and Survey Authority of British Columbia - Land Title Division, 'Land Titles Electronic Filing System (EFS) User’s Guide' (26 July 2006), 31. The Juricert website is at http://www.juricert.com/index.cfm. It is possible to use an approved digital signature issued by another service but it would still have to be authenticated through Juricert's registration process. So far Juricert is the only approved certification authority: Darcy Hammett, Director of Strategic Operations, Land Title and Survey Authority of British Columbia <[email protected]>, email (4 May 2006).
136
validate the identity and professional credentials of these applicants. In applying to
Juricert for a digital certificate, applicants must select a registration category (such
as British Columbia lawyer or notary), agree to the Juricert terms and conditions and
provide certain identification information. For example, applicants who are members
of the Law Society of British Columbia must provide their last names and their Law
Society membership number.325 The applicant must also print the application form
and the form must be witnessed by another practising lawyer or notary in good
standing with the Canadian Law Society or Notarial Society. The witnessing lawyer
or notary certifies that the applicant appeared in person and that he or she is
personally known to the witness or has produced two pieces of government issued
identification, one of which was picture identification. The application form is then
faxed to Juricert, which reviews the application and, if it is approved, sends the
applicant an e-mail containing an ID and instructions for downloading the digital
certificate.326
In the New Zealand and Ontario systems, since the digital certificate and PSP is
used both to digitally sign instruments and to access the system, the process for
obtaining the digital certificate/PSP is as described above in [4.3.1.3]; in New
Zealand, the application is made to LINZ and in Ontario, the application is made to
Teranet.
As for the proposed NECS and Victorian EC, as noted above, it appears that a
Gatekeeper-compliant Grade 2 Digital Signing Certificate (DSC), in particular the
ABN-DSC, will be used for digital signatures. The application process for obtaining a
DSC will depend on the entity issuing the DSC. Generally speaking, Grade 2 DSCs
require a 100-point identity verification check. However Grade 2 DSCs can be either
Type 1 (for individuals) or Type 2 (for businesses).327 For Type 1 Grade 2 DSCs, the
individual is the only person identified in the certificate and therefore assumes sole
responsibility for any and all transactions undertaken using the digital certificate.328
Each applicant for an individual digital certificate must complete a personal
325 Land Title and Survey Authority of British Columbia - Land Title Division, 'Land Titles Electronic
Filing System (EFS) User’s Guide' (26 July 2006), 15 & 16 and see the Juricert website https://www.juricert.com/registration/index.cfm.
326 Land Title and Survey Authority of British Columbia - Land Title Division, 'Land Titles Electronic Filing System (EFS) User’s Guide' (26 July 2006), 17-22.
327 See Verisign, Gatekeeper Digital Certificates Overview <http://www.verisign.com.au/gatekeeper/overview.shtml> at 5 June 2007.
328 See Verisign, Individual (Type 1) Digital Certificate <http://www.verisign.com.au/gatekeeper/individual.shtml> at 5 June 2007.
137
identification check,329 providing evidence of identity. Type 2 Grade 2 DSCs identify
an individual as a representative of an organisation and the applicant must complete
both a personal and an organisation identification check. For the Australian
Business Number-Digital Signature Certificates (ABN-DSCs), which are a type of
Non-Individual Grade 2 certificate,330 only the authorised officer of the organisation
has to go through a personal identification check.331
4.3.3.1.1 System features: common and differing fea tures
This overview shows that all the electronic registration systems examined in this
chapter use public key cryptography administered via a public key infrastructure as
their digital signature technology to replace handwritten signatures. It was also
found in [4.3.3] that in all the systems examined, clients no longer hand-sign land
title instruments. Rather, an authorised user is required to sign these instruments
digitally, then they will be lodged for registration. However, each electronic
registration system has a different application process for registering those who wish
to obtain a digital certificate/PSP for digital signing purposes.
4.3.3.1.2 What will these changes mean for fraud op portunities?
It was postulated above that requiring an authorised user with signing privileges to
digitally sign land title instruments in place of the client may open up a new
opportunity for fraud through the fraudulent use of a digital certificate/PSP, although
access to the system is needed in order to perpetrate the fraud.
How may this type of fraud be perpetrated? How may the fraudulent person obtain
access to a digital certificate/PSP? Could an existing user’s digital certificate/PSP be
‘targeted’ to perpetrate fraud? Or might the fraudulent person be able to ‘target’ the
application process to obtain a digital certificate/PSP? That is, could he or she
compile identification documents and fraudulently apply for a digital certificate/PSP?
If this type of fraud can be perpetrated in an electronic registration system who
might be the likely perpetrators? Are they likely to be those already having access to
the system but without signing privileges or those without access to the system?
329 See Verisign, Identification Requirements
<http://www.verisign.com.au/gatekeeper/validation.shtml> at 5 June 2007 for identification requirements.
330 See Verisign, ABN-DSC Digital Certificate <http://www.verisign.com.au/gatekeeper/abndsc-info.shtml> at 5 June 2007.
331 Ibid.
138
Other issues to consider include:
1. is it likely that the perpetrator would act alone or in collusion with others?
2. is it more likely for this type of fraud to be opportunistic or calculated?
3. what factors may facilitate the perpetration of this type of fraud?
These issues will be examined in detail in Chapter 6.
4.3.3.2 Classes of authorised users entitled to dig itally sign land title
instruments
In the New Zealand system, eDealings may only be signed on behalf of their clients
by conveyancing professionals, who are practitioners under the Law Practitioners
Act or landbrokers licensed by the Register-General of Land (RGL).332 Where an
instrument is a multi-party instrument333, the conveyancing professional for each
party must sign it before it can be lodged for registration. The Ontario system is
similar to the New Zealand system in that authorised users sign on behalf of clients;
however, unlike the New Zealand system, the Ontario system requires two types of
signatures to be added to an instrument by the parties to the transaction before it
can be lodged for registration – the completeness signature and the release
signature.334 The completeness signature is used to signify that lawyers acting for
both parties approve of the document and that the document is complete, while the
release signature is used to signify that they are ready to release the document for
registration. Another difference is that in Ontario, the completeness signature need
not be provided by a solicitor unless the instrument contains compliance with law
332 New Zealand Law Society, EDealing Guidelines (for Electronic Registration) (2007)
<http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008. Section 4 of the Land Transfer (Computer Registers and Electronic Lodgement) Amendment Act 2002 (NZ) defines ‘conveyancer’ as a landbroker licensed by the Registrar or a person who holds a current practising certificate under section 57 of the Law Practitioners Act 1982 (NZ).
333 A multi party instrument is where one firm is acting for the vendor and one for the purchaser or where there are three firms with a separate firm acting for the purchaser’s mortgagee. A single party transaction is where one firm is acting for both parties such as the mortgagee on a discharge: New Zealand Law Society, 'Electronic Property Transactions - Getting It Right' (2003), 25.
334 If it is a one party document then only one completeness signature is required. If it is a document with two parties then both completeness and release signatures are required and both parties must attach their completeness and release signatures: Teranet Inc, Teraview Reference Guide 5.3.3 (2007) <http://www.teraview.ca/resupgrades/ru_manuals.html> at 28 April 2008.
139
statements335. If the document contains compliance with law statements, the system
will only accept a completeness signature from a user who is authorised to practise
law in Ontario336. The release signature can be added by the lawyer who prepared
the document, by a conveyancer or by any other user of the system, provided they
have been granted access to sign for release and the document has been signed for
completeness.337
The British Columbia EFS system differs from both the New Zealand and Ontario
system in that it requires only one digital signature from a lawyer or notary, who
could be the lawyer or notary of the vendor or of the purchaser, or one who is
unrelated to the transaction so long as he or she has been authenticated and
provided with an authenticated digital signing certificate by Juricert.338
As for the proposed NECS, only the certifier may digitally sign instruments and in
the proposed EC System, subscribers digitally sign instruments created on the EC
System.339
4.3.3.2.1 System features: Common and differing fea tures
It is evident from this overview that different systems have different practices in
terms of who may digitally sign instruments on behalf of the client. An electronic
registration system may restrict the class of users capable of digitally signing
instruments to a specific class, such as in the New Zealand system, or allow any
335 Each electronically registered document must contain prescribed information. Among the types of
information which may be included or used are statements which call for an application of legal expertise based on legal judgements. These statements are called “Compliance with Law Statements”: Law Society of Upper Canada, Practice Guidelines for Electronic Registration of Title Documents (2002) <http://www.lsuc.on.ca/news/pdf/july08_eregguidelines.pdf> at 24 April 2006, Practice Guideline 6 ‘Use of Compliance with Law Statements’. See also Kate Murray, 'Modernization of Land Registration Records' (Ministry of Consumer and Business Services, 2003)6 for a list of documents where a law statement would apply to.
336 Teranet maintains a current list of lawyers entitled to practice which is updated to reflect lawyers whose rights and privileges have been affected by, for example, retirement, suspension, disbarment or resignation: Law Society of Upper Canada, Practice Guidelines for Electronic Registration of Title Documents (2002) <http://www.lsuc.on.ca/news/pdf/july08_eregguidelines.pdf> at 24 April 2006 and Law Society of Upper Canada, Electronic Registration: Making It Work For You - Procedures and Practice Standards For Electronic Real Estate Conveyance (2000) <http://mrc.lsuc.on.ca/jsp/eReg/index.jsp> at 5 June 2007. Also see Beverly Spencer, 'E-Registration' (2001) 25(5) Canadian Lawyer 17, 22.
337 See Law Society of Upper Canada, Electronic Registration: Making It Work For You - Procedures and Practice Standards For Electronic Real Estate Conveyance (2000) <http://mrc.lsuc.on.ca/jsp/eReg/index.jsp> at 5 June 2007, 3.
338 Darcy Hammett, Director of Strategic Operations, Land Title and Survey Authority of British Columbia <[email protected]>, email (25 May 2006).
339 See National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [4.4] and Department of Sustainability and Environment, Fact Sheets (2008) <http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 8 April 2008 (Signing Electronic Documents in EC).
140
user to sign instruments provided they have access to a digital certificate/PSP and
access to the instrument, such as the British Columbian system. Whichever option is
used, it is very likely that solicitors would be able to be entitled to digitally sign
instruments on behalf of users.
4.3.3.2.2 What will this mean for fraud opportuniti es?
Issues to consider here include: if solicitors are likely to fall within the class of users
who are able to digitally sign instruments on behalf of clients, might this mean that
solicitors may have a greater opportunity to perpetrate fraud in an electronic
registration system because:
• they will have access to the system;
• they will able to digitally sign instruments on behalf of clients; and
• their digital signature on the instrument will not need to be witnessed.
These issues will be examined in greater detail in Chapter 5.
4.3.3.3 Client signing the authorisation form
In New Zealand, evidence of client authorisation is required under s 164A of the
Land Transfer Act (NZ). This evidence may be provided using a form produced by
the New Zealand Law Society, called the Authority and Instruction (A&I) Form. At
the time of writing, three A&I forms have been produced by the Law Society –
Private Individual A&I340, Private Corporate A&I341 and Public Corporate A&I.342
The New Zealand Law Society has also produced guidelines for executing these
forms, which provide that each client must sign the appropriate form personally or it
must be signed by an attorney under a properly completed power of attorney with an
appropriate certificate of non-revocation.343 A client may not sign for and on behalf of
a partner or spouse without the written authorisation of a power of attorney. For
corporate clients, individuals authorised to sign the corporate A&I form on behalf of
the company will be responsible for completing the corporate A&I form. The
signature of each client must also be witnessed. Within New Zealand, the class of
persons who may witness an A&I form is open. For documents transmitted
overseas, the class of persons who may witness documents transmitted overseas
include those listed as acceptable witnesses for manual transactions under 340 New Zealand Law Society, Private Individual Client Authority and Instruction for an Electronic
Transaction (2008) < http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008. 341 Ibid. 342 New Zealand Law Society, Public Corporate Client Authority and Instruction for an Electronic
Transaction (2008) < http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008. 343 New Zealand Law Society, EDealing Guidelines (for Electronic Registration) (2007)
<http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008, Guideline I.
141
Regulation 16 of the Land Transfer Regulations 2002 (NZ).344 Hence, it is possible in
New Zealand for the A&I form to be signed outside the presence of the instructed
lawyer, and for the transaction to proceed without that lawyer having met the client.
It is the individual firm’s responsibility to establish their own witnessing guidelines
and acceptable witness list for documents that are executed both within and outside
the law firm, as well as within New Zealand and overseas.345
In Ontario, evidence of client consent and authorisation is provided by a document
called the Acknowledgement and Direction form.346 The client is required to sign the
form and the signature is witnessed.347 The Ontario system produces five different
standard forms of Acknowledgement and Direction corresponding to each of the
electronic registration formats, but they can also be amended to suit the particular
needs of any transaction.348
In contrast to Ontario and New Zealand, British Columbia does not have a separate
client authorisation form. In British Columbia, after the lawyer or notary prepares the
appropriate land title document, such as a transfer form for the sale of land, he or
she transmits the document to the vendor’s lawyer or notary, who then prints out the
land title document and attends on execution by the vendor, that is, he or she
witnesses execution of the paper copy of the document (the example used is a
transfer form) by the vendor and signs it as the certifying officer. This copy becomes
evidence of the (vendor) client’s intention to be bound, has the effect of delivery and
is an instruction to his or her lawyer or notary to authorise submission for
registration.349 Whilst the client’s signature on the printed document must be
witnessed, and in most cases, it would be the vendor’s or the mortgagor’s lawyer or
344 New Zealand Law Society, E-dealing Workflow Guidance for Solicitors: Prepared as a Joint
Project Between NZLS and LINZ (2006) <http://www.lawyers.org.nz/PDFs/e-d-workflow-guidance-v3.pdf> at 11 May 2006: ‘Best practice dictates that a person who can witness documents outside the jurisdiction must witness documents transmitted overseas. This is standard under Regulation 16 of the Land Transfer Regulations 2002, which provide a list of the acceptable witnesses for manual transactions at LINZ. This should be used as a guideline for e-dealing transactions as well’.
345 Ibid 11. 346 A sample acknowledgement and direction form can be found at Teranet Inc, Acknowledgment and
Direction <http://www.teraview.ca/resupgrades/downloads/ADR.pdf> at 26 April 2006. 347 Law Society of Upper Canada, Practice Guidelines for Electronic Registration of Title Documents
(2002) <http://www.lsuc.on.ca/news/pdf/july08_eregguidelines.pdf> at 24 April 2006, 9. 348 The forms are: transfer (transferor), transfer (transferee), charge (charger), discharge of
mortgage/charge (chargee) and document general. See: Law Society of Upper Canada, Practice Guidelines for Electronic Registration of Title Documents (2002) <http://www.lsuc.on.ca/news/pdf/july08_eregguidelines.pdf> at 24 April 2006, 8.
349 Land Title and Survey Authority of British Columbia - Land Title Division, Pacific Legal Technical Conference: Electronic Filing System <http://www.ltsa.ca/documents/presentations/PacificLegalTechnicalConf.pdf> at 7 April 2008, 4.1.03.
142
notary who would do so, there is no requirement for this. In situations where it is not
practical for this to occur, such as where the vendor has moved before the sale
occurs, the vendor’s lawyer or notary could arrange for the vendor’s signature to be
witnessed by a lawyer or notary in the place where the vendor now resides. Hence it
is possible for any lawyer or notary or any person authorised to act as an officer
under British Columbia laws to witness the client’s signature.350
At the time of writing, the proposed NECS would also require that a client
authorisation form be completed to enable the subscriber to represent the client in a
transaction, to sign instruments on behalf of the client and to lodge instruments
electronically.351 Similarly, in the proposed Victorian EC system, it is envisaged that
a representation arrangement would need to be entered into by the subscriber and
their client to enable the subscriber to act in an agency role on behalf of clients.352 In
both of these proposed systems, the client’s signature on the form must be
witnessed, but the classes of eligible witness, if any, are unclear at this stage.
4.3.3.3.1 System features: Common and differing fea tures
This discussion shows that all the electronic registration systems examined require
a client authorisation form to be signed, by the client or his or her attorney, to
authorise a user with signing privileges to digitally sign the electronic instrument on
behalf of the client. However, the actual form of the authorisation form353 and the
witnessing requirements differs from system to system.
4.3.3.3.2 What will these changes mean for fraud op portunities
As mentioned earlier, the major issues arising from this requirement that clients sign
an authorisation form is whether or not it would it be possible for fraudulent persons
to continue to perpetrate fraud in an electronic registration system by forging the 350 Darcy Hammett, Director of Strategic Operations, Land Title and Survey Authority of British
Columbia <[email protected]>, email (30 May 2006). 351 National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic
Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.2.3.3]. 352 See Department of Sustainability and Environment, Overview of the EC System (2007)
<http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008; Department of Sustainability and Environment, EC System Rules Release 2 (2007) 35 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008; Department of Sustainability and Environment, Electronic Conveyancing – Registrar’s Requirements Release 2 (2007) < http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008 and John Barry, Electronic Cheques and Balances - Paper Gone To Bytes (2005) Internet Law Bulletin <http://www.landexchange.vic.gov.au/ec/newsroom/articles.html> at 2 May 2006.
353 As noted above in footnote 313, for the purposes of this research, the use of the term ‘authorisation form’ would encompass the process in British Columbia where the client signs the printed copy of the land title instrument – that the signing of the printed copy is an authorisation by the client. It is accepted that this is not a specific authorisation form unlike the forms used in the New Zealand or Ontario system.
143
signature of the client on the authorisation form? If it is possible, then other issues to
consider include:
• can witnessing requirements provide a safeguard against this type of fraud
or can they continue to be circumvented in the same way as in the paper
registration system?
• will this type of fraud continue to be opportunistic, likely to be perpetrated by
those known to the victim?
• would the factors facilitating this type of fraud in the paper registration
system continue to play a role in an electronic registration system?
• could fraud by forgery of the power of attorney continue to be perpetrated in
the same way in an electronic registration system, that is, by falsifying a
power of attorney and signing an authorisation form as the attorney?
These issues will be examined in Chapter 5.
4.3.3 The paper certificate of title
4.3.3.1 Use of the paper certificate of title
In New Zealand, paper certificates of title are no longer issued or used.354 In British
Columbia duplicate titles cannot be obtained for mortgaged land but may be issued
for unmortgaged land on the written application of its registered owner in fee
simple.355 In Ontario, the Ministry is no longer required to issue these certificates;
certificates of ownership were discontinued in 1980.356
At the time of writing, it is unclear whether certificates of title will be used in the
proposed NECS, as the issue is still the subject of national uniformity
consultations.357
354 Section 18 of the Land Transfer (Computer Registers and Electronic Lodgement) Amendment Act
2002 (NZ) prohibits the Registrar from issuing certificates of title for electronic transactions land and if land is declared under s25 of the Act to be electronic transactions land, all certificates of title for that land are cancelled as from the date on which the declaration takes effect. Section 25 of the Act allows the Registrar to declare land to be “electronic transactions land” by notice in the New Zealand gazette and such a declaration under this provision was published with effect from 14 October 2002: New Zealand Gazette 2002, Issue 150, p3895.
355 See Land Title Act RSBC 1996 s176(1). 356 Land Titles Amendment Act 1979 (Ont) ss 32 & 33. 357 See National Electronic Conveyancing Office, 'Draft Operations Description for a National
Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.2.6.15].
144
For the proposed Victorian EC system it appears that, in order to use the EC
system, if an electronic certificate of title (eCT) does not exist for the land that is the
subject of a transaction, then the subscriber in possession of the paper certificate of
title (pCT) for the land must apply to Land Victoria for the pCT to be converted into
an eCT. The pCT must be surrendered to the Registrar. The subscriber making the
application obtains eCT control and this can now be used in the EC system.358
Thus it is possible that an electronic registration system may eliminate the need to
produce the certificate of title. Alternatively, as seen in the proposed EC system, it is
also possible that the electronic registration system may incorporate the use of an
electronic certificate of title. However the use of the certificate of title in an electronic
registration system will still be different to that in the current paper system. In the
paper registration system, as seen in Chapter 3, the practice is that the certificate of
title had to be produced or the mortgagee holding the certificate of title had to
consent to the transaction before dealings in land could be registered. In the
Victorian EC system, the certificate of title, if it exists in paper format, will have to be
transformed into an electronic certificate of title. Once converted, or if it already
exists in an electronic format, it is the controller of the electronic certificate who is
responsible for nominating the electronic certificate to the transaction. Thus, unlike
the paper system, it is not the owner who produces the certificate of title but the
subscriber of the system who is the controller of the electronic certificate of title who
nominates the electronic certificate of title to the transaction. In this way, the use of
electronic certificates of title will differ from current practice under the paper
registration system.
4.3.3.2 Use of a client identification process and certifications as to identity
In some electronic registration systems, instead of requiring production of the paper
certificate of title as evidence of a right to deal, there is a formal client identification
process. This is the case in the New Zealand system, where client identification
must be established when the A&I form is completed. The A&I forms contain a
section for client identification that requires the person establishing identity to tick
358 Department of Sustainability and Environment, Overview of the EC System (2007) 5
<http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008; Department of Sustainability and Environment, Land Title Registration (2008) <http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 28 April 2008 and Department of Sustainability and Environment, Electronic Conveyancing – Registrar’s Requirements Release 2 (2007) [6.2] < http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008.
145
the type of photo identification used for this, such as a driver’s licence, passport,
firearms licence, or photo credit card, and then certify that359:
• he or she has witnessed the client (or his/her attorney) signing the A&I form;
• he or she has sighted the original form of identity presented and used for the
A&I form; and
• the photo and name match the person who signed the form.
Where the person signing the form is doing so under a power of attorney, the
identity to be verified is that of the attorney. In the case of a corporate, the identity to
be verified is the identity of the individuals signing on behalf of the corporate. In
addition to this client identification process, the New Zealand system also require
the conveyancing professional named on the A&I form to certify that reasonable
steps have been taken to confirm identity.360
In contrast, in Ontario, there is no specific requirement that clients signing the
acknowledgement and direction form must produce identification to the lawyer.
While an acknowledgement and direction form must be signed by the client and
witnessed, this form in Ontario merely contains an authorisation by the client to the
lawyer to conduct the transaction electronically, a statement that the client has
reviewed the information set out in the acknowledgement and direction form and
that the information is correct, an acknowledgement by the client that the electronic
documents were explained to them and that they agree to be bound as if they
signed the documents and finally that the client has not misrepresented their identity
to the lawyer.361 Unlike New Zealand, there is no requirement that the lawyer verify
the identity of the client. However in the case of Yamada v Mock362 the solicitor
acting for a mortgage lender failed to ask for identification and was held responsible
for the loss suffered by the lender. Thus, while there is no specific requirement for
solicitors in Ontario to verify the identity of their client, it seems that the general
359 See the A&I forms as referenced above. 360 Section 164A(3) Land Transfer Act 1952 (NZ). Only conveyancers may make certifications: s164B
Land Transfer Act 1952 (NZ). 361 See the Acknowledgement and Direction form: Teranet Inc, Acknowledgment and Direction
<http://www.teraview.ca/resupgrades/downloads/ADR.pdf> at 26 April 2006. 362 Yamada v Mock (1996) 29 OR (3d) 731.
146
standard of care requires them to obtain some form of identification. However,
certifications as to identity are not required.363
The situation in British Columbia is similar to Ontario in that there are no specific
requirements for solicitors to verify client identity. However the recommendation
from the Law Society of British Columbia appears to be that solicitors obtain some
sort of picture identification.364 As in Ontario, certifications as to identity are also not
required. The incorporation of the lawyer or notary’s digital signature into the form in
British Columbia is merely a certification by the lawyer or notary that365:
• a true copy of the electronic instrument has been executed and witnessed in
accordance with Part 5 Land Title Act [RSBC] 1996; and
• that true copy is in the possession of the person who incorporated his/her
electronic signature,
Certifications as to identity are not provided.
It appears that both the proposed NECS and the proposed Victorian EC system will
follow the New Zealand system in requiring a formal client identification process.
In the proposed EC system, it appears that the identity check will be performed
when the representation agreement is completed. According to the Electronic
Conveyancing Registrar’s Requirements, subscribers may be verifiers of identity.
Subscribers are required to verify the identity of:
(a) the legal or natural person they intend to represent in an ELF(Electronic
Lodgement File); and
(b) if the Client is a legal person, the natural person or natural persons who
sign the Representation Agreement on behalf of the legal person; and
(c) if an attorney for the Client authorises the Subscriber to act on behalf of
the Client, the identity of the attorney; and
363 Note that the Law Society of Upper Canada has recently produced a document outlining the steps
required of a lender in a mortgage or loan transaction to ensure adequate care and skill is taken in mortgage or loan transactions. The document instructs the lender or mortgage broker or agent to meet personally with the borrower(s) and obtain two pieces of original identification for each borrower. One of these pieces of identification must be a government issued photo identification. The lender or mortgage broker/agent is also instructed to examine the original identification obtained for irregularities. See: Law Society of Upper Canada, Due Diligence in Mortgage or Loan Transactions (2008) <http://www.lsuc.on.ca/media/apr0908_due_diligence.pdf> at 16 April 2008.
364 Law Society of British Columbia, Real Estate Fraud - A Prevention Primer (2005) <http://www.lawsociety.bc.ca/publications_forms/iissues/05-03_risk.html> at 4 September 2006.
365 Land Title and Survey Authority of British Columbia - Land Title Division, Pacific Legal Technical Conference: Electronic Filing System <http://www.ltsa.ca/documents/presentations/PacificLegalTechnicalConf.pdf> at 7 April 2008, 4.1.03.
147
(d) if they are, or are representing a mortgagee in connection with the grant
or discharge of a mortgage, the mortgagor.366
For a natural person, the identification requirement is at least 100 points following
the form in schedule 6 of the Requirements. For a company or an incorporated
association, identification is done by obtaining the information set out in the form in
schedule 7 of the Requirements.367
There are exceptions to these identity verification requirements. These are listed in
[3.4] of the Registrar’s Requirements. Thus a subscriber need not verify the identity
of a person under Requirement 3.2 if they have represented the person continuously
since before 15 June 1988.368
A Subscriber may also engage a “Third Party Verifier” to conduct a verification
required under Requirement 3.2. However, before the Subscriber certifies that they
have verified identity on this basis, they must receive direct from the Third Party
Verifier:
(a) the information collected by the Third Party Verifier in conducting the
verification; and
(b) the Representation Agreement signed in the presence of the Third Party
Verifier following the verification; and
(c) a certification in the form of Schedule 3 to these Requirements for each
person identified.369
Certifications are also required of the subscriber. These are specified in
Requirement [5] of the Registrar’s Requirements.370
In the proposed NECS, at the time of writing, it appears that the representative
subscriber will be required to verify their client’s identity.371 The precise procedure
involved in verifying identity is unclear at this stage as it is the subject of national
uniformity consultation. It is likely that the procedure will incorporate the general
366 Department of Sustainability and Environment, Electronic Conveyancing – Registrar’s
Requirements Release 2 (2007) [3.2] < http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008.
367 Ibid [3.3]. 368 Ibid [3.4]. 369 Ibid [3.5]. 370 Ibid [5]. 371 National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic
Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.2.3.2].
148
requirements on financial institutions under the Commonwealth’s Anti-Money
Laundering and Counter-Terrorism Financing Act and regulations.372 It is also likely
that procedures for remote, foreign and long-standing clients and for representatives
of business entities will be arranged.373 As for certifications, at the time of writing, it
appears that certifiers will be required to provide certifications in the proposed
NECS, however the precise nature and wording of the certifications is still the
subject of uniformity consultations.374
4.3.3.3 System features: Common and differing featu res
This discussion shows that it is possible that an electronic registration system may
eliminate the need to produce the paper certificate of title. This is demonstrated in
the systems in New Zealand and Ontario where paper certificates of title are not
used. This differs from the paper registration system, which requires production of
the paper certificate of title to demonstrate a right to deal with the land. However, as
seen in the proposed EC system, it is also possible that the electronic registration
system may incorporate the use of an electronic certificate of title. The discussion
also shows that some electronic registration systems use a formal identification
process to verify client identity and require that certifications be made that client
identity has been verified. These include the New Zealand system and the proposed
NECS. However other systems such as the Ontario system have not incorporated a
client identification process into their system.
4.3.3.4 What will these changes mean for fraud oppo rtunities?
How will these changes affect the way in which identity fraud is perpetrated? Some
issues that will require further consideration include:
• could identity fraud continue to be perpetrated in an electronic registration
system?
• what will be the impact of abolishing the certificate of title in the electronic
registration system on identity fraud? Will abolishing the certificate of title
increase the opportunities for identity fraud? This concern was raised by
Thomas when the New Zealand system was introduced, arguing that ‘[T]he
absence of an outstanding duplicate certificate of title (or anything in
372 Ibid [9.2.3.2]. 373 Ibid 9.2.3.2]. 374 Ibid [9.3.2].
149
substitution of the same) is argued to be a key flaw in the new system,
making it more vulnerable to fraud’375;
• would identity fraud continue to be susceptible to both opportunistic and
calculated fraud, capable of being perpetrated by fraudulent person both
known and unknown to the victim?
• will the factors facilitating this type of fraud in the paper registration system
continue to play a role in an electronic registration system?
• will an identification process assist in minimising identity fraud?
• would use of an electronic certificate of title assist in minimising identity
fraud?
• will certifications that identity has been verified assist in minimising identity
fraud?
These issues will be examined in greater detail in Chapter 5.
4.4 Conclusion
This chapter has provided an overview of the extent to which the registration
process of various land registration systems have been automated using
technology.
It also examined and compared the salient features of these fully operational,
automated registration systems and the systems proposed in Australia with the
paper registration system. From this comparative analysis it was found that
automating the registration process within the Torrens system will see certain
changes being made to current conveyancing practices and to those requirements
that are said to act as safeguards against fraud.
The key changes that may be made to conveyancing practices were found to be
those relating to the manner in which the system may be accessed, the manner in
which documents may be prepared and lodged for registration, the manner in which
documents may be executed and changes to the use of the paper certificate of title.
The types of changes that may be made to conveyancing requirements that are said
to act as safeguards against fraud were identified as those relating to the
375 Rod Thomas, ‘Fraud, Risk and the Automated Register’ in David Grinlinton (ed), Torrens in the
Twenty-first Century (2003) 349, 349.
150
examination process at the Land Titles Office, the process for updating the register,
witnessing requirements and the use of the certificate of title.
Questions raised in Chapter 3 relating to the manner in which these changes may
impact upon its findings were also integrated into this chapter and will be the focus
of further analysis in Chapters 5 and 6. The analysis in these chapters and their
findings will assist in furthering this research in determining the impact of automating
the registration process within the Torrens system on fraud.
To assist in this examination, the findings from the analysis in this chapter are
summarised in the table below.
Features Landonline Teraview EFS NECS Victoria EC Paper Issues
Access Restricted access: Only individuals from licensed firms who have been issued with digital certificates may access the system.
Restricted access: Only users with a Teranet account and having completed a Teraview Licence application may access the system.
Restricted access: Only users with an account with BCOnline may access the system.
Restricted access: Only subscribers and users who have registered with NECS may access the system.
Restricted access: Only subscribers who have registered with EC may access the system.
Open access – anyone can prepare and lodge land title instruments.
May fraudulent misrepresentations continue to be perpetrated in an electronic system? Will fraudulent alterations be restricted to those with access? Will fraudulent persons be able to find other ways to gain access?
How is access controlled
Controlled by PKC376 - digital certificate to access
Controlled by PKC – Personal Security Profile and passphrase to access
BCOnline account with userID and password to access
User ID and password
User ID and password
N/A Which access control mechanism is likely to provide a better security against fraudulent access into the system?
What is the application process to be a user?
Individuals nominated by the firm in the licence application provides proof of identification to LINZ who verifies identity.
Applicants completing the Personal Security Licence application form provides identification to Teranet who verifies identity.
Users apply to BCOnline to obtain a BCOnline account. No verification of identity
Subscriber goes through an application process, and the authorised officer of the subscriber nominates users. User who want to be certifiers apply to the NECS, nominating the authorised officer and providing certain
Subscriber applies to be a user to Land Exchange. Subscriber may nominate authorised signatories and authorised users to access the system.
N/A How robust is the application process in minimising the possibility of fraudulent persons circumventing the application process to gain access to the system?
376 PKC refers to public key cryptography.
151
Features Landonline Teraview EFS NECS Victoria EC Paper Issues
information eg legal practitioner status to NECS.
Process for obtaining the mechanism to control access
Digital certificate support team emails the authorisation code to the user and the reference number to the firm’s trusted contact. Codes are used to download the digital certificate using the DC loader wizard. The authorisation code and reference number are ‘one use only’ codes.
To initialise security profile & pass phrase using PASS requires the applicant to answer personal questions on PASS + to set pass phrase.
UserId and default password sent via email. Email is not encrypted.
UserID sent via email, unclear if email is encrypted.
Subscriber application form contains secret word which administrator must keep confidential. If application successful, and if administrator can recite the secret word to Land Exchange, a user identification and password to access the subscriber’s EC system account is given to the administrator. Manner in which each authorised user is provided with a user identification and password to access the subscriber’s EC system account is unclear.
N/A Which method of transmitting the mechanism used to control access will provide a better level of security against fraudulent access into the system?
Preparation, lodgement, examination & registration
Shared online workspace using electronic templates. Certain details are entered automatically onto the electronic template from the titles register. System runs automated checks upon
Documents are prepared on office computer using Teraview. Certain information automatically pre-populated into the document from POLARIS. Manual intervention by staff at the Land Titles Office
Download EFS templates from BCOnline which are saved onto the computer. No automatic pre-population of documents. Manual intervention by staff at the Land Titles Office examining instruments and updating the register.
Shared online workspace created with NECS. NECS retrieves relevant information recorded with the jurisdiction’s Land Registry and automatically populates the workspace with the information. System runs
ELF – a shared file where parties create their documents online and input relevant data System runs automated checks upon lodgement. Unclear as to whether there will be a manual examination of
Paper land title forms are used. Manual lodgement. Manual examination by staff at the land titles office. Manual update of the register.
Will fraudulent alterations be easier to perpetrate – as an alteration on an electronic document may not show any visible signs of alteration? Who might be the likely perpetrators? Is the fraud likely to be opportunistic or calculated? Will automated checks by the system provide a
152
Features Landonline Teraview EFS NECS Victoria EC Paper Issues
lodgement. Automatic registration of instruments lodged.
examining instruments and updating the register.
automated checks upon lodgement. Likelihood of manual examination by staff at the Land Titles Office & manual update of the Register.
instruments lodged. Likely that there will be a manual update of the register.
better level of security than manual examinations? Should manual examinations continue? Would manual updates of the register provide a better level of security than automated registration?
Signing of land title forms for lodgement and registration
Licensed conveyancers sign the land title form. Only licensed conveyancers can digitally sign instruments.
Authorised users sign the land title form. Anyone can sign but instruments containing compliance with law statements require signature by a user who is authorised to practise law in Ontario.
Juricert authenticated lawyers or notaries sign the land title form. Any Juricert authenticated lawyer/notary may sign.
Authorised users sign the land title form. Only users who are certifiers can sign.
Authorised users sign the land title form. Only users who are authorised signatories can sign.
Person creating or transferring an interest signs the land title instrument. Attorney under a power of attorney may sign on behalf of donor of power of attorney.
Can fraudulent persons perpetrate fraud by forging the user’s digital signature instead? How might this type of fraud be perpetrated? Who would be the likely perpetrators – those with access or those without? For those without access, how may they gain access? Is it likely that the perpetrator would act alone or in collusion with others? Is it likely for the fraud to be opportunistic or calculated? What factors may facilitate this fraud? If solicitors fall within the class of users who are able to digitally sign instruments on behalf of clients, will this provide solicitors with a greater opportunity to perpetrate fraud than in the paper system?
Type of signature on the land title instrument to be lodged for registration
Digital signature using public key cryptography administered via PKI. Digital certificate
Digital signature using public key cryptography administered via PKI. PSP used for both
Digital signature using public key cryptography administered via PKI. Juricert authenticated digital
Digital signature using public key cryptography administered via PKI. Require Gatekeeper
Digital signature using public key cryptography administered via PKI. Require Gatekeeper
Handwritten signature
How robust is the application process for a digital certificate/PSP? Can fraudulent persons gain access to the digital certificate/PSP
153
Features Landonline Teraview EFS NECS Victoria EC Paper Issues
used for both access and digital signatures. Hence process to obtain digital certificate is as described above.
access and digital signatures. Hence process to obtain PSP is as described above.
certificate used to for digital signatures. Juricert verifies applicant’s identity before sending to the applicant an email containing an ID and instructions to download the certificate.
authenticated digital signing certificate. Manner in which the certificate is issued would depend on the Gatekeeper accredited entity.
authenticated digital signing certificate. Manner in which the certificate is issued would depend on the Gatekeeper accredited entity.
by targeting the manner in which the digital certificate/PSP is generated, issued and kept?
What does the client sign?
The A&I form.
The Acknowledgement and Direction form.
The land title document that has been printed – this becomes lawyer or notary’s authority to submit.
The authorisation form.
The Representation Agreement.
N/A Can fraudulent persons continue to perpetrate fraud by forging the client’s handwritten signature on the authorisation form? Will this type of fraud continue to be opportunistic, perpetrated by those known to the victim? Will the factors facilitating this fraud continue to play a role in an electronic system? Can fraud by false power of attorney continue to be perpetrated in an electronic system? May this type of fraud continue to be perpetrated by both those known and unknown to the victim? Will the factors facilitating this fraud continue to play a role in an electronic system?
Witnessing Client’s signature on the A&I form must be witnessed. Authorised user’s digital signature on the land
Client’s signature on the Acknowledgment and Direction form must be witnessed. Authorised user’s
Client’s signature on the printed land title form must be witnessed. Authorised user’s digital signature on the land title form not
Client’s signature on the authorisation form must be witnessed. Authorised user’s digital signature
Client’s signature on the representation agreement must be witnessed. Authorised user’s digital
Client’s signature on the land title instrument must be witnessed.
Can fraudulent persons circumvent witnessing requirements in the same manner as in the paper registration system?
154
Features Landonline Teraview EFS NECS Victoria EC Paper Issues
title form not witnessed.
digital signature on the land title form not witnessed.
witnessed. on the land title form not witnessed.
signature on the land title form not witnessed.
Paper certificate of title
Not used and no longer issued.
No longer required to be issued.
Duplicate paper c/t cannot be obtained for mortgaged land but may be issued for unmortgaged land. If issued, it must be produced before a transfer or mortgage can be registered.
Usage unclear
An electronic certificate of title must be nominated to the transaction.
Must be produced
How will abolishing the paper certificate of title impact upon identity fraud? Would identity fraud continue to be susceptible to both opportunistic and calculated fraud, capable of being perpetrated by those known and unknown to the victim? Will the factors facilitating this type of fraud continue to play a role in an electronic system?
Formal client identification process
Yes – within the A&I form
No No Yes Yes No, except Queensland but that is only for mortgagees
What is the impact of introducing a formal identification process on identity fraud?
Use of electronic certificate of title
No No No Unclear Yes N/A Would use of an electronic certificate of title assist in minimising identity fraud?
Certifying that identity has been verified
Yes No No Yes Yes No What is the impact of requiring certifications as to identity on identity fraud?
155
CHAPTER 5
CAN THE TYPES OF FRAUD PERPETRATED IN THE PAPER RE GISTRATION
SYSTEM CONTINUE TO BE PERPETRATED IN AN ELECTRONIC
REGISTRATION SYSTEM?
Table of contents
5.1 Introduction......................................................................................................157 5.2 Forgery ............................................................................................................158
5.2.1 Method of perpetrating fraud by forgery in the paper registration system ..158 5.2.2 Likely changes due to automating the Torrens registration process ..........158 5.2.3 Impact of these changes on fraud by forgery.............................................158
5.2.3.1 Individual as the client ........................................................................159 5.2.3.1.1 Can this fraud be perpetrated in an electronic registration system?159 5.2.3.1.2 Under what circumstances might this fraud be perpetrated?........160 5.2.3.1.3 Who might be the likely perpetrators of this fraud? ......................160 5.2.3.1.4 How might witnessing requirements be circumvented?................161 5.2.3.1.5 What factors may facilitate the perpetration of this type of fraud? 161 5.2.3.1.6 What are the transactions likely to be targeted by fraudulent persons? ....................................................................................................162 5.2.3.1.7 Conclusions.................................................................................162
5.2.3.2 Company as the client........................................................................162 5.2.3.2.1 Can this fraud be perpetrated in an electronic registration system?162 5.2.3.2.2 Under what circumstances might this fraud be perpetrated?........164 5.2.3.2.3 Who might be the likely perpetrators of this fraud? ......................164 5.2.3.2.4 How might witnessing requirements be circumvented?................165 5.2.3.2.5 What factors may facilitate the perpetration of this type of fraud? 166 5.2.3.2.6 What are the transactions likely to be targeted by fraudulent persons? ....................................................................................................167 5.2.3.2.7 Conclusions.................................................................................167
5.2.3.3 Attorney as the client using falsified power of attorney .......................167 5.2.3.3.1 Can this fraud be perpetrated in an electronic registration system?167 5.2.3.3.2 Under what circumstances might this fraud be perpetrated?........168 5.2.3.3.3 Who might be the likely perpetrators of this fraud? ......................168 5.2.3.3.4 How might witnessing requirements be circumvented?................168 5.2.3.3.5 What factors may facilitate the perpetration of this type of fraud? 169 5.2.3.3.6 What are the transactions likely to be targeted by fraudulent persons? ....................................................................................................169 5.2.3.3.7 Conclusions.................................................................................169
5.3 Fraudulent misrepresentation...........................................................................169 5.3.1 Method of perpetrating fraudulent misrepresentation in the paper registration system.............................................................................................169 5.3.2 Likely changes due to automating the Torrens registration process ..........170 5.3.3 Impact of these changes on fraud by fraudulent misrepresentations .........170
5.3.3.1 Can this fraud be perpetrated in an electronic registration system?....170 5.3.3.2 Under what circumstances might this fraud be perpetrated? ..............171 5.3.3.3 Who might be the likely perpetrators of this fraud?.............................171 5.3.3.4 How might witnessing requirements be circumvented? ......................171 5.3.3.5 What factors may facilitate the perpetration of this type of fraud?.......172 5.3.3.6 What are the transactions likely to be targeted by fraudulent persons?172 5.3.3.7 Conclusions........................................................................................172
5.4 Fraudulent alterations ......................................................................................173
156
5.4.1 Method of perpetrating fraudulent alterations in the paper registration system ...............................................................................................................173 5.4.2 Likely changes due to automating the Torrens registration process ..........173 5.4.3 Impact of these changes on fraud by fraudulent alteration ........................173
5.4.3.1 Can this fraud be perpetrated in an electronic registration system?....173 5.4.3.2 Under what circumstances might this fraud be perpetrated? ..............177 5.4.3.3 Who might be the likely perpetrators of this fraud?.............................178 5.4.3.4 What factors may facilitate the perpetration of this type of fraud?.......179 5.4.3.5 What are the transactions likely to be targeted by fraudulent persons?180 5.4.3.6 Conclusions........................................................................................180
5.5 Identity fraud....................................................................................................180 5.5.1 Method of perpetrating identity fraud in the paper registration system.......180 5.5.2 Likely changes due to automating the Torrens registration process ..........180 5.5.3 Impact of these changes on identity fraud .................................................181
5.5.3.1 Can this fraud be perpetrated in an electronic registration system?....181 5.5.3.1.1 Systems where certificates of title are not used ...........................181 5.5.3.1.2 Systems using electronic certificates of title.................................183
5.5.3.2 Under what circumstances might this fraud be perpetrated? ..............184 5.5.3.3 Who might be the likely perpetrators of this fraud?.............................185 5.5.3.4 What factors may facilitate the perpetration of this type of fraud?.......185 5.5.3.5 What are the transactions likely to be targeted by fraudulent persons?185 5.5.3.6 Conclusions........................................................................................185
5.6 Fraud by solicitors............................................................................................186 5.6.1 Opportunities for solicitors to perpetrate fraud in the paper registration system ...............................................................................................................186 5.6.2 Likely changes affecting fraud by solicitors after automating the Torrens registration process............................................................................................186 5.6.3 Impact of these changes on the opportunities for solicitors to perpetrate fraud in an electronic registration system...........................................................186
5.7 Synthesis of findings: what is the impact of automating the Torrens registration process on the paper based frauds identified in Chapter 3? ..................................189
5.7.1 Can the frauds currently being perpetrated in the paper registration system continue in an electronic registration system?....................................................189 5.7.2 Would the manner of perpetration be altered due to changes in conveyancing practices?....................................................................................189 5.7.3 Where conveyancing practices might act as safeguards against fraud, how could these be circumvented?............................................................................190 5.7.4 Who might be the likely perpetrators of these types of fraud in an electronic registration system?...........................................................................................190 5.7.5 Are these perpetrators likely to act alone or in collusion with others?........191 5.7.6 In an electronic registration system, which frauds could be perpetrated by those known to the victim and which by those unknown?...................................192 5.7.7 For frauds persisting in an electronic registration system, will opportunistic fraud by those known to the victim continue to be more prevalent?....................192 5.7.8 Which factors might facilitate the perpetration of these frauds in an electronic registration system?...........................................................................192 5.7.9 Will solicitors continue to have an opportunity to perpetrate fraud in an electronic registration system?...........................................................................193 5.7.10 In an electronic registration system, is it likely that mortgages or a combination of mortgages and transfers will continue to be targeted? ...............193
5.8 Conclusion.......................................................................................................201
157
Chapter 5: Can the types of fraud under the paper r egistration system
continue under an electronic registration system?
5.1 Introduction
Chapter 3 described a number of different types of fraud that have been perpetrated
and continue to do so under a paper-based Torrens registration system.
Chapter 4 outlined possible changes to conveyancing practices and safeguards
against fraud consequent to moving to a registration system that is automated using
technology, based on experience in other jurisdictions. These changes have to do
with access to the system, preparation and lodgement of documents for registration,
execution and witnessing of documents, the use of the paper certificate of title, the
examination process at the Land Titles Office and updating the land title register.
Chapter 4 then questioned whether the frauds described in Chapter 3 may continue
in an electronic registration system despite these changes and speculated on
modified or new forms of fraud that might emerge due to these changes.
This chapter furthers this analysis by examining the potential impact of these
changes on the types of frauds described in Chapter 3, including the characteristics
of likely perpetrators and their behaviour, and on the prevalence of different types of
fraud that depend on various circumstances, such as the relationships between
fraudsters and victims. It will also examine which types of fraud are capable of
continuing despite the proposed changes. Whether new forms of fraud may emerge
due to these changes will be explored at length in Chapter 6.
This chapter will find that all the paper-based frauds discussed in Chapter 3, with the
exception of fraudulent alterations, are likely to continue in an electronic registration
system; however, the manner which they are perpetrated by may change. The
factors facilitating fraud in the paper registration system will continue to play a role
and most of the findings of Chapter 3 will continue to apply. For example, some
frauds, such as forgeries, will continue to be more easily perpetrated by those
known to the victim. It is also likely that opportunistic fraud will continue to be the
most prevalent type under an electronic registration system. Finally, this chapter will
find that the transactions most likely to be targeted will continue to be mortgages
and transfers or a combination of both. Thus, it is likely that most of the findings in
Chapter 3 would remain unaltered in an electronic registration system, with the
possible exception of fraudulent alterations where the opportunities for this type of
fraud may be reduced in an electronic registration system.
158
Apart from fraudulent alterations, another area where the findings may differ is in the
case of fraudulent opportunities by solicitors. This chapter will show that automating
the registration process may mean that solicitors will have a greater opportunity for
fraud than before.
5.2 Forgery
5.2.1 Method of perpetrating fraud by forgery in th e paper registration system
Chapter 3 found that the method of perpetrating fraud by forgery is linked to the
conveyancing requirement that instruments that create or transfer an interest must
be executed by the concerned person.
Thus, a way of perpetrating fraud is:
• for individuals, by forging the individual’s signature on the instrument; and
• for corporations, by fraudulently affixing the company’s seal on the
instrument and having this fraudulently witnessed.
Chapter 3 also found that persons under a power of attorney may also execute land
title instruments on behalf of the donor of the power of attorney, so that fraud may
also be perpetrated by using a false power of attorney.
5.2.2 Likely changes due to automating the Torrens registration process
Chapter 4 found that in an electronic registration system, persons creating or
transferring an interest will no longer use paper land title instruments. Instead, users
of the system with signing privileges will most likely apply a digital signature to an
electronic instrument, and then electronically lodge it for registration. It is also likely
that clients will have to execute a form that authorises their users to prepare,
electronically sign, and electronically lodge the appropriate electronic instrument for
registration. It was also found in Chapter 4 that the client’s execution of the
authorisation form must be witnessed, and that the signatures of both the client and
this witness will be hand written.
5.2.3 Impact of these changes on fraud by forgery
The question was raised in Chapter 4 as to whether these changes will see an end
to fraud by forgery in an electronic registration system, or whether fraud may be
continued by forging the client’s execution of the authorisation form instead. If it is
possible to perpetrate fraud this way, other issues include:
• who might perpetrate this type of fraud?
159
• can witnessing requirements for the authorisation form act as an effective
safeguard against fraud or could they be circumvented in the same way as in
the paper registration system?
• what factors may facilitate this type of fraud?
• what type of transactions are likely to be targeted?
As to falsifying a power of attorney, could this type of fraud continue in an electronic
registration system? If so, who might be the likely perpetrators? What factors might
facilitate this type of fraud in an electronic registration system?
The following analysis attempts to answer these questions. The analysis is divided
into three sections: (1) where the client is an individual (2) where the client is a
company and (3) where the client is an attorney under a falsified power of attorney.
5.2.3.1 Individual as the client
5.2.3.1.1 Can this fraud be perpetrated in an electronic registration system?
As seen in Chapter 4, it is likely that an individual client will execute an authorisation
form through a handwritten signature. If this is the case, fraud may be possible
where there is an opportunity to forge the client’s signature, and then the authorised
user responsible for the transaction acts on the authorisation form and proceeds
with the transaction.
The facts in Young v Hoger377 and Sansom v Westpac Banking Corporation378 may
be used hypothetically as an illustration. The daughter in Young v Hoger could
perpetrate fraud if the mortgagee’s solicitor provides her with the authorisation form
to procure execution on behalf of the father and mother. The daughter then forges
her father’s signature on the authorisation form, as well as the signature of the
witness, so that it appears that the father’s signature has been properly witnessed.
The form is brought back to the solicitor, who acts upon the form as the authorised
user and proceeds with the transaction.379 In Sansom v Westpac Banking
Corporation, in order to perpetrate fraud in an electronic registration system, the wife
approaches the bank stating that she and her husband wished to mortgage the
377 Young v Hoger [2001] QSC 53. 378 Sansom v Westpac Banking Corporation (1996) Aust Torts Report 81-383. 379 If the electronic registration system required identity to be verified and for this to be evidenced on
the authorisation form (such as in the New Zealand system), then the daughter might have access to the father’s identity documents and would be able to produce them to the solicitor.
160
property owned by them. The bank officer prepares an authorisation form. The wife
then tells the bank officer that her husband is too ill with cancer to attend at the
bank, requesting that she be allowed to take the form back to procure execution
from him. The bank officer allows her to do this. She forges the husband’s signature
on the authorisation form and it is witnessed by the bank officer, even though it was
not signed in his or her presence.
Thus it is possible for fraud by forgery of the signature to occur in an electronic
registration system. The manner in which the fraud may be perpetrated is generally
the same as in the paper registration system – forgery of the signature – the
difference is that in the paper registration system, the forgery is on the land title
instrument whereas in an electronic registration system, it is on the authorisation
form.380 This is because of the change in practice that under an electronic
registration system, clients would be required to sign an authorisation form rather
than the land title instrument itself. Hence, under an electronic registration system,
the target will be the client’s signature on the authorisation form.
5.2.3.1.2 Under what circumstances might this fraud be perpetrated?
This type of fraud will only occur in situations where access to the authorisation form
is given for the ostensible purpose of procuring execution by the victim, because
only then would there be an opportunity to forge the victim’s signature on the
authorisation form.
5.2.3.1.3 Who might be the likely perpetrators of this fraud?
It is likely that a perpetrator will be similar to that in the paper registration system,
someone known to and trusted by the victim, such as a family member.381 The
reason for coming to this conclusion is, as discussed in Chapter 3, that this class of
perpetrators are most likely able to perpetrate the fraud because of the relationship
of trust between the perpetrator and the victim acts as a facilitating factor:
380 Note that in British Columbia, where there is no separate authorisation and the signing by the
transferring party of the printed copy of the electronic land title form acts as the authorisation, the forgery will be of the transferring party’s signature on the printed copy. Thus for example, using the Sansom v Westpac Banking Corporation scenario, the wife could convince the lawyer/notary handling the mortgage that her husband is ill, the lawyer/notary allows her to take the printed copy home for the husband to sign, the wife then forges the husband’s signature on the printed copy and either the lawyer/notary acts as witness despite the signature not being signed in her/his presence or the wife forges the signature of the witness.
381 Whilst the victim’s solicitors would also fall under this category, it is submitted that solicitors in an electronic registration system would not need to perpetrate fraud by forging the victim’s signature on the authorisation form. This is because solicitors are able to directly access the system, prepare the necessary land title instrument, digitally sign and lodge for registration. This is discussed below in [5.6].
161
• known and trusted people are likely to have access to documents which may
aid in the fraud, such as victim’s identity documents;
• the relationship between the fraudulent person and the victim may
encourage the impression that he or she is acting or speaking on behalf of
the victim;
• this relationship may also encourage a certain amount of trust of the
fraudulent person;
• all correspondence and relevant documentation, particularly the
authorisation form, may be freely given for procuring execution on behalf of
the victim.
On the other hand, it may also be possible for fraud by those unknown to the victim.
However, as explained in Chapter 3, it would be more difficult for them to perpetrate
the fraud because of the lack of relationship with the victim, which might make it
more difficult for him or her to be given the authorisation form. As described in
Chapter 3, the fraudulent person in this type of fraud may act alone or in collusion
with others.
5.2.3.1.4 How might witnessing requirements be circumvented?
While it is likely that the client’s signature on the authorisation form must be
witnessed, this may also be circumvented in the same manner as in the paper
registration system by either:
• the fraudulent person forging the signature of the witness on the
authorisation form, using that of a genuine or fictitious person; or
• where the person witnessing the signature purports to witness the client’s
signature, even though it was not signed in his or her presence.
5.2.3.1.5 What factors may facilitate the perpetration of this type of fraud?
It is submitted that the factors that may facilitate this type of fraud in an electronic
registration system will be similar to the ones facilitating fraud by forgery in the
paper registration system, namely:
• non-compliance with witnessing requirements;
• the conveyancing practice (that a party, on receiving an instrument that
appears on the face of it to be executed and witnessed, is entitled to assume
that the signatures were properly witnessed, and that it is not usual practice
that attesting witnesses are contacted for the purposes of verifying the
162
authenticity of signatures appearing on the instrument) would also apply to
the witnessing of signatures on the authorisation form. So it could be said
that as with the paper registration system, this practice would also act to
facilitate fraud in an electronic registration system, when the fraudulent party
has forged the signature of the witness or where a witness has not complied
with witnessing requirements. Short of contacting the purported witness
appearing on the authorisation form or the signatories to the authorisation
form, it would be difficult to detect the forgery in these circumstances; and
• where the authorised user relies on the authorisation form and does not
contact the victim to confirm instructions, although the victim is noted on the
authorisation form as a party to the transaction. This facilitates fraud
because it provides an opportunity to perpetrate fraud and to conceal this
from the victim.
5.2.3.1.6 What are the transactions likely to be targeted by fraudulent
persons?
Finally, as explained in Chapter 3, the likely transactions that will be targeted by
fraudulent persons would be mortgages and transfers or a combination of these.
This is because the purpose of the fraud, whether in a paper or electronic
environment, is to obtain finance. Hence, mortgages are targets, so that the property
can be used to secure a loan. In the case of transfers, the fraudulent person may
abscond with the proceeds of the sale. This reasoning applies to all frauds,
whatever the type of registration system.
5.2.3.1.7 Conclusions
From the above analysis it would appear that the findings of Chapter 3 on fraud by
forgery of an individual’s signature in the paper registration system would apply
mutatis mutandis in an electronic registration system. The only variation would be
that in an electronic registration system, clients would be required to sign an
authorisation form, so the fraud is still a forgery, but now on the authorisation form
rather than on the land title instrument.
5.2.3.2 Company as the client
5.2.3.2.1 Can this fraud be perpetrated in an electronic registration system?
Chapter 3 found that in the paper registration system, forging the company’s
execution upon a land title instrument can be done by affixing the company’s seal on
163
to the instrument without the authority of the company and purporting that the
affixing has been witnessed by two directors of the company, or by a director and a
secretary.
In an electronic registration system, the possibility of this sort of fraud will depend on
how companies are allowed to execute the authorisation form. If executing the
authorisation form is not done by affixing the company seal but by placing a
handwritten signature on the form by individuals authorised to sign on behalf of the
company, then fraud may be perpetrated by forging the signatures of these
individuals and purporting to witness them. In such a case, the way of perpetrating
this fraud is similar that already described for an individual client.
A possible scenario is as follows, assuming that, in the electronic registration
system, the authorisation form for a company can be executed by authorised
individuals; perhaps a director and the secretary of the company. ABC Pty Ltd is the
owner of property in Queensland; its directors are A, B and C. Mr A is the fraudulent
person and wishes to mortgage the property to secure a loan for his own benefit. Mr
A visits a law firm in Brisbane, where a solicitor brings out the authorisation form for
Mr A to sign on behalf of ABC Pty Ltd. The solicitor allows Mr A to take the form
away to be executed by either Mr B or Mr C. Mr A then forges Mr B’s signature and
brings the form back to the solicitor who proceeds with the transaction and the
property is mortgaged. To circumvent witnessing requirements, Mr A either forges
the signature of the witness or the solicitor attests to Mr B’s signature even though it
was not signed in his or her presence.
If, however, companies may continue to execute the authorisation form by fixing the
company seal on to the authorisation form and this has to be witnessed by two
directors of the company or by a director and a secretary, then fraud may be
perpetrated in the same manner as in the paper registration system – by
fraudulently affixing the seal. So the facts in Northside Developments Pty Ltd v
Registrar General and Others, Pyramid Building Society (in liq) v Scorpion Hotels
Pty Ltd and Macquarie Bank Ltd v Sixty-Fourth Throne Pty Ltd could all occur in an
electronic registration system. The only difference would be that the fraudulent
affixing of the seal would be on the authorisation form, rather than on the land title
instrument itself. To use Pyramid Building Society (in liq) v Scorpion Hotels Pty
164
Ltd382as an example, the fraudulent person could fraudulently affix the company seal
on to an authorisation form prepared by the mortgagee’s solicitor. The fraudulent
person could also arrange for his wife to be appointed as a director of the company
so that the affixing of the seal upon the authorisation form could be witnessed by
him and his wife as directors. The authorisation form is returned to the mortgagee’s
solicitor, who acts upon the form and proceeds with the transaction.
Thus it is possible for fraud by forgery of the company’s signature to occur in an
electronic registration system. The manner in which the fraud may be perpetrated is
the same as in the paper registration system – forgery of the signature, the only
difference is that in the paper registration system, the forgery is on the land title
instrument whereas in an electronic registration system, it is on the authorisation
form.
5.2.3.2.2 Under what circumstances might this fraud be perpetrated?
As with forgery of the individual’s signature on the authorisation form, fraud by
forging the company’s execution on the authorisation form would only be possible
given access to the authorisation form, as it is only then that there would be an
opportunity.
5.2.3.2.3 Who might be the likely perpetrators of this fraud?
The likely perpetrators of this type of fraud would be similar to those in the paper
registration system, that is, someone occupying a position within the company, such
as a director or secretary of the company.
Their position with the company facilitates the fraud because:
• they will usually have access to the company’s common seal, where this is
needed to execute the authorisation form;
• in their position as director or secretary they are able to attest to the affixing
of the seal, where this needs to be witnessed;
• their position as director or secretary would entitle them to sign the
authorisation form on behalf of the company;
• their position with the company would mean that the authorisation form
would be given to them to obtain execution, providing them with the
opportunity to fraudulently execute it;
382 Pyramid Building Society (in liq) v Scorpion Hotels Pty Ltd [1998] 1 VR 188.
165
• in many cases the day-to-day running and management of the company may
be entrusted to them, giving them the opportunity to perpetrate fraud and to
conceal it from the other directors of the company.
It may be possible for fraud to be perpetrated by persons who do not already occupy
a position within the company. However, as was found in Chapter 3, these
individuals would be in a more difficult position to perpetrate the fraud, since:
• they might not have access to the company seal;
• they might also have to falsify company minutes to appoint themselves as
directors so as to authorise the affixing of the seal;
• it might be difficult for them to acquire an authorisation form.
Also, as under the paper registration system, fraud will often be perpetrated in
collusion with another person, such as the secretary or another director of the
company, particularly if the execution of the authorisation form in the electronic
registration system needs either:
• the signature of two such individuals authorised to sign on behalf of the
company; or
• the affixing of the company seal on the authorisation form, where the affixing
of the seal must be witnessed by two directors of the company or by a
director and secretary.
Where this other person is not already a secretary or director of the company, the
fraudulent person may fraudulently arrange for the person to be so appointed. False
minutes may be produced which purport to authorise the appointment of those with
whom the fraudulent person is colluding.
It is possible that the fraud may be perpetrated by someone acting alone, without
colluding with another person, but then, as found in Chapter 3, he or she would then
have to forge the second signature either purporting to act as the second signatory
to the authorisation form or purporting to act as witness to the affixing of the seal on
the authorisation form.
5.2.3.2.4 How might witnessing requirements be circumvented?
If the authorisation form for companies in the electronic registration system is
executed by two individuals signing on behalf of the company and these signatures
166
must be witnessed, these witnessing requirements may be circumvented in the
same manner as in the paper registration system by either:
• the fraudulent person forging the signature of the witness, who may be a
genuine or a fictitious person; or
• the witness purporting to witness the client’s signature even though it was
not signed in his or her presence.
So non-compliance with witnessing requirements may also be a facilitating factor in
the perpetration of the fraud.
When, however, the authorisation form for companies is executed by the fixing of
the company seal, witnessed by two directors of the company or by a director and
secretary, the fraudulent person would usually be someone entitled to witness the
fixing of the seal and would either:
• arrange for another person to be appointed to act as witness; or
• forge the signature of the second person purporting to act as witness.
5.2.3.2.5 What factors may facilitate the perpetration of this type of fraud?
It is submitted that the factors facilitating this type of fraud will be similar to those in
the paper registration system, that is:
• non-compliance with witnessing requirements;
• insufficient attempt made to obtain company searches or if one is obtained,
failure to compare the names listed on it with the names of the persons
executing the authorisation form on behalf of the company, or the names of
those attesting to the affixing of the company seal on the authorisation form.
However, as mentioned in Chapter 3, section 129(6) of the Corporations Act 2001
(Cth) allows a person to assume that a document has been duly executed by the
company if the company’s common seal appears to have been fixed to the
document and witnessed by two directors or by a director and a company secretary,
or by the director of a proprietary company with a sole director who is also the
company secretary. For documents executed without the company seal, the
assumptions are similar. So it could be argued that it would not be unreasonable for
a party, upon receiving an authorisation form that appears on the face of it to have
been duly executed by the company, to assume that this was so, without taking
further steps to verify it.
167
5.2.3.2.6 What are the transactions likely to be targeted by fraudulent
persons?
It is submitted that, as with the paper registration system, the likely transactions that
will be targeted by fraudulent persons would be mortgages and transfers or a
combination of both for the reasons stated above, in [5.2.3.1.6].
5.2.3.2.7 Conclusions
From the above analysis it would appear that the findings of Chapter 3 for fraud by
forgery of a company’s execution on a land title instrument in the paper registration
system would continue to apply in an electronic registration system. The only
variation would be that the fraud would now be a forgery of the company’s execution
of the authorisation form, rather than of the land title instrument.
5.2.3.3 Attorney as the client using falsified powe r of attorney
Chapter 3 found that fraud may be perpetrated in the paper registration system by
falsifying a power of attorney and using it to execute land title instruments purporting
to act as attorney on behalf of the grantor of the power of attorney. Will it be possible
to perpetrate this type of fraud in an electronic registration system?
5.2.3.3.1 Can this fraud be perpetrated in an electronic registration system?
Whilst usage of powers of attorney in an electronic registration system was not
discussed in detail in Chapter 4, it is likely that they would be exercised in the same
way as in the paper registration system, by the attorney under a power of attorney
entering into land transactions on behalf of the donor of the power of attorney. The
difference is that under the paper registration system, the attorney signs the land
title instrument on behalf of the donor, while in an electronic registration system, it is
likely that the attorney would sign the authorisation form on behalf of the donor. The
New Zealand Law Society Guidelines, for example, provide that signatures “for and
on behalf” are not acceptable on the A&I form except by an attorney under a
properly completed power of attorney with an appropriate certificate of non-
revocation.383 If this is the case, the case examples analysed in Chapter 3 could
occur in an electronic registration system, the only difference being that the attorney
would be signing the authorisation form rather than the actual land title instrument.
So in Yaktine v Perpetual Trustees Victoria Ltd, the fraudulent person, the son,
would forge the signatures of his parents to a power of attorney. The relevant
383 New Zealand Law Society, EDealing Guidelines (for Electronic Registration) (2007)
<http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008.
168
documentation, including the authorisation form, would be sent to the son who
would take the documents, including the authorisation form, to a solicitor. The
solicitor would witness the son signing as attorney for his parents on the
authorisation form. The forms would then be sent back to the mortgagees and the
property mortgaged. In Household Realty Corporation Limited v Liu384 the wife could
forge her husband’s signature on a power of attorney. She would then approach a
bank, to mortgage the property owned by her husband, execute an authorisation
form as attorney for her husband and the property would be mortgaged.
So fraud by false power of attorney may occur in the same manner as in the paper
registration system. The only difference is that in an electronic registration system,
the attorney would perpetrate fraud by executing the authorisation form on behalf of
the donor, instead of the land title instrument in the paper registration system.
5.2.3.3.2 Under what circumstances might this fraud be perpetrated?
This fraud would be possible when the fraudulent person is able to successfully
falsify a power of attorney and to use it to perpetrate fraud by purporting to act on
behalf of its donor.
5.2.3.3.3 Who might be the likely perpetrators of this fraud?
It is submitted that, as with the paper registration system, such a fraud may be
perpetrated by persons both known and unknown to the victim of the fraud, so long
as they are able to successfully falsify the power of attorney. However, as noted in
Chapter 3, it is more likely that they would be those known to the victim, since
forgery of the victim’s signature is required, and so the fraudulent person must know
the victim’s signature in order to perpetrate the fraud; this is more likely for someone
who knows the victim.
This type of fraud may be perpetrated alone or in collusion with others.
5.2.3.3.4 How might witnessing requirements be circumvented?
As with the paper registration system, since the donor’s signature on the power of
attorney must be witnessed, the fraudulent person, in falsifying the power of
attorney, would need to circumvent these witnessing requirements. This could be
by:
• forging the signature of the witness; or 384 Household Realty Corporation Limited v Liu (2005) Court of Appeal for Ontario C41837 and
C41838.
169
• having the witness attest to the signature even though it was not signed in
his or her presence.
5.2.3.3.5 What factors may facilitate the perpetration of this type of fraud?
As with the observations made in Chapter 3, it could be argued that this fraud may
be prevented if some form of verification is made to verify the authenticity of the
power of attorney before acting upon it, such as:
• by contacting the donor of the power of attorney. However, as noted in
Chapter 3, this is not common practice, particularly if the power of attorney
appears, on the face of it, to be duly executed and witnessed and registered
with the relevant Land Titles Office; or
• by contacting the person purportedly acting as witness to the power of
attorney. Again, as noted in Chapter 3, this is not common practice.
5.2.3.3.6 What are the transactions likely to be targeted by fraudulent
persons?
As with the paper registration system, the likely transactions that will be targeted by
fraudulent persons would be mortgages and transfers or a combination of both for
the reasons stated above in [5.2.3.1.6].
5.2.3.3.7 Conclusions
From the above analysis it would appear that the findings made in Chapter 3 for
fraud by false power of attorney in the paper registration system would continue to
apply under an electronic registration system. The only variation would be that in an
electronic registration system, due to the change in conveyancing practice the
attorney would perpetrate fraud by executing the authorisation form instead of the
land title instrument.
5.3 Fraudulent misrepresentation
5.3.1 Method of perpetrating fraudulent misrepresen tation in the paper
registration system
Chapter 3 found that fraud might be perpetrated in the paper registration system by
misleading the victim into signing certain documents. Chapter 3 also found that the
manner of perpetrating the fraud is linked to the conveyancing practice that anyone
may prepare and lodge land title forms for registration. Thus fraud may be
perpetrated when either the fraudulent person prepares the necessary forms and
succeeds in misleading or inducing the victim to execute them, or they are prepared
170
by someone else (such as a solicitor) and the fraudulent person is given them for
procuring execution by the victim, for example, by convincing the solicitor that he or
she is acting on behalf of the victim (or when the solicitor assumes this to be the
case).
5.3.2 Likely changes due to automating the Torrens registration process
Chapter 4 found that automating the registration process within the Torrens system
will most likely lead to changes in access requirements; it is likely that in an
electronic registration system only authorised users of the system will be allowed to
access the system, and prepare and lodge instruments for registration.
5.3.3 Impact of these changes on fraud by fraudulen t misrepresentations
It was observed in Chapter 4 that these changes mean that, in an electronic
registration system, fraudulent persons will not be able to prepare land title
instruments and mislead the victim into signing them. In Chapter 4, the question was
raised as to whether these changes might result in a reduction in opportunity to
perpetrate this type of fraud in an electronic registration system. The following
analysis attempts to answer this question; obviously, if individuals can no longer
sign land title instruments in an electronic registration system, it will therefore no
longer be possible for the fraudulent person to mislead or induce the victim into
signing these, so attention must now shift to the authorisation form instead.
5.3.3.1 Can this fraud be perpetrated in an electro nic registration system?
It is submitted that to perpetrate this type of fraud in an electronic registration
system, the fraudulent person would have to mislead or induce the victim into
signing the authorisation form so that the authorised user responsible for the
transaction will act on it and proceed with the transaction. This would be possible in
circumstances where the authorised user responsible for the transaction gives the
fraudulent person the authorisation form to procure execution from the victim, so
that the form is not signed in the presence of the authorised user. This provides the
fraudulent person the opportunity to mislead or induce the victim to sign the
authorisation form. If the form were signed in the presence of the authorised user, it
would be more likely that he or she would explain to the victim the nature of the
transaction and therefore it would be less likely for the fraud to occur. Whilst there
are witnessing requirements for the signing of the authorisation form, these
requirements may be circumvented in the same manner as fraud by forgery:
171
• by the fraudulent person forging the signature of the witness, who may a
genuine or fictitious person; or
• where the person witnessing the signature purports to witness the client’s
signature even though it was not signed in his or her presence.
Using Arcadi v Whittem385 as an example, the fraudulent person suggests that the
victim set up a family trust, then asks the victim to sign the authorisation form,
saying that it is required for setting up this trust. The victim believes this and signs
the authorisation form. Upon execution of the form, the fraudulent person takes the
form to a solicitor he or she has retained, who then proceeds with the transaction –
the authorisation form authorises the solicitor to act on behalf of the victim to
mortgage his or her property. To circumvent witnessing requirements on the
authorisation form, the fraudulent person forges the signature of a fictitious solicitor.
Thus fraudulent misrepresentations may be perpetrated in an electronic registration
system in the same manner as in the paper registration system – by misleading or
inducing the victim to sign the necessary document. The difference is that instead of
a land title instrument this document is an authorisation form, because of the change
in practice under an electronic registration system.
5.3.3.2 Under what circumstances might this fraud b e perpetrated?
This type of fraud needs the authorisation form to be provided to the fraudulent
person for procuring execution by the victim, giving him or her the opportunity to
mislead or induce the victim to execute the authorisation form.
5.3.3.3 Who might be the likely perpetrators of thi s fraud?
As in the paper registration system, it is the relationship of trust between the victim
and the fraudulent person in these types of fraud that is the critical factor in
facilitating them, so they will usually be perpetrated by someone known to the victim,
acting alone or in collusion with others.
5.3.3.4 How might witnessing requirements be circum vented?
The witnessing requirements for the authorisation form may be circumvented by
either:
• forging the signature of the witness; or
385 Arcadi v Whittem (1992 ) 59 SASR 515.
172
• having the witness purport to witness the signature even though it was not
signed in his or her presence.
5.3.3.5 What factors may facilitate the perpetratio n of this type of fraud?
The factors that may facilitate this type of fraud will be similar to the ones in the
paper registration system, that is:
• that the authorisation form is provided to the fraudulent person to procure
execution from the victim;
• that the authorised user responsible for the transaction deals solely with the
fraudulent person and does not make any genuine attempts to contact the
victim of the fraud to confirm instructions, even though the victim is noted on
the authorisation form as a party to the transaction;
• non-compliance with witnessing requirements; and
• the conveyancing practice that a party on receiving land title instruments that
appear on the face of it to be executed and witnessed is entitled to assume
that the signatures were signed in the presence of the witness. It could be
argued that this practice could extend to authorisation forms so that a party
upon receiving an authorisation form that appears on the face of it to be duly
executed and witnessed is entitled to assume that witnessing requirements
have been complied with.
5.3.3.6 What are the transactions likely to be targ eted by fraudulent persons?
As in the paper registration system, the likely transactions that will be targeted this
way would be mortgages and transfers or a combination of both, for the reasons
stated above in [5.2.3.1.6].
5.3.3.7 Conclusions
From the above analysis it would appear that the findings made in Chapter 3 for
fraudulent misrepresentation in the paper registration system would still apply in an
electronic registration system. The only difference being that in an electronic
registration system, due to the change in conveyancing practice, it will now be a
misrepresentation or inducement to the victim to execute the authorisation form
rather than the land title instrument.
Further, the observation made in Chapter 3 would still apply, that this type of fraud is
similar to forgery of signatures in that the circumstances in which the fraud may
173
occur, the type of perpetrators, the factors facilitating the fraud, are likely to be
similar. However, in fraudulent misrepresentations, the signature on the
authorisation form is genuine, whereas in forgeries, it is forged.
5.4 Fraudulent alterations
5.4.1 Method of perpetrating fraudulent alterations in the paper registration
system
Chapter 3 found that in the paper registration system, fraud may be perpetrated by
altering an instrument that has been executed; this type of fraud is possible because
in the paper registration system, anyone may prepare and lodge land title forms for
registration, so that anyone with access to land title forms that have been prepared
and executed has the opportunity to perpetrate this type of fraud. Chapter 3 also
found that the current practice of officers employed by the Land Titles Office, of
manually checking instruments lodged for registration before updating the register,
may be said to act as a safeguard against this type of fraud, since any alteration of
an instrument might leave some form of a physical mark which might then be
noticed by the officer during the manual inspection and appropriate action may then
be taken.
5.4.2 Likely changes due to automating the Torrens registration process
The analysis in Chapter 4 showed that, in an electronic registration system, it is
likely that only those authorised users with access to the system will be able to
prepare land title instruments, which would most likely be prepared in electronic
form, digitally signed by the authorised users involved in the transaction and
electronically lodged for registration. Chapter 4 also found that an electronic
registration system might incorporate the use of automated checks of instruments
lodged for registration to replace manual checks, and that the register might be
updated automatically rather than manually.
5.4.3 Impact of these changes on fraud by fraudulen t alteration
How might these changes affect opportunities for fraudulent alteration in an
electronic registration system? This issue was raised in Chapter 4; the following
analysis seeks to provide an answer.
5.4.3.1 Can this fraud be perpetrated in an electro nic registration system?
Opportunities to perpetrate this type of fraud in an electronic registration system
might be reduced in an electronic registration system for the following reasons:
174
(1) Changes to access requirements
Only those users who have registered would have access to land title instruments
on the system. Hence, as speculated in Chapter 4, the opportunities to perpetrate
this type of fraud would accordingly be restricted to those given access to the
system or those somehow able to gain access386.
(2) Use of technology
As noted in Chapter 4, it is most likely that the signature on the electronic instrument
will be a digital signature and that the technology used for digital signatures will most
likely be public key cryptography. It is possible, using technological means, to
ensure that:
• any alterations made to a document after a digital signature has been
applied to it will invalidate the digital signature; and
• the system will not accept an instrument for lodgement unless it has been
digitally signed.
These features are available in the electronic registration systems in both New
Zealand and Ontario. In New Zealand, if an eDealing is edited by anyone after it has
been certified and signed, the Landonline system clears all certifications and
signatures so that the eDealing must be re-signed and re-certified by all parties to
the eDealing before it can be accepted for lodgement and registration, as
Landonline returns the eDealing to draft status.387 Similarly, in the Ontario system,
any changes made on the electronic document after a document has been signed
for either completeness or release will trigger the removal of those signature(s) and
the document will need to be re-signed by the appropriate party(ies).388
386 Chapter 4 noted that it may be possible to fraudulently gain access to the system, for example, by
hacking into the system, circumventing the registration process to gain access, targeting users who have access or colluding with authorised users with access. The manner in which fraudulent persons may gain access via these means would be examined in greater detail Chapter 6. In the risk assessment conducted by Clayton Utz on behalf of NECS, the risk that the NECS system security may be inadequate enabling a third party to enter NECS (such as by hacking into the system) and change or delete workspace data was identified: see National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 23, risk reference 31. Also see risk reference 37: ‘NECS system security inadequate enabling third party to enter the NECS and commit fraudulent creation of a workspace or entry or alteration of data in an existing workspace leading to fraudulent transfer of property or payment to wrong accounts’.
387 Land Information New Zealand, Landonline E-Dealing Handbook for Students (2008) <http://www.landonline.govt.nz/edealing/training-resources/education-resources/index.asp> at 8 April 2008.
388 Teranet Inc, Teraview Reference Guide 5.3.3 (2007) <http://www.teraview.ca/resupgrades/ru_manuals.html> at 28 April 2008. See also Simon Hally, 'How Secure is E-Registration' (2005) 29(7) Canadian Lawyer 47, 47.
175
In this way, any alterations made after the instrument has been digitally signed will
invalidate the digital signatures applied to the instrument and consequently it could
not be lodged for registration. Thus, even if an alteration on an electronic document
may not be visible to the naked eye, unlike an alteration on a paper document, it
could be said that an electronic registration system has the potential to be more
secure that the paper registration system because in the paper registration system,
if an alteration goes unnoticed, the signatures are taken as valid and the instrument
will be registered.
An electronic registration system with this technology could potentially reduce the
opportunities for fraudulent alterations and help to prevent a document from being
altered without a signatory’s knowledge.389 To be able to perpetrate this type of
fraud, the fraudulent person:
• must already have access or be able to gain access; and
• must have access or be able to gain access to the digital certificates/PSPs of
the authorised users representing the parties involved in the transaction, so
that after he or she has altered the instrument, he or she can re-apply the
authorised users’ digital signatures invalidated by the system because of the
alteration. It might then appear that, although an alteration has been made,
the authorised users knew and consented to it, and have re-applied the
digital signatures. The fraudulent person can then submit the instrument for
registration.
It would be difficult to do this, particularly if the system requires the digital signatures
of the authorised users representing all parties to the transaction. For example, in
the case of a sale of property where a mortgage is not involved, the digital
signatures of the authorised user representing the purchaser, as well as the one
representing the vendor would be required. It would be difficult to obtain the digital
certificate/PSP of both authorised users, representing the purchaser as well as the
vendor. Even if the fraudulent person has access to the digital certificates/PSPs of
both authorised users, the alteration and subsequent re-application of the digital
signatures must remain undetected.
The system could also use technology to help its users keep track of changes made
to instruments created on the system, so that unauthorised alterations are detected.
389 Teranet Inc, Teranet White Paper Series: Security (2005)
<http://www.teranet.ca/corporate/publications/teranet-security.pdf> at 17 May 2006.
176
As discussed in Chapter 4, the system might also incorporate automated checks to
be run on instruments lodged for registration, to ensure that they have remained
unaltered from the time when they were digitally signed to when they were received
for lodgement. In addition, procedures for manual examination and manual updating
of the register may be continued under an electronic registration system, so that it
retains the security safeguards of the paper system, as well as adopting
technological safeguards. These will be discussed in greater detail in Chapter 7.390
The above conclusion that it would be difficult for this type of fraud to occur in an
electronic registration system may not apply in situations where:
• the digital signature of only one authorised user is required; or
• a single authorised user represents all parties in a transaction.
It would be far easier for the fraudulent person to obtain the digital certificate/PSP of
a single authorised user than to obtain them for all the authorised users involved in
the transaction. An example is the British Columbian system, which requires only
one digital signature to be applied, which may be the digital signature of any Juricert
authenticated lawyer or notary in British Columbia. A possible fraud scenario is as
follows: in a transaction involving the sale of a property, the authorised user for the
purchaser accesses the system and prepares the necessary transfer form. Details
are entered onto the instrument. The authorised user for the vendor digitally signs
the electronic form. However, before it is submitted for registration, an employee of
the vendor’s authorised user accesses the system and makes alterations to the
instrument. This is possible because the authorised user has left his or her digital
certificate/PSP in the office and the authorised user has written down the password
390 Another safeguard may be to restrict access to transactions created only to those authorised users
who are involved in the transaction. For example, in a sale of property, the authorised users who would be allowed to view the transaction would be the authorised user representing the vendor, the authorised user representing the purchaser and the authorised user representing the financial institution. However, the effectiveness of this measure would depend on the manner in which access to each transaction is controlled. In the proposed NECS for example, where workspaces are created, it is proposed that the initiating subscriber through its user or certifier will create the workspace. The user then uses a messaging facility in the workspace to invite subscribers for the other parties to the transaction to have one of their users enter the workspace and complete the information related to their respective roles: National Electronic Conveyancing Office, 'Draft National Business Model for the Establishment of a National Electronic Conveyancing System V.10' (National Electronic Conveyancing Office, 2007), [12.4.1]. Each workspace is given a unique identifying number by the system: National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.2.6]. However, the risk assessment performed by Clayton Utz identified a possible risk that the initiating subscriber may select an incorrect subscriber and the workspace ID is therefore sent to the wrong subscriber: National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 29, risk reference 39. The risk assessment also identified as a possible risk that the NECS system security may be inadequate enabling a third party to intercept workspace ID when it is sent to subscribers in the NECS (risk reference 42).
177
used to activate the digital certificate/PSP on a notepad. Having made the
alterations, the fraudulent person re-applies the digital signature of the authorised
person and the instrument is later submitted for registration.
Another possibility might be if the alteration is between the time the instrument has
been lodged for registration and the actual registration. For example, upon receiving
an electronic instrument lodged for registration, an employee at the Land Titles
Office accesses the system and alters the instrument and the register is updated
with the altered information. It is difficult to speculate whether it might be possible for
this to occur. It would depend on the security infrastructure of the system, including
the security infrastructure of the computer system at the Land Titles Office. The
most pertinent issue would be whether the system would allow alterations to be
made to electronic instruments once they have been lodged for registration. If the
system ‘locks’ all instruments immediately upon lodgement so that no alterations
may be made once lodgement occurs, then it would not be possible to alter the
instrument once lodgement has occurred. If this were the case, then the electronic
registration system would provide greater security against fraudulent alterations than
the paper registration system because in the paper registration system, fraudulent
alterations may occur at any time, even after lodgement.
Overall, while it might be possible for fraudulent alterations to occur in an electronic
registration system, the use of technology as well as restricted access could act to
reduce the opportunities for this type of fraud in an electronic registration system.
5.4.3.2 Under what circumstances might this fraud b e perpetrated?
Assuming that the electronic registration system requires digital signatures to be
applied by the authorised users representing all parties involved in the transaction,
this type of fraud may only be perpetrated when:
• the fraudulent person is able to gain access to the system;
• he or she is able to gain access to the digital certificates/PSPs of all the
authorised users involved in the transaction; and
• the alterations remain undetected by the authorised users and/or the
automated checks run by the system as well as by the examining officer at
the Land Titles Office.
If it is possible for alterations to be made after lodgement but before registration,
then this type of fraud may be perpetrated in circumstances where the fraudulent
178
person is able to gain access to instruments lodged for registration. However, as
explained above, if documents can be ‘locked’ on lodgement, this would no longer
be possible.
5.4.3.3 Who might be the likely perpetrators of thi s fraud?
Fraudulent alterations would most likely be perpetrated by persons who are able to
gain access to the system as well as to the digital certificates/PSPs of the
appropriate authorised users.
Hence, as described in Chapter 3, the fraudulent person must be someone with
access to executed land title instruments. However, because land title instruments
would be created in the electronic registration system, he or she would have to be
someone who is able to gain access to the system. Those who already have access
to the system would have an easier opportunity for fraud than those who would need
to take the additional step of gaining access. In addition, because the electronic
registration system invalidates the digital signatures applied to the instrument where
there is an alteration, the fraudulent person would also have to be able to access the
digital certificates/PSPs of the appropriate authorised users of the system.
Possible examples of these persons would include:
• an employee of an authorised user of the system; and
• an employee of the electronic registration system itself who has access to
the system.391
Obviously, authorised users who have access and have the ability to digitally sign
instruments would have the greatest opportunity for this type of fraud.392 However in
an electronic registration system, these persons would have no need to perpetrate
fraud by fraudulent alterations; instead, they would have a new opportunity for
perpetrating fraud by simply accessing the system, preparing the necessary
instruments, digitally signing them and lodging them for registration. This type of
fraud will be discussed in greater detail in Chapter 6.
391 See National Electronic Conveyancing Office, Risk Assessment of the National Electronic
Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 28, risk reference 38, theorising that an employee or administrator of NECS may alter workspace data.
392 See for example National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 42, risk reference 63, identifying a potential risk to the proposed NECS that a registered certifier may use his/her NECS ID and password and signing key to manipulate existing workspace information for the fraudulent person’s own benefit.
179
As found in Chapter 3, the person perpetrating this fraud might act alone or in
collusion with others. For example, the fraudulent person may be someone without
access, colluding with someone with access to the system.
5.4.3.4 What factors may facilitate this type of fr aud?
In Chapter 3, it was noted that the practice of officers employed by the Land Titles
Office to manually examine instruments lodged for registration might be said to act
as a safeguard against this type of fraud, as any alteration of an instrument would
leave some physical mark that could then be noticed by the examining officer. The
examining officer might also notice certain discrepancies on the instrument that may
suggest fraud. Hence it is arguable that perhaps a lack of due diligence during this
examination process may act to facilitate this fraud. However, it was also observed
in Chapter 3 that it would be difficult to notice an alteration where information had
been inserted rather than altered. In an electronic registration system, fraudulent
alterations may be facilitated if the fraudulent person is successful in altering the
instrument and re-applying the digital signatures and the alterations remain
undetected by:
• the authorised users involved in the transaction;
• automated checks run by the system; and
• Land Title Officers during the examination process (if this practice is retained
in the electronic registration system).
Unlike in the paper registration system where an alteration may become noticeable
to the examining officer, in an electronic registration system, it is less likely for this to
be the case because the alteration would not be visible in an electronic instrument. It
may be possible for the examining officer to detect certain discrepancies on the
instrument that suggest fraud. However, this would depend on the examination
process and the diligence exercised by these officers. The issue of whether manual
examinations should be continued as a safeguard against fraud will be discussed in
greater detail in Chapter 7.
As for automated checks run by the system, this may be configured to check that
the instrument lodged has not been altered from the time that it was digitally signed.
However, if the fraudulent person can successfully re-apply the digital signatures,
the checks would not detect that the alteration was unauthorised.
180
Thus, the most likely means of detecting this fraud is by the authorised users before
the instrument is lodged for registration, particularly if the system incorporates
technology that notifies authorised users of alterations made, including facilities to
track changes. If authorised users remain diligent in using the technology offered by
the system, fraudulent alterations may be detected, reducing the opportunities for
this type of fraud. This will be discussed in greater detail in Chapter 7.
5.4.3.5 What are the transactions likely to be targ eted by fraudulent persons?
As with the paper registration system, the likely transactions that will be targeted
would be mortgages and transfers, or a combination of both, for the reasons stated
in [5.2.3.1.6].
5.4.3.6 Conclusions
From the above analysis it would appear that unlike fraud by forgery and fraudulent
misrepresentation, opportunities for fraudulent alterations may be reduced in an
electronic registration system.
5.5 Identity fraud
5.5.1 Method of perpetrating identity fraud in the paper registration system
Chapter 3 found that the requirement in the paper registration system that the
certificate of title had to be produced before registration could proceed was said to
act as a safeguard against fraud, because it could not be perpetrated without the
certificate of title. However, the analysis of case examples in Chapter 3 also showed
that use of the certificate of title as an indication of the right to deal with the land
acted as a facilitator of fraud, because possession of the certificate of title, whether
genuine or forged, often lulled the other party into assuming that the person in
possession of the certificate of title was the person named on the certificate and so
the owner of the land, with the right to deal with it.
5.5.2 Likely changes due to automating the Torrens registration process
Chapter 4 found that an electronic registration system might discontinue using paper
certificates of title, but that there was still the option that certificates of title could
continue to play a role in the electronic registration system, such as in the proposed
Victorian system.
In systems that discontinued use of the paper certificate of title, Chapter 4 found that
some other method of establishing identity and right to deal might be used instead.
In New Zealand, for example, a formal identification process is required during the
181
signing of the A&I forms. The New Zealand system also requires certification that
identity has been verified. In the proposed Victorian system where it is planned that
electronic certificates of title would be used, a formal verification of identity during
the signing of the representation agreement will also be required, as can be seen
from the discussion in Chapter 4. Where a paper certificate of title exists as the
instrument for that transaction, it must be converted to an electronic certificate of title
and then nominated by the subscriber to the transaction before that transaction can
proceed. Otherwise, if the certificate of title is already in electronic format, then all
that is required is that it be nominated to the transaction by the subscriber in control
of it.
5.5.3 Impact of these changes on identity fraud
What would these changes mean for identity fraud? Can identity fraud continue in
an electronic registration system? The following analysis attempts to address this
question.
5.5.3.1 Can this fraud be perpetrated in an electro nic registration system?
It appears that identity fraud might be perpetrated in an electronic registration
system in the same way as in the paper registration system – when the fraudulent
person is able to successfully impersonate the victim of the fraud to convince the
authorised user responsible for the transaction that he or she has a right to deal with
the land. The difference is that in the paper registration system, since the certificate
of title is the document used to evidence right to deal, identity fraud uses the
certificate of title. In an electronic registration system, the manner in which identity
fraud may be perpetrated would depend on the system and how identity and right to
deal might be established.
5.5.3.1.1 Systems where certificates of title are not used
In systems where certificates of title are not used to establish a right to deal with the
land, to perpetrate identity fraud, the fraudulent person would have to circumvent
whichever method is used to establish identity and demonstrate a right to deal with
182
the land. Thus, if certain types of identity documents, such as driver’s licence or
passports, are used, identity fraud is possible if393:
• the fraudulent person can obtain genuine identity documents belonging to
the victim and successfully use them, alone or in collusion with someone
else, to impersonate the victim; or
• the fraudulent person is able to falsify identity documents and is able to use
them, whether alone or in collusion with someone else, to impersonate the
victim. These falsified documents may be those of a genuine or a fictitious
person.
The following case examples may be used to illustrate this.
(1) Using the victim’s identity documents
The fraudulent person is a trusted friend of the victim and through this relationship,
is able to obtain the victim’s driver’s licence, rates notices and telephone bills, then
brings these documents to the authorised user acting on behalf of a mortgagee. The
authorised person accepts these documents, believing that the fraudulent person is
the victim. The property is mortgaged and the proceeds of the loan made available
to the fraudulent person.
(2) Using the victim’s identity documents in collus ion with a third party
The fraudulent person’s father owns unencumbered property in Brisbane. The
fraudulent person has access to the father’s passport, driver’s licence, rates notices
for the property and telephone bills. The fraudulent person and a third party
approach a bank to mortgage the property. The third party is introduced by the
fraudulent person as his or her father. The identity documents are produced to the
393 See for example National Electronic Conveyancing Office, Risk Assessment of the National
Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 15, risk reference 21, identifying a risk to the proposed NECS that the certifier may fail to conduct client identity verification so that identity fraud is not detected. Another risk identified (risk reference 22) was that the client may fraudulently provide documents to satisfy identity verification requirements. It was noted in chapter 4 that the term ‘certifier’ is used in the proposed NECS to denote industry practitioners employed by or contracted to a subscriber and authorised by that subscriber to prepare, certify and sign instruments, settlement statements and information reports on behalf of the subscriber or the subscriber’s clients. By default, certifiers are also users of NECS: National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [4.4]. In addition, one of the comments received by the risk assessment during its consultation process related to the likelihood of a fraudulent person providing documentation to meet verification of identity requirements is ‘much more than 33% chance of happening once in the first 5 years. It is thought that it is quite likely that at some time in the first 5 years someone will present forged or fraudulently obtained documents’: National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 1, 98.
183
bank officer who accepts that the third party is the father. The property is then
mortgaged.
(3) Using false identity documents
False identity documents were used for identity fraud in New Zealand in 2005, when
false passports, bank statements and tax certificates were used by the fraudulent
person to convince three lawyers to arrange mortgages over homes which the
fraudulent person did not own.394 In Australia, in 2003, it was reported that illegal
finance brokers were manufacturing false identities to enable customers to obtain
bank loans. These brokers created new identities using false drivers licences,
council rates notices, medicare cards, employers’ references, credit cards and bank
statements.395
5.5.3.1.2 Systems using electronic certificates of title
In systems where electronic certificates of title are used in conjunction with an
identity verification process, such as that in the proposed Victorian system396, the
fraudulent person, in order to perpetrate identity fraud, would have to circumvent the
identity verification process as described above as well as directing the authorised
user in control of the electronic certificate of title to nominate the electronic
certificate of title to the transaction. If, however, a paper certificate of title already
existed, the fraudulent person would have to produce the paper certificate of title so
that it could be converted into an electronic certificate of title and nominated to the
transaction. The certificate of title and the identity documents used for the identity
verification process could be genuine or falsified.
The case examples used earlier to illustrate identity fraud in systems where
certificates of title are not used would apply here. For example, the fraudulent
person who is the victim’s trusted friend would use the victim’s driver’s licence, rates 394 See Catriona MacLennan, 'Warning About Conveyancing Fraud Using False Passports' (2005)
(39) Auckland District Law Society Law News 1 and Anne Gibson, 'Department Protects Homes From More Fraud', New Zealand Herald (Auckland), 2006, . See also the identity fraud scenarios from Canadian Institute of Mortgage Brokers and Lenders, Fighting Fraud: Face to Face (2003) <http://www.cimbl.ca/mortjournals/fighting_fraud.htm> at 10 January 2006.
395 Kara Lawrence, 'Forging a New 'Industry' of Fraudulent Bank Loans', The Daily Telegraph 24 February 2003. For further scenarios, see Law Society of British Columbia, Practice Tips: Fighting Back Against Fraud (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-16_Tips-fraud.html> at 6 June 2006. Also see Law Society of Upper Canada, 'Report to Convocation: Mortgage Fraud' (Law Society of Upper Canada, 2005), 10.
396 The analysis here is based upon the manner in which electronic certificates of title are proposed to be used in the proposed Victorian system because the proposed Victorian system is the only system thus far in which electronic certificates of title are proposed to be used.
184
notices and telephone bills to impersonate the victim. The authorised person
accepts these documents and believes that the fraudulent person is the victim. The
authorised person nominates the electronic certificate of title to the transaction or if
the authorised person is not the controller of the electronic certificate of title, the
authorised user could direct the controller to do so. If the certificate of title has not
been converted into electronic format, it is likely that the fraudulent person would
have access to the victim’s paper certificate of title or could gain access. In this case
the fraudulent person would simply produce the victim’s identity documents together
with the paper certificate of title to the authorised user. The paper certificate could
then be converted into an electronic certificate and nominated to the transaction.
Where false identity documents are used instead of genuine ones, the fraudulent
person would produce both false identity documents as well as false certificates of
title (if they exist in paper format and have not yet been converted). If the certificates
of title have already been converted, then all that would be needed to perpetrate
fraud would be production of the false identity documents and requesting the
authorised user to nominate the electronic certificate of title to the transaction.
Hence it is argued that the continued use of certificates of title would not provide any
additional safeguards against identity fraud. As can be seen from the analysis
above, where the certificate of title is in electronic format, identity fraud may be
perpetrated if the manner used by the system to establish identity and right to deal is
circumvented. The fraudulent person, as the victim, would then simply direct the
electronic certificate of title to be nominated to the transaction. In cases where the
certificate of title exists in paper format, the fraudulent person would simply have to
produce the paper certificate of title, in the same ways as that described in Chapter
3. As noted by Cocks & Barry: ‘It is the identity of the party that is crucial, not the
physical possession of the paper title. Fraud is perpetrated when someone
impersonates another by stealing their identity. Having possession of the paper title
is not enough in itself, it is simply indicative of identity’.397
5.5.3.2 Under what circumstances might this fraud b e perpetrated?
Identity fraud may be perpetrated if the fraudulent person is able to successfully
circumvent the method used by the electronic registration system to establish
identity and the right to deal with the land. In the paper registration system, this was
by producing the certificate of title. In an electronic registration system, this could be
397 Russell Cocks and John Barry, 'Electronic Conveyancing: Challenges for the Torrens System'
(2001) 8(3) Australian Property Law Journal 270, 276.
185
by producing various types of identity documents, such as passports, driver’s
licence, rates notices, as well as the certificate of title, if it continues to be used.
5.5.3.3 Who might be the likely perpetrators of thi s fraud?
Similar to the findings in Chapter 3, identity fraud in an electronic registration system
may involve persons known to the victim of the fraud, such as family members and
trusted friends. In these situations, they are able to perpetrate the fraud because
their relationship with the victim provides them with access to the victim’s identity
documents, including the certificate of title, necessary for the perpetration of the
fraud. Where the fraudulent person is related to the victim, such as where he or she
is the son or daughter of the victim, this relationship with the victim may make their
claims more credible.
It is also possible for identity fraud to be perpetrated by persons unknown to the
victim. In these cases, the way in which the identity documents and the certificate of
title are obtained might be different from that used by someone with access to them.
To obtain these documents, the fraudulent person could:
• forge them; or
• steal them.
Identity fraud is susceptible to both opportunistic and calculated fraud, by someone
acting alone or in collusion with others.
5.5.3.4 What factors may facilitate the perpetratio n of this type of fraud?
As found in Chapter 3, it may be argued that lack of diligence in verifying the identity
of the person claiming to have a right to deal with the land may be the key factor
facilitating identity fraud in an electronic registration system. However, as in Chapter
3, there may be cases where false identity documents are used and the forgery is of
such high quality that identity fraud could still occur despite the identity checks.
5.5.3.5 What are the transactions likely to be targ eted by fraudulent persons?
As with the paper registration system, the likely transactions that will be targeted by
fraudulent persons would be mortgages and transfers or a combination of both, for
the reasons stated above in [5.2.3.1.6].
5.5.3.6 Conclusions
From the above analysis it would appear that the findings in Chapter 3 for identity
fraud in the paper registration system would still apply in an electronic registration
186
system. The only variation might be that the paper certificate of title might not be
used by an electronic registration system to establish right to deal, other documents
being used instead.
5.6 Fraud by solicitors
5.6.1 Opportunities for solicitors to perpetrate fr aud in the paper registration
system
It was found in Chapter 3 that in the paper registration system, the position occupied
by solicitors and the trust reposed upon them by their clients, and by other solicitors
and stakeholders within the conveyancing process, provided solicitors with greater
opportunities for fraud than others. Solicitors could perpetrate fraud in the paper
registration system by:
• forging the signature of the client and attesting to the signature;
• falsifying a power of attorney;
• misleading or persuading the solicitor’s client to sign certain documents for
the purposes of perpetrating fraud; and
• fraudulently altering documents after they have been executed by the client.
5.6.2 Likely changes affecting fraud by solicitors after automating the Torrens
registration process
It was found in Chapter 4 that it is likely that solicitors would be among those with
access to the electronic registration system, able to prepare and lodge land title
instruments for registration, and that they would also be allowed to digitally sign
instruments on behalf of clients. This digital signature on the land title instrument
would not need to be witnessed. Finally, it was found in Chapter 4 that in an
electronic registration system the likelihood is that certificates of title would no longer
have to be produced as evidence of a right to deal with the land. Even if systems
were to use an electronic certificate of title modelled along the proposed Victorian
system, it is likely that solicitors would also be allowed to have control of that
certificate.
5.6.3 Impact of these changes on the opportunities for solicitors to perpetrate
fraud in an electronic registration system
The issue was raised in both Chapters 3 and 4 as to whether solicitors might have
similar or greater opportunities for perpetrating fraud in an electronic registration
system than in a paper-based system; it appears they would indeed have a greater
187
opportunity. To perpetrate fraud in an electronic registration system, the solicitor
would not even need to forge the victim’s signature, or mislead the client into signing
documents, or create false powers of attorney, or fraudulently alter instruments, as
is the case in the paper registration system. All that the solicitor would have to do
would be to prepare the instrument, digitally sign it and submit it to the Land Titles
Office for registration.398
While it is likely that an authorisation form might be required in an electronic
registration system as evidence of the client’s consent for the solicitor to act on his
or her behalf, there is really nothing to prevent the solicitor from simply preparing
and digitally signing an instrument without an authorisation form; in any case, the
solicitor could simply fabricate one.399
In systems using an electronic certificate of title modelled on the proposed Victorian
system, the requirement to nominate the electronic certificate to a transaction may
act to prevent fraud by solicitors who do not have control of the electronic certificate
of title. In this situation, to perpetrate fraud, the fraudulent solicitor must be able to
direct the authorised user who is in control of the electronic certificate of title to
nominate it to the transaction in question. Possible scenarios include:
• the fraudulent solicitor could write a letter, pretending to act on behalf of the
client, directing the authorised user in control to nominate the electronic
certificate of title to the transaction;
• the fraudulent solicitor could collude with the user in control.
However, as noted above, it is very likely that solicitors themselves would be given
control of certificates of title that have been converted into or issued in electronic
398 In fact, it will be argued by this research that being able to access the system, prepare, digitally
sign and lodge land title instruments for registration is a new opportunity for perpetrating fraud in an electronic registration system. As seen in the discussion here, solicitors would have the greatest opportunity to perpetrate this type of fraud because solicitors are likely to access to the system and are likely to able to digitally sign instruments on behalf of clients. This new opportunity to perpetrate fraud in an electronic registration system will be examined in detail in Chapter 6.
399 One of the comments received by the risk assessment conducted by Clayton Utz on behalf of NECS during its consultation process related to the likelihood of fraud by conveyancers and legal practitioners. It was observed that ‘legal practitioners and conveyancers are one of the most common perpetrators of fraud. The chance that there will be at least one case of this happening in 5 years is a lot higher than 33%. Also, mandating that subscribers keep records etc will not be feasible for sole traders, and will not prevent sole traders from committing fraud’: National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 1, 99.
188
format. For these solicitors, perpetrating the fraud would simply be a nomination of
the certificate of title to the transaction.400
In circumstances where the certificate of title remains in paper format, not yet
converted to electronic format, the fraudulent solicitor must contrive to convert it into
electronic format and then nominate that to the transaction. This may be achieved,
for example, if the paper certificate of title is left with the solicitor. As seen in the
case examples in Chapter 3, due to the position of the solicitor in the conveyancing
process, it would not be unusual for the certificate of title to be left with him or her.
Alternatively, depending on the system, it might be possible for the solicitor to
fabricate a conversion of the certificate of title and to nominate the electronic
certificate of title to the transaction. In this instance, both the genuine paper
certificate and the false electronic certificate would exist. Whether this would be
possible depends on the system.
Thus overall, the above analysis shows that it is likely that because solicitors would
play a greater role in an electronic registration system, they would have a better
opportunity to perpetrate fraud.
As noted by Thomas:
The supposed safety net of the system is that it cannot be operated by anyone other
than solicitors, who undertake to the State not to abuse the system. There is an
absence of other checks and balances in place to prevent individual land titles from
being transferred outright to strangers, at the whim of any fraudulent or incompetent
solicitor.401
And:
New registration procedures provide a shift from a system that contained inbuilt
protections to avoid fraud, and registration of incorrect instruments, to one that relies
400 Also see the NECS risk assessment produced by Clayton Utz, noting that ‘[T]he Subscriber with
title control (solicitor, conveyancer or financial institution) might fraudulently commit the title to a new transaction without the authority of the relevant transacting party for whom the Subscriber acts (eg. registered proprietor or first mortgagee). That would involve a false certification and a forged signature on a loan and mortgage or transfer. This is a similar risk to the risk that a solicitor or mortgagee holding a paper CT might fraudulently use the paper CT to undertake an unauthorised dealing in paper conveyancing’: National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, volume 1, [9.5].
401 Catriona MacLennan, 'Mortgage Frauds Prompt Calls for System Changes' (2006) 2 Law News 1, 1.
189
on the skill and integrity of the users of the system. It is for this reason that the
system is more open to abuse. Title registration is at the mercy of the dishonest or
incompetent conveyancer.402
While his observations relate to the electronic registration system in New Zealand,
they would be equally applicable to any electronic registration system where
solicitors play a key role without corresponding checks and balances.
5.7 Synthesis of findings: what is the impact of au tomating the Torrens
registration process on the paper based frauds iden tified in Chapter 3?
Following is a synthesis of the findings from the above analysis, showing the likely
extent to which the changes made to conveyancing processes and practices may
affect the findings of Chapter 3.
5.7.1 Can the frauds currently being perpetrated in the paper registration
system continue in an electronic registration syste m?
The analysis in this chapter shows that the types of fraud currently perpetrated in
the paper registration system could continue in an electronic registration system.
The only exception to this is fraudulent alterations, where it was found that the
opportunities for this fraud in an electronic registration system might be minimised.
5.7.2 Would the manner of perpetration be altered d ue to changes in
conveyancing practices?
The findings above show that the manner of perpetration of some of these frauds
will differ from the paper registration system due to changes in conveyancing
practices:
• for forgery of an individual’s signature, the forgery would be on the
authorisation form, rather than on the land title instrument itself;
• for forgery of a company’s signature, the forgery will be on the authorisation
form, rather than on the land title instrument itself. It may also be that rather
than fraudulently affixing the company seal, the forgery may involve forgery
of the handwritten signatures of the individuals entitled to sign on behalf of
the company. This will depend on how companies execute the authorisation
form in an electronic registration system;
402 Rod Thomas, ‘Fraud, Risk and the Automated Register’ in David Grinlinton (ed), Torrens in the
Twenty-first Century (2003) 349, 349.
190
• for fraud by false power of attorney, the attorney would use a false power of
attorney to sign the authorisation form, instead of the land title instrument, on
behalf of the donor;
• for fraudulent misrepresentations, the fraudulent person would have to
mislead the victim into signing the authorisation form, instead of the land title
instrument;
• for identity fraud, the fraudulent person may have to use other means of
fraudulently establishing identity and the right to deal with the land.
5.7.3 Where conveyancing practices might act as saf eguards against fraud,
how could these be circumvented?
The analysis above shows that witnessing requirements may continue to be used for
the authorisation form. However, similar to the findings in Chapter 3, witnessing
requirements may be circumvented by the fraudulent person in the same manner as
in the paper registration system by:
1. forging the signature of the witness; or
2. having the witness attest to the signature(s) even though it was not signed in
his or her presence.
5.7.4 Who might be the likely perpetrators of these types of fraud in an
electronic registration system?
The analysis above shows as found in Chapter 3, these frauds may be perpetrated
by different persons with different levels of opportunity. The perpetrator may be
someone known to the victim of the fraud, such as a friend, relative, partner, or the
victim’s solicitor, or can be someone not known to the victim.
However, unlike the paper registration system, it may also be possible to categorise
perpetrators in an electronic registration system in terms of those who have access
to the system and those who do not. Those within the first category, who may be
termed ‘insiders’ include:
• authorised users who have access to the system, such as solicitors;
• employees of the system itself;
• employees of Land Registries who have access to the system.
Others may be termed ‘outsiders’, any person without access to the system.
191
These categories, insiders and outsiders,403 are useful because one of the largest
security risk that organisations face is that of internal attacks. As noted by George:
Insiders are best placed to know the organisation’s greatest vulnerabilities, what to
look for, and where to find it. They also have greater legitimate access to information
systems, and, if personal grievance is the motivating factor, generally can be more
determined than an outsider to inflict harm on the organisation.404
Under an electronic registration system, the possible frauds that insiders might
perpetrate include:
• fraudulent alterations; and
• fraudulently preparing and lodging instruments for registration, when in
possession of a digital certificate/PSP or having access to one.405
The possible frauds that outsiders may perpetrate include:
• forgery of signature on the authorisation form;
• fraud by false power of attorney;
• fraudulent misrepresentations; and
• identity fraud.
In addition, outsiders may also collude with insiders, enabling them to perpetrate all
the frauds open to insiders.
Outsiders who can fraudulently gain access to the system and to the digital
certificate/PSP could also perpetrate all the same frauds as insiders. The way in
which fraudulent persons could gain access will be examined in greater detail in
Chapter 6.
5.7.5 Are these perpetrators likely to act alone or in collusion with others?
As found in Chapter 3, fraud may be perpetrated by the fraudulent person alone or
in collusion with a third party.
403 It was noted by Smith that ‘insiders’ and ‘outsiders’ is the ‘most general classification of people
who could possibly have access to a particular computing system’. Smith classifies insiders as ‘people with an established relationship with the system’s proprietor. Typical insiders are employees of the proprietor’s organization’. Outsiders are classified as ‘people without a similar relationship to the organization’: see Richard Smith, Authentication: From Passwords to Public Keys (2002), 73.
404 Narelle George, 'Cyber Traps: An Overview of Crime, Misconduct and Security Risks in the Cyber Environment' (Queensland Crime and Misconduct Commission, 2004), 2.
405 As noted above, this type of fraud will be discussed in more detail in Chapter 6. It is also a type of fraud that solicitors may perpetrate.
192
5.7.6 In an electronic registration system, which f rauds could be perpetrated
by those known to the victim and which by those unk nown?
The analysis above shows that, as in Chapter 3, some types of fraud might be more
easily perpetrated by those known to the victim. For instance, forgery and fraudulent
misrepresentations in an electronic registration system are more likely to be
perpetrated by someone known to and trusted by the victim because, in these types
of fraud, it is this relationship of trust that provides the fraudulent person with the
opportunity. In contrast, identity fraud may be perpetrated by persons both known
and unknown to the victim.
5.7.7 For frauds persisting in an electronic regist ration system, will
opportunistic fraud by those known to the victim co ntinue to be more
prevalent?
From the above analysis, it could be said, as with the paper registration system, that
opportunistic fraud perpetrated by those known to the victim would continue to be
the more prevalent type of fraud in an electronic registration system. The reason for
this conclusion is similar to that in Chapter 3, that it is easier for persons known to
the victim to perpetrate fraud, because of the readily available opportunity that
means that fewer steps are required for the fraud. However, it may be the case, as
noted in Chapter 3, that improvements in technology, including print and multimedia,
may see a rise in calculated fraud, particularly in the case of identity fraud,
perpetrated by persons unknown to the victim. In addition, an electronic registration
system may introduce new types of fraud. Which of these might be more susceptible
to opportunistic or to calculated fraud, and which more open to those unknown or
known to the victim? These issues will be examined in Chapter 6.
5.7.8 Which factors might facilitate the perpetrati on of these frauds in an
electronic registration system?
From the above analysis, it could be said that the types of factors facilitating fraud in
the paper registration system may continue to play a role in an electronic registration
system. These include:
• where the fraudulent person has all the necessary documentation,
particularly the authorisation form, for procuring execution by the victim;
• where all correspondence is addressed to the fraudulent person;
193
• where the victim has not been contacted to confirm or verify instructions,
even though he or she is noted on the authorisation form as a party to the
transaction;
• where the witness does not comply with witnessing requirements and attests
to signature(s) on the authorisation form although they were not signed in his
or her presence;
• the practice that a party on receiving land title instruments that appear on the
face of it to be properly executed and witnessed is entitled to assume that
the signatures were signed in the presence of the witness, and that it is not
usual practice that attesting witnesses are contacted to verify the authenticity
of signatures on the land title instrument. This reasoning may be extended to
authorisation forms;
• in the case of fraud involving companies, where no attempt has been made
to obtain company searches or if one was obtained, to compare the names
found with those of the persons executing the authorisation form for the
company or with the names of those who attested to the affixing of the
company seal406; and
• where there has been a lack of due diligence in establishing the identity of
the person purporting to deal with the land.
5.7.9 Will solicitors continue to have an opportuni ty to perpetrate fraud in an
electronic registration system?
It is argued that the opportunities for fraud to be committed by solicitors in an
electronic registration system will be enhanced because of the greater role played
by solicitors in the electronic registration system. Whether certain measures may be
implemented in an electronic registration system to reduce fraudulent opportunities
by solicitors will be examined in chapter 7.
5.7.10 In an electronic registration system, is it likely that mortgages or a
combination of mortgages and transfers will continu e to be targeted?
It is submitted that similar to the findings in chapter 3, the likely transactions that will
be targeted will be mortgages and transfers or a combination of transfers and
406 However, as noted above and as argued in Chapter 3, the assumptions that may be made under
section 129 of the Corporations Act 2001 (Cth) may allow a party, upon receiving an authorisation form that appears on the face of it to have been duly executed by the company, to assume that it was duly executed, without taking further steps to verify that the persons affixing the seal or attesting to the affixing of the seal or signing on behalf of the company did indeed have the authority to do so
194
mortgages because it is through these two transactions that the fraudulent person
will be able to gain a financial benefit from the fraud.
These findings are represented in the table following.
195
Paper Electronic Type of fraud Manner of
perpetration Factors enabling fraud to occur
Type of fraud Manner of perpetration
Factors enabling the fraud to occur
Forgery of an individual’s signature on a land title instrument
* Usually opportunistic -perpetrated by persons known to the victim, such as the victim’s family members, victim’s solicitor.
* May be acting alone or in collusion with others.
* Would only occur if the land title instrument is given to the fraudulent person to procure execution from the victim of the fraud.
* Likely transaction: mortgage and transfer or a combination of both.
* Forgery of victim’s signature on the land title instrument.
* To circumvent witnessing requirements: either: - forge the signature of the witness. This can be of a real person or a fictitious person; or - witness attests to the signature even though it was not signed in the presence of the witness.
* Relationship between victim & fraudulent person – fraudulent person is trusted by the victim. * Easy access to the paper certificate of title and various other documents. * Fraudulent person is usually seen as speaking for or on behalf of the victim. * All correspondence addressed to the fraudulent person. * Land title instrument provided to the fraudulent party to procure execution from the victim. * The victim is not contacted or dealt with even though the victim is a party to the transaction. * The witness to the signature(s) on the instrument attests to the signature(s) even though not signed in front of the witness. * The conveyancing practice that a party on receiving documents that appear on the face of it to be executed and witnessed is entitled to believe that the signatures were signed in the presence of the witness and that it is not usual practice to contact the attesting witness to ensure that witnessing requirements have been complied with.
Altered to: Forgery of an individual’s signature on the authorisation form
* Likely to be opportunistic -perpetrated by persons known to the victim, such as the victim’s family members. * May be acting alone or in collusion with others. * Would only occur if the authorisation form is provided to the fraudulent person to procure execution from the victim.
* Likely transaction: mortgage and transfer or a combination of both.
* Forgery of victim’s signature on the authorisation form. * To circumvent witnessing requirements: either: - forge the signature of the witness. This can be of a real person or a fictitious person; or - witness attests to the signature even though it was not signed in the presence of the witness.
* Relationship between victim & fraudulent person – fraudulent person is trusted by the victim. * Easy access to the paper certificate of title (if used in the electronic registration system) and various other identity documents. * Fraudulent person is usually seen as speaking for or on behalf of the victim. * All correspondence addressed to the fraudulent person. * Authorisation form provided to the fraudulent party to procure execution. * The authorised user responsible for the transaction does not contact the victim to confirm or verify instructions even though the victim is noted on the authorisation form as a party to the transaction. * The witness to the signature(s) on the instrument attests to the signature(s) even though the signature was not signed in front of the witness. * The conveyancing practice that a party on receiving documents that appear on the face of it to be executed and witnessed is entitled to believe that the signatures were signed in the presence of the witness and that it is not usual practice to contact the attesting witness to ensure that witnessing requirements have been followed.
*
*
*
196
Paper Electronic Type of fraud Manner of
perpetration Factors enabling fraud to occur
Type of fraud Manner of perpetration
Factors enabling the fraud to occur
Forgery of a company’s execution of the land title instrument
Usually opportunistic-perpetrated by persons occupying a position with the company, such as: * the company director; * the company secretary. * Could also be a former director.
* Generally in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
* Would only occur if the land title instrument is provided to the fraudulent person for execution by the company.
Affixing the company seal on the instrument, usually a mortgage, without authority from the company; * Fraudulent person and person colluding with fraudulent person attesting to the affixing of the seal; * Fraudulently appointing the person colluding with the fraudulent person as director/secretary so as to provide that person with authority to attest to the affixing of the seal; * In some cases producing false minutes of meeting authorising the affixing of the seal and/or the appointment. * If acting alone, the fraudulent person would have to forge the signature of the other signatory attesting to the affixing of the company seal.
Access to the company seal. * Access to the paper certificate of title. * Land title documents provided to the fraudulent party for execution by the company. * Trust placed upon the fraudulent party by other directors, day to day running of the company entrusted to the fraudulent person. * Where no attempt made to obtain company searches or if company searches were obtained, to compare the signatures of the witnesses purporting to witness the fixing of the company seal against the company search. However, the assumptions that may be made under s129 of the Corporations Act 2001 (Cth) may allow a party, upon receiving an instrument that appears on the face of it to have been duly executed by the company, to assume that it was duly executed, without taking further steps to verify that the persons affixing the seal or attesting to the affixing of the seal did indeed have the authority to do so.
Altered to: Forgery of a company’s execution of the authorisation form
* Likely to be opportunistic perpetrated by perpetrated by persons occupying a position with the company, such as: * the company director; * the company secretary. * Whether in collusion with others or acting alone would depend on execution requirements.
* Likely transaction: mortgage and transfer or a combination of both.
* Would only occur if authorisation form is provided to the fraudulent person for execution by the company.
Depends on the manner in which companies execute the authorisation form. (1) If by signature of two individuals authorised to sign on behalf of the company, such as two directors or a director and a secretary – by forging the signatures of these individuals. + To circumvent witnessing requirements: either: - forge the signature of the witness. This can be of a real person or a fictitious person; or - witness attests to the signature even though it was not signed in the presence of the witness. (2) If by affixing company seal and affixing of the seal must be witnessed by two directors or by a director or a secretary – fraudulently affixing the common seal and attesting to the affixing of the seal (similar to the paper system).
Authorisation form provided to the fraudulent person to procure execution. * Trust placed upon the fraudulent person by the directors of the company, day to day running of the company entrusted to the fraudulent person. * If company seal required to perpetrate the fraud, then access to the company seal. * The witness attests to the signature(s) on the authorisation form even though the signature(s) were not signed in his/her presence. * where no attempt has been made to obtain company searches or if one was obtained, to compare the names listed on the company search against the names of the persons executing the authorisation form on behalf of the company or as against the names of those who attested to the affixing of the company seal on the authorisation form. However, the assumptions that may be made under section 129 of the Corporations Act 2001 (Cth) may allow a party upon receiving an authorisation form that appears on the face of it to have been duly executed by the company, to assume that it was duly executed, without taking further steps to verify that the persons affixing the seal or attesting to the affixing of the seal or signing on behalf of the company did indeed have the authority to do so.
197
Paper Electronic Type of fraud Manner of
perpetration Factors enabling fraud to occur
Type of fraud Manner of perpetration
Factors enabling the fraud to occur
Fraud by false power of attorney
* May be both opportunistic and calculated, perpetrated by persons known or unknown to the victim, so long as the fraudulent person is able to falsify the power of attorney.
* Arguably more likely that the perpetrator would be someone known to the victim as the perpetrator would need to know the victim’s signature for forgery purposes.
* Examples include: - Wife; - Solicitor; - Son. * May be acting alone or in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
Forging the victim’s signature on the power of attorney and using that power of attorney to perpetrate fraud by signing land title instruments on behalf of the donor of the power of attorney. Witnessing requirements for the power of attorney may be circumvented in the same manner as in forgery of signatures on the land title instrument.
* Not verifying the authenticity of the power of attorney, such as by contacting the donor or the witness to the power of attorney. * However, it is not common or usual practice that this is done.
Fraud by false power of attorney
* May continue to be both opportunistic and calculated, perpetrated by persons known or unknown to the victim, so long as the fraudulent person is able to falsify the power of attorney.
* Arguably more likely that the perpetrator would be someone known to the victim as the perpetrator would need to know the victim’s signature for forgery purposes.
* Examples include: - Wife; - Son. * May be acting alone or in collusion with others
* Likely transaction: mortgage and transfer or a combination of both.
Forging the victim’s signature on the power of attorney and using that power of attorney to perpetrate fraud by signing the authorisation form on behalf of the donor of the power of attorney. Witnessing requirements for the power of attorney may be circumvented in the same manner as in forgery of signatures.
* Not verifying the authenticity of the power of attorney, such as by contacting the donor or the witness to the power of attorney. * However, it is not common or usual practice that this is done.
Misleading victim into signing documents
* Usually opportunistic, perpetrated by persons known to and trusted by the victim: victim’s friend, victim’s solicitor
* May be acting alone or in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
* Fraudulent person misleading or inducing the victim into signing documents used to perpetrate the fraud. * The fraudulent person himself/herself may prepare the necessary instruments, induce the victim to sign them, and lodge them for registration. * OR the instrument is prepared by another party who gives to the fraudulent person the instrument for
* Victim’s trust placed upon the fraudulent party. * Fraudulent party’s access to the certificate of title and other identity documents. *Where the fraudulent person has or is given relevant land title instruments for the purposes of procuring execution from the victim. * all correspondence is addressed to the fraudulent person, and the victim, although a party to the transaction, is not contacted to
Altered to: Misleading victim into signing the authorisation form
* Likely to be opportunistic -perpetrated by persons known to and trusted by the victim: victim’s friend, family member. * May be acting alone or in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
* Misleading or inducing the victim into signing the authorisation form and the user handling the transaction proceeds with the transaction. * Will only occur in circumstances where the fraudulent person is given the authorisation form for the purposes of procuring execution from the victim. * If need be, witnessing requirements for the authorisation form may be circumvented by
* Victim’s trust placed upon the fraudulent person. * Fraudulent party’s access to the certificate of title (if used in the electronic registration system) and other identity documents. * The authorised user responsible for the transaction gives to the fraudulent person the authorisation form to procure execution from the victim. * Non-compliance with witnessing requirements. * Authorised user responsible for the transaction does not contact the victim to confirm instructions
198
Paper Electronic Type of fraud Manner of
perpetration Factors enabling fraud to occur
Type of fraud Manner of perpetration
Factors enabling the fraud to occur
the purposes of procuring execution from the victim. The instrument is then lodged for registration. * If need be, witnessing requirements may be circumvented by either: - forging the witness’s signature. This can be of a real person or a fictitious person; or - the witness attests to the signature even though it was not signed in the presence of the witness.
confirm instructions. * The conveyancing practice that a party on receiving documents that appear on the face of it to be executed and witnessed is entitled to believe that the signatures were signed in the presence of the witness.
either: - forging the witness’s signature. This can be of a real person or a fictitious person; or - the witness attests to the signature even though it was not signed in the presence of the witness.
even though the victim is noted on the authorisation form as a party to the transaction. * The conveyancing practice that a party on receiving documents that appear on the face of it to be executed and witnessed is entitled to believe that the signatures were signed in the presence of the witness.
Fraudulent alterations
Usually opportunistic -perpetrated by someone who has access to executed documents. These may be persons known or unknown to the victim. Examples include: - solicitor - clerk working in a law firm - bank officer - land registry staff * May be acting alone or in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
* Altering details in the land title instrument which has been executed by the victim. * Insertion of information rather than alteration may be more prevalent because an alteration may be more visible than an insertion.
* Position occupied by the fraudulent person providing him/her with access or ability to gain access to executed land title instruments. * Manual examination at the Land Titles Office may not notice alterations where additional information has been inserted.
Fraudulent alterations
* Possibly reduced opportunities to perpetrate this type of fraud. * If possible then likely to continue to be opportunistic, perpetrated by someone with access to the system and access to the digital certificates/PSPs of the authorised users responsible for the transaction.
* Also may be acting alone or in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
Altering the contents of a land title document after it has been digitally signed by the authorised users responsible for transaction, re-applying the digital signatures and submitting the altered document for registration.
Depends on the type of technology used: * The system must invalidate the digital signatures on a document when an alteration has been made and require that the digital signatures of the users representing all parties to the transaction be re-applied before the document can be submitted for registration. * The system must not accept for lodgement any instrument that has not been digitally signed. * The system must require digital signatures to be applied by the authorised users representing all parties involved in the transaction. * The system must lock all instruments upon lodgement so that alterations may not be made after lodgement. * Due diligence by the authorised users: to use the technology offered by the system to monitor unauthorised alterations.
199
Paper Electronic Type of fraud Manner of
perpetration Factors enabling fraud to occur
Type of fraud Manner of perpetration
Factors enabling the fraud to occur
Identity fraud
(1) May be opportunistic, perpetrated by persons known to the victim. * May be acting alone or in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
*Fraudulent person, with or without the aid of a third party, claiming that he/she has a right to deal with the land by producing the certificate of title to the subject land. * In some cases, other documents are produced to substantiate this claim. * Generally the certificate of title and other documents are genuine.
* Fraudulent person’s relationship with the victim provides the fraudulent person with access to the certificate of title and other identity documents. * Where the fraudulent person colludes with a third party to impersonate the victim, the fraudulent person’s relationship with the victim may make their claim that the third party is the victim more credible. * Lack of vigilance by the other party in verifying the identity of the person purporting to deal with the land and assuming that the person with the certificate of title is indeed the person named on the certificate of title.
Identity fraud
(1) May be opportunistic, perpetrated by persons known to the victim. * May be acting alone or in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
* Fraudulent person, with or without the aid of a third party, falsely claiming that he/she has a right to deal with the land by producing the necessary documentation required or used by the electronic registration system to establish identity and right to deal. * This will be the case even if the system uses electronic certificates of title modelled along the proposed Victorian EC. * Generally these documents would be genuine.
* Fraudulent person’s relationship with the victim provides the fraudulent person with access to the necessary documents required or used by the system to establish identity and right to deal. * Where the fraudulent person colludes with a third party to impersonate the victim, the fraudulent person’s relationship with the victim may make their claim that the third party is the victim more credible * Lack of vigilance by the other party in verifying the identity of the person purporting to deal with the land.
(2) May be calculated, perpetrated by persons unknown to the victim.
* May be acting alone or in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
* Fraudulent person, with or without the aid of a third party, claiming that he/she has a right to deal with the land by producing the certificate of title to the subject land. * The certificate of title may be forged or genuine. * Example of obtaining a genuine certificate of title – making an application to the Land Titles Office for a new certificate of title. * In some cases, other documents are produced to substantiate this claim.\
* Ability to forge the certificate of title and other identity documents. * Lack of vigilance by the Land Titles Office in verifying the application for a new certificate of title. * Lack of vigilance by the other party in verifying the identity of the person purporting to deal with the land by requesting for additional identification and assuming that the person with the certificate of title is indeed the person named on the certificate of title.
(2) May be calculated, perpetrated by persons unknown to the victim.
* May be acting alone or in collusion with others.
* Likely transaction: mortgage and transfer or a combination of both.
* Fraudulent person, with or without the aid of a third party, falsely claiming that he/she has a right to deal with the land by producing the necessary documentation required or used by the electronic registration system to establish identity and right to deal. * This will be the case even if the system uses electronic certificates of title modelled along the proposed Victorian EC. * These documents may be forged or genuine (eg. stolen).
* Ability to forge or gain access to the necessary documents required or used by the system to establish identity/right to deal. * Lack of vigilance by the other party in verifying the identity of the person purporting to deal with the land.
200
Paper Electronic Type of fraud Manner of
perpetration Factors enabling fraud to occur
Type of fraud Manner of perpetration
Factors enabling the fraud to occur
Fraud by the solicitor
(1) Forging the client’s signature (2) Altering documents after client’s execution but before lodgement. Easier to perpetrate if solicitor acting for both parties to the transaction. (3) Misleading the client into signing land title documents. (4) Forging the client’s signature on the power of attorney and using the power of attorney to sign documents on behalf of the client.
* Solicitor’s role in the conveyancing process. * Trust placed upon solicitor by their clients, by other solicitors and by other stakeholders in the conveyancing process.
Fraud by the solicitor
Solicitor may perpetrate fraud by simply accessing the system, preparing the land title instrument, attaching the digital signature on the instrument and submitting the instrument for lodgment.
* Solicitors will have access to the system, provided they go through the registration process to access the system. * Solicitors will most likely fall within the class of users who have the ability to sign instruments on behalf of clients. * The digital signature of the solicitor on the land title instrument need not be witnessed. * If electronic certificates of title are used, solicitors are likely to fall within the class of authorised users to have control of the electronic certificates of title. * Trust placed upon solicitor by their clients, by other solicitors and by other stakeholders in the conveyancing process. * Therefore overall greater role played by solicitors within the electronic registration system and greater opportunities to perpetrate fraud.
201
5.8 Conclusion
This chapter examined the likely impact of automating the registration process of the
Torrens system on the paper-based frauds identified in Chapter 3. It demonstrated
that the changes likely to be made to paper conveyancing processes and
requirements from automating the Torrens registration process will affect the
manner in which fraud may be perpetrated.
Thus, while the types of fraud currently being perpetrated in the paper registration
system may continue to occur in an electronic registration system, their manner of
perpetration will be different for some of these frauds because of changes in
conveyancing processes. For fraudulent alterations however, the opportunity to
perpetrate this type of fraud in an electronic registration system was found to be
reduced.
For the frauds that may occur in an electronic registration system, this chapter
ascertained that similar to the paper registration system, some of these frauds, such
as forgeries, would be more susceptible to being perpetrated by those known to the
victim of the fraud whilst others, particularly identity fraud, may be susceptible to
being perpetrated by both persons known and unknown to the victim of the fraud.
The analysis in this chapter also showed that opportunistic fraud would most likely
continue to be the more prevalent type of fraud and that people known to the victim
rather than those unknown would be the more common perpetrators of fraud.
However, it was noted that improvements in technology may see a rise in calculated
fraud, particularly in identity fraud, perpetrated by those unknown to the victim of the
fraud. It is also likely that the factors facilitating fraud in the paper registration
system would continue to play this role in an electronic registration system. The
transactions likely to be targeted by fraudulent persons in an electronic registration
system were found to be similar to those in a paper registration system, that is,
mortgages and transfers or a combination of both. From this it was concluded that
the findings from Chapter 3 on paper-based frauds will most likely remain unaltered
for those frauds that may continue under an electronic registration system.
However, unlike fraudulent alterations where the opportunities to perpetrate this type
of fraud were found to be reduced in an electronic registration system, a different
202
finding was obtained for fraudulent opportunities by solicitors. This chapter found
that solicitors are likely to have a greater opportunity to perpetrate fraud in an
electronic registration system than in the paper registration system. Whether it may
be possible to implement certain measures to reduce these opportunities for
fraudulent conduct, both for the paper based frauds that may continue to be
perpetrated in an electronic registration system as well as targeting fraud by
solicitors, will be examined in Chapter 7.
The next chapter will examine whether changes made to conveyancing practices
and processes may create different or new opportunities for perpetrating fraud in an
electronic registration system. For these types of fraud, an analysis will also be
undertaken of the likely factors that may play a role in the perpetration of these
frauds, their likely perpetrators, whether they are likely to act alone or in collusion
with others, and whether these types of fraud would be susceptible to opportunistic
or calculated fraud, and more likely to be perpetrated by those known to the victim
or those unknown.
203
CHAPTER 6
WILL AN ELECTRONIC REGISTRATION SYSTEM INTRODUCE NE W
OPPORTUNITIES FOR PERPETRATING FRAUD?
Table of contents 6.1 Introduction......................................................................................................204 6.2 A new opportunity for fraud? ............................................................................205 6.3 How may this type of fraud be perpetrated?.....................................................207
6.3.1 Those with no access and unable to digitally sign instruments..................208 6.3.1.1 Obtaining access................................................................................208
6.3.1.1.1 Circumventing the identification or regstration process................210 6.3.1.1.2 Circumventing the authentication process ...................................212
6.3.1.2 Being able to digitally sign instruments...............................................216 6.3.1.2.1 Systems using PKI to control access and to digitally sign documents .................................................................................................217 6.3.1.2.2 Systems not using PKI to control access but to digitally sign documents .................................................................................................218
6.3.2 Access but no ability to digitally sign instruments ......................................221 6.3.3 Conclusions ..............................................................................................221
6.4 Could there be safety mechanisms to act as a check against this type of fraud?223 6.5 Who might be the likely perpetrators of this type of fraud.................................225 6.6 What are the likely factors that may facilitate this type of fraud ........................227 6.7 Conclusion.......................................................................................................227
204
Chapter 6: Will an electronic registration system i ntroduce new opportunities
for perpetrating fraud?
6.1 Introduction
As noted in the previous chapter, the examination in Chapter 4 found that
automating the registration process within the Torrens system will see certain
changes being made to conveyancing practices and to current ways of guarding
against fraud. The next question was how these changes might affect the ways in
which fraud might be perpetrated and on the opportunities for fraud; whether the
frauds current under the paper registration system might continue under an
electronic system and whether new or different opportunities for fraud might be
introduced. The first part of this question was answered in Chapter 5, which
examined whether the frauds in the paper registration system might continue to be
perpetrated in an electronic registration system. The purpose of this chapter is to
answer the second part of the question, by examining whether changes made to
conveyancing practices and processes may create different or new opportunities for
fraud. For these types of fraud, an analysis will also be made of the likely factors
that may play a role in their perpetration, the likely perpetrators of these frauds;
whether they are likely to act alone or in collusion with others, and whether these
types of fraud would be susceptible to opportunistic or calculated fraud, and whether
they are likely to be perpetrated by those known or unknown to the victim.
This chapter will find that automating the registration process within the Torrens
system may introduce a new opportunity for fraud because it is likely that in an
electronic registration system, persons, or their attorneys, wanting to transfer or
create an interest in land will no longer execute land title instruments. Rather,
authorised users of the system with signing privileges will prepare the appropriate
instruments and digitally sign them before submitting them for registration. This
change may open up a new opportunity for fraud in an electronic registration system
because fraud may be possible if the perpetrator has access to the system, or can
gain it, and is able to use a digital certificate/PSP for digital signing. That is, fraud
could be perpetrated by simply accessing the system, preparing the necessary
instrument, digitally signing the instrument and lodging it for registration.
This chapter will also find that legitimate users of the system who have access and
the ability to digitally sign instruments will have the greatest opportunity to perpetrate
this type of fraud; solicitors would fall into this group. Other possible perpetrators
205
would include those with access but without the ability to digitally sign instruments,
those without access or the ability to digitally sign instruments and former legitimate
users who, for whatever reason, should have been de-registered from the system
but were not. These perpetrators may or may not be known to the victim. These
perpetrators might perpetrate fraud alone or in collusion with others; it is likely that
this type of fraud could be either opportunistic or calculated. Whether this type of
fraud can be perpetrated will depend on several factors, including the system’s
registration and de-registration processes, the manner in which digital
certificates/PSPs are generated, issued, and stored; where usernames and
passwords are used to access the system, the manner in which these are
transmitted to the user, and the passwords used to protect digital certificates/PSPs
and/or access the electronic registration system. However, the crucial factor in this
type of fraud is whether the fraudulent person is able to digitally sign instruments in
the electronic registration system, particularly if it will only accept instruments for
lodgement that have been digitally signed. So the security of the digital
certificate/PSP used for digital signature purposes is vital. Finally it will be found that
certain conveyancing requirements used in the paper registration system as a
safeguard against fraud may still be used for that purpose in an electronic
registration system. These include witnessing requirements and use of certificates of
title modelled on the proposed Victorian system. The effectiveness of these
safeguards against fraud will be examined in this chapter. Other strategies that
might be used to prevent this type of fraud will be further examined in Chapter 7.
6.2 A new opportunity for fraud?
As seen in Chapter 3, under the paper registration system it is the person
transferring or creating an interest, or an attorney under a valid power of attorney,
who is responsible for executing the appropriate land title instruments. However,
under an electronic registration system, as discussed in Chapter 4, it is likely that
these persons will instead execute a form permitting an authorised user of the
electronic registration system to prepare and digitally sign land title instruments on
their behalf. Chapter 4 then raised the issue of whether this requirement for
authorised users of the system to digitally sign land title instruments on behalf of
clients might open up a new opportunity for perpetrating fraud.
This change may open up a new opportunity for fraud because it enables fraud to be
perpetrated in circumstances where the fraudulent person has access or is able to
gain access to the system and is able to use a digital certificate/PSP for digital
206
signature purposes, so that fraud may be perpetrated by simply accessing the
system, preparing the necessary instrument, digitally signing the instrument and
lodging it for registration.407
This research will call this type of fraud ‘fraudulently accessing, preparing, digitally
signing and lodging an instrument for registration’. It is classed as a new type of
fraud because it is possible only in an electronic registration system which restricts
access to authorised users and requires them to prepare and digitally sign land title
instruments on behalf of their clients. In the paper registration system, as it is the
person transferring or creating an interest, or the person’s attorney, who must
execute the appropriate land title instruments, it is those persons who may be
targeted. As seen in Chapter 3, this may be by:
• forgery of the person’s signature on the land title instrument;
• impersonating the person (identity fraud); or
• misleading or inducing the person to execute the appropriate instruments.
As well, Chapter 3 also showed that it is possible to perpetrate fraud by targeting the
instrument itself that has been executed by fraudulent alterations.
However if an electronic registration system alters this process by allowing only an
authorised user of the system to prepare land title instruments and to digitally sign
them on behalf of clients, then these authorised users may be targeted instead,
raising a new opportunity for perpetrating fraud.
407 See for example National Electronic Conveyancing Office, Risk Assessment of the National
Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 39, risk reference 58 identifying a risk to the proposed NECS that a certifier uses the NECS user ID and password and signing key to prepare and sign documents without authority of the proprietor (example, by creating an entirely fictitious transaction and mortgaging an unencumbered interest without the registered proprietor’s knowledge and absconds with funds). It was noted in chapter 4 that the term ‘certifier’ is used in the proposed NECS to denote industry practitioners employed by or contracted to a subscriber and authorised by that subscriber to prepare, certify and sign instruments, settlement statements and information reports on behalf of the subscriber or the subscriber’s clients. By default, certifiers are also users of NECS. Subscribers are corporations, partnerships, government agencies and individuals employing or contracting industry practitioners and others meeting the minimum requirements for representing clients: See National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [4.4]. In addition, one of the comments received by the risk assessment during its consultation process related to the likelihood of a certifier of the NECS acting without authority where it was observed that this was ‘much more than 33% chance of happening once in the first five years. It is thought that it is almost guaranteed that at some time in the first 5 years someone will push ahead with a transaction without having the necessary form signed’: National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 1, 98.
207
6.3 How may this type of fraud be perpetrated?
To perpetrate this fraud, the fraudulent person would need:
• access to the system so that he or she can prepare land title instruments
necessary for the fraud; and
• the ability to digitally sign instruments.
To be able to digitally sign instruments, he or she:
• would require access to a digital certificate/PSP. As will be shown below, this
might be that of an existing user or one fraudulently applied for; and
• must be able to digitally sign instruments on behalf of clients. This is
particularly important for those systems that restrict digitally signing of
instruments to specific users. An example is the New Zealand system which
only allows conveyancers to do this
It is therefore possible to group fraudulent persons as:
• those who have access to the system but are not able to digitally sign on
behalf of clients; so to perpetrate fraud, this ability must be acquired;
• those who do not have access to the system and are not able to digitally sign
instruments so to perpetrate fraud, both access and the ability to digitally
sign instruments must be acquired;
• those who have both access and the ability to digitally sign on behalf of
clients but, for whatever reason, should have been de-registered from the
system as authorised users but were not, so that they may continue to
access the system, prepare land title instruments, digitally sign them and
lodge them for registration.408 For example, a sole practitioner or a solicitor
working in a law firm, having either resigned from practice or being otherwise
no longer authorised to use the system but has not been de-registered from
the system; and
408 See for example National Electronic Conveyancing Office, Risk Assessment of the National
Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 40, risk reference 59 identifying a risk for the proposed NECS that a certifier having been suspended by a relevant regulator but the certifier’s digital certificate and NECS access are not suspended due to NECS operator error. The suspended certifier continues to sign workspace documents. The term ‘NECS operator’ is used by the risk assessment to denote ‘the legal person responsible for the operation and management of NECS’: National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 1, 92.
208
• legitimate authorised users who have both access and the ability to digitally
sign on behalf of clients. The opportunity for a legitimate user of the system
to perpetrate this type of fraud was considered in the previous chapter,
where it was found that solicitors would most likely fall within the class of
authorised users who would have access to the system and may be able to
digitally sign instruments on behalf of clients so that they can perpetrate
fraud by simply accessing the system, preparing the necessary instruments,
digitally signing them and lodging them for registration.
The manner in which fraudulent persons may acquire access and/or the ability to
digitally sign instruments on behalf of clients is examined below. For the third and
fourth group of perpetrators, these persons already have access and are able to
digitally sign instruments so the discussion on how access and signing privileges
may be fraudulently acquired do not apply to them.
6.3.1 Those with no access and unable to digitally sign instruments
This class of fraudulent person does not have access to the system and is not able
to digitally sign instruments on behalf of clients. To perpetrate fraud, he or she must
first obtain access and then acquire the ability to digitally sign instruments.
6.3.1.1 Obtaining access
As seen in Chapter 4, there are different ways in which an electronic registration
system may control access. The system can use public key cryptography
administered via a public key infrastructure (PKI) to control access or it can use a
simple username and password. Whatever the way, it is most likely that to obtain
access, prospective users must apply to be registered as an authorised user. Once
the application is approved, the user is then able to access the system in whatever
manner access to the system is controlled.
The initial process may be termed the ‘identification’ or ‘registration’ process and the
subsequent process after registration, where the user logs on to the system and
accesses the system may be termed the authentication process. ‘Identification’ may
be defined as involving a ‘claim or statement of identity’409 whereas authentication is
the verification of that claim; the ‘aim of authentication is to validate a person’s
409 Office of the Privacy Commissioner of Canada, Guidelines for Identification and Authentication
(2006) <http://www.privcom.gc.ca/information/guide/auth_061013_e.asp> at 1 November 2006.
209
identity’.410 It is during this identification process that a prospective user must
provide the system with identification to enable his or her identity to be
established.411 Once this process is completed and the user becomes authorised to
use the system, each time the user attempts to access the system it must
authenticate him or her. That is, the system must establish whether the user
attempting to access the system is the same user who underwent the identification
process. Thus what is authenticated is a claim to existing identity and the process is
to ensure that the user who is seeking access to the system is the same one who
originally applied to be registered.
There are various authentication techniques but they are generally classed into
three broad categories412:
• something you have (token-based) such as a smartcard;
• something you know (knowledge-based) such as a password or PIN or an
account number; and
• something you are (biometrics) such as facial image or retinal scan.
For example, to access the system, the user might be required to use a username
and password. If this is the case, then the authentication method used by the
system is ‘something you know’. In this regard, the description used in this study,
‘how an electronic registration system may control access to the system’, simply
refers to the authentication technique used by the system to authenticate its users.
In an electronic registration system, the process used by the system to register its
users and authenticate them will affect the manner in which fraudulent persons may
410 Stephen Mason, 'Validating Identity for the Electronic Environment' (2004) 20(3) Computer Law
and Security Report 164, 166. 411 See Geoff Main and Brett Robson, 'Scoping Identity Fraud' (Attorney General's Department,
2001). 412 See: Richard Smith, Authentication: From Passwords to Public Keys (2002); Office of the Privacy
Commissioner of Canada, Guidelines for Identification and Authentication (2006) <http://www.privcom.gc.ca/information/guide/auth_061013_e.asp> at 1 November 2006; National Research Council (U.S) Committee on Authentication Technologies and Their Privacy Implications, Who Goes There: Authentication Through the Lens of Privacy (2003); Geoff Main and Brett Robson, 'Scoping Identity Fraud' (Attorney General's Department, 2001), 18; Kamaljit Singh, 'On Improvements to Password Security' (1985) 19(1) AGM SIGOPS Operating Systems Review 53; D Scott Anderson, 'What Trust is in These Times? Examining the Foundation of Online Trust' (2005) 54 Emory Law Journal 1441; John Brainard et al, 'Fourth Factor Authentication: Somebody You Know' (Paper presented at the Proceedings of the 13th ACM Conference on Computer and Communications Security, Virginia, 2006), Christina Braz and Jean-Marc Robert, 'Security and Usability: The Case of the User Authentication Methods' (Paper presented at the Proceedings of the 18th International Conference on Association Francophone d'Interaction Homme-Machine, Montreal, 2006), Bruce Schneier, Secrets and Lies : Digital Security in a Networked World (2004), 136.
210
gain access to the system. This is because the fraudulent person may attempt to
gain access by either:
• circumventing the initial registration or identification process; or
• circumventing the authentication process.
These are examined below.
6.3.1.1.1 Circumventing the identification or regis tration process
As seen in Chapter 4, there are various ways in which the initial registration or
identification process may be performed. One way is to require all prospective
users to submit certain forms of identification during the registration process. An
example is the systems in New Zealand and Ontario, which were discussed in
Chapter 4. Using this method, each prospective user undergoes an identity check.
Another variation is to require an individual to apply on behalf of an organisation
(such as a law firm) wanting to use the system and on that application form, to
nominate individuals employed or contracted by the organisation who would be
users of the system.413 In this method, no identity checks are made on each
individual prospective user. An example is the proposed NECS.
There are several ways in which a fraudulent person may circumvent the registration
process so as to gain access. These are as follows:
For systems where each prospective user must undergo an identification check, the
identification process may be circumvented as follows:
• by attempting to impersonate an individual who would fall within the class of
persons capable of applying to the system for access, a prime example
being solicitors; this is a form of identity fraud. The fraudulent person could
impersonate either an existing or a fictitious person; if an existing person, the
fraudulent person would have to provide his or her falsified or genuine
identity documents. If a fictitious person, the fraudulent person must still
provide identity documents;
413 For the purposes of this research, this research will call these individuals who are entitled to
nominate other users ‘nominating officers’. It is noted that in the proposed NECS, these individuals are termed ‘authorised officers’.
211
• by inducing an employee of the system responsible for verifying identity to
list the fraudulent person as an authorised user of the system; or
• if the fraudulent person is an employee of the system responsible for
registering prospective users, the fraudulent person could list himself or
herself or a fictitious person as an authorised user of the system.414
For systems where the identification process is via nomination of users, the
identification process may be circumvented as follows:
• by colluding with the nominating officer so that he or she nominates the
fraudulent person as a user of the system;
• by impersonating a nominating officer and nominating the fraudulent person
to be a user of the system415;
• by colluding with an employee of the system to nominate the fraudulent
person as an authorised user; or
• if the fraudulent person is an employee of the system responsible for
registering prospective users, the fraudulent person could nominate
himself/herself or a fictitious person as an authorised user of the system.
It is arguable that a system requiring all prospective users to provide identification
during the registration process will be more secure than one in which an officer may
nominate others as users. This is because such a system relies on the nomination
of the authorised officer. Further, it is only the nominating officer whose identity will
be independently verified, all other users nominated by this officer need not have
their identity independently verified.
414 See for example National Electronic Conveyancing Office, Risk Assessment of the National
Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 6, risk reference 8, identifying a risk to the proposed NECS that an administrator or employee of the NECS operator engaging in fraud by registering a fictitious Subscriber organisation. Also see risk reference 14 identifying a risk to the proposed NECS that an administrator or employee of the NECS operator may fraudulently register actual or fictitious users and certifiers in relation to a genuine subscriber.
415 See for example National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 5, risk reference 6, identifying a risk to the proposed NECS that the NECS operator may fail in verifying the identity or authority of a purported authorised officer of a subscriber who is applying for registration on the subscriber’s behalf.
212
If successful in any of the above, the fraudulent person would become a registered
user of the system, and would be issued with a digital certificate/PSP or username
and password (depending on the authentication controls used by the system) to
access the system. So, by circumventing the registration process, the fraudulent
person becomes registered as an authorised user of the system and is issued with
the appropriate access mechanism to the system. The effect is different if the
fraudulent person gains access by circumventing the authentication process instead,
because in that case, he or she would be using the access mechanism of an
existing authorised user so that it would appear as though it is that person who is
accessing the system. This is described below.
6.3.1.1.2 Circumventing the authentication process
As noted above there are different ways of authenticating users. In systems using
public key cryptography with access controlled with PKI, generally the digital
certificate/PSP that is used to digitally sign instruments will also be used to access
the system. It may be stored on removable devices, such as smart cards, and these
are usually password protected. Hence it may be said that these systems will
generally use authentication methods based on knowledge and tokens. An example
is the system in Ontario, where users gain access using their PSP; this is stored on
a smartcard and a passphrase is needed to activate it. Other systems, such as that
in British Columbia, may simply use a knowledge-based authentication method such
as a username and password.
There are several ways in which a fraudulent person can circumvent the
authentication process so as to gain access, depending on whether PKI or a
username and password are used to control access.
(1) Systems using PKI to control access (token and knowledge based)
In these systems, a user accesses the system using the digital certificate/PSP,
which is usually password protected. A fraudulent person can circumvent the
authentication process and gain access if:
• he or she can obtain an existing digital certificate/PSP belonging to an
authorised user and knows the password;
• he or she can collude with an authorised user of the system who can provide
a digital certificate/PSP and password;
213
• there are insecure methods of either generating or issuing the digital
certificate/PSP which allow him or her to gain access to it, although he or
she still has to know the password to activate it.
The fraudulent person may obtain an existing digital certificate/PSP when the
authorised user is careless about where it is kept, or loses it.416 As noted by the Law
Society of Upper Canada Report to the Convocation on Mortgage Fraud – ‘[L]ost,
sold, or stolen diskettes provide keys for fraudsters to access the electronic
registration system’.417 The place where the digital certificate/PSP is stored is vital,
because it affects the ability of the fraudulent person to acquire it for access. Also
important are procedures for cancellation and revocation of a digital
certificates/PSP, particularly when the authorised user has misplaced or lost it,
because these will help to prevent its unauthorised use.
The manner in which the digital certificates/PSPs are generated and issued to
authorised users is also vital for security purposes, because an insecure method of
generation or issue may provide an opportunity to intercept the digital
certificate/PSP as it is being generated or issued. For example, if instructions and
codes to download the digital certificate/PSP are sent to the applicant via email, and
not encrypted, they can be intercepted during transmission to the user’s
computer.418
However, obtaining the digital certificate/PSP in itself will not provide access to the
system, particularly if it is password protected, since the password must be known to
416 See for example National Electronic Conveyancing Office, Risk Assessment of the National
Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 38, risk reference 56 identifying a risk to the proposed NECS that a registered certifier of the NECS may be careless with their user ID and password and their signing key enabling unauthorised access and use by another internal party (such as another certifier or user) or by an external party. Another risk was identified (risk reference 57) that a registered certifier may not have been careless with their user ID and password and their signing key but a fraudulent party obtains these and commits fraud.
417 Law Society of Upper Canada, 'Report to Convocation: Mortgage Fraud' (Law Society of Upper Canada, 2005), 9.
418 See Aashish Srivastava, 'Is Internet Security a Major Issue With Respect to the Slow Acceptance Rate of Digital Signatures?' (2005) 21(5) Computer Law and Security Report 392, 395.
214
activate the digital certificate/PSP to access the system. There is a variety of ways
in which the fraudulent person may obtain the password419, such as:
• guessing the password or using dictionary attacks to obtain it;
• persuading the user to tell or share the password with him or her420;
• if the user writes down the password and puts it in a place that is easy to
find;
• if phishing attacks are used and the authorised user, as a victim of the
phishing attack, unwittingly discloses the password421;
• if malicious software or malware is used, such as worms, viruses and Trojan
horses422, which can be planted on the authorised user’s computer to record
and transmit details of everything that he or she typed on that keyboard,
including his or her password.
If the fraudulent person can circumvent the authentication process as described
above, he or she will be able to gain access to the system and perpetrate fraud.
Because the digital certificate/PSP belongs to an existing, authorised user, when the
fraudulent persons accesses the system using it, it would appear as though it is the
419 For more on these methods, see for example: Kamaljit Singh, 'On Improvements to Password
Security' (1985) 19(1) AGM SIGOPS Operating Systems Review 53, Benny Pinkas and Tomas Sander, 'Securing Passwords Against Dictionary Attacks' (Paper presented at the Proceedings of the 19th ACM Conference on Computer and Communications Security, Washington, 2002), Shirley Gaw and Edward Felten, 'Password Management Strategies for Online Accounts' (Paper presented at the Proceedings of the Second Symposium on Usable Privacy and Security SOUPS, Pittsburgh, 2006), Richard Smith, Authentication: From Passwords to Public Keys (2002), Sarah Cherry, 'The Effects of Spyware and Phishing on the Privacy Rights of Internet Users' (2006) 2 I/S Journal of Law and Policy 573, Lauren Sullins, '"Phishing" for a Solution: Domestic and International Approaches to Decreasing Online Identity Theft' (2006) 20 Emory International Law Review 397, Jennifer Lynch, 'Identity Theft in Cyberspace: Crime Control Methods and their Effectiveness in Combating Phishing Attacks' (2005) 20 Berkeley Technology Law Journal 259, Robert Hahn and Anne Layne-Farrar, 'The Law and Economics of Software Security' (2006) 30 Harvard Journal of Law and Public Policy 283 and Bruce Schneier, Secrets and Lies : Digital Security in a Networked World (2004).
420 In the literature, this is sometimes termed as ‘social engineering’ where ‘a clever attacker can trick someone into sharing a secret password, saving the attacker the trouble of performing a technical attack on the target system. Such trickery is usually called a social engineering attack’: Richard Smith, Authentication: From Passwords to Public Keys (2002), 19. Also see Bruce Schneier, Secrets and Lies : Digital Security in a Networked World (2004), 266 and Kevin Mitnick, Controlling the Human Factor of Security: The Art of Deception (2002).
421 Phishing involves ‘attempts to fraudulently acquire sensitive information such as passwords and credit card details by masquerading as a trustworthy person or business’: Alan Davidson, 'Phishing: The Identity Theft Epidemic' (2006) 26(3) Proctor 37, 37. Also see Peter Black, 'Catching a Phish: Protecting Online Identity' (2006) 8(10) Internet Law Bulletin 133.
422 The term ‘spyware’ is also used to describe these malicious software. Game notes that the term ‘spyware’ is the ‘umbrella term under which numerous technologies, both legal and malicious fall. These include: adware, Trojans, hijackers, key loggers, dialers and malware. While each of these technologies has its own unique behaviour, for the most part they are installed without a user’s informed and explicit consent and tend to extract varying degrees of personal information, usually without that end-user’s consent’: Daniel Game, Alan Blakley and Matthew Armstrong, 'The Legal Status of Spyware' (2006) 59 Federal Communications Law Journal 157, 160. Trojan spyware for example, ‘operates with a focus on stealing passwords by using a “trojanized” piece of software to grab passwords’: Daniel Game, Alan Blakley and Matthew Armstrong, 'The Legal Status of Spyware' (2006) 59 Federal Communications Law Journal 157, 162.
215
authorised user that is accessing the system. This differs from the situation where
the fraudulent person circumvents the registration process discussed in [6.3.1.1.1].
In those situations, the fraudulent person becomes registered as an authorised user
and is issued with either a username or a digital certificate/PSP to access the
system.
(2) Systems using usernames and passwords
In these systems, the fraudulent person can circumvent the authentication process
and gain access if he or she can obtain a username and password for access to the
system. There are a variety of ways of obtaining usernames and passwords,
including those already covered in the preceding section, plus the following:
• where there is a database containing all the usernames issued by the
system to authorised users to access the system, the fraudulent person may
also target the database by, for example, hacking into it423;
• where the manner of issuing the usernames and passwords is insecure. For
example, a system could generate the username and first time password to
authenticate users and send these to the user via unencrypted email. This
opens up opportunities for interception of the email to obtain the username
and password.
In any of these instances, the fraudulent person will be able to obtain the username
and password and gain access to the system. Again, because the username and
password are in existence and belong to an authorised user, when the system is
accessed using that username and password, it would appear as though it is the
authorised user that is accessing the system.
The above analysis demonstrates that:
(1) systems using authentication methods based on tokens as well as
knowledge are more secure in controlling access than those based on
423 See for example National Electronic Conveyancing Office, Risk Assessment of the National
Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 23, risk reference 31 identifying a risk for the proposed NECS that the NECS security system may be inadequate enabling a third party to enter the NECS and cause data compromise, such as hacking into the system and re-setting passwords of authorised users. It is submitted that this may be extended to hacking into the system and obtaining usernames or passwords.
216
knowledge alone.424 This is because the fraudulent person must first obtain
the token, and then guess the password, before he or she can access the
system. Authorised users may also remove tokens when they are not in use.
In systems using knowledge based authentication methods, the fraudulent
person only has to obtain the username and password, via the ways already
described. Thus from a security perspective, a system that requires
‘something you have’ and ‘something you know’ for access is more secure
that one using only ‘something you know’. Having said that, to successfully
perpetrate fraud in an electronic registration system, the fraudulent person
must not only be able to access the system, but also he or she must be able
to digitally sign any instrument prepared on the system, particularly if it will
not accept any instrument for registration that has not been digitally signed. If
this is the case, then it could be said that what matters is not so much the
security surrounding access but the security of the digital
certificates/PSPs.425
(2) in both systems, the password used is vital for security purposes. A
fraudulent person will not be able to gain access to the system, even if he or
she has the token or knows the username, if he or she does not know the
password.
Strategies to secure the registration and authentication process, such as storage
mechanisms and use of passwords, will be discussed in greater detail in chapter 7.
6.3.1.2 Being able to digitally sign instruments
Having obtained access, the instrument must then be digitally signed, before it may
be lodged for registration. How the fraudulent person can do this will depend on the
424 See for example, National Research Council (U.S) Committee on Authentication Technologies and
Their Privacy Implications, Who Goes There: Authentication Through the Lens of Privacy (2003) and Christina Braz and Jean-Marc Robert, 'Security and Usability: The Case of the User Authentication Methods' (Paper presented at the Proceedings of the 18th International Conference on Association Francophone d'Interaction Homme-Machine, Montreal, 2006), 201: ‘The best practices in the authentication area state that multi-factor authentication (i.e more than one form of credential to identify a user) is generally stronger than any single-factor authentication method’.
425 As noted by Hammett, Director of Strategic Operations, Land Title and Survey Authority of British Columbia, discussing the British Columbian system where user IDs and passwords are used to access the system: ‘The BC OnLine account IDs are sent via e-mail and no they are not encrypted. The e-mail will include a PDF document which sets out the IDs and a default password. The client would then change the password to one of their own. The only risk here is that if someone acquired that e-mail in transit they could conceivably get on to BC OnLine and order some title searches or document images. The extent of this risk would only be financial and the incident would be identified fairly quickly’: Darcy Hammett, Director of Strategic Operations, Land Title and Survey Authority of British Columbia <[email protected]>, email (21 March 2007).
217
type of system. Some systems use PKI to control access as well as to digitally sign
instruments. Other systems use PKI only to digitally sign instruments while a
knowledge-based authentication method is used to control access. The following
discussion covers both of these.
6.3.1.2.1 Systems using PKI to control access and t o digitally sign documents
In these systems, the same digital certificate/PSP used to access the system is
used to digitally sign instruments. Hence, once the fraudulent person is able to
obtain the digital certificate/PSP in the ways described above, he or she would be
able to access the system and digitally sign instruments. However, in some of these
systems, although all authorised users are issued with a digital certificate/PSP for
access, permission to digitally sign instruments is restricted to a particular class of
users. An example is the New Zealand system where all authorised users must
obtain a digital certificate to access the system but only conveyancers may use
them to digitally sign instruments.
In such systems, a fraudulent person with no access to the system and no ability to
digitally sign instruments could target the class of users (such as solicitors) who are
given signing privileges in the system. This may be by:
• circumventing initial registration -
� impersonating a solicitor by providing false identification during the
registration phase. If successful, the fraudulent person is issued with
a digital certificate/PSP that may be used to access the system and
digitally sign instruments;
� colluding with an employee of the system to register the fraudulent
person on the system as a solicitor so that he or she is issued with a
digital certificate/PSP with access and signing privileges; or
� if the fraudulent person is an employee of the system responsible for
registering prospective users, he or she could register himself/herself
or a fictitious person as a user and be issued with a digital
certificate/PSP with access and signing privileges.
• OR circumventing authentication -
� colluding with an authorised user with digital signing privileges, who
would allow the fraudulent person to use his or her digital certificate
to perpetrate fraud;
� stealing the token on which the digital certificate/PSP is kept and
guessing the password to access and digitally sign instruments;
218
� where an authorised user with digital signing privileges is careless in
keeping the digital certificate/PSP, so that the fraudulent person has
access to it. In addition, the authorised user writes down the
password used to activate the digital certificate/PSP; or
� where the fraudulent person is successful in intercepting a digital
certificate/PSP while it is being generated or issued to an authorised
user.
In the first instance, the fraudulent person would appear as a registered user of the
system. Where fraud is perpetrated, it will be traced back to the identity registered
and issued with that particular digital certificate/PSP used to perpetrate the fraud. In
the second, the fraudulent person would be using the digital certificate/PSP of an
existing user so that where fraud is perpetrated, the fraud will be traced back to the
authorised user whose digital certificate/PSP was used to perpetrate the fraud.
6.3.1.2.2 Systems not using PKI to control access b ut to digitally sign
documents
In these systems PKI is used only for digital signatures and access is controlled via
other means. Users in these systems usually make two applications – one to
register with the system for access purposes and another to obtain a digital
certificate/PSP for digital signing. In the system in British Columbia, for example, a
prospective user registers with BC Online to obtain access; those who wish to
digitally sign instruments must make a separate application to Juricert for a digital
certificate.
In this type of system, to perpetrate fraud, the fraudulent person, having gained
access via the methods described above, could either:
• circumvent the registration process to obtain a digital certificate/PSP; or
• obtain a digital certificate/PSP from an existing user of the system. The
manner in which the fraudulent person can obtain a digital certificate/PSP
from an existing user is similar to the methods discussed above under
[6.3.1.1.2] – ‘Systems using PKI to control access’.
The manner in which a fraudulent person can circumvent the registration process to
obtain a digital certificate/PSP will depend on the requirements of the application
process. The system could require all users applying for a digital certificate/PSP to
provide identification. An example is the system in British Columbia where, as
219
discussed in Chapter 4, lawyers or notaries who wish to digitally sign instruments
must register with Juricert by providing certain identifying information which is then
verified by Juricert. In this type of system, to circumvent the application process to
obtain a digital certificate/PSP, the fraudulent person could:
• provide false identification (identity fraud)426;
• collude with an employee of the entity issuing the digital certificate/PSP to
register the fraudulent person and to issue him or her with a digital
certificate/PSP427; or
• if the fraudulent person is an employee of the entity issuing the digital
certificates/PSP, the fraudulent person could issue himself/herself with a
digital certificate/PSP but must also be able to access the system in order to
perpetrate fraud.428
On the other hand, the system could use a nomination method for registering
applicants. An example is the Gatekeeper, Type 2, Grade 2, Digital Signing
Certificate (DSC) that allows one officer of the business to have his or her identity
and authority verified and for further officers of the business to be vouched for by
that officer. Hence, other than the first officer, none of the other holders of the DSC
in the business would have their identities independently verified. In this system, to
circumvent the application process to obtain a digital certificate, the fraudulent
person could:
• collude with an employee of the entity issuing digital certificates; or
• collude with the nominating officer to nominate himself or herself; or
• impersonate or forge the nomination by the nominating officer; or
• if the fraudulent person is an employee of the entity issuing the digital
certificates/PSP, he or she could issue himself/herself with a digital
certificate/PSP.
426 See for example National Electronic Conveyancing Office, Risk Assessment of the National
Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 1, risk reference 1 identifying a risk to the proposed NECS that a registration authority may fail to correctly verify identity of a person applying for a digital certificate. It was noted in chapter 4 that the term ‘registration authority’ refers to the entity responsible for verifying identity.
427 See for example National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 4, risk reference 5, identifying a risk to the proposed NECS that the certification authority issues a digital certificate as a result of internal fraud. It was noted in chapter 4 that the term ‘certification authority’ denotes the entity responsible for issuing digital certificates.
428 See for example National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 4, risk reference 5 identifying a risk to the proposed NECS that an employee or administrator of the entity issuing digital certificates could fraudulently issue a digital certificate.
220
It can be seen from this that these methods of circumventing the registration
process to obtain a digital certificate/PSP correspond to those used in circumventing
the registration process to register as an authorised user of the system to obtain
access considered in [6.3.1.1.1] above.
Hence it may be said that both for access and for obtaining digital certificates/PSPs,
the initial registration process is of vital importance to preventing fraudulent
applications for access and/or digital certificates/PSPs429 and to ensuring that only
legitimate users are given access and/or issued with digital certificates/PSPs. As
noted by Whitman, whose observations relate to the issuing of digital
certificates/PSPs but may be extended to the registration process for obtaining
access430:
the initial authentication is of critical importance, since a mistake at that juncture may
allow an impostor to perpetrate a large number of fraudulent transactions…a very
high degree of care should be expected of CAs in registering people who will use
their digital IDs in real estate conveyancing.
It is submitted that requiring all applicants to submit identification is more secure
than allowing one applicant to nominate others. Requiring all applicants to submit
identification before being issued with digital certificates/PSPs mean that each
individual applicant’s identity is independently verified. Where nominations are
allowed, the process depends on the nominating officer. Only the nominating
officer’s identity will be independently verified, the individuals nominated by him or
her will not have their identity verified. As noted by Perry in the context of the
Australian Gatekeeper Type 2 ABN-DSC certificates:
you can be issued with an ABN-DSC without having your identity independently
verified by a trusted third party (such as Australia Post)… Once an Authorised Office
ABN-DSC has been issued to a person in an organisation, that certificate can be
used to issue child certificates to anyone, without a third party making sure the
recipient really is who they say they are431.
429 This occurred in 2001where VeriSign (a Microsoft product) was tricked by an unknown individual
pretending to be a Microsoft executive into issuing false digital certificates in Microsoft’s name. VeriSign officials assumed responsibility for the mishap, stating that it was the failure of the human part of the verification process: John Markoff, Warning From Microsoft on False Digital Signatures (2001) <http://www.acm.org/technews/articles/2001-3/0323f.html#item3> at 10 January 2006.
430 Dale Whitman, 'The Robert Kratovil Memorial Seminar in Real Estate Law: Digital Recording of Real Estate Conveyances' (1999) 32 John Marshall Law Review 227, 256.
431 Azadeh Khalilizadeh, 'E-Conveyancing: Property Settlements Enter the Digital Age' (ALMD Advance, 2006), [1134].
221
Similar to the observations made in [6.3.1.2.1] above, successful circumvention of
the registration process for a digital certificate/PSP would mean that the fraudulent
person would be registered with the entity issuing the digital certificate/PSP and
would be issued with a digital certificate/PSP. Where fraud is perpetrated, the fraud
will be traced back to the identity registered as being issued with that particular
digital certificate/PSP. In contrast, being able to obtain an existing digital
certificate/PSP of an authorised user would mean that where fraud is perpetrated,
the fraud will be traced back to the authorised user whose digital certificate/PSP was
used to perpetrate the fraud. In this situation, the instrument that was digitally signed
by the fraudulent person using an authorised user’s digital certificate/PSP would
appear on its face to be from a legitimate user of the system although it was actually
the fraudulent person who used the digital certificate/PSP. It was observed in
Chapter 4 that unlawfully using an existing user’s digital certificate/PSP to digitally
sign documents could be said to be analogous to forging a handwritten signature.
The difference though, as stated in Chapter 4, is that a person will not be able to use
someone else’s digital certificate/PSP to digitally sign a document unless that
person has access to the digital certificate/PSP and can activate the digital
certificate/PSP for digital signing. However, once the fraudulent person is able to do
so, he or she would be able to use the digital certificate/PSP to digitally sign
documents and it would not be possible to detect that the person using the digital
certificate/PSP is someone other than its legitimate owner.
6.3.2 Access but no ability to digitally sign instr uments
In this instance, the fraudulent person has access to the system but does not have
the ability to digitally sign instruments. Examples include law clerks working in a law
firm who may have access to the system but not the privilege to digitally sign
instruments.432 The manner in which these persons may acquire the ability to
digitally sign instruments will depend on how the system manages digital signing
privileges. The analysis in [6.3.1.2] would apply here.
6.3.3 Conclusions
The above discussion shows that in order to successfully perpetrate fraud in an
electronic registration system, the fraudulent person must not only be able to access 432 One of the comments received by the risk assessment conducted by Clayton Utz on behalf of
NECS during its consultation process observed that “the likelihood of user fraud resulting from use of a certifier’s DSC to sign an instrument or statement is much higher than 33% chance in 5 years. In the paper environment, secretaries regularly sign documents for their bosses – this practice is almost certain to happen at least once in 5 years”: National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 1, 99.
222
the system, but must also be able to digitally sign any instrument prepared on the
system, particularly if the system will not accept any instrument lodged for
registration that has not been digitally signed. It is because of this requirement that
the conclusion was drawn above that it is the security of digital certificates/PSPs that
is vital for preventing this fraud, rather than the security surrounding access to the
system. A person with access may be able to perform certain functions using the
system, such as title searches. With access, a fraudulent person may also be able
to prepare the necessary electronic instruments. However, unless he or she can
also digitally sign the instrument, this fraud cannot be perpetrated.
As to the security of digital certificates/PSPs, the above discussion shows that the
security of digital certificates/PSPs involves issues such as433:
• the initial registration process for obtaining a digital certificate/PSP;
• its generation and issue;
• the mechanisms used to store the digital certificates/PSPs; and
• the passwords used to protect them.
Each is a potential point of vulnerability that may be attacked by fraudulent persons.
Hence appropriate measures for safeguarding the digital certificate/PSP should be
taken. As noted by Schellekens:
With respect to a traditional signature, hardly any precautionary measures can be
taken against forgery…With respect to an electronic signature, precautionary
measures against unauthorised use can very well be taken and, consequently, they
must be taken.434
433 Articles discussing the various problems associated with using PKI include: Lonnie Eldridge,
'Internet Commerce and the Meltdown of Certification Authorities: Is the Washington State Solution a Good Model?' (1998) 45 UCLA Law Review 1805, Ian Christofis, 'Myths of PKI' (2003) 53(1) Telecommunications Journal of Australia , Carl Ellison and Bruce Schneier, 'Ten risks of PKI: What you're not being told about public key infrastructure' (2000) 16(1) Computer Security Journal 1, James Backhouse, 'Assessing Certification Authorities: Guarding the Guardians of Secure E-Commerce?' (2002) 9(3) Journal of Financial Crime 217, Lorna Brazell, 'Electronic Security: Encryption in the Real World' (1999) 21 European Intellectual Property Review 17, Michael Froomkin, 'The Essential Role of Trusted Third Parties in Electronic Commerce' (1996) 75 Oregon Law Review 49, D Scott Anderson, 'What Trust is in These Times? Examining the Foundation of Online Trust' (2005) 54 Emory Law Journal 1441, Michael Osty and Michael Pulcanio, 'The Liabiilty of Certification Authorities to Relying Third Parties' (1999) 17 Marshall Journal of Computer and Information Law 961, Aashish Srivastava, 'Is Internet Security a Major Issue With Respect to the Slow Acceptance Rate of Digital Signatures?' (2005) 21(5) Computer Law and Security Report 392, American Bar Association, 'Public Key Infrastructure Symposium' (1998) 38 Jurimetrics 243 and Bruce Schneier, Secrets and Lies : Digital Security in a Networked World (2004)
434 M.H.M Schellekens, Electronic Signatures: Authentication Technology from a Legal Perspective (2004), 107.
223
These will be examined in greater detail in Chapter 7.
6.4 Could there be safety mechanisms to act as a ch eck against this type of
fraud?
As seen in Chapter 3, for frauds that may occur in the paper registration system,
certain conveyancing practices were used to act as a safeguard against these
frauds. These include:
• witnessing requirements;
• the need to produce the paper certificate of title; and
• the examination process at the Land Titles Office.
Some of these conveyancing practices may persist in an electronic registration
system, particularly the witnessing requirements and the examination process. Can
any of these practices be used in an electronic registration system to act as a safety
mechanism against this type fraud?
As to the witnessing requirements, as seen in Chapter 3, one of the purposes of
requiring witnessing of signatures is to prevent frauds using forgeries. As seen in
Chapter 3, apart from circumstances where the fraudulent person forges the
witness’s signature, if witnesses comply with witnessing requirements, fraud by
forgery would be prevented. In an electronic registration system, it is likely that
witnessing requirements will be continued, but in this case, only for authorisation
forms. The digital signature on the electronic land title instrument itself which is
applied by an authorised user on behalf of a client need not be witnessed. Hence
witnessing requirements, if properly complied with, may act as a safeguard against
forgery on the authorisation form. Should witnessing requirements be extended to
digital signatures on electronic land title instruments applied by authorised users on
behalf of their clients? If witnessing is required for these digital signatures, this
requirement may act as a safeguard against forgery of the authorised user’s digital
signature, where the fraudulent person uses the digital certificate/PSP of a
legitimate user of the system to perpetrate fraud. It may act as a safeguard against
fraud were the witness required to verify that the person applying the digital
signature is the legitimate owner of the digital certificate/PSP. For example, a
database could be used to record all authorised users issued with a digital
certificate/PSP for digital signature purposes, and witnesses, before witnessing the
digital signature, could require the person applying the digital signature to produce
224
identification, which could be cross checked with the database to ensure that the
person is a legitimate user. However, witnessing will not prevent fraud in situations
where the fraudulent person has successfully circumvented the registration process
and has been issued with a digital certificate/PSP.
In addition, introducing witnessing requirements in an electronic registration system
would mean that the digital signature of each authorised user representing the
parties to the transaction would need to be witnessed; the witnesses’ signatures
must also be digital signatures. It may not be viable to introduce this requirement
because each time before a digital signature is applied, the authorised user applying
the digital signature would need to find a witness to digitally witness the digital
signature. Authorised users in remote areas may find it difficult to comply with this
requirement. It should be noted that none of the electronic registration system
currently in operation require the witnessing of digital signatures.
An examination process, whether automated or manual, will not be an effective
safeguard against this type of fraud. Where the fraudulent person uses the digital
certificate/PSP of a legitimate user to perpetrate fraud, that instrument will appear to
have been digitally signed by the legitimate owner of the digital certificate/PSP. An
automated or manual check will not be able to distinguish between a digital
signature that has been applied by its rightful owner and a digital signature that has
been applied by someone other than its rightful owner. Where the fraudulent person
is able to circumvent the registration process and is issued with a digital
certificate/PSP, again, the digital signature on an electronic instrument signed using
that digital certificate/PSP will appear to come from a person who has been
legitimately registered for digital certificates/PSPs. An automated or manual check
will not be able to distinguish a digital signature that has been applied by the
legitimate owner of a digital certificate/PSP from one that has been applied by
someone who was able to circumvent the registration process to fraudulently obtain
a digital certificate/PSP.
The use of the certificate of title may be continued in an electronic registration
system. Assuming that use of certificates of title will be modelled along the proposed
Victorian system, the requirement that an electronic certificate of title must be
nominated to a transaction before it can proceed may act as a safeguard against
this type of fraud. This is because it requires the fraudulent person to take that extra
step – either to acquire the paper certificate of title so that it may be converted into
an electronic certificate and nominated to the fraudulent transaction or to persuade
225
the authorised user in control of the electronic certificate of title to nominate it to the
fraudulent transaction.
Thus, fraudulent persons who are able to obtain the paper certificate of title (if they
still exist) or can fraudulently direct a nomination of the electronic certificate of title,
will be in a better position to perpetrate this type of fraud than those who do not
have access to the certificate of title or are unable to direct a nomination.
However, as noted in Chapter 5, there are ways of obtaining the paper certificate of
title or of nominating an electronic certificate of title to a transaction, such as:
• forgery of the paper certificate of title; or
• fabricating an authority to act on behalf of a client in a transaction, and then
directing that the electronic certificate of title be nominated to that
transaction.
In addition, it was also speculated in Chapter 5 that the fraudulent person may also
fabricate a conversion of a certificate of title to electronic format and from there,
nominate the electronic certificate of title to the fraudulent transaction.
In conclusion, it appears that automated or manual checks will not be effective
safeguards against this type of fraud. Witnessing requirements may, to a certain
extent, act as a safeguard, but the viability of imposing such a requirement is an
issue. The requirement that the certificate of title be nominated to a transaction may
act as a safeguard, but as seen in the discussion here and in Chapter 5, this
safeguard could be circumvented. Whether other strategies may be used to prevent
this type of fraud will be examined in greater detail in Chapter 7.
6.5 Who might be the likely perpetrators of this ty pe of fraud
From the above analysis, it is possible to say that the likely perpetrators of this type
of fraud may fall into the following groups:
1. legitimate users with access and with the ability to digitally sign instruments;
2. those with access and with the ability to digitally sign instruments who should
have been de-registered from the system but have not been;
3. those with access but without the ability to digitally sign instruments; and
4. those without access and without the ability to digitally sign instruments.
226
The first group would have the greatest opportunity to perpetrate this type of fraud.
Included in this group would be solicitors, as was noted in Chapter 5. This group of
perpetrators may also be classed as ‘insiders’. Of the other three groups, the
second and third group would probably have a better opportunity than the fourth
group. For the third group, these perpetrators already have access to the system so
all that is required is the ability to digitally sign instruments. For the second, these
perpetrators, like the first group, have access and the ability to digitally sign
instruments but this is only because of ineffective procedures for de-registering
these users from the system. So the opportunities to perpetrate fraud for this group
of perpetrators would depend on the de-registration processes. These two groups of
perpetrators may also be classed as ‘insiders’. The fourth group will be in the most
difficult position to perpetrate this type of fraud, and classed as ‘outsiders’. However,
if the fraudulent person is an employee of the system who is responsible for
registering users and/or issuing digital certificates/PSPs for access and/or digital
signatures, and registers either himself or herself, or a fictitious person as a user
and through this, obtains access to the system and the ability to digitally sign
instruments, then he or she should be re-categorized as ‘insiders’. This is because
while he or she may not initially have access to the system and the ability to digitally
sign instruments, he or she is still an employee of the system, able to use this
position to obtain access to the system and the ability to digitally sign instruments.
This analysis also shows that these perpetrators may not be known to the victim of
the fraud. The fraud is perpetrated because the fraudulent person has or is able to
gain access and has the ability to digitally sign instruments or is able to acquire this
ability. Unlike other types of fraud, such as forgeries, where the relationship between
the victim and the fraudulent person is a facilitative factor in the fraud, this type of
fraud simply depends on whether or not the fraudulent person is able to obtain
access, digitally sign the instruments and lodge for registration.
The frauds may also be opportunistic or calculated. For example, it can be said that
a legitimate user of the system, such as a solicitor, who has access and the ability to
digitally sign instruments will have a readily available opportunity to perpetrate this
type of fraud, so the fraud is opportunistic. However, if the fraudulent person is
someone with no access and no ability to digitally sign instruments who then
compiles falsified identity documents, impersonates a solicitor, becomes registered
as a user and is issued with a digital certificate/PSP, and then perpetrates fraud, it is
possible to say that this fraud is calculated.
227
From the above analysis, it is possible to say that perpetration of a fraud alone or in
collusion with another are equally likely, depending on how the fraudulent person
attempts to gain access and/or obtain the digital certificate/PSP. Obviously a
legitimate user perpetrating this fraud would not need to collude with others,
whereas a fraudulent person with no access and no ability to digitally sign
instruments may collude, either with an authorised user with access, or with an
employee of the system, to gain access and that ability.
6.6 What are the likely factors that may facilitate this type of fraud
From the above analysis, it can be said that the opportunities for perpetrating this
type of fraud may depend on the following:
1. the authentication methods used to access to the system. For example a
system using only knowledge-based authentication methods may not be as
secure as one using both tokens and knowledge-based methods, although it
was noted, if the system will not accept for lodgment any instrument that has
not been digitally signed, that as a fraud preventative measure the security of
the digital certificate/PSP is more important;
2. the manner in which digital certificates/PSP are generated, issued and
stored;
3. if usernames and passwords are used to control access, the manner in
which the usernames and passwords are transmitted to the user;
4. the type of passwords used. This is for both digital certificates/PSP and the
password to access the system;
5. the procedures used during the registration process in verifying that the
applicant is indeed a legitimate applicant or, if the registration process is via
nominations from an authorised officer, that the authorised officer is
legitimate. This is for both applying for access and applying for the ability to
digitally sign documents (if the processes are separate); and
6. effective procedures for de-registering a user from the system.
6.7 Conclusion
The chapter has examined whether changes made to conveyancing practices and
processes in an electronic registration system may create different or new
opportunities for perpetrating fraud.
A new opportunity for fraud may arise in an electronic registration system because
of the likelihood that authorised users of such a system with digital signing privileges
228
will digitally sign instruments that will be lodged for registration. This would create a
new opportunity for fraud, because it is a change from the paper registration system
where it is the person transferring or creating an interest, or the person’s attorney,
who execute the appropriate land title instrument. This change might open up a new
opportunity for fraud in an electronic registration system because fraud may be
possible if the fraudulent person has access to the system or is able to gain access
and is able to use a digital certificate/PSP for digital signature purposes, so that
fraud may be perpetrated by simply accessing the system, preparing the necessary
instrument, digitally signing the instrument and lodging it for registration.
For this type of fraud, analysis showed that legitimate users of the system who have
access and the ability to digitally sign instruments will have the greatest opportunity
to perpetrate this type of fraud. Solicitors would fall within this class of users. Other
possible perpetrators were found to include those with access but without the ability
to digitally sign instruments, those without access and without the ability to digitally
sign instruments and legitimate users who should have been de-registered from the
system but were not. These perpetrators may or may not be known to the victim of
the fraud, may perpetrate the fraud alone or in collusion with others. This type of
fraud may also be either opportunistic or calculated.
Whether this type of fraud may be perpetrated will depend on several factors,
including the system’s registration and de-registration processes, the manner in
which digital certificates/PSPs are generated, issued, and stored; whether or not
usernames and passwords are used to protect digital certificates/PSPs and/or
access to the system, and where passwords are used, the types of passwords used
and how they are transmitted to the user. However, the crucial factor in whether this
type of fraud may be perpetrated is whether the fraudulent person is able to digitally
sign instruments in the electronic registration system, particularly where that
registration system will not accept any instrument for lodgement that has not been
digitally signed. Hence, it is the security of the digital certificate/PSP used for digital
signature purposes that is vital in preventing this type of fraud.
This chapter also analysed the effectiveness of using paper-based fraud safeguards
(automated or manual checks, witnessing requirements and certificates of title
modelled on the proposed Victorian system) in an electronic registration system;
finding that automated or manual checks will not be effective safeguards against this
type of fraud and that use of the certificate of title as a safeguard could be
229
circumvented. In addition, it was found that the use of witnessing may not be viable
in an electronic registration system. Whether other strategies may be used to
prevent this type of fraud will be examined in greater detail in Chapter 7.
Chapters 5 and 6 have therefore examined the types of fraud that may be
perpetrated in an electronic registration system; finding that some of these frauds
are frauds that may also be perpetrated in the paper registration system, while the
fraud discussed in this chapter can only be perpetrated in an electronic registration
system that restricts access to authorised users and requires its authorised users to
prepare and digitally sign land title instruments on behalf of their clients. This finding
answers the first part of the research question as stated in Chapter 1: will
automating the registration process within the Torrens system of land registration
have an impact on opportunities for perpetrating fraud? It also confirms the
hypothesis tested by this research, that automating the registration process will not
alter the opportunities for perpetrating frauds that are possible in the paper
registration system, with the possible exception of reduced opportunities for
fraudulent alterations; and that automating the registration system will introduce new
opportunities for perpetrating fraud. The analysis in the next chapter will assist in
answering the second part of the research question – ‘can fraud minimisation
strategies be used to counter this fraudulent conduct’ – as the next chapter
examines possible measures that may be implemented to minimise the types of
fraud that may occur in an electronic registration system, drawing upon the findings
from Chapters 3, 4, 5 and 6.
230
CHAPTER 7
THE TYPES OF MEASURES THAT MAY BE USED IN AN ELECTR ONIC
REGISTRATION SYSTEM TO MINIMISE FRAUD
Table of contents
7.1 Introduction......................................................................................................232 7.2 Drivers of fraud ................................................................................................232 7.3 Forgery ............................................................................................................234
7.3.1 Individual as client.....................................................................................234 7.3.1.1 Processes for executing the authorisation form ..................................234 7.3.1.2 Compliance with witnessing requirements..........................................235 7.3.1.3 Ensuring that the witness’ signature was not forged...........................236 7.3.1.4 Effectiveness in preventing fraud........................................................237
7.3.2 Company as client.....................................................................................239 7.3.2.1 Effectiveness in preventing fraud........................................................240
7.3.3 Attorney as client under false power of attorney........................................240 7.3.3.1 Effectiveness in preventing fraud........................................................241
7.4 Fraudulent alterations ......................................................................................241 7.4.1 Notification of alterations...........................................................................242 7.4.2 Tracking changes......................................................................................242 7.4.3 ‘Locking’ and examination of instruments lodged for registration...............243 7.4.4 Restricting access privileges .....................................................................245 7.4.5 Effectiveness of technological measures in minimising fraud ....................245
7.5 Misleading the signatory ..................................................................................246 7.6 Identity fraud....................................................................................................246
7.6.1 Documents used to verify identity..............................................................247 7.6.2 Whose identity is to be verified?................................................................249 7.6.3 Who verifies identity and when should identity be verified .........................249 7.6.4 Steps taken to verify identity .....................................................................250 7.6.5 Effectiveness in preventing identity fraud ..................................................250
7.6.5.1 Improving the issuing process of identity documents..........................254 7.6.5.2 Improving the accuracy of identity information held on databases ......255 7.6.5.3 Improving the security of identity documents ......................................256
7.7 Fraudulently accessing, preparing, digitally signing and lodging instruments for registration.............................................................................................................257
7.7.1 Measures to secure the digital certificate/PSP for digital signatures..........257 7.7.1.1 Strengthening the registration process for obtaining digital certificates/PSPs............................................................................................259 7.7.1.2 Secure methods for generating digital certificates/PSPs.....................261 7.7.1.3 Secure storage and usage of digital certificates/PSPs........................262 7.7.1.4 Secure selection and use of passwords .............................................266
7.7.2 Measures to strengthen the de-registration process..................................269 7.7.3 Safety mechanisms...................................................................................270
7.7.3.1 Permanent client identification numbers .............................................271 7.7.3.2 One-off client identification numbers...................................................272 7.7.3.3 Notification mechanism ......................................................................273
7.8 Preventing internal fraud..................................................................................274 7.8.1 Entry controls ............................................................................................276 7.8.2 Regular monitoring of personnel ...............................................................277
231
7.8.3 Audit trails .................................................................................................278 7.8.4 Education and training ..............................................................................279 7.8.5 Creating an anti-fraud culture....................................................................279 7.8.6 Fraud reporting and response ...................................................................280 7.8.7 A fraud control policy.................................................................................280
7.9 Summary .........................................................................................................282 7.10 Conclusion.....................................................................................................292
232
Chapter 7: The measures that may be used in an elec tronic registration
system to minimise fraud
7.1 Introduction
The negative effect of fraud on the twin goals of the Torrens system was
demonstrated in Chapter 2. This led to the conclusion in that chapter of the
importance of having the Torrens system operate in a framework in which fraud is
capable of being minimised, recognising that before using technology to automate
the registration process within the Torrens system, the fraud risks stemming from
such a move, as well as of the corresponding measures that may be used to
minimise these opportunities for fraudulent conduct should be analysed. As a result,
Chapter 5 found that all the paper based frauds, with the exception of fraudulent
alterations, may continue under an electronic registration system. Chapter 6 found
that automating registration could also create a new opportunity for fraud because of
the likelihood that authorised users will digitally sign electronic land title instruments
on behalf of their clients. Fraud is possible where someone has access to the
system and can use a digital certificate/PSP, by simply preparing the necessary
instrument, digitally signing it and lodging it for registration. The purpose of this
chapter is to complete the investigation of how these opportunities for fraudulent
conduct may be prevented or minimised.
A variety of measures may be implemented to minimise opportunities for fraud,
some may be technological whilst others may simply rely on adopting certain
practices or procedures, such as identity verification. A series of internal controls
may also be implemented by organisations involved in the conveyancing process to
prevent fraud by its employees. However, the analysis in this chapter will show that
ultimately the effectiveness of these measures in minimising fraud during the
conveyancing process will depend on care and vigilance in their use by all the
stakeholders in the conveyancing sector.
7.2 Drivers of fraud
Generally, the literature identifies the main causes of fraud to be perceived
pressures, such as financial or work-related pressures435, opportunity and perceived
435 For example, a KPMG survey conducted in 2004 found that the most common motivation for
perpetrating fraud was greed and lifestyle: KPMG, 'Fraud Survey 2004' (KPMG, 2004), 16. Lifestyle refers to a person aspiring to a lifestyle beyond current financial means: KPMG, 'Fraud Survey 2004' (KPMG, 2004), 16.
233
worthwhile outcomes.436 Hence it could be said that generally fraud will occur if a
combination of the above factors exists. This observation may be applied to the
frauds examined in this research, as demonstrated in the case examples described
in Chapter 3, in which the frauds were generally perpetrated because someone
required finance and perceived that finance could be obtained through fraud. That
accounts for why the types of transactions targeted were mortgages and transfers or
a combination of the two. As seen in Chapter 3, it is through these transactions that
a fraudulent person is able to obtain the required funds, either by securing a loan
using the property as security or by fraudulently selling it and absconding with the
proceeds. However, as Chapter 3 concluded, in order to perpetrate fraud, there
must also be an opportunity to do so. This opportunity may be readily available, for
example, if the victim hands the certificate of title to a close relative (the fraudulent
person) for safe keeping, or may be ‘created’ by the fraudulent person, such as by
forging the certificate of title. Thus the opportunity to perpetrate fraud is also a vital
driver of fraud, because it would be difficult to perpetrate it if an opportunity were not
available. Hence, one way of reducing fraud is to implement measures aimed at
minimising or closing opportunities for fraudulent conduct.
This is the focus of this research – how fraud opportunities may be minimised. An
examination of strategies that could be used to reduce the perceptions of worthwhile
outcomes from perpetrating land title fraud, such as through increased penalties for
fraudulent conduct, is beyond the scope of this study. Although it is recognised that
it may be possible to legislate to impose greater penalties on perpetrators of land
title fraud, analysis as to the type of penalty (such as fines or imprisonment) or the
manner in which State and Territory legislation may be amended to accommodate
this is beyond the scope of this research.
Since the focus of this research is on reducing the fraudulent person’s opportunity to
perpetrate land title fraud, this chapter will use the analyses in Chapters 5 and 6 of
the manner in which fraud is perpetrated and the factors facilitating fraud to identify
the measures that could be used to reduce opportunities for fraud. This is because
436 Ibid 17. Graycar and Smith identify motivation, presence of a prospective victim or target and
absence of a capable guardian as factors causing fraud: Russell Smith and Adam Graycar, 'Identifying and Responding to Corporate Fraud in the 21st Century' (Paper presented at the Australian Institute of Management, Sydney, 2003), 1; Adam Graycar and Russell Smith, 'Identifying and Responding to Electronic Fraud Risks' (Paper presented at the 30th Australasian Registrars' Conference, Canberra, 2002), 2.
234
the analysis on the manner in which fraud may be perpetrated and the factors
facilitating fraud reveal the opportunities available for fraudulent conduct.437
This chapter is organised in terms of the types of fraud capable of being perpetrated
in an electronic registration system, and for each type of fraud, the measures
targeted at reducing the opportunities will be proposed as a means of preventing or
minimising it.
7.3 Forgery
7.3.1 Individual as client
Chapter 5 found that fraud may be perpetrated in an electronic registration system
where the fraudulent person is given the opportunity to forge the client’s signature
on the authorisation form and the authorised user acting on behalf of the client
accepts it and proceeds with the transaction. It was said that this will usually occur in
situations where the fraudulent person is provided with the authorisation form for the
purposes of procuring execution by the victim. Witnessing requirements for
execution of the authorisation form may also be circumvented.
Hence, the measures that may be used to minimise the opportunities for
perpetrating this type of fraud must therefore address the processes by which the
authorisation form is executed and witnessed.
7.3.1.1 Processes for executing the authorisation f orm
Since the fraudulent person will only be able to perpetrate this fraud if he or she is
provided with the authorisation form, minimising the opportunities to obtain the
authorisation form would minimise his or her ability to perpetrate fraud by forging the
victim’s signature on the form. Thus, authorisation forms should never be sent to
one party for the purposes of procuring execution by another. In face-to-face
transactions, where the client meets with the authorised user in person and the
authorised user purports to act as witness to the signatures on the authorisation
form, he or she should comply with witnessing requirements and not attest to any
signatures not signed in his or her presence. That is, if there is more than one
signatory on the form, then all signatories should execute the form in the presence
437 See Steve Albrecht, Conan Albrecht and Chad Albrecht, Fraud Examination (2nd ed, 2006), 71:
‘Organizations can proactively eliminate fraud opportunities by (1) accurately identifying sources and measuring risks (2) implementing appropriate preventative and detective controls’.
235
of the authorised user. This will prevent the Young v Hoger and Sansom type
frauds.
Obviously it is not always possible for the client to sign the authorisation form in the
presence of the authorised user responsible for the transaction. The client may be
overseas or in a different State or Territory. In these non-face-to-face transactions,
documents may need to be sent to the client to procure execution by him or her. The
fraudulent person may take advantage of these circumstances or even fabricate
them so as to forge the victim’s signature. While it is likely that signatures on the
authorisation form would need to be witnessed, these requirements do not always
provide an effective safeguard against fraud, as they may be circumvented either
by:
• the fraudulent person forging the signature of the witness on the
authorisation form; or
• the witness purporting to witness the client’s signature on the authorisation
form even though it was not signed in his or her presence.
Hence, it is essential that witnessing procedures be made more effective as a
safeguard against fraud by:
• encouraging or enforcing compliance with witnessing requirements. As noted
in Chapter 5 and as seen in the case examples in Chapter 3, non-
compliance with witnessing requirements facilitates the perpetration of fraud
in both face-to-face and non-face-to-face transactions;
• adopting practices that enable forgery of the signatures of witnesses to be
detected.
7.3.1.2 Compliance with witnessing requirements
Persons who are eligible to act as witnesses should comply with witnessing
requirements and not witness a signature unless it is signed in their presence. This
applies to all those witnessing signatures on the authorisation form, including the
authorised user in a face-to-face transaction with a client.438 This would ensure that
fraud could not be perpetrated due to non-compliance with witnessing requirements.
438 Editorial comment, 'Indefeasibility of Title in Mortgage Transactions' (1995) ANZ ConvR 138, 147
noted that solicitors should refuse to ‘attest signatures except when the signature is affixed by the clients in the solicitor’s presence’.
236
7.3.1.3 Ensuring that the witness’ signature was no t forged
It will be more difficult to address the situation where the fraudulent person forges
the signature of the witness. This will usually occur in non face-to-face transactions.
One way to prevent this might be for authorised users relying on the authorisation
form to take an additional step and verify with the witness who purportedly
witnessed the signature(s) on the authorisation form that this did indeed happen.
The reasonableness of requiring users to take this additional step is an issue,
because:
• the current conveyancing practice that a party receiving instruments that
appear on the face of it to be executed and witnessed is entitled to believe
that the signatures were signed in the presence of the witness and that it is
not usual practice to contact the attesting witness to ensure that witnessing
requirements have been followed. If this practice were extended to the
execution of authorisation forms, a new requirement that authorised users
contact witnesses to verify execution would be a departure from this practice
and hence, perhaps, an unreasonable imposition; and
• the time that it would take the authorised user to contact the witness in order
to verify that he or she had indeed witnessed the signature(s) on the
authorisation form might be thought unreasonable.
Having said that, since it was found in Chapters 3 and 5 that one of the factors
facilitating fraud is this practice of being able to assume that an instrument has been
properly attested to if it appears on the face of it to be signed and the signature(s)
witnessed, perhaps the benefits in requiring users to perform this additional
verification would justify its cost. Perhaps one strategy that could be used to reduce
this cost would be to build a database of eligible witnesses.439 This could enable the
authorised user to make a cursory inspection to check whether the witness on the
authorisation form is on the database. Such a database might also allow the user to
contact the witness more readily in situations where the signature of the witness
looks suspect. However, this would require eligible witnesses to be registered with
the entity controlling the witnessing database and de-registered when no longer
wishing to act as witness. Additional issues to consider include:
439 See Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on
Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115, 132 suggesting that to ‘avoid the chance of forged witness signatures, potential witnesses could be registered at the Titles Office and recorded as having a seal or recognised signature which can be checked by the Office at the time the dealings are inspected’.
237
• which entity should be entrusted with the task of administering the database,
including administering the registration and de-registration process440?
• how would it be possible to ensure that witnesses who no longer wished to
act as witnesses would de-register from the database?
• how secure would the database be against external attacks?
If this obligation is imposed, further issues arising from this include:
• how could this obligation be imposed, legislatively or contractually?
• should penalties be incurred in situations where fraud occurs through a
failure to comply with this obligation?
Another method might be simply for the authorised user to confirm instructions with
all signatories to the authorisation form before proceeding with the transaction,
particularly for transactions which appear suspicious. As noted by an editorial
comment in the Australian New Zealand Conveyancing Report, it is prudent practice
for solicitors to ensure, amongst other things, that ‘each signatory is aware of the
true nature of the transaction’.441
7.3.1.4 Effectiveness in preventing fraud
In summary, it appears that the principal means of preventing forgery of signatures
is for the authorised user to be diligent in ensuring that the authorisation form has
been properly executed and witnessed before proceeding with the transaction. It is
also essential that witnesses comply with witnessing requirements.
440 See Hammond ibid at 132 suggesting that the Titles Office be responsible for registering
witnesses. Hammond identified several problems with this suggestion, including ‘the implementation of the ‘register’ of witnesses will pose administrative problems for the Titles Office, given the number and range of people who may seek registration’ and that it may be difficult for people to ‘gain access to a registered witness’ in country or remote areas.
441 See Editorial comment, 'Indefeasibility of Title in Mortgage Transactions' (1995) ANZ ConvR 138, 147. Also see Editorial comment, 'The Relevance of Indefeasibility of Torrens Title Land for Conveyancing' (1991) ANZ ConvR 496, 505 commenting that ‘there is considerable merit and prudence for solicitors when acting for parties acquiring interests in Torrens title land, particularly as purchasers or as mortgagees, to ensure (as far as possible) that their clients: (a) are dealing with the real (or actual) registered proprietors; (b) that the instruments are genuine, executed by the registered proprietors; (c) if possible, that each of the registered proprietors was aware of the transaction, having been represented by solicitors in the transaction’ and Editorial comment, 'Indefeasibility of Title in Mortgage Transactions' (1995) ANZ ConvR 138, 146 noting that Igarashi v APC International Pty Ltd [1996] 1 Qd R 267 ‘illustrates the precaution solicitors should take before acting on written authorities, possibly to verify that they are genuine, by contacting the client or by requiring the client to call personally and by verifying the client’s identity if not well known to the solicitor’. Also see the Law Society of Upper Canada, Due Diligence in Mortgage or Loan Transactions (2008) <http://www.lsuc.on.ca/media/apr0908_due_diligence.pdf> at 16 April 2008 instructing the lender to take steps to verify that the registered owner is in fact selling or mortgaging the property. ‘These steps should include at a minimum an on-site visit of the property or an on-site appraisal. Other steps that may be taken, depending on the circumstances, would include obtaining utility or realty tax bills, reviewing the MLS listing of the property or a phone call to the owner’ (at 2).
238
For non face-to-face transactions, where the fraudulent person may have the
opportunity to forge the signature of the witness, authorised users could take the
additional step of confirming instructions with all signatories on the authorisation
form before proceeding with the transaction, particularly if the transaction appears
suspicious. It might be possible for stakeholders involved in the conveyancing
process in Australia to compile a list of flags to be used by authorised users
representing clients in an electronic registration system to alert them of possible
fraudulent transactions.442 In the event that a transaction appears suspicious, the
authorised person could then take additional measures to ensure that the
transaction is not fraudulent.
It may be left to individual authorised users to formulate internal policies and
practices regarding executions and witnessing of authorisation forms. Alternatively,
a set of uniform best practice guidelines for the execution and witnessing of
authorisation forms could be formulated for imposition on all authorised users of the
system.
Imposing a set of uniform guidelines raises certain issues which are beyond the
scope of this research but may be the focus of future studies. These include:
1. who would be responsible for formulating these guidelines?
2. how would these guidelines be imposed on users of the system? Could they,
perhaps, be imposed contractually or legislatively?
3. should penalties be imposed for non-compliance with these guidelines? This
raises further issues, including:
a. what type of penalties may be imposed;
b. how may they be imposed;
c. under what circumstances would it be reasonable to impose such
penalties; and
d. what might be the effect of imposing these penalties on users’
liability?
442 The Law Society of British Columbia has compiled such a list: Law Society of British Columbia,
Practice Tips: Fighting Back Against Fraud (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-16_Tips-fraud.html> at 6 June 2006. Also see Law Society of Upper Canada, Practice Tips: Recognizing Fraud in Feal Estate Transactions (2004) <http://mrc.lsuc.on.ca/pdf/fightingRealEstate/july2304_fraud_indicators.pdf> at 24 May 2006 and Matthew Bransgrove, 'What Can Solicitors Do To Reduce Mortgage Fraud?' (2004) 42(10) Law Society Journal 52, 54 suggesting that solicitors should beware of urgency – ‘if a settlement is urgent, ask why is it urgent’.
239
Whether internal policies are formulated, or uniform best practice guidelines used,
the effectiveness of these practices in preventing fraud would depend on the
authorised users acting with care and diligence to ensure that authorisation forms
have been properly executed and witnessed and that additional steps are taken to
verify this in circumstances which appear suspicious.
Perhaps one way of encouraging users to exercise care and due diligence and to
observe these practices is through education and training. Users could be educated
about fraud risks and the importance of complying with these practices as a way of
reducing opportunities for fraud. They could also be trained to identify situations that
potentially indicate fraud and to be more careful and vigilant in those circumstances.
The use of education and training as part of a fraud preventative strategy raises the
issue of how it might be deployed effectively. Who should be responsible for
compiling the material for education and training and for overseeing that those who
need it receive them? Should it be left to individual organisations or should it be
centrally controlled, coordinated and administered? These issues are beyond the
scope of this research but may be the focus of future studies.
7.3.2 Company as client
As noted in Chapter 5, the way in which a company’s execution of the authorisation
form may be forged and fraud perpetrated depends on how companies are allowed
to execute the authorisation form in an electronic registration system. It was found in
Chapter 5 that, if this way is by individuals authorised to sign on behalf of the
company placing handwritten signatures on the authorisation form, fraud may be
perpetrated in the same manner as forging the signature of an individual on the
authorisation form. If, however, companies can continue to execute the authorisation
form in the same way as they would execute a land title instrument under the paper
registration system, then fraud could be perpetrated by fraudulently affixing the
company seal on the authorisation form and fraudulently witnessing this. It was also
concluded in Chapter 5 that as with forgery of the individual’s signature on the
authorisation form, fraud by forging the company’s execution on the authorisation
form will only occur in situations where the fraudulent person is given access to the
authorisation form to procure its execution.
As the manner of perpetrating this fraud, including the circumstances where it may
be perpetrated, is similar to forgery of an individual’s signature on the authorisation
form, particularly if the execution of authorisation forms for companies is by
240
individuals signing the authorisation form on behalf of the company, the earlier
discussion above on measures that may be used to minimise forgery of an
individual’s signature will be applicable here.
In addition, since fraud may be facilitated in situations where the authorised user
preparing the authorisation form fails to verify the authority of those executing the
authorisation form on behalf of the company, authorised users could also obtain an
up-to-date corporate search to ensure that those signing on behalf of the company
are authorised to do so, by checking the names of the individuals found in the
corporate search against the names on the authorisation form.443 It may be left to
individual users’ internal policies to require that these company searches be
obtained and names cross referenced, or it could be formalised into a set of best
practice guidelines for execution and witnessing of authorisation forms for
corporations. While it may be argued that such searches are not required to be
done, due to the assumptions that can be made under the Corporations Act 2001
(Cth), it is submitted that it would be prudent to do them as a fraud minimisation tool.
As seen in Chapter 3, in both Pyramid and Sixty Fourth Throne, had the
mortgagee’s solicitors performed such a search and diligently cross-referenced the
names found with the names on the mortgage instrument, the fraud might have
been discovered.
7.3.2.1 Effectiveness in preventing fraud
The analysis above in [7.3.1.4] is again applicable here.
7.3.3 Attorney as client under false power of attor ney
As seen in Chapter 5, fraud may be perpetrated if the fraudulent person is able to
falsify a power of attorney and as attorney, signs the authorisation form purportedly
on behalf of its donor. This type of fraud may be prevented if some form of
verification is made of the authenticity of the power of attorney, before allowing the
attorney to sign the authorisation form, such as by contacting the donor or the
person purportedly acting as witness to the power of attorney. However, as noted in
Chapter 3, it is not common practice for either of these to be done, particularly if the
power of attorney appears on the face of it to be duly executed and witnessed and
443 See for example Law Society of British Columbia, Real Estate Fraud - A Prevention Primer (2005)
<http://www.lawsociety.bc.ca/publications_forms/iissues/05-03_risk.html> at 4 September 2006 suggesting that lawyers in British Columbia obtain their own updated copy of a corporate search and to ensure that ‘the individual signing on behalf of the corporation is authorized to do so, and that the requirements for executing a document on behalf of a company are met, particularly the requirement for multiple signing officers as provided in the by-laws of the company’.
241
registered with the relevant Land Titles Office. Perhaps in circumstances where the
transaction appears suspicious, indicating fraud, the authorised person could make
further enquiries such as by contacting the donor. Such a circumstance may be
where it appears that the donor of the power of attorney is to receive little benefit
from a transaction and yet the donee is to receive a considerable benefit.444 In
these circumstances, additional enquiries could be made. It may also be possible for
stakeholders involved in the conveyancing process in Australia to compile a list of
flags alerting authorised users to possible fraudulent transactions involving powers
of attorney.
7.3.3.1 Effectiveness in preventing fraud
As in the analysis above in [7.3.1.4], it could be left to individual authorised users to
formulate internal policies and practices regarding executions of authorisation forms
by attorneys, or alternatively, a set of uniform best practice guidelines for the
execution and witnessing of authorisation forms by attorneys could be formulated.
This analysis on how these uniform guidelines may be imposed on authorised users,
and the issues consequently raised also remain applicable here.
Whether internal policies are formulated or uniform best practice guidelines used,
their effectiveness in preventing fraud would depend on authorised users acting with
care and diligence and taking additional steps to verify the authenticity of the power
of attorney in circumstances which appear suspicious. The analysis in [7.3.1.4] on
how users may be encouraged to exercise care and due diligence, such as through
the use of education and training, is again applicable here.
7.4 Fraudulent alterations
It was found in Chapter 5 that opportunities for fraudulent alterations may be
reduced in an electronic registration system, particularly if the system:
• invalidates all digital signatures applied to the instrument when any alteration
is made to it after digital signatures have first been applied;
• rejects any instrument for lodgement that has not been digitally signed; and
• requires digital signatures to be applied by the authorised users representing
all the various parties to the transaction.
444 See the discussion in chapter 3 and Yaktine v Perpetual Trustees Victoria Ltd [2004] NSWSC
1078, [65].
242
Other technological measures that may be used in an electronic registration system
to minimise fraudulent alterations are considered below. This is not an exhaustive
list; other types of technology could be employed. It is however beyond the scope of
this research to canvass every possible technology that could be used.
7.4.1 Notification of alterations
Where a transaction has been altered after digital signatures have been applied to it,
an electronic registration system might have a notification facility that sends a notice
out to the relevant authorised users involved in the transaction, notifying them:
• that the transaction has been altered; and
• asking for digital signatures to be re-applied to the transaction.
Such a notification facility would assist in alerting authorised users that changes
have been made,445 so they can examine the instrument, confirming any changes
made, before re-applying their digital signatures.
7.4.2 Tracking changes
Such a facility assists authorised users in keeping track of alterations made to
electronic instruments created by them and therefore alerts them to unauthorised
alterations. An example is the New Zealand system which has the following
facilities:
• it displays the time and date when an eDealing has last been modified;
• it displays the status of the eDealing as it progresses through the
conveyancing process. There are four levels of status: draft, signed,
released and rejected.446 When an eDealing has been certified and signed
by both parties, its status changes from ‘draft’ to ‘signed’;447 When it has
been released448, the status changes to ‘released. When anyone edits an
eDealing that has been released, Landonline clears all certifications and
signatures and returns the eDealing status from ‘released’ to ‘draft’.449
445 Land Information New Zealand, Landonline E-Dealing Handbook for Students (2008)
<http://www.landonline.govt.nz/edealing/training-resources/education-resources/index.asp> at 8 April 2008, 39.
446 Ibid 15. 447 Ibid 15. 448 In Landonline, each eDealing must be released before it can be submitted for registration. The
release function is usually performed by the Primary Contact. Release is analogous to attending settlement and passing the documents: Ibid 39 & 40.
449 Ibid 15 & 39.
243
An alternative is to use version control numbers, such as in the system in British
Columbia, so that a new version control number is assigned to the instrument
whenever it is edited. This again assists in alerting users that changes have been
made to the instrument.
7.4.3 ‘Locking’ and examination of instruments lodg ed for registration
As adverted to in Chapter 4, the system may also incorporate a ‘locking’ mechanism
that would prevent instruments lodged for registration from being altered, and would
thus assist in preventing fraudulent alteration of documents in transit – between
lodgement and registration.
In addition, the system may also use automated checks to be run on instruments
lodged for registration to ensure that the instrument lodged has remained unaltered
from the time that it was digitally signed on the system, but before lodgement, up to
when it was received by the relevant Land Titles Office.450 This facility will provide
yet another layer of security in preventing unauthorised alterations to electronic
instruments en route to the relevant Land Titles Office and while they are being
processed at the Land Titles Office.
Should manual examinations currently performed by officers at the Land Titles be
retained as a security measure against fraudulent alterations? This question was
raised in Chapter 4. As well, Chapter 4 also questioned whether:
• automated checks run by the system might provide the same or a better
level of security than manual examinations; and
• whether it would be more secure for the system to require a manual update
of the electronic register than if it allowed for automatic registration of
instruments lodged for registration.
It is submitted that automated checks, if properly configured451, should provide the
same level of security as manual examinations, so that in such an electronic 450 As discussed in chapter 4, it is envisaged that the proposed NECS will have this facility: National
Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.3.5].
451 The precise nature in which an automated checking facility may be configured is beyond the scope of this research. At a minimum, the facility should be configured to verify the authenticity of the digital signatures applied to electronic instruments, cross reference data on the electronic instrument with data on the electronic register, and verify that instruments lodged for registration remain unaltered. See for example, the discussion in Chapter 4 and National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [9.3.5] regarding automated checks for the proposed NECS.
244
registration system, manual examinations may be discarded without any erosion of
security. The concern with replacing manual examinations with automated checks is
that the automated checking facility is dependent on technology, which may fail.
Having said that, as concluded in Chapter 5, the effectiveness of manual
examinations is dependent on examining officers and the diligence exercised by
them during the examination process; so that neither of these two processes can be
considered as full proof against fraud.
As to whether an electronic registration system could replace manual with automatic
registration without any erosion to security, an electronic registration system with a
properly configured automated checking facility could accept automatic registration
of instruments lodged, so long as they go through the automated checks. In New
Zealand, where lodgement of automatically registrable e-dealings leads to automatic
registration without manual intervention from LINZ, concerns have been raised that
this process imposes a heavy obligation on conveyancers, who must certify and
digitally sign these instruments before they can be lodged for registration, to ensure
that the certifications are correct for the purposes of registration.452 According to
Thomas, this ‘non-intervention of the registry staff checking for flaws in the
documentation’ has made ‘title less secure’.453 Stakeholders may also be reluctant
to discard these manual processes in favour of automated processes due to a lack
of trust or confidence in a completely automated system without any manual
intervention. Further research may be required to examine this issue.
Perhaps one solution might be to use automated checks in conjunction with manual
examinations and to retain manual updates of the register. As confidence in the
system grows, manual examinations and manual updates of the register may be
phased out, to be replaced with automatic updates of the register upon successful
automated checks.454 It may also be possible to retain manual updates of the
register for certain transactions, such as transactions which effect a change of
ownership, and to allow automatic registration for others.
452 See Rouhshi Low, 'Maintaining the Integrity of the Torrens System in a Digital Environment: A
Comparative Overview of the Safeguards Used Within the Electronic Land Systems in Canada, New Zealand, United Kingdom and Singapore' (2005) 11(2) Australian Property Law Journal 155, 177 and Ben France-Hudson, 'Living in Interesting Times - Landonline, Leader in its Field at What Cost?' (2006) 12 Canterbury Law Review 121.
453 See Rod Thomas, ‘Fraud, Risk and the Automated Register’ in David Grinlinton (ed), Torrens in the Twenty-first Century (2003) 349, 366-367.
454 Mr Darcy Hammett, Director of Strategic Operations, Land Title and Survey Operation of British Columbia agreed that this phased approach could be adopted: Darcy Hammett <[email protected]>, email (13 June 2007).
245
7.4.4 Restricting access privileges
Finally, restricting access privileges for instruments created on the electronic
registration system to those authorised users involved in the transaction or
nominated to have access to the instrument may also assist in minimising fraudulent
alterations. For example, in the Ontario system, the authorised user creating an
instrument may grant access to that instrument to other authorised users so that
access to that particular instrument is limited to those users. However, if the
fraudulent person is able to obtain possession of the authentication method of an
authorised user of the system (such as the user’s username or digital
certificate/PSP) and has knowledge of the password, he or she would be able to
access the system and access all instruments that that user has created or has
access to.
The manner in which access privileges are granted must also be secure, to ensure
that only those authorised users intended to be granted access will receive the
message. For example, one of the risks identified by the Clayton Utz risk
assessment report was that the NECS system security may be inadequate, enabling
a third party to intercept workspace ID when it is sent to subscribers.455 One way of
increasing security may be to use encryption.456
7.4.5 Effectiveness of technological measures in mi nimising fraud
The conclusion drawn in Chapter 5 on fraudulent alterations was that the most likely
means of detecting this fraud is through the authorised users before the instrument
is lodged for registration; hence the effectiveness of these technological strategies in
minimising fraud is dependent on the users of the system. Authorised users need to
understand how to use the technology offered by the system and must remain
diligent in using it. In this regard, authorised users could be given training on how to
use these technological features of the system so that they know how to take
advantage of the system’s technological features as a tool to prevent fraud. How
may users be encouraged to practice due care and diligence? As noted in [7.3.1.4], 455 See National Electronic Conveyancing Office, Risk Assessment of the National Electronic
Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007, Volume 3, 29, risk reference 42. In the proposed NECS, the initiating subscriber through its user or certifier will create the workspace and select other subscribers who will be involved in the transaction to be given access to the workspace. NECS will then email the subscriber notifying the subscriber of the details of the intended transaction as well as the unique number of the workspace: National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007), [7.6].
456 In Ontario for example, access to a document is given to other users by sending messages. These messages are encrypted so that ‘only the sender and recipient of the message can access them’: Teranet Inc, Teraview Reference Guide 5.3.3 (2007) <http://www.teraview.ca/resupgrades/ru_manuals.html> at 28 April 2008, 136.
246
education on the importance of being vigilant when using the system to ensure that
no unauthorised changes have been made on electronic instruments to which they
are responsible for may be the least intrusive method. It may also be possible to
formulate a set of best practice guidelines, instructing users on the various
technological tools available as well as stressing the importance of being vigilant
when using the system to detect any unauthorised alterations. The manner in which
such guidelines may be imposed on users and how users may be encouraged to
observe these guidelines is beyond the scope of this research but may form the
basis of future studies. The analysis in [7.3.1.4] is also applicable here.
7.5 Misleading the signatory
This type of fraud may be perpetrated in an electronic registration system if, as
noted in Chapter 5, it is possible to mislead or induce the victim into executing the
authorisation form. This would be the case in circumstances where the authorised
user responsible for the transaction provides the fraudulent person with the
authorisation form for the purposes of procuring execution from the victim so that the
authorisation form is not signed in the presence of the user. Witnessing
requirements could be circumvented by the fraudulent person either:
• forging the signature of the witness; or
• having the authorised user witness the signature of the victim even though it
was not signed in his or her presence.
As the circumstances in which this fraud may be perpetrated, including the factors
facilitating the fraud, are similar to forgery of signatures, the analysis in [7.3] as to
the type of measures that may be used to minimise fraud by forgery and their
effectiveness in minimising this type of fraud would also apply here.
7.6 Identity fraud
It was found in Chapter 5 that identity fraud may be perpetrated in an electronic
registration system in the same manner as in the paper registration system - where
the fraudulent person is able to successfully impersonate the victim of the fraud so
that the authorised user responsible for the transaction believes that he or she is the
victim and has a right to deal with the land. How this may be achieved would depend
on the method used by the system to establish identity and the right to deal with the
land. As seen in Chapter 4, in some electronic registration systems, use of the paper
certificate of title will be abolished. Instead, identity will be required to be verified
during the execution of the authorisation form and various forms of identity
247
documents, such as passport and drivers licence, may be used to establish identity.
It may also be possible for an electronic registration system to retain use of the
certificate of title, such as that proposed by the Victorian EC system (though this is
an electronic certificate of title). Whichever method is used, it was found in Chapter
5 that identity fraud may be perpetrated if the fraudulent person is able to
successfully circumvent the method used by the electronic registration system to
establish identity and the right to deal with the land.
Chapter 5 also found that a lack of diligence in verifying the identity of the person
claiming to have a right to deal with the land may be a factor facilitating identity fraud
in an electronic registration system. Thus, one way to minimise identity fraud within
the Torrens system would be to establish strict procedures for verifying identity or if
such a process already exists, to strengthen the process used. This observation
applies both to systems where certificates of title will no longer be used and to those
where they will continue to be used. The following suggests certain practices that
may form the basis of a verification of identity procedure or which may be used to
strengthen existing procedures so as to minimise the opportunities of fraudulent
persons to perpetrate identity fraud within an electronic registration system.
7.6.1 Documents used to verify identity
As seen in Chapter 3, within the Torrens system the certificate of title is generally
used as evidence of a right to deal. Production of the paper certificate of title alone
is insufficient to establish right to deal, because there is nothing linking the name on
the certificate of title with the person in possession of it. Fraudulent persons are able
to perpetrate identity fraud in the paper registration system because of the
assumption that the person in possession of the certificate of title is the one named
on it.
Hence, other types of identity documents should be used, perhaps in conjunction
with the certificate of title if they continue to be used in the electronic registration
system.
As to what types of identity documents may be used, at present in Australia, there is
no one organisation designated to issue identity documents that may be used as
proof of identity. Thus there is no one type of identity document that may be used to
evidence identity. Rather identity documents that are issued by various State and
248
Commonwealth agencies, such as driver’s licences and passports are usually used
to establish identity.
Within the Torrens system, an evaluation should be made as to the types of
documents that may be accepted to validate evidence of identity.457 For example,
certain documents that are inherently easy to forge should be excluded, and
documents containing photographic identity should be included because it would be
harder to impersonate another if photographic means are required to establish
identity.
A process that may be used to verify identity is the 100-point score system used by
cash dealers for the verification of identity of account signatories under the Financial
Transaction Reports Act 1988 (Cth) and the Financial Transactions Reports
Regulations 1990 (Cth). Under this system, different scores are allocated to different
types of identity documents and the individual must achieve a score of “100” before
successful verification of identity is accepted.
Thus, if certificates of title modelled along the proposed Victorian EC system
continue to be used in an electronic registration system, and if the certificate of title
exists in paper format, then, as with the paper registration system, the certificate of
title should be produced before the transaction may proceed.458 However, other
identity documents should also be produced, including some with photographic
identity, so that it may be positively established that the person in possession of the
certificate of title is indeed the person named on the certificate, rather than merely
assuming this to be so.
If the certificate of title already exists in electronic format or if certificates of title are
not used, other identity documents should be produced to establish identity. In
addition, the authorised user handling the transaction should also consider obtaining
additional evidence linking the person to the property, such as a local government
457 See Suresh Cugnasen and David Lacey, Identity Fraud in Australia: An Evaluation of its Nature,
Cost and Extent (2003), 115. 458 Steps may also be taken to improve the security features of the certificate of title to make
certificates of title more difficult to forge. See for example, the initiative undertaken by the New South Wales Department of Lands in 2004 of issuing a new format for NSW certificates of title. The new format has a number of security features to support identification of an authentic certificate of title. These include: a certificate authentication code, an embossed silver foil seal, a watermark, fine-line background printing, document numbering and light-sensitive ink areas: NSW Department of Lands, New Security Features for NSW Certificates of Title (2004) < http://www.lands.nsw.gov.au/_media/lands/pdf/fact_sheets/land_and_property_information/LPI_CT_36032_Brochure.pdf> at 8 April 2008.
249
rates notice showing ownership of the property, particularly in situations where the
authorised user has not dealt with the client before.459 In cases where ownership is
yet to be proven, such as where the client is a new purchaser, then other
documentation may be used to demonstrate the client’s entitlement to enter into the
transaction, such as a contract of sale.
7.6.2 Whose identity is to be verified?
Where the client is an individual, then it is that individual’s identity that should be
verified. For companies, it is suggested that the identity of companies may be
established in the following manner:460
• by the authorised user obtaining a current company search so as to confirm
the details of the company, including details of current officers, so as to
ensure that the officers signing on behalf of the company is authorised to do
so; and
• verifying the identity of each officer signing on behalf of the company.
Where the person signing the authorisation form is doing so under a power of
attorney, the identity to be verified should be that of the attorney. Finally, it is
recommended that identification for all clients must be provided by each client
personally unless it is not possible to do so, and where there is more than one client
involved in the transaction, the requirement for identification should extend to all of
them.
7.6.3 Who verifies identity and when should identit y be verified
It is suggested that the process used in the New Zealand system be followed, that
is, identity should be verified when the client signs the authorisation form, so the
person verifying identity would be the person acting as witness to the client’s
signature on the authorisation form. In face-to-face transactions, this may be the
authorised user. In non face-to-face transactions, procedures will have to be
established as to who may be eligible for verifying identity. It might be decided to
restrict the class of persons who may be eligible to verify identity to certain persons,
such as solicitors, barristers, and justices of the peace.
459 See for example, New Zealand Law Society, EDealing Guidelines (for Electronic Registration)
(2007) <http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008, Guideline J. 460 Graeme Howatson, 'Identity Fraud and the Mortgagee' (2006) 28(2) Proctor 41, 41 and Law
Society of British Columbia, Real Estate Fraud - A Prevention Primer (2005) <http://www.lawsociety.bc.ca/publications_forms/iissues/05-03_risk.html> at 4 September 2006.
250
7.6.4 Steps taken to verify identity
It is suggested that at a minimum, the user verifying identity should take reasonable
steps when verifying identity to establish that the client is the person he or she
claims to be. Details or information about the identification obtained should also be
retained.
However, should authorised users be required to go a step further and provide
certifications that identity has been verified, as required in the New Zealand system
where conveyancers have to provide certifications, including one that identity has
been verified? This issue was raised by Christensen in 2004, questioning the need
for it, particularly as it is not required in the current paper registration system.461
I submit that what is vital in the prevention of identity fraud is for verification of
identity to be done diligently and with vigilance. To answer the question raised in
Chapter 4, as to whether certifications as to identity will assist in minimising identity
fraud, the answer is that if requiring them will ensure that those responsible for
verification will be diligent, then yes, they will assist in this. However, it is argued that
identity fraud may be minimised without requiring certifications, provided that those
responsible for verifying identity act with care and due diligence during this process.
7.6.5 Effectiveness in preventing identity fraud
An identity verification process assists in deterring identity fraud by increasing the
effort required to perpetrate it; this requires identity to be proved, which requires
more effort than if it may be assumed. So the answer to the question raised in
Chapter 4 as to whether an identification process might assist in minimising identity
fraud is – yes it would.462
However, the effectiveness of such a measure depends on those responsible for
verification; the process will not be effective if they are not diligent. As noted by
Smith, in his consideration of the 100-point system:
461 See Sharon Christensen, 'Electronic Land Dealings in Canada, New Zealand and the United
Kingdom: Lessons for Australia' (2004) 11(4) Murdoch University Electronic Journal of Law . Also see Ben France-Hudson, 'Living in Interesting Times - Landonline, Leader in its Field at What Cost?' (2006) 12 Canterbury Law Review 121.
462 According to the Victorian Report on the Victorian Fraud Experience, the reason why fraud claims reduced from six a year in the early and mid 1990s to about to two a year in the late 1990s was the increased vigilance by banks and the legal profession in verification of identity procedures: John Barry, Deputy Registrar of Titles, Land Registry, Victoria <[email protected]>, email (28 September 2005).
251
Although the 100 points system itself provides a reasonable means of establishing
identity, in practice it is easy to circumvent, largely through the inability of staff whose
staff it is to verify documents to be able to do so quickly and accurately.463
Should it be left to individual authorised users to formulate policies and practices in
these matters, or should the system impose a formal process for verification of
identity with identified best practice guidelines? The imposition of a formal process,
such as that required in the New Zealand system and the proposed NECS is likely
to be more effective than if this is left to individual users, ensuring uniform
implementation of identity verification procedures and uniform best practice
standards.
Imposing penalties for non-compliance may be another strategy for encouraging
compliance. However, this raises further issues including:
• the type of penalties that may be imposed;
• the manner in which these penalties be imposed, whether contractually or
legislatively; and
• whether it would be reasonable to impose them.
Whilst an analysis of the use of penalties as a strategy to encourage compliance is
beyond the scope of this research, perhaps one penalty that may be examined
would be disentitling a party who fails to verify identity of an indefeasible title. This
penalty is used in Queensland, where provisions were introduced into the Land Title
Act 1994 (Qld) requiring mortgagees to take reasonable steps to verify the identity of
the person purporting to sign a mortgage as mortgagor. Section 11A of this Act
imposes an obligation on the mortgagee to take reasonable steps to ensure that
they are dealing with the true owner of the land. Similar obligations are imposed on
the transferee of a registered mortgage (section 11B). Indefeasibility is denied in
situations where the mortgagee has failed to comply with sections 11A or 11B, and
this failure enables the mortgage to be executed by someone other than the true
owner.464 As noted by Weir, these provisions were introduced to ‘create greater
discipline in the finance industry by punishing lax identification procedures when
dealing with persons purporting to be registered owners’.465
463 Russell G Smith, 'Addressing Identity-Related Fraud' (Paper presented at the Cards Australasia
2003, Melbourne, 2003), 11. 464 See Land Title Act 1994 (Qld), s 185(1A). 465 Michael Weir, ‘Indefeasibility: Queensland style’ (2007) 15(1) Australian Property Law Journal 79,
79.
252
It is suggested that the Queensland approach may provide a greater incentive for
compliance with identity verification procedures because of the consequent loss of
an indefeasible title. However, imposing such a penalty raises other issues, such as
the level of verification to be required of mortgagees. In Queensland, the level is that
of ‘reasonable steps’; that, in itself, raises another question: of what are these
constituted? In Queensland, the mortgagee is said to have taken reasonable steps
when complying with practices listed in the manual of land title practice, under
section 9A(2)(c), for the verification of identification of mortgagors.466 However, what
is provided in this manual are non-exhaustive guidelines, leaving open the possibility
that disputes may arise in the future as to whether a mortgagee has taken
reasonable steps.467 It is beyond the scope of this research to examine these issues
in detail, but they could form the focus of further studies.
Verification of identity processes may also be enhanced through a flagging
mechanism – a list of flags may be compiled that are designed to alert those
responsible for verifying identity to suspicious circumstances warranting further
checks.468 Examples may be where the name on an identity document produced by
the client does not exactly match the name of the current registered proprietor as
shown on title searches, or where the gender of the client appears to be different to
that of the current registered proprietor, as indicated by his or her name on the title
search.469
Whichever method is used, the effectiveness of identity verification processes in
preventing identity fraud depends on those responsible for following them, who
should, at all times, act with care and diligence, and take additional steps to verify
identity when circumstances appear suspicious. The analysis in [7.3.1.4], on
encouragement of users to exercise care and due diligence is applicable here,
466 See Land Title Act 1994 (Qld), ss 11A(3) and 11B(3). 467 For a more in depth discussion of the Queensland provisions, see Michael Weir, ‘Indefeasibility:
Queensland style’ (2007) 15(1) Australian Property Law Journal 79. 468 See for example Fraud Advisory Panel (UK), Identity Theft: Do You Know the Signs? (2003)
<http://www.fraudadvisorypanel.org/newsite/Publications/Publications_advice.htm> at 26 June 2007 suggesting that a database may be created identifying the various indicators of identity fraud.
469 See Matthew Bransgrove, 'What Can Solicitors Do To Reduce Mortgage Fraud?' (2004) 42(10) Law Society Journal 52, 54 and Law Society of Upper Canada, 'Fighting Real Estate Fraud: Why It's Important for Real Estate Lawyers (Continuing Legal Education Seminar)' (2004). Also see Law Society of British Columbia, Practice Tips: Fighting Back Against Fraud (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-16_Tips-fraud.html> at 6 June 2006, Law Society of British Columbia, Real Estate Fraud - A Prevention Primer (2005) <http://www.lawsociety.bc.ca/publications_forms/iissues/05-03_risk.html> at 4 September 2006 for other red flags that might be used.
253
including the use of education and training, which could also cover ways of
recognising or detecting false or altered documents.470 Also, there could be more
cooperation between the various stakeholders in the conveyancing process; for
example, if an authorised user detects a fake identity, he or she should inform other
authorised users of the system. Incidentally, the system could build a fraud
database containing details of all identities that were stolen and used by fraudulent
persons to perpetrate identity fraud within the system, open to all users of the
system who could use it to cross-reference names when verifying identity.471
An identity verification process might be effective in preventing identity fraud in
those situations where the fraudulent person does not have in their possession
suitable identification, so that an increased vigilance in identity checking will act to
prevent identity fraud. However, in situations where the fraudulent person has the
required identification in his or her possession, simply verifying this may not be able
to prevent fraud.472 As seen in Chapters 3 and 5, such identification may be
obtained as follows:
• by stealing it;
• through forgery – as noted by Hengeveld, every type of identification can be
forged;473 or
• where the fraudulent person was able to obtain genuine identity documents
under false pretences, for example, by deceiving the organisation issuing the
identity documents so that genuine identity documents are issued to the
fraudulent person although he or she is not entitled to them.
An example illustrating such a situation is the New Zealand case noted in Chapter 5,
where it was noted that the solicitor who had unwittingly helped the fraudulent
470 Russell Smith, 'Best Practice in Fraud Prevention' (Australian Institute of Criminology, 1998), 4 and
Fraud Advisory Panel (UK), Identity Theft: Do You Know the Signs? (2003) <http://www.fraudadvisorypanel.org/newsite/Publications/Publications_advice.htm> at 26 June 2007.
471 See Fraud Advisory Panel (UK) ibid 10 & 12 suggesting developing a database of known fraudulent persons and setting up a central register of stolen identities and documentation.
472 See Norman Siebrasse, 'Report on Land Title Practices and Fraud' (Canada Mortgage and Housing Corporation, 2003), 40.
473 Ben Hengeveld, 'Fraud Smarts - Identity/Personation/Mortgage Fraud' (Paper presented at the The 2nd Annual Real Estate Law Summit, Toronto, Canada, 6 & 7 April 2005).
254
person in the fraud by acting on her behalf had done all that he could reasonably
have done in the circumstances to establish her identity.474
As noted by the Parliamentary Joint Committee on the Australian Crime
Commission, discussing the 100 point system but the comment is relevant to any
type of identity verification process:
The 100-point check requires provision of original documents, and the increased
ability to copy and forge documents easily undermines the integrity of the system,
although it is clearly an improvement on no system at all.475
This ability to circumvent identity verification procedures shows that, to be effective
in preventing identity fraud, the problem needs to be addressed on a wider,
nationwide level. It is beyond the scope of this research to examine in detail the
various strategies that may be used to deal with identity fraud on such a level but
they may include measures such as those in the following sections.
7.6.5.1 Improving the issuing process of identity d ocuments
In Australia, one of the problems with not having a single organisation designated to
issue proof of identity documents is that it creates inter-dependency between the
organisations that issue those documents that are generally accepted as proof of
identity documents and the organisations who rely on them. Organisations issuing
identity documents generally rely on identity documents issued by other
organisations and vice versa. For example, when issuing passports, the Department
of Immigration and Multicultural Affairs may rely on drivers’ licences issued by the
Department of Transport and vice versa. Both these documents may then be used
to satisfy the 100 point identity check used by banks. This inter-dependency allows
criminals to attack the organisations with the weaker security measures to obtain
identity documents and then use these to apply for and accumulate further identity
documents; when they have sufficient, fraud may then be perpetrated.
The processes used by various agencies in Australia to issue documents that are
generally accepted as proof of identity could be improved so as to ensure they are
474 See Catriona MacLennan, 'Warning About Conveyancing Fraud Using False Passports' (2005)
(39) Auckland District Law Society Law News 1, 3: ‘ADLS Professional Standards Director Andrew Burger said that Mr Thomas [the solicitor who unwittingly helped the woman in the fraud by acting for her] appeared to have done everything that could reasonably have been expected of him in the circumstances’.
475 Parliamentary Joint Committee on the Australian Crime Commission, 'Cybercrime' (Parliament of the Commonwealth of Australia, 2004), 9 and 44.
255
issued to genuine persons and not to fraudulent persons. In this regard, the
Australian Government’s Document Verification Service (DVS), when it is launched
as a full scale system, may be used to improve issuance processes. This is an
online system that verifies proof of identity documents presented to participating
agencies, allowing them to verify that the details on them are accurate. The system
also has a cross-checking function which detects stolen or fraudulent documents.476
7.6.5.2 Improving the accuracy of identity informat ion held on databases
Support could be provided to those agencies issuing documents accepted as
identity documents to ensure that the information held on their databases is
accurate. As noted by Main and Robson:
[A] critical factor in preventing identity fraud is the constant commitment by agencies to
ensure the identity information they hold on their customers is of the highest integrity.
A necessary milestone in achieving this is to ‘clean’ agency databases of redundant
records to ensure there is only one customer registration recorded for each identity.477
Smith478 suggests that greater cooperation between these organisations will enable
them to cross-validate data so that one government agency can confirm data with
another, helping them to detect inconsistencies in the data and ensuring that the
data in different agencies match up, to help minimise identity fraud. As noted by
Main and Robson:
Data matching across agencies will enable a more thorough process in erasing a
range of false identity types and will assist in the detection of identity fraud in fictitious
names.479
476 Australian Government Attorney-General’s Department, Identity Security (2008)
<http://www.ag.gov.au/www/agd/agd.nsf/Page/Crimeprevention_Identitysecurity>at 8 April 2008. 477 Geoff Main and Brett Robson, 'Scoping Identity Fraud' (Attorney General's Department, 2001), 33.
See also Russell G Smith, 'Biometric Solutions to Identity-Related Crime: Evidence Versus Policy' (Paper presented at the Delivering crime prevention: Making the evidence work, Sydney, 2005), 4 and United Kingdom Cabinet Office, 'Identity Fraud: A Study' (Cabinet Office, 2002), 25.
478 Russell G Smith, 'Addressing Identity-Related Fraud' (Paper presented at the Cards Australasia 2003, Melbourne, 2003), 11. Also recommended by Main & Robson, see recommendations 8 and 9. Recommendation 8 is for Commonwealth agencies to make greater and more coordinated use of the Births Deaths Marriages Fact of Death data to improve the quality of their registers: Geoff Main and Brett Robson, 'Scoping Identity Fraud' (Attorney General's Department, 2001), 34. Recommendation 9 is for Commonwealth agencies to undertake greater cross agency data matching to cleanse their database: Geoff Main and Brett Robson, 'Scoping Identity Fraud' (Attorney General's Department, 2001), 34.
479 See Main and Robson ibid at 34.
256
7.6.5.3 Improving the security of identity document s
The security of identity documents should be improved, to make it more difficult for
fraudulent persons to counterfeit or forge them.480 For plastic cards, the technology
may include security printing, micro-printing, holograms, embossed characters,
tamper-evident signature panels, magnetic strips with improved card validation
technologies and indent printing.481 Issuers also should constantly review the
security features on identity documents to keep up to date with technology. Training
and education may need to be provided so that those who are required to validate
identity are kept familiar with all of the features present in a legitimate identity
document and trained to recognise counterfeit copies.482
The above analysis shows that preventing identity fraud requires a multifaceted
approach, from implementing a stringent identity verification process, to educating
employees on how to verify identity and to addressing the identity documents used
and the processes whereby they are issued. As noted by Smith, the solution to this
is
not so much in increasing the number of points in proof of identity documents
required, but in improving the security features of documents, enabling staff who
inspect documents for authenticity to be able to detect counterfeits and to verify the
information contained on documents with the issuing source, and for alternative
means of identification to be used, such as interviews, or biometrics.483
480 Suresh Cugnasen and David Lacey, Identity Fraud in Australia: An Evaluation of its Nature, Cost
and Extent (2003), 115. See also Russell Smith, 'Examining the Legislative and Regulatory Controls on Identity Fraud in Australia' (Paper presented at the Marcus Evans Conferences, Corporate Fraud Strategy: Assessing the Emergence of Identity Fraud, Sydney, Australia, 2002). The Ontario Government has recently initiated a program through the Ministry of Transportation to make the Ontario driver’s licenses more secure and more difficult to counterfeit: Ontario Ministry of Government Services, Mcguinty Government Protects Homeowners From Real Estate Fraud (2006) <http://www.gov.on.ca/MGS/en/News/054411.html> at 13 October 2006. The new security features include a new holographic overlay, micro-text printing, and ultraviolet ink. The holographic overlay design is intended to reduce attempts at information alteration and photo substitution, and to make any alteration attempts or tampering evident. The ultraviolet ink printing was added to the front of the card to assist in differentiating a counterfeit card from a legitimate one: Law Society of Upper Canada, Security Features of the New Ontario Driver's License (2005) <http://www.lsuc.on.ca/media/may0505fraudsmartsaddendum.pdf> at 25 May 2006.
481 Russell Smith, 'Best Practice in Fraud Prevention' (Australian Institute of Criminology, 1998), 5. Smith notes that the effectiveness of such security features is dependant on the person validating the identity to be familiar with all these features. There is also the possibility of sales staff being subject to intimidation or violence if they refuse to process the transaction: 5.
482 Ibid 5. In Ontario, for example, in the 2nd Annual Real Estate Law Summit held by the Law Society of Upper Canada’s CLE program in 2005, one of the program’s speakers spoke about the different types of identification used in Canada and how to detect forgeries: Ben Hengeveld, 'Fraud Smarts - Identity/Personation/Mortgage Fraud' (Paper presented at the The 2nd Annual Real Estate Law Summit, Toronto, Canada, 6 & 7 April 2005).
483 Russell G Smith, 'Addressing Identity-Related Fraud' (Paper presented at the Cards Australasia 2003, Melbourne, 2003), 11.
257
7.7 Fraudulently accessing, preparing, digitally si gning and lodging
instruments for registration
As noted in Chapter 6, implementation of an electronic registration system may
open up a new opportunity for fraud, because in an electronic registration system, it
is likely that clients will sign a form authorizing a user of the system to digitally sign
electronic land title instruments on their behalf. It was found in Chapter 6 that if the
fraudulent person has access to the system and is able to use a digital
certificate/PSP for digital signature purposes, fraud may be perpetrated by simply
accessing the system, preparing the necessary electronic instrument, digitally
signing it and lodging it for registration.
The various ways in which fraudulent persons may acquire access and/or the ability
to digitally sign instruments on behalf of clients were examined in detail in Chapter
6. It was also noted that this type of fraud may also be possible if the system’s de-
registration process is ineffective or has been compromised.
The following section examines measures that could be used to minimise this type
of fraud, by securing both the digital certificate/PSP used for digital signatures and
the de-registration processes. Where a fraudulent person has managed to obtain
access and the ability to digitally sign instruments, or if there is a failure of the
system’s de-registration process, or if the fraudulent person is already a legitimate
user with access and digital signing privileges484, this section will also examine
whether the electronic registration system could incorporate safety mechanisms to
act as a check or safeguard against this type of fraud. Measures to secure access
will not be the focus of this research because, as was observed in Chapter 6, in
order to successfully perpetrate this type of fraud, the fraudulent person must not
only be able to access the system, he or she must also be able to digitally sign any
instrument prepared on the system. The conclusion is that the security of digital
certificates/PSPs used for digital signatures is more important than the security
measures concerning access to the system.
7.7.1 Measures to secure the digital certificate/PS P for digital signatures
Chapter 6 found that security of digital certificates/PSPs may be affected if there has
been a compromise of the registration process for obtaining them or if the fraudulent
484 Note that measures discussed in [7.8] on minimising internal fraud will also be applicable in these
situations where the fraudulent person is a legitimate user of the system and where the fraudulent person is employed by an organisation to use the system. Measures in [7.8] will not apply in situations where the fraudulent person is a legitimate user of the system and is self-employed.
258
person is able to gain access to or obtain a digital certicate/PSP and knows or can
obtain the password to activate it. A fraudulent person may be able to obtain or gain
access to a digital certificate/PSP where:
• the authorised user is careless about where the digital certificate/PSP is
kept, or loses it, or shares its use with the fraudulent person;
• there is an insecure method of generating a digital certificate/PSP, although
the fraudulent person must still know the password to activate it;
• there is an insecure method of issuing the digital certificate/PSP although the
fraudulent person must still know the password to activate it.
The fraudulent person may also be able to obtain the password required to activate
the digital certificate/PSP where:
• he or she is able to guess the password or use dictionary attacks to obtain it;
• if the user tells or shares his password with him or her;
• if the user writes down the password and puts it in a place that is easy to
find;
• phishing attacks are used and the authorised user, as a victim of the
phishing attack, provides the fraudulent person with his or her password;
• malicious software, such as worms, viruses and Trojan horses, is used to
capture the password.
Hence, measures to secure digital certificates/PSPs must be aimed at:
• strengthening the registration processes for obtaining them;
• ensuring that secure methods for generating them are used;
• ensuring that secure storage locations and secure usage practices are used;
• ensuring that passwords are kept secure.
These are considered in the next section.
259
7.7.1.1 Strengthening the registration process for obtaining digital
certificates/PSPs 485
As noted in Chapters 4 and 6, there are essentially two ways in which the
registration process may be administered486:
• each prospective user is required to provide identification; and
• a nominating officer may nominate persons for digital certificates/PSPs.
Chapter 6 found that there are various ways in which a fraudulent person may
circumvent the registration process to obtain a digital certificate/PSP:
• by impersonating someone in the class of persons able to apply for digital
certificates/PSPs (for systems requiring identification from each prospective
user) or impersonating the nomination officer (identity fraud);
• by colluding with an officer responsible for verifying identity and issuing
digital certificates/PSPs to register the fraudulent person and issue him or
her with a digital certificate/PSP;
• by colluding with the nominating officer to nominate the fraudulent person
(where nominations are used);
• if the fraudulent person is an employee of the entity responsible for
registering prospective users, he or she could issue himself or herself, or a
fictitious person, with a digital certificate/PSP.
Measures to prevent circumvention of the registration process where the fraudulent
person is an employee of the system or where he or she colludes with someone
internal to the system will be dealt with in [7.8] below, under internal fraud, because
in these situations, the fraud depends on the assistance of persons internal to the
system.
485 As noted in Chapters 4 and 6, some systems (such as the Ontario system) may use digital
certificates/PSPs for both access and digital signatures. In these systems, there is only one registration process – a prospective user who successfully undergoes the registration process to be an authorised user of the system would be issued with a digital certificate/PSP for access and digital signatures. For these systems, the discussion in this section applies to the registration process to be an authorised user of the system.
486 As noted in Chapter 4, usually an entity, known as the certification authority (CA) would be responsible for administering the registration process as well as for distributing digital certificates/PSPs. In some circumstances, one entity may be responsible for both the issuing of the certificates and the registration process. In other PKI systems, this role may be divided between two different entities, with the CA issuing the certificates and another entity called the registration authority (RA) carrying out the registration process.
260
To prevent circumvention of the registration system by impersonation, since this
type of fraud may be classed as identity fraud, the measures discussed above for
the prevention of identity fraud will be applicable here, in particular:
• the adoption of a strict identity verification process by which to screen
applicants who wish to become users. Where the registration process is by
nomination, it will be the identity of the nominating officer who would need to
be verified. In situations where the nominations appear suspicious, the
employee responsible for verifying identity should consider contacting the
nominating officer to confirm the nomination; and
• education and training for employees involved in verifying the identity of
applicants.
Where the applicant is applying as a solicitor or conveyancer, the identity verification
process could also involve verifying that the applicant is indeed an existing licensed
solicitor or conveyancer. Perhaps a fraud database similar to the one described for
identity fraud could be used here. The database could be maintained by the system
with details of all fraudulent identity attempts. Employees responsible for verifying
identity of prospective applicants could cross-reference the names of these
prospective applicants with the database.
It is noted that, as observed in [7.6.5], the security of the registration process is
entirely dependent on the persons responsible for administering the registration
process acting with care and due diligence to ensure that only legitimate applicants
are issued with digital certificates/PSPs. The discussion in [7.6.5] and [7.3.1.4] on
how they might be encouraged to exercise care and due diligence, including
education and training, is applicable here.
It was also observed in Chapter 6 that a registration process that requires all
applicants to submit identification may be more secure than allowing one applicant
to nominate others, because it means that each individual’s identity will be
independently verified. Where nominations are allowed, the integrity of the process
261
is dependent on the nominating officer.487 Thus, an electronic registration system in
Australia, if it is to use a Gatekeeper-compliant digital signing certificate, should
consider using a Type 1, Grade 2, digital signing certificate rather than an ABN-DSC
digital signing certificate. As discussed in Chapter 4, a Type 1 digital certificate
requires each applicant to complete a personal identification check, requiring the
applicant to provide evidence that satisfies the 100-point identity check.
7.7.1.2 Secure methods for generating digital certi ficates/PSPs 488
It is beyond the scope of this research to examine in detail the different types of
technology that may be used by the entity responsible for administering digital
certificates/PSPs to ensure that methods of generating digital certificates/PSPs are
secure and that only legitimate users will be provided with the means to generate
digital certificates/PSPs. The purpose of this section is to provide, for the various
electronic registration systems in operation that were discussed in Chapter 4,
examples of the methods used in these systems.
The New Zealand system, for example, issues the codes for generating the digital
certificate in two parts, one part to the authorised user and the other to the trusted
contact. Both parts are required before the authorised user may generate the digital
certificate. It can be claimed that issuing the codes in two parts provides more
security than if the codes are issued directly to the authorised person. The Ontario
system, on the other hand, requires the user to answer a series of questions before
being able to generate the PSP. These questions are drawn from those asked 487 Perhaps one solution to strengthen the integrity of this process may be to impose an obligation on
the nominating person to ensure that the identities of all nominees have been verified. For example, in the proposed EC System, the EC System Rules, which has contractual effect binding upon the Subscriber and the Registrar, imposes an obligation on the Subscriber to represent and warrant to the Registrar that the Subscriber took reasonable steps to verify that the Recipient of the Child PKI Certificate was the Holder of the Child PKI Certificate: see Department of Sustainability and Environment, Electronic Conveyancing – Registrar’s Requirements Release 2 (2007) 15 <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008. The terms ‘recipient’, ‘holder’, ‘child PKI certificate’ and ‘PKI certificate’ are defined in the EC System Rules as follows: “Recipient means, for a Subscriber’s PKI Certificate, the individual who is provided with the PKI Certificate when it is first issued by the relevant PKI Provider. Holder means, for a Subscriber’s PKI Certificate, the individual identified in the Subscriber’s PKI Certificate as the holder of that PKI Certificate. Child PKI Certificate means, for a Subscriber, a PKI Certificate issued under a PKI Agreement at the request of one of the Subscriber’s PKI Authorised Officers. PKI Certificate means a set of information referred to as a “digital certificate” which: (a) is minted by a PKI Provider under a Gatekeeper recognised PKI domain; (b) identifies the PKI Provider; (c) identifies the name and ABN of the organisation to which it is issued; (d) identifies the name of the holder of the PKI Certificate; (e) contains the Private Key of the holder of the PKI Certificate; (f) has a complementary Public Key; (g) is digitally signed by the PKI Provider; and (h) is able to be used to digitally sign an electronic message in a manner that cannot be repudiated.”
488 The discussion here would also apply to the issuing of usernames and first time passwords for
systems which use usernames and passwords to control access. A secure method of issuing usernames and first time passwords will assist in improving access security.
262
during the registration process with PASS (the tool used by Teranet for generating
the security profile and setting the pass phrase) and some of them are personal to
the user. Hence it may be said that a fraudulent person would be less likely to be
able to answer these questions and so to fraudulently generate the PSP.
The method in which the codes for generating digital certificates/PSPs are issued
must also be secure, to prevent fraudulent persons from being able to intercept the
codes issued. For example, if emails are used to send these codes, then technology
should be used to keep them secure, such as by encrypting the email.489
A digital certificate/PSP policy guideline may be compiled by the entity responsible
for administering digital certificates/PSPs, outlining its policies on the generation of
digital certificates/PSPs. In this respect, the Internet X.509 Public Key Infrastructure
Certificate Policy and Certification Practices Framework produced by the Internet
Engineering Task Force (IETF) can be used as a guide for formulating such a
policy.490
7.7.1.3 Secure storage and usage of digital certifi cates/PSPs
Where the digital certificate/PSP is stored is an important security consideration,
since different storage locations provide different levels of security. Even though the
fraudulent person will need to know the password in order to use the digital
certificate/PSP, poor storage of the digital certificate/PSP will provide the fraudulent
person with the ability to copy or steal the digital certificate/PSP and, given time, to
guess the password, such as through the use of password cracking computer
programs. Thus poor storage puts the fraudulent person one step closer to being
able to digitally sign instruments. There are several options available for storing the
digital certificate/PSP.491 The simplest and most convenient storage option may be
489 See for example Paul Proctor, The Secured Enterprise (2002), 156 discussing encrypted
communications. 490 See Internet Engineering Task Force, Internet X.509 Public Key Infrastructure Certificate Policy
and Certification Practices Framework, 1999, <http://www.ietf.org/rfc/rfc2527.txt> at 8 April 2008. Also see the certificate policy used by the New Zealand system: Land Information New Zealand, Survey and Title Automation: Landonline Certificate Policy (2004) <http://www.landonline.govt.nz/content/signup/certificate_policy.pdf> at 10 January 2006. The policy may also contain other information such as the suspension and revocation of certificates, procedures used for identification and authentication and disaster recovery procedures. Essentially, the certificate policy ‘is a major document that sets out general requirements that a CA must meet in providing the certification service’: James Backhouse, 'Assessing Certification Authorities: Guarding the Guardians of Secure E-Commerce?' (2002) 9(3) Journal of Financial Crime 217.
491 See Dale Whitman, 'The Robert Kratovil Memorial Seminar in Real Estate Law: Digital Recording of Real Estate Conveyances' (1999) 32 John Marshall Law Review 227, 253.
263
to store it on the user’s hard drive.492 However, this means that any person with
access to the computer will potentially have access to the digital certificate/PSP.
Thus, where the digital certificates/PSPs are stored on the computer, individual
users should consider using computer systems that493:
• require periodic password changes;
• deny access after a specified number of consecutive tries using invalid
passwords;
• use automatic shutdown facilities when they have not been used for a
specified period, following which the user is required to log on again.
Other storage options include the use of a removable device. There are a variety of
removable devices that may be used, such as a floppy disks, memory chip cards,
magnetic strip cards, smart cards and USB drives.494 Using a removable device
allows the user to remove it when it is not in use and store it in a secure place, such
as an office safe. This may provide a stronger security mechanism than simply
storing the digital certificate/PSP on the computer.495 However, some types of
removable devices offer better security than others. Some of these removable
devices (termed ‘secure tokens’) such as cryptographic processor smart cards, PC
cards and USB processor tokens, contain microprocessors and have a non-volatile
memory.496 In these secure tokens, access to the information stored on the token
may be controlled by a password; access may also be disabled after multiple failed
attempts; also they are often tamper-resistant. Thus these tokens offer better
security than other removable devices because the user can remove the token when
it is not in use and store it in a secure location. If a fraudulent person has managed
to obtain the token, he or she must guess the password in order to activate it. Since
access is disabled after multiple failed attempts, the fraudulent person is restricted in
the number of attempts he or she can make in guessing the password. Finally, as
these tokens are tamper resistant, physical attacks on the token to break it open and
492 In New Zealand for example, the digital certificate is stored on the user’s C Drive. 493 See Russell Smith, 'Identity-Related Crime: Risks and Countermeasures' (Australian Institute of
Criminology, 1999), 4. 494 See Niels Ferguson, Practical Cryptography (2003), 353. 495 See Aashish Srivastava, 'Is Internet Security a Major Issue With Respect to the Slow Acceptance
Rate of Digital Signatures?' (2005) 21(5) Computer Law and Security Report 392, 398. 496 See Niels Ferguson, Practical Cryptography (2003), 353. Non-volatile memory means ‘a memory
that retains its data when power is removed’: Niels at 353. Also see National Research Council (U.S) Committee on Authentication Technologies and Their Privacy Implications, Who Goes There: Authentication Through the Lens of Privacy (2003), Richard Smith, Authentication: From Passwords to Public Keys (2002), 260 and Bruce Schneier, Secrets and Lies : Digital Security in a Networked World (2004), 315.
264
extract its data are made more difficult.497 According to Ferguson and Schneier,
secure tokens are ‘currently one of the best and most practical methods of storing
secret keys’.498
The problem is, however, that even if secure tokens are used, users may still
undermine security.499 For example, users may leave the secure token plugged into
a computer even when they are not around. They may write down their passwords
and leave them on the computer. They may share their digital certificate/PSP with
other users, including the fraudulent person, providing an opportunity to use their
digital certificate/PSP.
Ultimately, therefore, it is the diligence of users in keeping their digital
certificate/PSP safe and in adopting secure usage practices that is vital in
preventing fraud. It could be left to individual users’ internal practices and policies on
the types of storage locations they may use for storing digital certificates/PSPs and
on secure usage practices. The problem with this is that some users may not
appreciate the importance of secure storage and usage, or may not understand the
various storage options and levels of security provided. So a more effective method
would be to formulate a set of best practice guidelines to guide users in secure
storage and usage of digital certificates/PSPs.
It is beyond the scope of this research to examine in detail the type of guidelines
that might be used and the manner in which they might be imposed, but this could
form the basis for further research. One method might be to insert into the existing
Law Society Rules of Professional Conduct guidelines regarding digital
certificate/PSP use and storage. An example of this approach is Ontario, where,
recognising the importance of the PSP, the Law Society of Upper Canada approved
additions to the Rules of Professional Conduct that emphasise to lawyers the
importance of maintaining and ensuring the security and the exclusive use of the
lawyers’ PSP.500 Subrule 5.01(7) provides that a lawyer shall not permit others,
including non-lawyer employees, to use the lawyer’s personalized specially
encrypted diskette and shall not disclose his or her personalized e-reg pass phrase
to others. Subrule 5.01(8) provides that when a lawyer has a non-lawyer employee
497 See Niels Ferguson, Practical Cryptography (2003), 354. 498 Ibid 354. 499 Ibid 354. 500 Lawyers' Professional Indemnity Company, Fighting fraud: Protect Security of PSPs (2004)
<http://www.practicepro.ca/LawPROmag/FightingFraud_PSP.pdf> at 4 September 2006.
265
who has a personalized, specially encrypted diskette and personalized e-reg pass
phrase to access the system, the lawyer shall ensure that the non-lawyer employee
does not permit others to use the diskette and does not disclose his or her
personalized e-reg pass phrase to others. The limitation of this method is that these
guidelines would only apply to legal practitioners. Another method may be to require
individual users to agree to certain user obligations upon registration with the
system. An example is the New Zealand system where the applicant must agree to
the Landonline Digital Certificate User Obligations during the registration process.
These obligations require the user to protect the user’s digital certificate from any
compromise and to take all necessary precaution to prevent the loss, modification,
disclosure or unauthorised use of the digital certificate. The user must inform Land
Information New Zealand (LINZ) immediately if the user suspects or knows of the
loss, disclosure or other compromise of his/her digital certificate.501
However, even with a set of best practice guidelines, users still need to comply with
them for them to be effective. Further consideration on how users may be
encouraged to keep their digital certificate/PSP safe is beyond the scope of this
research. As noted above, the least intrusive strategy may be to educate users
about various storage options, the levels of security provided and the importance of
secure storage and usage as a means of fraud prevention.502 The discussion in
[7.3.1.4] regarding the use of education and training and the issues raised therein is
applicable here. Imposing penalties for non-compliance may be another strategy for
encouraging compliance. However, this raises further issues including:
• what type of penalties might be imposed;
• how might these penalties be imposed;
• whether it would be reasonable to impose such penalties; and
• the impact of imposing them on user liability.
An in-depth examination of the use of penalties as a strategy to encourage
compliance is beyond the scope of this research but could form the basis of further
studies.
501 The Digital Certificate User Obligations is available at Land Information New Zealand, Landonline
Digital Certificate User Obligations <http://www.landonline.govt.nz/content/general/tc-obligations-obligations-full.asp> at 19 January 2006. See also the Landonline Remote Access – General Terms and Conditions: Land Information New Zealand, Landonline Remote Access - General Terms and Conditions <http://www.landonline.govt.nz/content/general/tc-obligations-tc-full.asp> at 19 January 2006.
502 Niels Ferguson, Practical Cryptography (2003), 354.
266
7.7.1.4 Secure selection and use of passwords
As seen in Chapter 6, password selection is critical to the security of the system. As
noted by Albrecht, passwords can be the ‘[A]chilles’ heel of many systems’.503
Where password selection is left to the users of the system, users generally tend to
select passwords that are memorable, such as mothers’ maiden names, birthdays,
and other personal information.504 Whist they may be easy to remember, they are
also easy to guess and therefore susceptible to dictionary attacks. Albrecht also
noted that it is also common to find users who share their passwords with others, or
write down their passwords or re-use passwords for various applications so that the
same password is used to access a secure work-related system as well as for other
less secure applications such as Internet email.505 Hence a fraudulent person who is
able to guess the password for the Internet email would be able to use that same
password to access all other applications which use the same password. In addition,
as seen in Chapter 6, users may also fall prey to various malware attacks or
phishing attacks.
One possible solution for the problem of poor choice of passwords may be to restrict
the types of passwords that users may use, forcing users to select stronger
passwords.506 According to Smith, there are generally three ways of doing this507:
503 Steve Albrecht, Conan Albrecht and Chad Albrecht, Fraud Examination (2nd ed, 2006), 575. 504 See for example Richard Smith, Authentication: From Passwords to Public Keys (2002), 42:
‘Stories abound of people using their own names, family names, computer names, and other obvious words as passwords’ and at 87: ‘Numerous studies of computer user behaviour have shown that many people in any reasonably sized computer user population will choose memorable words for passwords’; John Brainard et al, 'Fourth Factor Authentication: Somebody You Know' (Paper presented at the Proceedings of the 13th ACM Conference on Computer and Communications Security, Virginia, 2006); Shirley Gaw and Edward Felten, 'Password Management Strategies for Online Accounts' (Paper presented at the Proceedings of the Second Symposium on Usable Privacy and Security SOUPS, Pittsburgh, 2006) and Benny Pinkas and Tomas Sander, 'Securing Passwords Against Dictionary Attacks' (Paper presented at the Proceedings of the 19th ACM Conference on Computer and Communications Security, Washington, 2002).
505 Steve Albrecht, Conan Albrecht and Chad Albrecht, Fraud Examination (2nd ed, 2006), 575. Also see National Research Council (U.S) Committee on Authentication Technologies and Their Privacy Implications, Who Goes There: Authentication Through the Lens of Privacy (2003); Blake Ives, Kenneth Walsh and Helmut Schneider, 'The Domino Effect of Password Reuse' (2004) 47(4) Communications of the ACM 75, 76: ‘Users who reuse passwords often fail to realize their most well-defended account is no more secure than the most poorly defended account for which they use that same password’; J Alex Halderman, Brent Waters and Edward W Felten, 'A Convenient Method for Securely Managing Passwords' (Paper presented at the Proceedings of the 14th International Conference on World Wide Web WWW, Japan, 2005), 471: ‘One common practice we have observed is to choose a single strong password and use it for many accounts. The danger, of course, is that an attacker could learn the password from one account and guess other places where the user is likely to use the same login information’.
506 See Richard Smith, Authentication: From Passwords to Public Keys (2002), 94 and Benny Pinkas and Tomas Sander, 'Securing Passwords Against Dictionary Attacks' (Paper presented at the Proceedings of the 19th ACM Conference on Computer and Communications Security, Washington, 2002), 169.
507 Smith ibid 94.
267
• for the system508 to use a password cracking program to find weak
passwords; when one is found, the system advises the user to choose a
better password;
• for the system to use a automatic password generator program to generate
passwords for its users so that users no longer choose their own passwords;
• for the system to check passwords proactively. Every time a user changes a
password, the system checks the new password against various password
construction rules to ensure that the new password chosen is of sufficient
strength.
The problem with this solution is that users may find ways to circumvent these
forcing mechanisms, particularly if they cannot remember passwords they are forced
to use. They may resort to writing down the password, thereby defeating the whole
purpose of requiring users to have strong passwords. These users may continue
sharing their passwords with others or continue re-using these passwords.
Thus, similar to the conclusion drawn above, ultimately it is the vigilance of users in
choosing strong passwords that is vital in preventing fraud. How may users be
encouraged to select strong passwords and to adopt secure password usage
practices? Should it be left to individual users’ internal practices and policies as to
the choice of passwords and secure usage practices? The problem with this is that
users may not understand the importance of selecting strong passwords or of not
sharing passwords or re-using passwords. A more effective approach may to
formulate a set of best practice guidelines to guide users regarding password
selection and rules of usage. These guidelines could contain certain rules regarding
password selection and usage, for example:509
• Passwords must be at least six characters long
• Passwords must contain a mixture of letters (both upper and lower case),
digits and punctuation characters
508 The system here refers to the electronic registration system and the entity managing the system.
However, as seen in chapter 4, it may be possible in an electronic registration system that a different entity be used to manage registration and distribution of digital certificates/PSPs. In the proposed NECS for example, applicants wishing to digitally sign instruments may apply to any Gatekeeper accredited entity issuing Gatekeeper digital signing certificates. In this type of system, two passwords are used, one to access the system, the other to activate the digital certificate/PSP (assuming that the digital certificate/PSP is stored on a device that requires password protection). In this situation, it is the password to activate the digital certificate/PSP that must be monitored and kept secure. Perhaps there might be some liaison between the entity issuing the digital certificate/PSP and the entity managing the electronic registration system in using these programs to monitor password selections.
509 See Richard Smith, Authentication: From Passwords to Public Keys (2002), 156 and Land Information New Zealand, Landonline Security <http://www.landonline.govt.nz/content/general/security.asp> at 17 January 2006.
268
• Passwords must never be shared
• Passwords must be memorised. If a password is written down, it must be
locked up
• For password replacements, an entirely new and different password must be
chosen. Users may not add a sequential number or other character to the
end of their old passwords.
Use of best practice guidelines raises similar issues as canvassed above, namely,
the type of guidelines that may be used and the manner in which the guidelines may
be imposed, but this could form the basis for further research. As noted above, one
method might be to insert into existing Law Society Rules of Professional Conduct
guidelines regarding password use. In New Zealand, for example, in accordance
with Rule 3.04 of the Rules of Professional Conduct for Barristers and Solicitors510, a
lawyer must ensure that the password for his/her digital certificate is not disclosed to
anyone. The password must not be written down and must not be shared with
anyone, including partners in the firm. The limitation here is that these rules will only
apply to legal practitioners and there may be other classes of users who are not
legal practitioners who may be allowed to digitally sign instruments within an
electronic registration system. Requiring users to agree to certain user obligations
may be another method.
However, as noted above, even with a set of best practice guidelines, users must
still comply with them in order for them to be effective. As to what measures may be
used to encourage compliance with these guidelines, the least intrusive strategy, as
noted above, might be to educate users on the importance of selecting strong
passwords and abiding by secure password usage.511 In addition, education could
510 Rule 3.04: A practitioner must not allow use of his or her Digital Certificate (DC) or the associate
password by any other person: Commentary: (1) A Digital Certificate (DC) with certifying and signing privileges issued to a practitioner for the purpose of eDealing in Landonline is the electronic equivalent of a practitioner’s personal signature. Use of the DC for certifying and signing allows direct transfer or property rights. Every practitioner accepts full responsibility for the consequences of the use of his or her Digital Certificates. (2) The DC must be used only by the practitioner personally. The Rules are available from New Zealand Law Society, Rules of Professional Conduct for Barristers and Solicitors (2004) <http://www.lawyers.org.nz/about/profcon.htm> at 19 January 2006. In New Zealand, the digital certificate is used to electronically sign documents. See: Land Information New Zealand, Landonline Security <http://www.landonline.govt.nz/content/general/security.asp> at 17 January 2006.
511 See Blake Ives, Kenneth Walsh and Helmut Schneider, 'The Domino Effect of Password Reuse' (2004) 47(4) Communications of the ACM 75, 78; Anne Adams and Martina Sasse, 'Users Are Not the Enemy' (1999) 42(12) Communications of the ACM 41, 46: ‘Provide instruction and training on how to construct usable and secure passwords’ and National Research Council (U.S) Committee on Authentication Technologies and Their Privacy Implications, Who Goes There: Authentication Through the Lens of Privacy (2003)
269
also be provided to users about phishing scams and malware threats, so that they
are aware of these scams so as not to fall prey to them. Users could also be
educated on how to use anti-virus software and firewalls to enhance the security of
their computer systems. In this regard, guidelines may also be formulated
incorporating a set of best practice rules for overall computer network security.
Where there has been an attempted attack on the system or if there is malicious
software circulating, the system could also provide email alerts to warn its users not
to fall prey to these attacks.
Imposing penalties for non-compliance may be another strategy for encouraging
compliance; the analysis in [7.3.1.4] applies here.
7.7.2 Measures to strengthen the de-registration pr ocess
As noted in Chapter 6, the fraudulent person could also be someone who had been
an authorised user of the system, but should have been removed from it for some
reason or other but was not, and so is able to continue accessing the system,
prepare instruments, digitally sign and lodge them for registration and so perpetrate
the fraud, because he or she remains on the system’s list of authorised users.
To prevent this type of fraud, the system will need to adopt stringent procedures for
removing users who are no longer authorised to use the system or to certify and
sign instruments created on it. This should include procedures for revoking the
digital certificate/PSP so that it may no longer be used for digital signing.
This requirement should be extended to all organisations within the system
employing individuals with access to the system, such as law firms, banks, the Land
Registry and the entity administering the electronic registration system. These
organisations should ensure that they have adequate procedures for terminating a
person’s employment, which at a minimum should cover:
• closing all his or her points of access to the office and computer systems
including keys, login accounts, and passwords;512
• requiring the former employee’s co-workers to change their passwords if
they had been sharing them with him or her.
512 Lawyers' Professional Indemnity Company, Managing the Security and Privacy of Electronic Data
in a Law Office (2005) <http://www.practicepro.ca/practice/pdf/ManagingSecurityPrivacy4print.pdf> 48.
270
An in-depth examination of termination procedures is beyond the scope of this
research but could form the basis of further studies, which in particular might
conduct further research into the processes the system could use to ensure timely
and accurate de-registration of its users, including:
• whether the system should simply rely on notification by users that they
should be removed from the system; or
• whether the system make its own independent checks and if so, how this
can be done.
7.7.3 Safety mechanisms
As can be seen from the above discussion, there are potentially fraudulent persons
who do not have access or digital signing privileges, those who have access but do
not have digital signing privileges, and those who should have been de-registered
from the system but were not. Whether these groups can perpetrate this type of
fraud largely depends on:
• management of registration, generation and distribution of the digital
certificates/PSPs in such ways that employees are vigilant during the
registration process and that secure means of generation and distribution are
used;
• employment of robust de-registration processes;
• users securely storing their digital certificates/PSPs, selecting strong
passwords and adopting secure practices in password usage.
This type of fraud may be perpetrated in circumstances where these groups of
fraudulent persons are able to take advantage of weakness in any of these three
factors, or where a fraudulent person is someone internal to the system (such as
solicitors) or is able to collude with someone internal to the system.
This section will now go on to examine whether, in these circumstances, certain
safety mechanisms may be adopted to act as a check on this type of fraud.
In the paper registration system, the requirement that the certificate of title had to be
produced before a dealing may be registered acted as a safeguard against fraud
because it meant that only those fraudulent persons who had access to the
certificate of title could perpetrate fraud. Hence Hammond’s finding that production
of the certificate of title operated as an effective safeguard against fraud by persons
unknown to the victim of the fraud, because these persons generally do not have
271
access to the certificate of title.513 Chapter 6 noted that certificates of title may be
retained in an electronic registration system and observed that, assuming that the
use of certificates of title will follow the proposed Victorian system, the requirement
that an electronic certificate of title must be nominated to the transaction before the
transaction can proceed may act as a safeguard against this type of fraud. The
reason given was that this requires the fraudulent person to take that extra step – to
either obtain the paper certificate of title so that it may be converted into an
electronic certificate of title and nominated to the fraudulent transaction or to direct
the authorised user in control of the electronic certificate of title to nominate it to the
fraudulent transaction. Nomination of the electronic certificate of title then
demonstrates that the transaction lodged is a genuine transaction.
The problem with this is, as revealed in Chapter 6, is that there are various ways of
fraudulently obtaining the paper certificate of title or of fraudulently nominating an
electronic certificate of title to a transaction. The paper certificates of title may be
forged. Or if, as in the proposed Victorian system, authorised users are given control
of certificates of title in electronic format, then the need for certificates of title will not
act as a safeguard against fraud perpetrated by these authorised users; they may
simply prepare a transaction, nominate the electronic certificate of title to the
transaction, digitally sign it and lodge it for registration. These transactions would
appear on the face of it to be legitimate transactions.
What other safety mechanisms may be used?
7.7.3.1 Permanent client identification numbers
Another strategy may be to issue identification numbers (client IDs) to registered
owners of land and to require this number to be entered into the electronic
transaction before the transaction can be accepted for lodgement by the relevant
Land Titles Office.514
513 Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on
Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115, 130: ‘the statistics show that production of a duplicate certificate of title operates as an effective safeguard against third party fraud…However, the existence of a duplicate certificate of title is less effective as a safeguard where ‘trusted agents’, friends or family are involved in the fraud’. This was discussed in chapter 3.
514 This safety measure was suggested by Thomas, for the New Zealand electronic land registration system. See: Catriona MacLennan, 'Mortgage Frauds Prompt Calls for System Changes' (2006) 2 Law News 1. Also see Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115 (issuing of a folio identification number or electronically recognised number (such as a PIN) upon registration to the registered proprietor or mortgagee. This number would have to be produced at settlement to enable registration of subsequent dealings, be they transfers or mortgages).
272
This may make it more difficult to perpetrate fraud, because the fraudulent person
would need to know the identifier to successfully lodge the transaction. This is
similar to using an electronic certificate of title, except that in that case, these are in
the control of the authorised user of the system, whereas it is the registered
proprietor who is in control or in possession of client ID.
The drawback with such a measure is that it may be very costly and time consuming
to implement, as it requires IDs to be issued to all registered proprietors and, like
passwords, they need to be kept secure. However, if these IDs are not used
regularly, it is very likely that they will need to be written down. These records may
then be lost or stolen or fraudulently accessed in similar ways to the paper certificate
of title.515
It may not prevent fraud in situations where the fraudulent person is able to
impersonate a client and obtain a client ID from the system or in situations where
the client shares the ID with the fraudulent person. For example, the client may
contact an authorised user for a legitimate transaction and share the ID with him or
her, so it can be entered into the transaction. The authorised user can then
remember this ID for future fraudulent transactions.
The use of client ID also raises other issues including:
• who should be responsible for assigning these client IDs?
• when and how should client IDs be assigned? In particular, the transmission
of the client ID to the registered proprietor must be secure, to prevent
fraudulent persons from intercepting the transmission and finding out the
client ID;
• should the client ID be linked to the registered proprietor or to the land? For
example, if the registered owner sells the property, will the new owner take
over the client ID of the previous owner or will a new client ID be issued?
7.7.3.2 One-off client identification numbers
Another variation to the use of assigned permanent identifiers or client IDs might be
to assign a fresh or one-off identifier for each transaction. For example, if a
515 See Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on
Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115, 133: ‘The main problem with the issuing of an electronically recognized number over land is that unlike bank accounts, it is uncommon for people to make regular dealings over their land. A person could be issued with a number in 1999 and not need to use it again for 10-15 years. In the meantime, the electronic number would have to be recorded somewhere for future usage. This record could be lost or accessed by someone else in similar if not more circumstances than the current paper duplicates could be’.
273
registered proprietor wishes to sell his or her property, he or she first applies to the
system for an identifier, and then sees an authorised user who creates the electronic
transaction. The identifier is entered into the transaction, by the authorised user or
the registered proprietor. Once the transaction is complete, the identifier becomes
obsolete. This removes the problem with permanent identifiers that a fraudulent
person with knowledge of the identifier from a legitimate transaction may use it for
future fraudulent transactions. However, the use of one-off identifiers would be faced
with similar drawbacks as permanent identifiers, that is:
• such a measure would very costly and time consuming to implement as it
requires identifiers to be issued for every single transaction;
• it may not prevent fraud in situations where the fraudulent person is able to
impersonate a registered proprietor and obtain an identifier from the system.
The issues raised earlier for permanent identifiers would also apply here.
An in depth examination of these issues is beyond the scope of this research but
may form the basis of future studies. Also included in this research may be an
examination of the overall viability of using this or similar mechanisms as a fraud
prevention measure.
7.7.3.3 Notification mechanism
This mechanism does not prevent fraud; but merely assists in detecting it, by
enabling the Land Titles Office to issue a notice to the registered owner of the land
whenever an electronic document that purports to effect a transfer or mortgage of
the land is delivered to the electronic land registration database by direct electronic
transmission. This measure is currently being used in Saskatchewan, Canada.516 It
is also a measure that was recently introduced by way of the Ministry of Government
Services Consumer Protection and Service Modernization Act 2006517 in Ontario to
enhance existing protection to Ontario homeowners from real estate fraud.
Using this measure, if a fraudulent person creates a transfer of property to his or her
name, digitally signs the transfer and it is registered, the victim will receive a
516 See Norman Siebrasse, 'Report on Land Title Practices and Fraud' (Canada Mortgage and
Housing Corporation, 2003) [5.7.1]. 517 Ministry of Government Services Consumer Protection and Service Modernization Act 2006 s
14(3) amending s 23 of the Land Registration Reform Act 1990 and adding s 23(4) which provides that ‘[W]hen an electronic document that purports to effect a transfer or charge of land is delivered to the electronic land registration database by direct electronic transmission, the Director of Land Registration may have a notice of the delivery issued to the registered owner of the land by the means that Director specifies’.
274
notification from the Land Titles Office that the property has been sold, thus alerting
him or her to the fraud. This mechanism does not prevent the fraud from occurring
but it may prevent future frauds from being perpetrated by that fraudulent person. If
the fraud is detected quickly enough, it may even prevent the fraudulent person from
absconding with the proceeds. So the effectiveness of notification statements will
depend on the speed in which they are delivered.
The viability of using such a mechanism is beyond the scope of this research but
may form the basis of future studies.
7.8 Preventing internal fraud
Chapter 5 noted that certain types of fraud can be perpetrated by insiders or in
collusion with insiders. Examples include:
• solicitors with access to the system and digital signing privileges;
• law clerks who may have access but no signing privileges;
• employees of the entity managing the electronic registration system;
• employees of the entity managing the distribution of digital certificates/PSPs.
Any fraud perpetrated by these individuals, whether alone or in collusion with others,
may be classed as internal fraud. Recent surveys have shown that this is a growing
problem for organisations; for example, a KPMG survey conducted in 2004 found
that the most common perpetrators of the major frauds identified in the survey were
people internal to the organisation and that employees who commit fraud usually act
alone (75% of cases) but occasionally collude with parties inside or outside the
organisation.518
These individuals are able to perpetrate fraud because they have inside knowledge
of the organisation and/or the electronic registration system. As noted in Chapters 5
and 6, solicitors who use the system, for example, have a strong opportunity to
perpetrate fraud because they have access to the system and can digitally sign
instruments on behalf of clients. Employees of the entity managing the system may
also perpetrate fraud as they may have a high level of control over the internal
systems for managing the system.
518 KPMG, 'Fraud Survey 2004' (KPMG, 2004), 16 & 19. Also see Anthony Riem, 'The Weakest Links'
(2006) 16(2) Intersec 36, 37 noting that in the United Kingdom, a ‘large percentage of fraud continues to be committed internally, with businesses failing to identify and deal with this type of fraud until it is often too late’.
275
As noted by Smith:
The administration of modern technologically-based security systems involve a wide
range of personnel – from those engaged in the manufacture of security devices to
those who maintain sensitive information concerning passwords and account records.
Each has the ability to make use of confidential information or facilities to commit fraud
or…to collude with people outside the organisation to perpetrate an offence.519
This section will identify measures that could be adopted by employers within the
system to prevent internal fraud, termed ‘internal fraud controls’. It has been noted
that these are crucial in preventing and detecting internal fraud.520
These controls are those implemented by an employer to prevent fraud by
employees. Hence in terms of an electronic registration system, organisations
responsible for adopting these internal fraud controls are those whose employees
have access to the system, such as law firms, banks, the entity managing the
system and the one responsible for managing digital certificates/PSPs. These
organisations must be confident that the staff they employ are trustworthy and will
not perpetrate fraud. So these controls would not be relevant where the fraudulent
person is self-employed, for example, a solicitor who is a sole practitioner, for whom
the measures discussed in [7.7] would be relevant.
It is beyond the scope of this research to examine in detail the various types of
internal controls that may be used to minimise internal fraud. Rather, it will provide a
brief examination of several common known types of internal controls that have
been suggested to be vital in minimising internal fraud.521 These are:
• entry controls;
• regular monitoring of personnel;
• use of audit trails;
• education and training;
• creating an anti-fraud culture;
519 Russell Smith and Adam Graycar, 'Identifying and Responding to Corporate Fraud in the 21st
Century' (Paper presented at the Australian Institute of Management, Sydney, 2003), 8. 520 KPMG, 'Fraud Survey 2004' (KPMG, 2004), 22. 521 See for example, Sakurai and Smith – a table of risk factors and fraud prevention measures: Yuka
Sakurai and Russell Smith, 'Identifying and Responding to Risks of Serious Fraud in Australia and New Zealand' (Australian Institute of Criminology, 2003), 5 and Lawyers' Professional Indemnity Company, Fighting fraud: Implement Appropriate Internal Controls (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_Control.pdf> at 4 September 2006.
276
• fraud reporting and response; and
• use of a fraud control policy.
These are discussed below.
7.8.1 Entry controls
It has been said that ‘stringent checking of references and the background of
applicants for employment is a key means of minimising internal fraud risk’.522 Thus
organisations employing individuals with access to the system, including the entities
managing the system and that responsible for managing digital certificates/PSPs
used by the system, should all have proactive hiring procedures, particularly for high
risk positions.523
Some vetting techniques that could be used during the recruitment stage include524:
• psychological testing to determine whether or not the individual meets the
criteria for deviousness, violence, or unsound character; and
• background checks including:
� checking qualifications and, if possible, matching them with up-to-
date registers of members (such as the Law Society for solicitors) or
other publicly available databases;
� checking the names of educational establishments attended and
whether the person actually attended them;
� probing gaps in career history and reasons for previous employment;
� checking for any criminal records;
� checking the applicant’s financial credit history to see whether he or
she is experiencing “serious financial hardship”,525 because financial
hardship may indicate that the applicant may be motivated to
perpetrate fraud during employment to ease this.
522 Yuka Sakurai and Russell Smith, 'Identifying and Responding to Risks of Serious Fraud in
Australia and New Zealand' (Australian Institute of Criminology, 2003), 3. 523 Steve Albrecht, Conan Albrecht and Chad Albrecht, Fraud Examination (2nd ed, 2006), 91. 524 See for example: Australian Institute of Criminology, 'Crimes Against Business: A Review of
Victimisation, Predictors and Prevention' (Australian Institute of Criminology, 2004), 43; David Davies, Fraud Watch (2000), 259 and K Holtfreter, 'Fraud in US Organisations: An Examination of Control Mechanisms' (2004) 12(1) Journal of Financial Crime 88.
525 Holtfreter ibid.
277
7.8.2 Regular monitoring of personnel
Regular supervision of staff is another fraud preventative measure. In particular,
personnel should be monitored in terms of their risk of behaving fraudulently.526
Long-term employees and senior employees who may have acquired knowledge of
the organisation’s security procedure through their employment should be monitored
as well, because they have the greatest knowledge of the opportunities to perpetrate
fraud.527
In monitoring staff, the organisation could use what is termed as ‘red flags of fraud’
to detect potential fraudulent conduct; which can be used to detect the potential for
fraud before it actually happens. They can be used in the pre-employment stage and
during employment to identify or detect applicants most likely to be at risk of
committing fraud. It should be noted that the presence of red flags only suggests a
degree of risk, it does not mean that the person will actually perpetrate fraud.
According to Grabosky and Duffield, the fundamental red flag of fraud is the
anomaly – ‘a variation from predictable patterns of behaviour or, simply, something
that seems out of place’.528 Grabosky and Duffield class these anomalies as
statistical, behavioural or organisational.529 Statistical anomalies include work
related expenses exceeding a certain proportion of someone’s income and unusual
credit card billing patterns, while organisational anomalies refer to the characteristics
of an organisation which differ markedly from those generally regarded as best
practice, such as inadequate systems of communication. It is the behavioural
anomalies that will probably be the most useful. These are unusual patterns of
behaviour that can usually be found in people suddenly changing their lifestyles,
such as living beyond their means or sudden changes in activity. Examples include
situations where an employee530:
• begins to lead an extravagant lifestyle incommensurate with his or her
legitimate income;
• suddenly begins to work long hours;
526 See Russell Smith, 'Best Practice in Fraud Prevention' (Australian Institute of Criminology, 1998),
3. 527 Russell Smith and Adam Graycar, 'Identifying and Responding to Corporate Fraud in the 21st
Century' (Paper presented at the Australian Institute of Management, Sydney, 2003), 9. 528 Peter Grabosky and Grace Duffield, 'Red Flags of Fraud' (Australian Institute of Criminology,
2001), 2. 529 Ibid. See also Adam Graycar and Russell Smith, 'Identifying and Responding to Electronic Fraud
Risks' (Paper presented at the 30th Australasian Registrars' Conference, Canberra, 2002), 5. 530 See Warwick Dolman, 'Fighting Fraud in Law Firms' (2005) (225) Lawyers Weekly 18, 18 and
Steve Albrecht, Conan Albrecht and Chad Albrecht, Fraud Examination (2nd ed, 2006), 124.
278
• consistently fails to take leave;
• indulges in conspicuous spending;
• suddenly has problems with gambling or alcohol; and
• suddenly starts to use the computer outside normal hours or logs in using
passwords of absent or former employees.
These behavioural anomalies accord with the survey conducted by Pricewaterhouse
Coopers and the KMPG survey, which found that the most prevalent motivation for
offenders appears to be greed followed by gambling.531 These anomalies may be
noted by employers within the electronic registration system as an indication that the
employee displaying them should be investigated further.
7.8.3 Audit trails
Audit trails may be used to detect irregularities in electronic transactions in the
electronic registration system. Examples include single property transactions with a
high turn-around rate or where the value of the property in a transaction is suspect.
These transactions may then be flagged and investigated to determine whether they
are genuine or fraudulent. More sophisticated anomaly detection tools can also be
used to monitor and flag individual users’ activity that deviates significantly from a
pre-defined profile.532
If further investigations show that a transaction is fraudulent, it would then be
possible to use the audit trail to trace the fraudulent activity back to the person who
created the transaction and/or digitally signed it. In Ontario for example, because all
users have to use a PSP to access Teranet, an audit trail can be conducted on all
transactions through use of the PSP.533 Whilst this may not prevent the fraud from
occurring, it may prevent future frauds by that person.
The effectiveness of audit trails in detecting fraud will depend on the technological
capabilities of the system and the extent to which the organisation monitors its audit
trails and investigates transactions flagged as suspicious. In addition it should be
noted that, if the fraudulent person uses the digital certificate/PSP of an existing
531 PricewaterhouseCoopers, 'Serious Fraud in Australia and New Zealand' (Australian Institute of
Criminology, 2003), 3 and KPMG, 'Fraud Survey 2004' (KPMG, 2004), 4. 532 Carnegie Mellon Software Engineering Institute, 'Insider Threat Study: Computer System
Sabotage in Critical Infrastructure Sectors' (Secret Service's National Threat Assessment Center & Carnegie Mellon University Software Engineering Institute's CERT® Coordination Center (CERT/CC), 2005), 30.
533 Simon Hally, 'How Secure is E-Registration' (2005) 29(7) Canadian Lawyer 47, 48.
279
user to digitally sign an instrument, then the audit trail will simply point to the owner
of that digital certificate/PSP and not to the fraudulent person.
A detailed treatment of the use and effectiveness of these tools is beyond the scope
of this research but may form the focus of future studies.
7.8.4 Education and training
Education and training of employees is also important in preventing fraud. Education
could cover fraud generally, to raise awareness levels and foster an anti-fraud
culture. It could also educate employees on the importance of exercising care and
vigilance in all matters during the conveyancing process, emphasising that this is a
key factor in preventing fraud.
In addition, educating and training employees in specific areas of fraud prevention
such as those noted above could also be implemented, such as:
• choice and safe usage of passwords;
• safe keeping of digital certificates/PSPs; and
• ways of recognising false identity documents.
A comprehensive program for training and education could also be developed by the
organisation, which could cover matters such as534:
• the frequency of training and education;
• the type of training and education;
• its content; and
• the different types of training that will be covered, such as general
awareness training, specific training, specialist training and induction
training.
7.8.5 Creating an anti-fraud culture
It has been said that creating a positive anti-fraud culture, where employees are
encouraged to be honest, is a vital element in fraud prevention.535 This may include
534 Crime and Misconduct Commission, 'Fraud and Corruption Control: Guidelines For Best Practice'
(Crime and Misconduct Commission, 2005), 79. 535 Warwick Dolman, 'Fighting Fraud in Law Firms' (2005) (225) Lawyers Weekly 18, 18. See also
Steve Albrecht, Conan Albrecht and Chad Albrecht, Fraud Examination (2nd ed, 2006), 66: creating a culture and environment of honesty and high ethics and Davies, David Davies, Fraud Watch (2000), 257: ‘Organisations which successfully promote high standards of ethical conduct have a lower incidence of fraud and find out about fraud incidents earlier’.
280
a statement or charter setting out the organisation’s core values536 and encouraging
whistle blowing, that is, encouraging employees to report co-workers who are
engaging in fraud. A range of educational and awareness strategies including staff
development programs may be required to foster this anti-fraud culture so as to
create an environment that resists fraud and corruption.
7.8.6 Fraud reporting and response
A corollary to creating an anti-fraud culture is that the organisation should have
policies setting out the organisation’s approach to fraud investigation where fraud is
reported or suspected. The organisation should make clear to whom suspicious
activities should be reported, developing clear reporting channels as well as plans
for follow-ups and investigation if necessary.537 The organisation could also set up
an anonymous hotline to encourage reporting of suspicious behaviour. The fraud
response plan should set out clearly the actions that will be taken if fraud occurs; it
could cover issues such as538:
• criteria for evaluating reported suspicions, including the credibility and
motives of the whistle blower and the quality of available evidence;
• how evidence will be gathered and protected;
• the processes for setting up an investigation and the personnel who would
be involved; and
• ensuring that appropriate lessons are learned and actions taken to prevent
future frauds of that nature.
As noted by the US Secret Service and the CERT Coordination Center in their
Insider Threat Study: ‘[E]mployees need to understand that the organization has
policies and procedures in place and will respond to detected security issues in a
fair and prompt manner’.539
7.8.7 A fraud control policy
It is possible to encompass the above internal control measures in a single
document that may be termed a ‘fraud control policy’.
536 Davies ibid 257. 537 Ibid 260. 538 Ibid 262. 539 Carnegie Mellon Software Engineering Institute, 'Insider Threat Study: Computer System
Sabotage in Critical Infrastructure Sectors' (Secret Service's National Threat Assessment Center & Carnegie Mellon University Software Engineering Institute's CERT® Coordination Center (CERT/CC), 2005), 34.
281
Generally speaking, a fraud control policy should contain information that covers
strategies for fraud prevention and detection, and processes for fraud investigation,
prosecution and reporting of cases, as well as training and education.540
For example, the fraud control policy could contain541:
• the company’s stance on fraud, including the company’s value charters or
code of ethics;
• a list of the fraud risks identified in the risk assessment process, including a
prioritisation of these risks and an assessment of their likelihood and impact;
• details of the strategies that will used to manage these risks including:
� allocation of responsibility for implementing the strategies,
� timeframes for implementing them,
� mechanisms for monitoring their implementation.
• details of fraud reporting and investigation procedures, including what will be
done and by whom, when fraud is suspected;
• details about training and education, including strategies and timetables to
ensure that these meet training and awareness requirements.
Individual organisations involved in the conveyancing process could each implement
a fraud control policy specific to that organisation. For example, a law firm using the
electronic registration system could design and implement a fraud control policy
containing the following:
• an outline of the law firm’s structure;
• a statement of the law firm’s philosophy and approach to fraud control,
including a code of ethics or a values charter;
• a summary of the fraud risks faced by the law firm. Part of this would be the
fraud risks discussed in this study, but a full fraud control policy would cover
all the different fraud risks, not necessarily restricted to land title fraud. This
would also include prioritising risks and assessing their likelihood of
occurrence and their impact;
• details of the strategies that could be implemented to address these risks,
including best practice guidelines that should be followed in order to
540 This follows Graycar’s suggestion: Adam Graycar, 'Identity-related Fraud: Risks and Remedies'
(Australian Institute of Criminology, 2002), 6. 541 See for example Commonwealth Attorney-General's Department, 'Fraud Control Guidelines'
(2002) and David Davies, Fraud Watch (2000), 256.
282
minimise these risks. For example, this section could contain the law firm’s
human resource management542 and information security policies543;
• details of allocation of responsibility for implementing the above strategies,
timeframes for implementing them, and mechanisms for monitoring their
implementation and compliance with the strategies;
• details of the law firm’s approach to fraud investigation and prosecution,
including strategies for investigating, collecting of evidence and reporting on
fraud;
• details about training and education, including strategies and timetables to
ensure that employees meet these training and awareness requirements.
The effectiveness of a fraud control policy and the internal controls represented in
the policy in preventing or minimising insider type fraud is very much dependent on
the organisation’s observance of the policy and its contents. Regular monitoring and
continuous review of the policy to refine its content would also be required so that it
remains effective over time.544
7.9 Summary
The analysis above shows that a variety of measures may be implemented to
minimise opportunities for fraud in an electronic registration system. Some of these
measures may be technological, such as the use of automated checks to ensure
that the electronic instrument lodged for registration has not been fraudulently
altered, or the use of automated audit programs to detect unusual transactions.
Other measures may simply be the adoption of certain practices or procedures,
such as:
• an identity verification procedure;
• the practice that authorisation forms should, as far as possible, never be sent
to one party for the purposes of procuring execution by another.
542 See for example the Queensland Treasury report appendix E which deals with Human Resources
Management: Queensland Government Treasury, 'Cost-effective Internal Control Guidelines: Underpinning Agency Performance' (Queensland Treasury, 2002).
543 The International Organisation of Standardisation (ISO) ISO/IEC 17799: Information Security Management may be used as a guide here: International Organisation of Standardisation, ISO/IEC 17799 Information Security Management, <http://www.iso101.com/iso-17799.htm> at 27 June 2007. See also Organisation for Economic Co-operation and Development (OECD), 'OECD Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security' (OECD, 2004).
544 Russell Smith, 'Best Practice in Fraud Prevention' (Australian Institute of Criminology, 1998), 2 and Russell G Smith, 'Defining, Measuring, and Reporting Fraud Risk Within Your Organisation' (Paper presented at the IIR Conference, Applying Risk Management to Implement a Proactive Fraud Prevention Strategy in Financial Services, Sydney, 2001).
283
However, for all these measures, even technological ones, the analysis shows that
their effectiveness is ultimately dependent on the persons using them acting with
due care and vigilance during the conveyancing process. For example, as reviewed
in [7.8.3], the effectiveness of audit trails in detecting fraud is dependent on the
extent to which the audits are monitored and investigated. Prevention of fraud by a
fraudulent person accessing, preparing, digitally signing and lodging instruments for
registration requires, in part, secure storage devices for storing digital
certificates/PSPs as well as secure selection and usage of passwords. This, in turn,
is again dependent on the user of the digital certificate/PSP using a secure storage
device, selecting a secure password and using the digital certificate/PSP in a secure
manner. As noted by Hammond, ‘safety mechanisms are only as safe as the people
using them’.545
Hence it could be said that the most important factor in preventing fraud is for all
stakeholders within the conveyancing sector to exercise care and vigilance in all
matters throughout the conveyancing process. This was recognised by Taylor who
observed that the ‘prevention of forgery and other frauds depends upon the utmost
vigilance and care by purchasers and mortgagees and solicitors’.546 In
circumstances or transactions that appear suspicious, those responsible for the
transaction, such as the authorised user involved in the transaction, could take
additional steps to confirm its authenticity. As seen in Chapters 3 and 5, in some
cases, simply taking the extra step of contacting the person made party to a
transaction to confirm instructions or in obtaining a company search and cross
referencing the names on the search with the names on the relevant instrument may
be enough to prevent the fraud.547
545 Celia Hammond, 'The Abolition of the Duplicate Certificate of Title and its Potential Effect on
Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115, 132. 546 Warrington Taylor, 'Scotching Frazer v Walker' (1970) 44 Australian Law Journal 248, 254. See
also the Law Society of Upper Canada’s Report to Convocation on Mortgage Fraud, which noted that to protect against mortgage fraud, ‘due diligence must be practised by all parties at every stage of the process’: Law Society of Upper Canada, 'Report to Convocation: Mortgage Fraud' (Law Society of Upper Canada, 2005), 7; Simon Hally, 'How Secure is E-Registration' (2005) 29(7) Canadian Lawyer 47, 48: ‘[F]raud can happen when professionals don’t perform their due diligence. The problem isn’t the software, it’s the result of not following best practices’.
547 In Rabi v Rosu (2006) CanLII 36623 (Ontario Supreme Court of Justice), [29] – Canadian Legal Information Institute, Rabi v Rosu (2006) <http://www.canlii.org/en/on/onsc/doc/2006/2006canlii36623/2006canlii36623.html> at 8 April 2008 where the fraudulent persons perpetrated identity fraud and fraudulently arranged for the property to be mortgaged, His Honour Justice Echlin observed that ‘the bank could have exercised greater due diligence before advancing a sizeable sum at the request of a mortgagor with whom it had never before had dealings. It delegated dealings to a mortgage broker who had no authority to bind the bank. Important telltale signs of the fraud were missed including the highly unusual failure to convey parking and storage spaces; payment of $30,000.00 to mortgage brokers for a standard mortgage; and the absence of a deposit being paid. If any of these simple matters had
284
Thus measures that may be used to encourage due care and vigilance are also vital
for fraud prevention. What type of measures might these be?
One method might be to use training and education. It was noted in this chapter that
training and education may be the least intrusive and most cost effective method of
encouraging due diligence. The importance of education and training as a fraud
preventative mechanism can also be seen in the increase in training and education
on fraud in Canada. In Canada, the Canadian Institute of Mortgage Brokers and
Lenders (CIMBL) and the Canadian Mortgage and Housing Corporation (CMHC)
have conducted training sessions and fraud awareness sessions across Canada,
educating lenders and brokers on the issue of fraud.548 The Law Society of Upper
Canada developed a CLE program in 2004 to educate its members on land title
fraud.549
Greater cooperation and information sharing amongst the various stakeholders in
the land titling system may also be used in conjunction with education as a general
fraud preventative measure. A national database of real estate fraud cases may also
be established as an aid to combat fraud, by publicising information regarding fraud
or suspected fraud within the Torrens system.550 The use in Ontario of a program
called Real Estate Data Exchange may also be used in Australia. The program is a
central index of key information on disciplinary, enforcement and certain legal
actions taken by regulators of the mortgage, real estate, legal and financial services
industries. Subscribers to the service can use the index to perform checks on
been noticed, the fraud might have come to light’, demonstrating the importance of exercising care and due diligence during the conveyancing process.
548 See Lawyers' Professional Indemnity Company, Fighting fraud: Organizations Collaborate (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_Org.pdf> at 4 September 2006, 21 and Law Society of Upper Canada, 'Report to Convocation: Mortgage Fraud' (Law Society of Upper Canada, 2005), 17.
549 Lawyers’ Professional Indemnity Company ibid 22. See also the initiatives developed in Alberta and British Columbia: Real Estate Council of Alberta, Initiatives to Reduce Mortgage Fraud in Alberta (2005) <http://www.reca.ca/consumer_information/pdfs/RECA_Initiatives.pdf> at 4 September 2006, Law Society of British Columbia, Practice Tips: Fighting Back Against Fraud (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-16_Tips-fraud.html> at 6 June 2006, Law Society of British Columbia, Real Estate Fraud - A Prevention Primer (2005) <http://www.lawsociety.bc.ca/publications_forms/iissues/05-03_risk.html> at 4 September 2006, Law Society of British Columbia, Rules Require Lawyers to Guard Against Fraud (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-03_PCH-fraud.html> at 4 September 2006, and Law Society of British Columbia, Curbing Risk in Real Estate Practice (2006) <http://www.lawsociety.bc.ca/publications_forms/iissues/06-02_risk.html> at 6 June 2006.
550 This national database of real estate fraud cases was suggested by the Ontario Government as a means to ‘combat the cross-border element of this crime’: Ontario Ministry of Government Services, Mcguinty Government Protects Homeowners From Real Estate Fraud (2006) <http://www.gov.on.ca/MGS/en/News/054411.html> at 13 October 2006. The Ontario Ministry of Government Services Consumer Protection and Service Modernization Act 2006 allows for the publication of information regarding fraud or suspected fraud in the land titles system: s 15(12) amending s 163 of the Land Title Act 1990 by adding s 163(0.1).
285
individuals and companies with whom they currently do business, or plan to do so,
making it easier to perform the due diligence needed to reduce fraud.551 Examples
of greater cooperation may be seen in Canada where there has been a marked
increase in recent years in the cooperation between various organisations within the
land titling industry to combat land title fraud. For example, the Ministry of Consumer
and Business Services, Teranet Enterprises Inc and the Lawyers Professional
Indemnity Company (LawPRO) have joined together on a committee to examine
how to work together to deal with fraud and how to prevent it.552 The Canadian
Institute of Mortgage Brokers and Lenders (CIMBL) formed a Mortgage Fraud Task
Force in 2001, comprised of representatives from CIMBL, lenders and mortgage
brokers, insurers and other industry participants to increase fraud awareness within
the industry, the public, the regulatory bodies and law enforcement bodies, and to
develop industry-wide best practice.553
So it may be said that fraud prevention could require the implementation of the
measures analysed in this chapter, together with all industry practitioners and
institutions within the Torrens system acting with care and vigilance and cooperating
in the battle against fraud. As noted by the Law Society of Upper Canada, everyone
involved in the real estate process is responsible for trying to limit the incidence of
fraud.554 Education, training and inter-agency cooperation would be the least
intrusive and most cost-effective method to achieve this and hence are a vital
component in fraud prevention. However, as noted above in [7.3.1.4], if education
and training were to be employed as part of an overall fraud preventative strategy,
issues such as:
• how they might be deployed effectively;
• who should be responsible for compiling the materials for education and
training and for ensuring that those requiring education and training receive
it;
• whether it should be left to individual organisations or be centrally controlled,
coordinated and administered;
551 Law Society of Upper Canada, 'Report to Convocation: Mortgage Fraud' (Law Society of Upper
Canada, 2005), 18. 552 Lawyers' Professional Indemnity Company, Fighting fraud: Organizations Collaborate (2004)
<http://www.practicepro.ca/LawPROmag/FightingFraud_Org.pdf> at 4 September 2006. 553 Canadian Institute of Mortgage Brokers and Lenders Mortgage Industry Fraud Task Force,
'Canadian Mortgage Industry Fraud: White Paper' (Canadian Institute of Mortgage Brokers and Lenders, 2001), 2 & 3.
554 Law Society of Upper Canada, 'Report to Convocation: Mortgage Fraud' (Law Society of Upper Canada, 2005), 16.
286
would need to be further investigated. As noted in [7.3.1.4], these issues are beyond
the scope of this research but may be the focus of future studies.
The analysis in this chapter is represented in the table below.
Type of fraud
Manner of perpetration
Facilitating factors Preventative measures
Effectiveness Issues for further research
Forgery of signature (individual)
Fraudulent person forges the victim’s signature on the authorisation form, user accepts the authorisation form and proceeds with the transaction.
* Fraudulent person is provided with the authorisation form for the purposes of procuring execution by the victim. * Fraudulent person is able to circumvent witnessing requirements by either: - forging the signature of the witness. This can be of a real person or a fictitious person; or - the witness attests to the signature even though it was not signed in the presence of the witness. * User receiving documents appearing on the face of it to be executed and witnessed is entitled to believe that the signatures were signed in the presence of the witness, not usual practice to contact the attesting witness to ensure that witnessing requirements have been followed. * User handling the transaction does not contact all signatories on the authorisation form to confirm instructions.
* As far as possible, authorisation forms be executed in the presence of the user and witnessed by that user * If there is more than one signatory on the form, then all signatories should, as far as possible execute the form in the presence of the user * As far as possible, authorisation forms should never be sent to one party for the purposes of procuring executed by another * Persons who are eligible to witness signatures should not proceed to witness a signature unless it is signed in his or her presence * Users should confirm instructions with all signatories to the authorisation form before proceeding with the transaction.
It may be left to individual user’s internal policies to incorporate these measures into their practices. Submitted that it may be more effective to incorporate these measures into a set of best practice guidelines for the execution and witnessing of authorisation forms. Either way, effectiveness is dependent on user’s level of observance with these practices and on user’s acting with care and due diligence to ensure that the authorisation form has been properly executed and witnessed. Education and training may be one way to encourage users to exercise due care and diligence.
* How may these best practice guidelines be imposed on users of the system? For example should they be imposed contractually or legislatively? * Should penalties be imposed for non-compliance with these guidelines? *What type of penalties may be imposed *How may these penalties be imposed * Would it would be reasonable to impose them * What would be impact of imposing them on users’ liability? * How may education and training be properly deployed to encourage users to practice due care and diligence to minimise fraud? Eg: by individual organisations/users; or should it be centrally controlled and administered?
287
Type of fraud
Manner of perpetration
Facilitating factors Preventative measures
Effectiveness Issues for further research
Forgery of signature (company)
Depends on the manner in which companies execute the authorisation form. (1) If by signature of two individuals authorised to sign on behalf of the company, such as two directors or a director and a secretary – forgery the signatures of these individuals. (2) If by affixing company seal and affixing of the seal must be witnessed by two directors or by a director or a secretary – fraudulently affixing the common seal and attesting to the affixing of the seal.
* Fraudulent person is provided with the authorisation form for the purposes of procuring execution. * Fraudulent person is able to circumvent witnessing requirements. * User receiving documents appearing on the face of it to be executed and witnessed is entitled to believe that the signatures were signed in the presence of the witness, not usual practice to contact the attesting witness to ensure that witnessing requirements have been followed. * User handling the transaction does not contact all signatories on the authorisation form to confirm instructions. * The user preparing the authorisation form is not vigilant in verifying the authority of the individual(s) signing on behalf of the corporate so that the individual(s) signing the authorisation form on behalf of the corporate does not in actual fact have the authority of the corporate to do so.
As above + * User responsible for the transaction should obtain an up-to-date corporate search so as to satisfy himself/herself that the individual(s) signing on behalf of the corporation is authorised to do so. * The user should also cross reference the names on the individuals listed on the corporate search with the names on the authorisation form.
As above. As above.
False power of attorney
Forging the victim’s signature on the power of attorney and using that power of attorney to perpetrate fraud by signing land title instruments on behalf of the grantor of the power of attorney.
*Lack of vigilance by the user handling the transaction in verifying the authenticity of the power of attorney.
*Users to be vigilant in verifying the authenticity of the power of attorney before proceeding with the transaction
It may be left to individual user’s internal policies to follow this practice. It may be more effective to incorporate this into a set of best practice guidelines for the execution and witnessing of authorisation forms by powers of attorney. Either way, effectiveness dependes on the level of observance of this practice and on acting with care and due diligence to ensure that the power of attorney is authentic. Use of education and training to
As above.
288
Type of fraud
Manner of perpetration
Facilitating factors Preventative measures
Effectiveness Issues for further research
encourage due care and diligence.
Fraudulent alterations
* Possibly reduced opportunities to perpetrate this type of fraud. * If possible then by altering the contents of a land title document after it has been digitally signed by the users responsible for signing the document, re-applying the digital signatures and submitting the altered document for registration.
Depends on the type of technology used: * The system must invalidate or remove the digital signatures on a document when an alteration has been made and require that the digital signatures of the users representing both parties to the transaction be re-applied before the document can be submitted for registration. * The system must not accept for lodgement any instrument that has not been digitally signed. * The system requires that digital signatures to be applied by all parties to that transaction. * The system must lock all instruments upon lodgement so that alterations may not be made after lodgement. * The user/s responsible for the instrument not vigilant in ensuring that the instrument has not been fraudulently altered before lodging the instrument for registration.
Other technological measures that may be used to prevent/minimise this type of fraud include: * System sends out a notice informing the users that the instrument has been altered and to re-apply their digital signatures. * System provides a facility to track changes made. * Land Registry performs checks on instruments lodged for registration, comparing the instrument lodged with the instrument created on the workspace to ensure that the instrument has not tampered with since being lodged for registration. * Restricting access privileges to instruments created on workspaces
* Dependent on the users of the system as well as on Land Registry employees who are responsible for updating the register. * These users must continue to be vigilant when using the system to detect any unauthorised alterations. * Education may be provided to users about the importance of being vigilant when using the system to ensure that there has been no unauthorised changes made on the instrument in which they are responsible for. * Training could also be provided to users on how these various technological features of the system operate so that they know how to take advantage of the system’s technological features as a tool to prevent fraud. * Possible to formulate a set of best practice guidelines, instructing users on the various technological tools available as well as stressing the importance of being vigilant using the system to detect any unauthorised alterations.
As above.
Misleading signatory
Misleading or inducing the victim into signing the authorisation form and the user handling
* Relationship between victim and fraudulent person. * Fraudulent person isseen as speaking for or on behalf of the victim. The user
* As far as possible, authorisation forms should be executed in the presence of the user handling the transaction and
It may be left to individual user’s internal policies to follow these practices. Submitted that it may be more
As above
289
Type of fraud
Manner of perpetration
Facilitating factors Preventative measures
Effectiveness Issues for further research
the transaction proceeds with the transaction.
responsible for the transaction gives to the fraudulent person the authorisation form to procure execution from the victim so that the form is not signed in the presence of the authorised user. * If required, fraudulent person is able to circumvent witnessing requirements by either: - forging the signature of the witness; or - where witness attests to the signature even though it was not signed in his/her presence. * User handling the transaction does not contact the signatory(ies) to the transaction to confirm instructions and to ensure that the victim understands the nature of the transaction.
witnessed by that user. * As far as possible, authorisation forms should never be sent to one party for the purposes of procuring executed by another. * Witnesses should comply with witnessing procedures. * The user responsible for the transaction should confirm instructions with all signatories to the form before proceeding with the transaction + ensure that all signatories to the authorisation form understand and consent to the transaction. * The user should confirm instructions for both face-to-face and non face-to-face transactions.
effective to incorporate this as part of a set of best practice guidelines for the execution and witnessing of authorisation forms. Either way, effectiveness is dependent on user’s level of observance with these practices and on user’s acting with care and due diligence to ensure that the signatory/s to the authorisation form understand and consent to the transaction. Use of education and training to encourage due care and diligence.
Identity fraud (opportunistic)
* Fraudulent person, with or without the aid of a third party, assuming the registered proprietor’s identity and through that, assuming the registered proprietor’s right to deal by producing the necessary documentation required or used by the electronic registration system to establish identity and right to deal. * This will be the case even if the system uses electronic certificates of title modelled along the proposed Victorian EC. * Generally these documents would be genuine.
* Fraudulent person’s relationship with the victim provides the fraudulent person with access to the necessary documents required/used to establish identity/right to deal. * Lack of vigilance by the other party in verifying the identity of the person purporting to deal with the land.
* Establishing strict procedures for verifying identity or if a process already exists, then in strengthening the process used. * Those responsible for verifying identity exercising care and due diligence during the identity verification process.
It may be left to individual user’s internal policies to incorporate an identity verification process. Submitted that it may be more effective if the identity verification process is incorporated into a set of best practice guidelines for identity verification. Either way, effectiveness is dependent on user’s due diligence and observance of this process. In addition, effectiveness may also be limited to situations where the fraudulent person does not have in their possession suitable identification so that an
As above.
290
Type of fraud
Manner of perpetration
Facilitating factors Preventative measures
Effectiveness Issues for further research
increased vigilance in identity checking will act to prevent identity fraud. Therefore may not be effective if it is calculated identity fraud. Use of education and training to encourage due care and diligence in verifying identity.
Identity fraud (calculated)
* Fraudulent person, with or without the aid of a third party, falsely claiming that he/she has a right to deal with the land by producing the necessary documentation required or used by the electronic registration system to establish identity and right to deal. * This will be the case even if the system uses electronic certificates of title modelled along the proposed Victorian EC. * These documents may be forged or genuine (eg. stolen).
* Ability to forge or gain access to the necessary documents required/used to establish identity/right to deal. * Lack of vigilance by the other party in verifying the identity of the person purporting to deal with the land.
* Establishing strict procedures for verifying identity or if a process already exists, in strengthening the process used. * Those responsible for verifying identity exercising care and due diligence during the identity verification process.
As above but as noted above, identity verification procedure may not be effective in situations where the fraudulent person has in his/her possession suitable identification.
Measures at a wider, nationwide level to address identity fraud, such as: * Improving the processes involved in issuing identity documents so as to ensure that identity documents are issued to genuine persons and not to fraudulent persons. * Providing support to those agencies issuing documents accepted as identity documents to ensure that the identity information held in each agency’s databases is accurate. * Improving the security of identity documents to make it more difficult for fraudulent persons to counterfeit or forge these documents.
291
Type of fraud
Manner of perpetration
Facilitating factors Preventative measures
Effectiveness Issues for further research
Fraudulently accessing, signing, submitting
Accessing the system, preparing the land title instrument, affixing the digital signature on the instrument and submitting the instrument for lodgment.
* The procedures used during the registration process in verifying that the applicant is indeed a legitimate applicant or if the registration process is via nominations from an authorised officer, that the nomination is from a legitimate authorised officer. This is for both applying for access and applying for the ability to digitally sign documents if the processes are separate). * The authentication methods used to access to the system, for example a system using only knowledge based authentication methods may not be as secure as those using both token and knowledge based methods. * If digital certificates/PSP are used to both access and digitally sign instruments, the manner in which digital certificates/PSP are generated, issued and stored; * If usernames and passwords are used to control access, the manner in which the usernames and passwords are transmitted to the user; * The type of passwords used. This is for both digital certificates/PSP and the password to access the system * Termination procedures used for removing a user from the system.
* Using strict identity verification process to prevent identity fraud during the registration process. * Use of technology to improve security of communications between the system and users of the system. * Using secure methods of generating the digital certificate/PSP. * Using hard-to-guess passwords. * Using secure storage locations for the digital certificate/PSP. * Adopting stringent procedures for removing users who are no longer authorised to use the system or no longer authorised to certify and sign instruments created on the system. * Use of a checking mechanism. * Use of a notification mechanism.
* Discussion above for identity fraud applies here. * Users must keep their digital certificate/PSP/usernames/passwords secure, this is dependent on the users. * The use of technology available to improve security is dependent on the users responsible for using the technology. * Effectiveness of termination procedures is dependent on those responsible for removing users from the system. * Use of education and training to encourage due care and diligence.
* For users: whether best practice guidelines regarding selection of passwords and storage locations for digital certificates/PSPs may be used * For users: whether best practice guidelines regarding general computer network security may be used. * For the system: whether guidelines for general computer network security, generation and issuing of digital certificates/PSPs/usernames and termination procedures may be used. * Further research into how guidelines may be imposed, strategies to encourage compliance, and effect on liability. * Further research into viability of using a checking mechanism or other similar mechanisms to improve security. * Further research into the viability of using a notification mechanism. * Further research into how education and training be harnessed to encourage users to practice due care and diligence so as to minimise fraud.
292
Type of fraud
Manner of perpetration
Facilitating factors Preventative measures
Effectiveness Issues for further research
Insider frauds, inc. fraud by the solicitor as an employee but excluding sole practitioners
*Any of the above frauds that involve someone internal to the system, such as a solicitor working for a law firm. * Fraud may be perpetrated by the insider alone OR * Fraud may be perpetrated by someone external to the system with the aid of an insider (example insider provides fraudulent person with a digital certificate/PSP and corresponding password).
* Insiders possess inside knowledge of the organisation (including the electronic registration system), particularly those who are entrusted with the responsibility of maintaining sensitive information or those who have been given a high level of control over the organisation’s internal systems, including computer systems.
* Variety of measures may be adopted by the employer to prevent insider fraud. * Examples: - Entry controls; - Regular monitoring of personnel; - Use of audit trails; - Education and training; - Creating an anti-fraud culture; - Fraud reporting and response; and - Use of a fraud control policy. * Note these measures are not relevant where the fraudulent person is self-employed.
* Dependent on the employer. * If a fraud control policy is used, effectiveness of the policy and its fraud control measures is dependent on the employer’s observance of the policy and its contents. * In addition the employer should also regularly monitor, review and continue to refine its fraud control policy so that it remains effective.
* Examination into the various types of internal control measures that may be used by organisations using the electronic registration system, including the entity managing the system and Land Registry, in minimising or preventing insider frauds.
7.10 Conclusion
This chapter examined how the types of fraud, identified in Chapters 5 and 6, that
may occur within an electronic registration system may be prevented by the
adoption of measures aimed at reducing the opportunities for them, thereby
answering the second part of the research question – can fraud minimisation
strategies be used to counter fraudulent conduct. This examination drew upon the
analysis in Chapters 5 and 6 regarding the manner in which frauds may be
perpetrated in an electronic registration system and the factors facilitating these
frauds, because this revealed the opportunities available for fraudulent conduct.
This chapter found that preventing fraud by forging the victim’s signature on the
authorisation form for both individuals and corporations, fraud by false power of
attorney and fraud by misleading the signatory would require the adoption of certain
practices during the execution and witnessing of authorisation forms. The
establishment of an identity verification process or the strengthening of an existing
identity verification process was found to be a measure that could be used to
minimise identity fraud. Technology may also be used as a means of reducing the
opportunities for perpetrating fraud, particularly for fraudulent alterations. For
prevention of fraud by fraudulently accessing, preparing, digitally signing and
lodging instruments for registration, a variety of measures may be needed, such as
293
the strengthening the registration process to ensure that digital certificates/PSPs are
only issued to legitimate users. Employers may also adopt a variety of measures to
prevent internal fraud, such as pre-employment screening, the use of audit trails and
regular monitoring of personnel.
The effectiveness of these measures in preventing fraud, however, was found to be
ultimately dependant on the individuals using these measures: for example, the
effectiveness of a verification of identity process in preventing identity fraud is
dependant on the person responsible for verifying identity. Hence, fraud prevention
may require the implementation of the measures analysed in this chapter together
with the participation of all industry practitioners and institutions within the Torrens
system, acting with care, vigilance and co-operation during the conveyancing
process to minimise fraud. Thus, it could be said that the hallmark of fraud
prevention is the exercise of care and vigilance and co-operation of all industry
participants. Tools for fostering and encouraging greater vigilance and care were
therefore recognised to be in themselves vital components in fraud prevention, with
education and training perhaps the least intrusive and most cost-effective of such
tools.
The next chapter is the concluding chapter. It will summarise the findings of this
study by drawing upon the conclusions of Chapters 2 to 7 to show why this research
is important and how it will provide an original contribution to knowledge. Future
studies in this area will also be foreshadowed in Chapter 8.
294
CHAPTER 8
CONCLUSION
Table of contents
8.1 The importance of this research.......................................................................295 8.2 Research findings ............................................................................................295 8.3 Areas for further research ................................................................................300
295
Chapter 8: Conclusion
8.1 The importance of this research
This research provides an important contribution to the conveyancing sector
because it has comprehensively examined the fraud risks associated with
automating the registration process within the Torrens system, so may therefore be
useful to inform stakeholders of the fraud risks that may arise from this process. This
will enable stakeholders to understand the types of fraud they may face in an
electronic registration system, the extent to which these frauds mimic the frauds
occurring in the paper registration system and whether new types of fraud may
emerge. In addition, this research has also examined fraud minimisation measures
that may be used to prevent fraud in an electronic registration system, providing
stakeholders with an awareness of the range of measures available. The findings
from this thesis will therefore enable stakeholders to make the transition from a
paper registration system to an electronic one while using fraud minimisation
measures to prevent fraud, ensuring that the twin objectives of the Torrens system,
particularly security of title, will be capable of being met in an electronic
environment.
8.2 Research findings
The findings from this research accord with the hypothesis advanced in Chapter 1 –
that automating the registration process will not alter the opportunities for the frauds
that may already be perpetrated in the paper registration system. The exception to
this is fraudulent alterations, where the opportunity for this type of fraud in an
electronic registration system might be reduced. Furthermore, automating the
registration system will introduce new opportunities for perpetrating fraud.
It was found that, in the paper registration system, there are essentially four ways in
which fraud may be perpetrated – forgery, fraudulent alteration, fraudulent
misrepresentations and identity fraud. These methods of fraud perpetration are
linked to conveyancing practices existing in the paper registration system. It was
found that in the existing system opportunistic fraud is by far the most prevalent,
usually perpetrated by those known to the victim. Within this class of perpetrators,
solicitors were found to be in the most effective position to perpetrate fraud, because
of their role in the conveyancing process and the trust reposed upon them by their
clients and other stakeholders.
296
Certain factors, such as failure to comply with witnessing requirements, facilitated
the perpetration of these paper-based frauds. The types of transactions usually
targeted for fraud in the paper registration system were transfers and mortgages or
a combination of both, since it is through these that a perpetrator is able to obtain
finance.
This research found that automating the registration process within the Torrens
system, by moving to an electronic system, might not significantly alter the incidence
of frauds now prevalent in the paper-based system. Nevertheless the biggest
change will likely be felt in two areas.
First, it will affect the perpetration of fraudulent alterations – the opportunity to do so
might be reduced in an electronic registration system through the use of technology
and the requirement that electronic instruments must be digitally signed before they
can be accepted for lodgement and registration. It was found in Chapter 5 that an
electronic registration system could be configured so that any alterations made to an
electronic instrument after it has been digitally signed will invalidate the digital
signatures. Hence to lodge the electronic instrument for registration, digital
signatures would have to be re-applied to it. This minimises opportunities for
fraudulent alterations, because electronic instruments that have been fraudulently
altered can not be lodged for registration unless the fraudulent person has access to
the relevant digital certificates/PSPs, so that he or she can reapply the digital
signatures.
Second, the manner in which frauds in a paper-based system can be perpetrated in
an electronic registration system might be altered. This is because the ways of
perpetrating fraud are linked to conveyancing practices and requirements, which are
likely to change under an electronic registration system. It was found that key
changes that might be made to conveyancing practices would be those relating to
the manner of accessing the system, the ways in which documents are prepared
and lodged for registration, and the execution and use of the paper certificate of title,
where this is retained. Changes likely to be made to conveyancing requirements are
those relating to examination processes at the Land Titles Office, updating the
register, witnessing requirements and the use of the certificate of title. Due to these
changes, it was found in this study that the perpetration of these frauds in an
electronic registration system may change. An example is fraud by forgery. In the
paper registration system, since the relevant land title instrument is signed by the
297
person creating or transferring an interest, or his or her attorney, it is this signature
that is targeted: fraud is perpetrated by forgery of this signature. In an electronic
registration system, the person creating or transferring an interest or the person’s
attorney will likely sign an authorisation form instead of the land title instrument.
Hence, fraud might occur through forgery of the signature on the authorisation form
instead of on the land title instrument.
Apart from those areas, in an electronic registration system, the types of
perpetrators, the factors facilitating these frauds and the transactions likely to be
targeted by them are likely to remain the same as in a paper registration system.
Perhaps the most significant impact likely to be felt by stakeholders is a new
opportunity for fraud. This arises from the possibility that authorised users with
appropriate privileges will digitally sign land title instruments lodged for registration.
This is a change from the paper registration system, where it is the person
transferring or creating an interest, or that person’s attorney, who must execute the
land title instrument. This change may open up a new opportunity for fraud; if
someone has, or can acquire, access to the system and the use of a digital
certificate/PSP for digital signing, he or she may simply access the system, prepare
the necessary instrument, digitally sign it and lodge it for registration. This is a
noteworthy finding, because it shows that an electronic registration system may
introduce a new type of fraud, requiring novel measures for its prevention.
Fraudulent persons with the greatest opportunity to perpetrate this new type of fraud
are likely to be legitimate users of the system who have access and the ability to
digitally sign instruments. Solicitors, for example, are likely to fall within this group of
users. It was thus argued in this study that this provides solicitors in an electronic
registration system with greater opportunities for fraud. To perpetrate fraud in an
electronic registration system, the solicitor would not need to forge the victim’s
signature, mislead the client into signing documents, create false powers of attorney
or fraudulently alter instruments, as is the case in the paper registration system. All
he or she would have to do is prepare the relevant instrument, digitally sign it and
submit it to the Land Titles Office for registration. Even in electronic registration
systems using electronic certificates of title modelled on the proposed Victorian
system, it is very likely that solicitors would be classed as users with control of the
electronic certificates of title. Perpetrating fraud would simply require a nomination
by the solicitor of the appropriate electronic certificate of title unto the transaction.
298
This adds to the significance of the above finding as it shows that in designing
measures to prevent this new type of fraud, appropriate checks and balances to limit
solicitors’ opportunities for fraud would need to be included.
These checks and balances were discussed in detail, among other strategies, in
Chapter 7. One possibility might be to require a client identification number,
unknown to the solicitor, to be entered by the client into an electronic instrument
before it can be lodged for registration. These measures are part of a broad range of
issues that were considered in detail in Chapter 7. For example, if client
identification numbers are used, how may they be deployed?
As for fraud prevention mechanisms to be used in an electronic registration system,
this study found that there was a broad range. Careful consideration was given to
the use of technology as a tool for fraud prevention, since an electronic registration
system will be built on technology. It was found that an electronic registration system
could use automated checks to ensure that the electronic instrument lodged for
registration had not been fraudulently altered and there could be automatic audit
programs to detect unusual transactions. Audit systems and automated checks are
tools that may be developed and exploited in an electronic registration system as
fraud preventative mechanisms to a far greater extent than in the paper registration
system, because of its very nature.
Apart from technology, this research found that fraud preventative measures may
also rely on the adoption of best practice procedures. This is particularly relevant for
identity fraud, forgery and fraud by misleading the signatory. These best practice
procedures should include:
• identity verification procedures;
• the practice that authorisation forms should, as far as possible, never be sent
to one party to procure execution by another;
• where the signatory is a company, adopting the practice of obtaining up-to-
date corporate searches and cross-referencing the names so found with
those on the authorisation form.
For preventing the new opportunity for fraud described earlier – fraud by preparing
the necessary instrument, digitally signing it and lodging it for registration, this study
suggests that a multi-faceted approach may be needed. This could encompass the
following: (1) Implementation of a strict identity verification process for screening
299
applicants who wish to become users; (2) stringent procedures for removing users
who are no longer authorised to use the system or to certify and sign instruments
created on the system and (3) the use of technology, such as encryption techniques,
to ensure that the generation and transmission of digital certificates/PSPs and
usernames and passwords is done securely. More importantly, it would require
users of the system to ensure that their digital certificates/PSPs, usernames and
passwords are kept and used in a secure manner. This places a responsibility on
these users that did not exist in the paper registration system. It also brings to notice
the most critical aspect of fraud prevention: that whilst various measures or
practices may be adopted to reduce the opportunities for fraudulent conduct, the
success of these measures in minimising fraud depends on the users responsible
for administering them exercising vigilance and due diligence at all times during the
conveyancing process.
Ultimately the effectiveness of fraud preventative strategies is entirely dependent on
the persons using them. As noted in Chapter 7, prevention of fraud by someone
fraudulently accessing, preparing, digitally signing and lodging instruments for
registration requires, amongst other measures, secure storage devices for storing
digital certificates/PSPs as well as secure selection and usage of passwords. This,
in turn, is again dependent on the user of the digital certificate/PSP selecting a
secure storage device and a secure password as well as using the digital
certificate/PSP in a secure manner. Any practices or guidelines meant to prevent
fraud, by forgery, for example, depend on their users complying with them. An
identity verification procedure can not prevent identity fraud if those responsible for
verifying identity are careless in doing so.
The importance of acting with due diligence and vigilance as a component in
minimising fraud is also borne out by the analysis of the case examples in Chapter
3, where it was found that in some instances, the opportunity to perpetrate fraud
was opened up by a lack of due diligence, such as:
• allowing the fraudulent person to take away a mortgage instrument for the
purposes of procuring execution by the victim;
• witnessing the signature of the victim on the mortgage instrument even
though it was not signed in the presence of the witness;
• not being vigilant when verifying identity and simply accepting that the
person holding the paper certificate of title is the owner of the land; and
300
• the Land Titles Office issuing replacement certificates of title without verifying
the veracity of the reasons put forward for requiring them, thereby enabling
identity fraud to occur.
Hence the conclusion in Chapter 7, that an increase in due diligence and vigilance
coupled with the implementation of the measures suggested in that chapter would
act to minimise fraud but that implementation alone, without diligence, might not be
sufficient.
Thus, this study has found that measures to encourage vigilance and care are also
a vital component of fraud prevention, and the least intrusive and most cost effective
method may be education and training. It is through education that users of the
system can learn the importance of fraud prevention and training and learn how to
prevent fraud. Finally, education and training may be enhanced through greater
inter-agency cooperation and information sharing. For example, if the discovery of
the use of false identity by one industry participant were to be shared with others,
this would create a greater chance of reducing fraud via that false identity.
As noted in Chapter 7, fraud prevention may require the implementation of the
various measures analysed here, together with the various stakeholders within the
Torrens system acting with due care and vigilance and co-operation to realise the
goal of fraud minimisation.
8.3 Areas for further research
In analysing the types of measures that may be used to minimise fraud, certain
issues were highlighted in Chapter 7 as warranting further research. These are
listed below.
The use of best practice guidelines, for instance, for the storage of digital
certificates/PSPs and choice of passwords, as a fraud prevention mechanism would
require further research into who should be responsible for formulating these
guidelines and how they should be imposed. For example, should these guidelines
be uniform or should it be left to individual participants within the conveyancing
industry to formulate their own. If they are imposed uniformly, then how may they be
imposed – could this best be done contractually or by legislation? In addition, further
research centering on the use of penalties to encourage compliance with these
guidelines could also be undertaken. As noted in Chapter 7, disentitling mortgagees
301
of an indefeasible title, for non-compliance with identity verification procedures is
one possible type of penalty to encourage compliance with identity verification
procedures. Research might be included into the extent to which verification is to be
undertaken, such as for example, defining “taking reasonable steps”; if reasonable
steps are to be taken, what components might constitute their taking? On a broader
level, further investigation could also be conducted into the use of sanctions and
penalties specifically targeting land title fraud, as a fraud deterrent mechanism. As
noted in Chapter 7, this investigation falls outside the scope of this research, but
may be the focus of future work. In New Zealand, for example, section 226 of the
Land Transfer Act 1952 (NZ) provides that a person commits an offence, and is
liable on conviction on indictment to imprisonment for a term not exceeding 4 years,
if the person does any of the matters listed in section 226. An example is if a person,
without being authorised by the Registrar:
(i) connects the computer system maintained under the Land Transfer
(Computer Registers and Electronic Lodgment) Amendment Act 2002 (NZ)
to any other computer, or to any terminal or other installation connected to or
forming part of any other computer; or
(ii) operates or attempts to operate that system (whether by means of any
device or apparatus that is part of that system, or by any other means); or
(iii) alters that system or the programming of that system; or
(iv) alters any record on that system.555
Further research may be conducted on the use of sanctions and penalties as a fraud
minimisation tool.
Chapter 7 also discussed using technology as a fraud minimisation tool, such as
using sophisticated anomaly detection tools to detect unusual transactions that
might indicate fraud. Given the rapid rate in which technology is evolving and
improving, further research could be conducted into how technology could be further
harnessed to assist in minimising fraud.
Termination or de-registration processes by the entity managing the electronic
registration system may also require further research. As noted in Chapter 7,
stringent termination procedures are required to prevent unauthorised usage of the
555 Land Transfer Act 1952 (NZ), s 226(fc).
302
electronic registration system. Having strict termination procedures is just as
important as having strict registration procedures that assist in deterring identity
fraud. Hence further research may be conducted as to the type of termination
procedures that might be adopted by the entity managing the electronic system to
ensure timely and accurate de-registration of its users, including:
• whether the system should simply rely on notification by users that they
should be removed from the system; or
• whether the system should make its own independent checks and if so, how
this can be done.
Finally, if education and training were to be employed as part of an overall fraud
preventative strategy, then issues such as:
• how education and training may be deployed effectively; and
• who should be responsible for overseeing the education and training: should
it be left to individual participants or should it be centrally controlled,
coordinated and administered?
are issues that would require further investigation.
In addition to the above, this research has shown that using technology to automate
the registration process will alter paper conveyancing practices and processes. It will
see the introduction of an entity or entities responsible for registering users to the
electronic registration system, issuing usernames and passwords to these users,
issuing digital certificates/PSPs, and managing the electronic system, including the
workspaces where electronic instruments are prepared and digitally signed. An
electronic registration system would also require certain users to digitally sign
instruments. These users would need to apply for a digital certificate/PSP and to
keep this digital certificate/PSP and its associated password safe. As noted above,
this places responsibilities on the user that did not exist in the paper registration
system. More importantly, if uniform best practice guidelines are to be used as a
fraud preventative mechanism then, as noted in Chapter 7, issues such as whether
penalties should be imposed for non-compliance would need consideration. Hence
another area arising out of automating the registration process that would require
303
further research is a re-examination of the relationship between the various
participants in the conveyancing process and their liability in relation to fraud.556
This examination could also include a re-assessment of the parameters for the
payment of compensation by the State for fraud within the Torrens system,
particularly in light of the finding from this research that automating the registration
system may introduce a new type of claim for fraud.
556 For example, in the EC System, the Representation Agreement, which is entered into between the
Subscriber and the Registar, has contractual effect. It covers issues such as the Subscriber’s obligations, representations and warranties and the Registrar’s obligations, warranties and representations. See: Department of Sustainability and Environment, EC System Rules Release 2 (2007) <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008. A contractual agreement such as this may alter relationships between parties to the conveyancing process, as well as their liability in relation to each other.
304
Appendix A
Compensation claims made against the States of Quee nsland, South Australia
and Tasmania for the period 1989 to 2005
305
ASSURANCE FUND PAYMENTS 1989-2005, QUEENSLAND
Party Year Fraudulent Activity
Dh ($32,000)
2000 Wife fraudulently executed husband’s signature on a mortgage on land which was held in joint names.
(Wife convicted)
Ga ($138,000)
1999 Well known acquaintance of the registered owner fraudulently arranged for a mortgage to be registered over the subject land. Miss X, the acquaintance, forged the execution.
(Miss X convicted)
Se ($234,000) Oz ($274,000) Ig ($312,000) Oh ($312,000) Mu ($239,000) No ($266,000) HSC ($253,000)
1989/91 Directors of company (A…) introduced Japanese buyers to purchase property on the Gold Coast. Once purchased CT’s were held by their solicitor. A director of A…arranged for mortgage documents to be forged. All monies were advanced to A… all CT’s were returned to the solicitor.
Ho ($574,000) 1997 Wife and daughter conspired and placed 2 mortgages over the family property which was registered solely in the name of Mr H. Wife forged signature of Mr H.
(Daughter convicted)
Ca ($76,000)
Mc ($52,000)
Cl ($93,000)
Fu ($87,000)
Mi/Gi ($147,000)
Sh ($57,000)
2000
1996
2000
2000
2000
2000
Solicitor, Peter Jensen, attracted elderly investors offering high interest returns for registered first mortgages. He continued to pay interest to the former mortgagees once registered. The solicitor fraudulently executed releases of the subject mortgages and subsequently remortgaged the subject properties using new investors.
(Jensen convicted)
Bo ($145,000) 1993 Former defacto fraudulently executed a mortgage over ex-partners company property.
Ju ($100,000) 1996 Son fraudulently executed a Powers of Attorney and subsequently mortgaged his family home using the power.
Ma ($146,000) 1994 Accountant of the registered owner mislead owner into signing mortgage documents over her property.
Ba ($90,000) 1993 Daughter-in-law fraudulently executed mortgage over property. CT was returned by daughter for solicitor.
306
Party Year Fraudulent Activity
Co ($300,000+) Not finalized.
2002 Son-in-law was convicted of forging the signatures of his in-laws and transferring the property to himself. He subsequently mortgaged the property.
Cl ($100,000) Not finalized
2004 Son fraudulently executed a mortgage over his parent’s property.
Mi ($60,000) Not finalized
2004 Son-in-law (same person as above) fraudulently executed a mortgage over his mother-in-law’s property.
Wi ($70,000) Not finalized
2003 Son fraudulently transferred his mother’s property to himself and subsequently mortgaged the property.
Da ($350,000) Not finalized
2002 Owner alleges that a mortgage broker or other person fraudulently executed a mortgage over his property.
By ($54,000)
1998 Wife convicted of killing husband and subsequently transferring the subject block to herself and mortgaging it.
Gi ($160,000) Not finalized
2003 Owner alleges family friend fraudulently executed or coerced execution of a transfer of the subject property to his wife who subsequently mortgaged the property.
McF ($310,000) Not finalized
2004 Acquaintance allegedly transferred unencumbered property by fraudulently executing the transfer and subsequently mortgaged the land.
Sm ($64,000) Not finalized
2005 Mortgagee alleges that the mortgage was fraudulently released by owner who subsequently sold the property.
Gr ($206,000) Not finalized
2005 Alleged that daughter fraudulently executed mortgage over father’s property. (2nd mortgage)
As/McF 2004 Alleged fraudulent transfer of ½ share of property by defacto following break-up. (Matter resolved out of court – no claim)
307
ASSURANCE FUND PAYMENTS 1990-2005 SOUTH AUSTRALIA
1990
Claimants were falsely induced by a fraudster on two separate occasions to sign the last page of what later became memoranda of mortgage, funds from which were diverted to a party other than the claimants.
Mortgage (1) - the fraudulent mortgage, having been registered, was transferred to another party.
Amount of $59,340.27 admitted. Settled April, 1991.
Mortgage (2) - The mortgage was not registered.
Claim not admitted.
1992 1. Claim based upon the area and dimensions of the land as shown incorrectly on the Certificate of Title misleading the claimants as to the “true” size of the parcel.
Amount of $6,000.00 admitted. Settled November, 1995.
2. Claimant’s husband forged her signature in obtaining six mortgages over matrimonial home, using proceeds of each mortgage to discharge the predecessor. Husband took his own life when fraud was discovered.
Amount of $44,013.00 admitted. Settled September, 1993.
1993
1. Claimant’s sister apparently forged her brother’s signature to mortgage land held by her brother and herself as tenants in common in equal shares.
Amount of $117,775.00 admitted. Settled June, 1995.
2. Failure by the Registrar-General to note a pre-existing Right of Way.
Amount of $10,476.56 admitted. Settled October, 1994.
2002
308
Claimant purchased land in 2000 free of any easements. Subsequent search of land revealed a statutory easement had been omitted when a new certificate of title issued for the land in 1995.
Amount of $2,770.00 admitted. Settled November, 2003.
2004
Claim relates to the forging of one joint tenants signature by his ex-de facto, the other joint tenant, on a Transfer of Lease. Amount of $25,000.00 admitted. Settled August, 2005.
309
Tasmania Compensation Payments Assurance Fund Re: Land Titles Act 1980 Tasmanian Compensation Payments Assurance Fund I refer to your e-mail to Max Locke, General Manager, Titles Registration, Registrar of Titles and Registrar of Water Allocations, Land Information and Titles, Department of Natural Resources and Mines, Queensland, in regard to the above mention matter. I advise that payouts made from the assurance fund for the period 1990 to 2005 totalled approximately $214000.00. Of the claims processed one was associated with fraud, the balance, on the whole, were to do with Office errors. The type of fraud involved forgery by Transfer perpetrated by one of the registered proprietors. The registered proprietors implicated were at the time (1994) divorced. Monetary Compensation amounted to $ 12000.00. Office errors comprised generally lost instruments such as mortgages or Certificates of Title and procedural oversights in the conversion of old system title land to registered land under the Land Titles Act 1980. Instances of the latter are the copying of a land description from a conveyance or the generation of office plans from such descriptions. Substantively the office errors didn’t result in deprivation of title. The public Register of land set up by the Land Titles Act 1980 was computerised in 1994.
310
Bibliography
'Shaking the Foundations' (1991) 65 Australian Law Journal 611 'Torrens Foundations Stabilised' (1993) 67 Australian Law Journal 535 Adams, Anne and Sasse, Martina, 'Users Are Not the Enemy' (1999) 42(12) Communications of the ACM 41 Albrecht, Steve, Albrecht, Conan and Albrecht, Chad, Fraud Examination (2nd ed, 2006) Alchian, Armen and Demsetz, Harold, 'The Property Right Paradigm' (1973) 33(1) Journal of Economic History 16 American Bar Association, 'Public Key Infrastructure Symposium' (1998) 38 Jurimetrics 243 Anderson, D Scott, 'What Trust is in These Times? Examining the Foundation of Online Trust' (2005) 54 Emory Law Journal 1441 Atherton, Rosalind, 'Donees, Devisees and Torrens Title: The Problem of the Volunteer Under the Real Property Acts' (1998) 4 Australian Journal of Legal History 121 Australian Institute of Criminology, 'Crimes Against Business: A Review of Victimisation, Predictors and Prevention' (Australian Institute of Criminology, 2004) Australian Government Attorney-General’s Department, Identity Security (2008) <http://www.ag.gov.au/www/agd/agd.nsf/Page/Crimeprevention_Identitysecurity>at 8 April 2008. Australasian Centre for Policing Research, 'Standardisation of Definitions of Identity Crime Terms: A Step Towards Consistency' (Australasian Centre for Policing Research, 2006) Australasian Centre for Policing Research and AUSTRAC, 'Standardisation of Definitions of Identity Crime Terms: Discussion Paper' (Australasian Centre for Policing Research & AUSTRAC, 2004) BC Online, BC Online Application Form <https://www.bconline.gov.bc.ca/account.html> at 4 June 2007 Backhouse, James, 'Assessing Certification Authorities: Guarding the Guardians of Secure E-Commerce?' (2002) 9(3) Journal of Financial Crime 217 Baird, Douglas and Jackson, Thomas, 'Information, Uncertainty and the Transfer of Property' (1984) 13 Journal of Legal Studies 299 Barnett, Paul, 'The Write Stuff? Recent Developments in Electronic Signatures' (2001) (46) Computers and law 15 Barry, John, Electronic Cheques and Balances - Paper Gone To Bytes (2005) Internet Law Bulletin <http://www.landexchange.vic.gov.au/ec/newsroom/articles.html> at 2 May 2006
311
Blackwell, Gerry, 'Teraview-Ontario's New Searchable Electronic Land' (1997) 21(1) Canadian Lawyer 32 Black, Peter, 'Catching a Phish: Protecting Online Identity' (2006) 8(10) Internet Law Bulletin 133 Brainard, John et al, 'Fourth Factor Authentication: Somebody You Know' (Paper presented at the Proceedings of the 13th ACM Conference on Computer and Communications Security, Virginia, 2006) Bransgrove, Matthew, 'What Can Solicitors Do To Reduce Mortgage Fraud?' (2004) 42(10) Law Society Journal 52 Brazell, Lorna, 'Electronic Security: Encryption in the Real World' (1999) 21 European Intellectual Property Review 17 Besley, Timothy, 'Property Rights and Investment Incentives: Theory and Evidence From Ghana' (1995) 103(5) Journal of Political Economy 903 Braz, Christina and Robert, Jean-Marc, 'Security and Usability: The Case of the User Authentication Methods' (Paper presented at the Proceedings of the 18th International Conference on Association Francophone d'Interaction Homme-Machine, Montreal, 2006) Bucknall, Brian, Fraud and Forgery Under the Land Titles Act (2003) <http://www.firsttitle.com.au/Brian-Bucknall-Fraud-and-Forg_2.pdf> at 12 May 2007 Butt, Peter, 'False Attestations and Fraud' (2000) 74 Australian Law Journal 420 Butt, Peter, 'Unauthorised Alternation Not "Fraud"' (2005) 79 Australian Law Journal 77 Butt, Peter, Land Law (5th ed, 2005) Byamugisha, Frank, The Effects of Land Registration on Financial Development and Economic Growth: A Theoretical and Conceptual Framework (1999) <http://www-wds.worldbank.org/servlet/WDS_IBank_Servlet?pcont=details&eid=000094946_99122006330167> at 16 January 2006 Canadian Institute of Mortgage Brokers and Lenders, Fighting Fraud: Face to Face (2003) <http://www.cimbl.ca/mortjournals/fighting_fraud.htm> at 10 January 2006 Canadian Institute of Mortgage Brokers and Lenders Mortgage Industry Fraud Task Force, 'Canadian Mortgage Industry Fraud: White Paper' (Canadian Institute of Mortgage Brokers and Lenders, 2001) Carnegie Mellon Software Engineering Institute, 'Insider Threat Study: Computer System Sabotage in Critical Infrastructure Sectors' (Secret Service's National Threat Assessment Center & Carnegie Mellon University Software Engineering Institute's CERT® Coordination Center (CERT/CC), 2005) Cherry, Sarah, 'The Effects of Spyware and Phishing on the Privacy Rights of Internet Users' (2006) 2 I/S Journal of Law and Policy 573
312
Christensen, Sharon, Duncan, William and Low, Rouhshi, 'The Statute of Frauds in the Digital Age: Maintaining the Integrity of Signatures' (2003) 10(4) Murdoch University Electronic Journal of Law <https://elaw.murdoch.edu.au/archives.html> Christensen, Sharon, 'Electronic Land Dealings in Canada, New Zealand and the United Kingdom: Lessons for Australia' (2004) 11(4) Murdoch University Electronic Journal of Law <https://elaw.murdoch.edu.au/archives.html> Christensen, Sharon and Stickley, Amanda, 'Electronic Title in the New Millennium' (2000) Flinders Journal of Law Reform 209 Christensen, Sharon, 'Electronic Land Dealings in Canada, New Zealand and the United Kingdom: Lessons for Australia' (2004) 11(4) Murdoch University Electronic Journal of Law Christensen, Sharon, Duncan, William and Low, Rouhshi, 'Moving Queensland Property Transactions to the Digital Age: Can Writing and Signature Requirements Be Fulfilled Electronically?' (Centre for Commercial and Property Law Queensland University of Technology, 2002) Christensen, Sharon and Duncan, William, Professional Liability and Property Transactions (2004) Christofis, Ian, 'Myths of PKI' (2003) 53(1) Telecommunications Journal of Australia Coase, R.H, 'The Problem of Social Cost' (1960) 3 Journal of Law and Economics 1 Cocks, Russell and Barry, John, 'Electronic Conveyancing: Challenges for the Torrens System' (2001) 8(3) Australian Property Law Journal 270 Commonwealth Attorney-General's Department, 'Fraud Control Guidelines' (2002) Cornford, Philip, 'Gold Bars Just a Whisker From Crooks' Grasp', Sydney Morning Herald (Sydney), 22 July 2006, 1 Crime and Misconduct Commission, 'Fraud and Corruption Control: Guidelines for best practice' (Crime and Misconduct Commission, 2005) Cugnasen, Suresh and Lacey, David, Identity Fraud in Australia: An Evaluation of its Nature, Cost and Extent (2003) Davidson, Alan, 'Identity Fraud' (2005) Proctor 33 Davidson, Alan, 'Electronic Signatures' (2002) Proctor 32 Davidson, Alan, 'Phishing: The Identity Theft Epidemic' (2006) 26(3) Proctor 37 Davidson, Alan, 'The National Electronic Conveyancing System' (2006) 26(1) Proctor 33 Davies, David, Fraud Watch (2000) Dekker, Henri AL, The Invisible Line: Land Reform, Land Tenure Security and Land Registration (2003)
313
Demogue, Rene, 'Security' in A Fouillee (ed), Modern French Legal Philosophy (1986) Demsetz, Harold, 'Towards a Theory of Property Rights' (1967) 57 American Economic Review 347 deSoto, Hernando, The Mystery of Capital (2000) Department of Sustainability and Environment, Fact Sheets (2008) <http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 8 April 2008 Department of Sustainability and Environment, EC System Rules Release 2 (2007) <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008. Department of Sustainability and Environment, Overview of the EC System (2007) <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008 Department of Sustainability and Environment, Electronic Conveyancing – Registrar’s Requirements Release 2 (2007) < http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 14 April 2008. Department of Sustainability and Environment, Land Title Registration (2008) <http://www.landexchange.vic.gov.au/ec/fact_sheets/index.html> at 28 April 2008 Dolman, Warwick, 'Fighting Fraud in Law Firms' (2005) (225) Lawyers Weekly 18 Drummond, Shaun, 'Victorian E-Conveyance Should Go National' (2005) (267) Lawyers Weekly 10 Edwards, Robin, 'Indefeasibility - the Sting in theTale for Lenders Removed' (1998) 14(3) Australian Banking & Finance Law Bulletin 46 Editorial comment, 'The Relevance of Indefeasibility of Torrens Title Land for Conveyancing' (1991) ANZ ConvR 496 Editorial comment, 'Indefeasibility of Title in Mortgage Transactions' (1995) ANZ ConvR 138 Eldridge, Lonnie, 'Internet Commerce and the Meltdown of Certification Authorities: Is the Washington State Solution a Good Model?' (1998) 45 UCLA Law Review 1805 Ellickson, Robert, 'Property in Land' (1993) 102 Yale Law Journal 1315 Ellison, Carl and Schneier, Bruce, 'Ten Risks of PKI: What You're Not Being Told About Public Key Infrastructure' (2000) 16(1) Computer Security Journal 1 Ellickson, Robert, 'Property in Land' (1993) 102 Yale Law Journal 1315 Entrust, 'An Introduction to Cryptography and Digital Signatures' (2001) Entrust, 'White Paper: Trust Management in the Public-Key Infrastructure' (2003)
314
Ernst & Young International Fraud Group, Fraud: The Unmanaged Risk 8th Global Survey (2003) <http://www.ey.nl/download/publicatie/8th_Global_Survey.pdf> at 1 February 2007 Fairchild, Walter, 'Economic Aspects of Land Titles' (1937) 22 Cornell Law Quarterly 229 Feder, Gershon and Nishio, Akihiko, 'The Benefits of Land Registration and Titling: Economic and Social Perspectives' (1999) 15 Land Use Policy 25 Finley, Alexandra, 'Indefeasibility of Title: When Is Conduct Not Fraud?' (1998) 12(8) Australian Property Law Bulletin 62 Ferguson, Niels, Practical Cryptography (2003) Fox, P Moerlin, 'The Story Behind the Torrens System' (1950) 23 Australian Law Journal 489 France-Hudson, Ben, 'Living in Interesting Times - Landonline, Leader in its Field at What Cost?' (2006) 12 Canterbury Law Review 121 Fraud Advisory Panel (UK), Identity Theft: Do You Know the Signs? (2003) <http://www.fraudadvisorypanel.org/newsite/Publications/Publications_advice.htm> at 26 June 2007 Freedman, Bradley, Digital Signatures and Authentication Processes (2004) Continuing Legal Education Society of British Columbia <http://www.cle.bc.ca/CLE/Analysis/Collection/04-54321-signatures> at 10 May 2005 Froomkin, Michael, 'The Essential Role of Trusted Third Parties in Electronic Commerce' (1996) 75 Oregon Law Review 49 Game, Daniel, Blakley, Alan and Armstrong, Matthew, 'The Legal Status of Spyware' (2006) 59 Federal Communications Law Journal 157 Gaw, Shirley and Felten, Edward, 'Password Management Strategies for Online Accounts' (Paper presented at the Proceedings of the Second Symposium on Usable Privacy and Security SOUPS, Pittsburgh, 2006) Gensler, H, 'Property Law as an Optimal Economic Foundation' (1996) 35 Washburn Law Journal 50 George, Narelle, 'Cyber Traps: An Overview of Crime, Misconduct and Security Risks in the Cyber Environment' (Queensland Crime and Misconduct Commission, 2004) Gibson, Anne, 'Department Protects Homes From More Fraud', New Zealand Herald (Auckland), 2006, Goldner, Barry, 'The Torrens System of Title Registration: A New Proposal for Effective Implementation' (1982) 29 UCLA Law Review 661
315
Goldsmith, Arthur, 'Democracy, Property Rights and Economic Growth' (1995) 32(2) Journal of Development Studies 157 Gordon, Gary R and Norman A Willox, Jr, 'Identity Fraud: A Critical National and Global Threat' (2004) 2(1) Journal of Economic Crime Management Government of Ontario, Canada, Electronic Land Registration (2008) < https://www.gov.on.ca/ont/portal/!ut/p/.cmd/cs/.ce/7_0_A/.s/7_0_GTS/_s.7_0_A/7_0_GTS/_l/en?docid=STEL02_165314> at 7 April 2008. Grabosky, Peter and Duffield, Grace, 'Red Flags of Fraud' (Australian Institute of Criminology, 2001) Gray, Janice and Edgeworth, Brendan, Property Law in New South Wales (2003) Graycar, Adam, 'Identity-related Fraud: Risks and Remedies' (Australian Institute of Criminology, 2002) Graycar, Adam and Smith, Russell, 'Identifying and Responding to Electronic Fraud Risks' (Paper presented at the 30th Australasian Registrars' Conference, Canberra, 2002) Grijpink, Jan, 'Identity Fraud as a Challenge to the Constitutional State' (2004) 20(1) Computer Law and Security Report 29 Griggs, Lynden, 'Torrens Title in a Digital World' (2001) 8(3) Murdoch University Electronic Journal of Law <https://elaw.murdoch.edu.au/archives.html> Griggs, Lynden, 'Indefeasibility and Mistake - the Utilitarianism of Torrens' (2003) 10(2) Australian Property Law Journal 108 Griggs, Lynden, 'Torrens Title - Arise the Registered and Unregistered, Befall the Legal and Equitable' (1997) 4 Deakin Law Review 35 Grinlinton, David (ed), Torrens in the Twenty-first Century (2003) Hahn, Robert and Layne-Farrar, Anne, 'The Law and Economics of Software Security' (2006) 30 Harvard Journal of Law and Public Policy 283 Halderman, J Alex, Waters, Brent and Felten, Edward W, 'A Convenient Method for Securely Managing Passwords' (Paper presented at the Proceedings of the 14th International Conference on World Wide Web WWW, Japan, 2005) Hally, Simon, 'How Secure is E-Registration' (2005) 29(7) Canadian Lawyer 47 Halvey, John, 'Hazards on the Information Superhighway: The Virtual Marketplace' (1996) 45 Emory Law Journal 959 Hanstad, Tim, 'Designing Land Registration Systems for Developing Countries' (1998) 13 American University International Law Review 647 Hammond, Celia, 'The Abolition of the Duplicate Certificate of Title and Its Potential Effect on Fraudulent Claims Over Torrens Land' (2000) 8 Australian Property Law Journal 115
316
Hayes, Hennessey and Prenzler, Tim, 'Profiling Fraudsters: A Queensland Case Study in Fraudster Crime' (Crime Prevention Queensland, 2003) Hendrix, Steven E, 'Myths of Property Rights' (1995) 12 Arizona Journal of International and Comparative Law 183 Hengeveld, Ben, 'Fraud Smarts - Identity/Personation/Mortgage Fraud' (Paper presented at the The 2nd Annual Real Estate Law Summit, Toronto, Canada, 6 & 7 April 2005) Hogg, James Edward, The Australian Torrens System (1905) Hogg, James Edward, Registration of Title to Land Throughout the Empire (1920) Holtfreter, K, 'Fraud in US Organisations: An Examination of Control Mechanisms' (2004) 12(1) Journal of Financial Crime 88 Howatson, Graeme, 'Identity Fraud and the Mortgagee' (2006) 28(2) Proctor 41 Hughson, Mary-Anne, Neave, Marcia and O'Connor, Pamela, 'Reflections on the Mirror of Title: Resolving the Conflict Between Purchasers and Prior Interest Holders' (1997) 21 Melbourne University Law Review 460 International Organisation of Standardisation, ISO/IEC 17799 Information Security Management, < http://www.iso101.com/iso-17799.htm> at 27 June 2007 Internet Engineering Task Force, Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework, 1999, <http://www.ietf.org/rfc/rfc2527.txt> at 8 April 2008. Ives, Blake, Walsh, Kenneth and Schneider, Helmut, 'The Domino Effect of Password Reuse' (2004) 47(4) Communications of the ACM 75 Johnson, Otomunde, 'Economic Analysis, the Legal Framework and Land Tenure Systems' (1972) 15 Journal of Law and Economics 259 Kenny, Phillip, 'The Conveyancing Revolution' (2002) 66 Conveyancer and Property Lawyer 3 Khalilizadeh, Azadeh, 'E-Conveyancing: Property Settlements Enter the Digital Age' (ALMD Advance, 2006) Kirby, Michael, 'The Computer, the Individual and the Law' (1981) 55 Australian Law Journal 443 KPMG, 'Fraud Survey 2004' (KPMG, 2004) Landonline, Roadmap for 100% E-Lodgment <http://www.landonline.govt.nz/elodgement/elodgement-roadmap.asp> at 7 April 2008. Land Information New Zealand, Landonline E-Dealing Teaching Guide (2008) <http://www.landonline.govt.nz/edealing/training-resources/education-resources/index.asp> at 7 April 2008.
317
Land Information New Zealand, How to Become a Landonline User: Signing Up Or Upgrading (2005) <http://www.landonline.govt.nz/content/general/become_a_lol_user_apr_05.pdf> at 19 April 2006 Land Information New Zealand, How to Sign-Up <http://www.landonline.govt.nz/content/general/how-to-sign-up.asp> at 20 April 2006 Land Information New Zealand, Landonline E-Dealing Handbook for Students (2008) <http://www.landonline.govt.nz/edealing/training-resources/education-resources/index.asp> at 8 April 2008 Land Information New Zealand, Landonline Security <http://www.landonline.govt.nz/content/general/security.asp> at 17 January 2006 Land Information New Zealand, Landonline Survey and Title Service <http://www.linz.govt.nz/rcs/linz/pub/web/root/core/TitlesAndRecords/landonline/index.jsp> at 18 April 2006 Land Information New Zealand, Survey and Title Automation: Landonline Certificate Policy (2004) <http://www.landonline.govt.nz/content/signup/certificate_policy.pdf> at 10 January 2006 Land Information New Zealand, Licenses <http://www.landonline.govt.nz/content/general/licenses.asp> at 19 April 2006 Land Information New Zealand, Loading Your Digital Certificate <http://www.landonline.govt.nz/content/registeredusers/digital-certificates-loading.asp> at 22 January 2006 Land Information New Zealand, Proof of Identity Form <http://www.landonline.govt.nz/registereduser/newforms/registereduser/changeforms/poid.pdf> at 21 April 2006 Land Information New Zealand, Sign-Up Checklist <http://www.landonline.govt.nz/content/signup/what-you-need.asp> at 21 April 2006 Land Information New Zealand, Sign-up: Introduction <http://www.landonline.govt.nz/content/signup/index.asp> at 19 April 2006 Land Information New Zealand, Survey and Title Automation: Landonline Certificate Policy (2004) <http://www.landonline.govt.nz/content/signup/certificate_policy.pdf> at 10 January 2006 Land Information New Zealand, Landonline Digital Certificate User Obligations <http://www.landonline.govt.nz/content/general/tc-obligations-obligations-full.asp> at 19 January 2006 Land Information New Zealand, Landonline Remote Access - General Terms and Conditions <http://www.landonline.govt.nz/content/general/tc-obligations-tc-full.asp> at 19 January 2006
318
Land and Property Information NSW, Counterfeit Certificates of Title (2003) <http://www.lands.nsw.gov.au/NR/rdonlyres/A8A51A22-E276-459D-9059-0EB59F9F73BB/0/2003_05.pdf> at 10 January 2006 Land Exchange, Electronic Conveyancing Legal Framework (2007) <http://www.landexchange.vic.gov.au/ec/legal_framework/index.html> at 7 April 2008. Land Exchange, What is EC? (2007) <http://www.landexchange.vic.gov.au/ec/about/index.html> at 7 April 2008. Land Exchange, Key Milestones (2007) <http://www.landexchange.vic.gov.au/ec/about/milestones.html> at 7 April 2007. Land Registry, E-conveyancing: The Story So Far (2007) < http://www.landregistry.gov.uk/www/wps/portal/!ut/p/c1/04_SB8K8xLLM9MSSzPy8xBz9CP0os3gfN1MTQwt381DL0BBTAyNjY0cTE19PQwN3M6B8JB55A2J0G-AAjoR0-3nk56bqF-SGRpQ7KioCALdDEtQ!/dl2/d1/L2dJQSEvUUt3QS9ZQnB3LzZfTEY1NDE4RzdVOVVUNTAyMzNBNDRNSTEwRzU!> at 7 April 2008 Land Registry, ’E-conveyancing: The Strategy for the Implementation of E-conveyancing in England and Wales’, 12 October 2005 < http://www1.landregistry.gov.uk/assets/library/documents/e-conveyancing_strategy_v3.0.doc/> at 7 April 2008. Land Registry, 'E-conveyancing: A Land Registry Consultation' (Land Registry, 2003) Land Registry, 'E-conveyancing: A Land Registry Consultation Report' (Land Registry, 2003) Land Title and Survey Authority of British Columbia – Land Title Division, Electronic Filing System Committee <http://www.ltsa.ca/electronic-filing-system/electronic-filing-system-committee> at 7 April 2008. Land Title and Survey Authority of British Columbia, Electronic Filing System (EFS) < http://www.ltsa.ca/electronic-filing-system/introduction > at 8 April 2008. Land Title and Survey Authority of British Columbia - Land Title Division, Getting Started Checklist <http://www.ltsa.ca/documents/ltd/Getting_Started_Apr05.pdf> at 19 April 2006 Land Title and Survey Authority of British Columbia - Land Title Division, Pacific Legal Technical Conference: Electronic Filing System <http://www.ltsa.ca/documents/presentations/PacificLegalTechnicalConf.pdf> at 7 April 2008 Land Title and Survey Authority of British Columbia - Land Title Division, 'Land Titles Electronic Filing System (EFS) User’s Guide' (26 July 2006) Lanjouw, Jean O and Levy, Philip, 'A Difficult Question in Deed: A Cost-Benefit Framework for Titling Programs' (2004) 45(3) William and Mary Law Review 889
319
Lang, AG, 'Computerised Land Title and Land Information' (1984) 10 Monash University Law Review 196 Laurie, Ben, Seven and a Half Non-Risks of PKI: What You Shouldn't Be Told About Public Key Infrastructure <http://www.apache-ssl.org/7.5things.txt> 3 March 2004 Lawrence, Kara, 'Forging a New 'Industry' of Fraudulent Bank Loans', The Daily Telegraph 24 February 2003, Law Commission & HM Land Registry, UK, 'Land Registration for the Twenty-First Century: A Conveyancing Revolution' (No 271, HM Land Registry, 2001) Law Society of British Columbia, Fighting Back Against Fraud - The Risks in Real Estate (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-16_Tips-fraud.html> at 4 September 2006 Law Society of British Columbia, Rules Require Lawyers to Guard Against Fraud (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-03_PCH-fraud.html> at 4 September 2006 Law Society of British Columbia, Real Estate Fraud - A Prevention Primer (2005) <http://www.lawsociety.bc.ca/publications_forms/iissues/05-03_risk.html> at 4 September 2006 Law Society of British Columbia, Curbing Risk in Real Estate Practice (2006) <http://www.lawsociety.bc.ca/publications_forms/iissues/06-02_risk.html> at 6 June 2006 Law Society of British Columbia, Practice Tips: Fighting Back Against Fraud (2005) <http://www.lawsociety.bc.ca/publications_forms/bulletin/2005/05-05-16_Tips-fraud.html> at 6 June 2006 Law Society of Upper Canada, Electronic Registration: Making It Work For You - Procedures and Practice Standards For Electronic Real Estate Conveyance (2000) <http://mrc.lsuc.on.ca/jsp/eReg/index.jsp> at 5 June 2007 Law Society of Upper Canada, Practice Tips: Recognizing Fraud in Feal Estate Transactions (2004) <http://mrc.lsuc.on.ca/pdf/fightingRealEstate/july2304_fraud_indicators.pdf> at 24 May 2006 Law Society of Upper Canada, Security Features of the New Ontario Driver's License (2005) <http://www.lsuc.on.ca/media/may0505fraudsmartsaddendum.pdf> at 25 May 2006 Law Society of Upper Canada, 'Fighting Real Estate Fraud: Why It's Important for Real Estate Lawyers (Continuing Legal Education Seminar)' (2004) Law Society of Upper Canada, Practice Guidelines for Electronic Registration of Title Documents (2002) <http://www.lsuc.on.ca/news/pdf/july08_eregguidelines.pdf> at 24 April 2006 Law Society of Upper Canada, Fraud in Real Estate Transactions (2004) <http://mrc.lsuc.on.ca/pdf/fightingRealEstate/july2304_fraud_scenarios.pdf> at 24 May 2006
320
Law Society of Upper Canada, 'Report to Convocation: Mortgage Fraud' (Law Society of Upper Canada, 2005) Law Society of Upper Canada, Notice to the Profession - Law Society Warning to Real Estate Practitioners Re:Fraud (2004) <http://mrc.lsuc.on.ca/jsp/fightingRealEstate/noticeToProfession.jsp> at 24 May 2006 Law Society of Upper Canada, Qs and As - Fraud in Real Estate Transactions: Some Ethical Issues (2004) <http://mrc.lsuc.on.ca/pdf/fightingRealEstate/july2304_fraud_qa.pdf> at 24 May 2006 Law Society of Upper Canada, Due Diligence in Mortgage or Loan Transactions (2008) <http://www.lsuc.on.ca/media/apr0908_due_diligence.pdf> at 16 April 2008 Lawyers' Professional Indemnity Company, Managing the Security and Privacy of Electronic Data in a Law Office (2005) <http://www.practicepro.ca/practice/pdf/ManagingSecurityPrivacy4print.pdf> > at 6 June 2006 Lawyers' Professional Indemnity Company, Fighting fraud: Implement Appropriate Internal Controls (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_Control.pdf> at 4 September 2006 Lawyers' Professional Indemnity Company, Fighting fraud: Protect Security of PSPs (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_PSP.pdf> at 4 September 2006 Lawyers' Professional Indemnity Company, Fighting fraud: Organizations Collaborate (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_Org.pdf> at 4 September 2006 Lawyers' Professional Indemnity Company, Fighting fraud: Implement Appropriate Internal Controls (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_Control.pdf> at 4 September 2006 Lawyers' Professional Indemnity Company, Fighting fraud: Protect Security of PSPs (2004) <http://www.practicepro.ca/LawPROmag/FightingFraud_PSP.pdf> at 4 September 2006 Lim, Yee Fen, 'Digital Signature, Certification Authorities and the Law' (2002) 9(3) Murdoch University Electronic Journal of Law Lim, Yee Fen, 'Digital Signatures and PKI: The Technical and the Legal' (2004) 6(9) Internet Law Bulletin 116 Low, Rouhshi, 'Opportunities for Fraud in the Proposed Australian National Electronic Conveyancing System: Fact or Fiction?' (2006) 13(2) Murdoch University Electronic Journal of Law 225
321
Low, Rouhshi, 'Maintaining the Integrity of the Torrens System in a Digital Environment: A Comparative Overview of the Safeguards Used Within the Electronic Land Systems in Canada, New Zealand, United Kingdom and Singapore' (2005) 11(2) Australian Property Law Journal 155 Lynch, Jennifer, 'Identity Theft in Cyberspace: Crime Control Methods and their Effectiveness in Combating Phishing Attacks' (2005) 20 Berkeley Technology Law Journal 259 MacLennan, Catriona, 'Mortgage Frauds Prompt Calls for System Changes' (2006) 2 Law News 1 MacLennan, Catriona, 'Warning About Conveyancing Fraud Using False Passports' (2005) (39) Auckland District Law Society Law News 1 MacDonald, Carmel, McCrimmon, Les and Wallace, Anne, Real Property Law in Queensland (1998) Main, Geoff and Robson, Brett, 'Scoping Identity Fraud' (Attorney General's Department, 2001) Mapp, Thomas, Torrens' Elusive Title (1978) Markoff, John, Warning From Microsoft on False Digital Signatures (2001) <http://www.acm.org/technews/articles/2001-3/0323f.html#item3> at 10 January 2006 Mason, Stephen, 'Validating Identity for the Electronic Environment' (2004) 20(3) Computer Law and Security Report 164 McCormack, John, 'Torrens and Recording: Land Title Assurance in the Computer Age' (1992) 18 William Mitchell Law Review 61 McCrimmon, Les, Exceptions to the Indefeasibility of a Torrens Title: A Comparative Analysis (LLM Thesis, University of Queensland, 1988) McCrimmon, Les, 'Protection of Equitable Interests under the Torrens System: Polishing the Mirror of Title' (1994) 20 Monash University Law Review 300 McCullagh, Adrian, Caelli, William and Little, Peter, 'Electronic Signatures: Understand the Past to Develop the Future' (1998) 21(2) University of New South Wales Law Journal 453 McCullagh, Adrian, Caelli, William and Little, Peter, 'Signature Stripping: A Digital Dilemma' (2001) 1 Journal of Information, Law and Technology McKelvey, Chris, 'Fraudulent Deprivation and the Assurance Fund' (1993) 23 Queensland Law Society Journal 133 Miceli, Thomas, Sirmans, CF and Turnbull, Geoffrey, 'Title Assurance and Incentives For Efficient Land Use' (1998) 6(3) European Journal of Law and Economics 305
322
Miceli, Thomas, Sirmans, CF and Kieyah, Joseph, 'The Demand for Land Title Registration: Theory with Evidence from Kenya' (2001) 3 American Law and Economics Review 275 Miceli, Thomas, Sirmans, CF and Turnbull, Geoffrey, 'The Dynamic Effects of Land Title Systems' (2000) 47(3) Journal of Urban Economics 370 Ministry of Government Services Ontario, Land Registration Information: Electronic Land Registration (2005) <http://www.cbs.gov.on.ca/mcbs/english/5GRLDX.htm> at 18 April 2006 Mitnick, Kevin, Controlling the Human Factor of Security: The Art of Deception (2002) Moon, Peter, 'Everything You Always Wanted to Know About Digital Signatures' (1999) Law Society Journal 57 Moskoff, Franklin, 'Fraud: An Overview' (1981) 23(3) Criminal Law Quarterly 386 Murray, Kate, 'Modernization of Land Registration Records' (Ministry of Consumer and Business Services, 2003) Murray, Jamie, 'Public Key Infrastructure, Digital Signatures and Systematic Risk' (2003) 1 Journal of Information, Law and Technology NSW Department of Lands, New Security Features for NSW Certificates of Title (2004) <http://www.lands.nsw.gov.au/_media/lands/pdf/fact_sheets/land_and_property_information/LPI_CT_36032_Brochure.pdf> at 8 April 2008. National Electronic Conveyancing Office, 'Draft Operations Description for a National Electronic Conveyancing System V.6' (National Electronic Conveyancing Office, 2007) National Electronic Conveyancing Office, 'Draft National Business Model for the Establishment of a National Electronic Conveyancing System V.10' (National Electronic Conveyancing Office, 2007) National Electronic Conveyancing System, How NECS Will Work (2005) <http://www.necs.gov.au/default.aspx?ArticleID=50#WHAT%20NECS%20DOES%20NOT%20COVER> at 5 June 2007 National Electronic Conveyancing Office, Risk Assessment of the National Electronic Conveyancing System (2007) <http://www.necs.gov.au/default.aspx?FolderID=116> at 12 June 2007 National Electronic Conveyancing System, About the National Electronic Conveyancing System (NECS) (2005) < http://www.necs.gov.au/About-NECS/default.aspx> at 7 April 2008. National Electronic Conveyancing System, Overview of Progress (2005) < http://www.necs.gov.au/Progress-on-NECS/default.aspx> at 4 June 2007.
323
National Research Council (U.S) Committee on Authentication Technologies and Their Privacy Implications, Who Goes There: Authentication Through the Lens of Privacy (2003) Neave, Marcia, 'Indefeasibility of Title in the Canadian Context' (1976) 26(2) University of Toronto Law Journal 173 Newman, Graeme and McNally, Megan, 'Identity Theft Literature Review' (2005) New Zealand Law Society, Rules of Professional Conduct for Barristers and Solicitors (2004) <http://www.lawyers.org.nz/about/profcon.htm> at 19 January 2006 New Zealand Law Society, EDealing Guidelines (for Electronic Registration) (2007) <http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008 New Zealand Law Society, 'Electronic Property Transactions - Getting It Right' (2003) New Zealand Law Society, Private Individual Client Authority and Instruction for an Electronic Transaction (2008) < http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008 New Zealand Law Society, Public Corporate Client Authority and Instruction for an Electronic Transaction (2008) < http://www.lawyers.org.nz/memregissuesedealing.asp> at 8 April 2008 New Zealand Law Society, E-dealing Workflow Guidance for Solicitors: Prepared as a Joint Project Between NZLS and LINZ (2006) <http://www.lawyers.org.nz/PDFs/e-d-workflow-guidance-v3.pdf> at 11 May 2006 Ngugi, Joel M, 'Re-Examining the Role of Private Property in Market Democracies: Problematic Ideological Issues Raised By Land Registration' (2004) 25 Michigan Journal of International Law 467 O'Connor, Pamela, Security of Property Rights and Land Title Registration Systems (PhD Thesis, Monash University, 2003) Office of the Privacy Commissioner of Canada, Guidelines for Identification and Authentication (2006) <http://www.privcom.gc.ca/information/guide/auth_061013_e.asp> at 1 November 2006 Ontario Ministry of Government Services, Mcguinty Government Protects Homeowners From Real Estate Fraud (2006) <http://www.gov.on.ca/MGS/en/News/054411.html> at 13 October 2006 Organisation for Economic Co-operation and Development (OECD), 'OECD Guidelines for the Security of Information Systems and Networks: Towards a Culture of Security' (OECD, 2004) Orlowski, Steve, 'Electronic Authentication - More Than Just Digital Signatures' (2000) 16(1) Computer Law and Security Report 28 Osty, Michael and Pulcanio, Michael, 'The Liabiilty of Certification Authorities to Relying Third Parties' (1999) 17 Marshall Journal of Computer and Information Law 961
324
Palmer, David, 'Security, Risk and Registration' (1998) 15 Land Use Policy 83 Payne, Geoffrey (ed), Land, Rights and Innovations (2002) Palomar, Joyce, 'Contributions Legal Scholars can Make to Development Economics: Examples from China' (2004) 45(3) William and Mary Law Review 1011 Palomar, Joyce, 'Land Tenure Security as a Market Stimulator in China' (2002) 12(1) Duke Journal of Comparative and International Law 7 Parliamentary Joint Committee on the Australian Crime Commission, 'Cybercrime' (Parliament of the Commonwealth of Australia, 2004) Perry, Raymond, 'Ready for Action?' (2003) 147(12) Solicitors Journal 336 Perry, Raymond, 'A Ticking Time Bomb?' (2003) New Law Journal 153 Perry, Raymond, 'E-Conveyancing-Problems Ahead?' (2003) 67 The Conveyancer and Property Lawyer 215 Perry, Andrew, 'Building the Home Page' (2005) (262) Lawyers Weekly 16 Pinkas, Benny and Sander, Tomas, 'Securing Passwords Against Dictionary Attacks' (Paper presented at the Proceedings of the 19th ACM Conference on Computer and Communications Security, Washington, 2002) Place, Frank and Migot-Adholla, S.E, 'The Economic Effects of Land Registration on Smallholder Farms in Kenya: Evidence from Nyeri and Kakamega Districts' (1998) 74(3) Land Economics 360 Pontell, Harry, 'Pleased to Meet You...Won't You Guess My Name?: Internet Fraud, Cyber-Crime, and White-Collar Delinquency'' (2002) 23 Adelaide Law Review 305 PORTAS, Portas Administration Self Service (PASS) Guide <https://www.portaspass.ca/pdfHelp/help.pdf> at 20 April 2006 PricewaterhouseCoopers, 'Serious Fraud in Australia and New Zealand' (Australian Institute of Criminology, 2003) Proctor, Paul, The Secured Enterprise (2002) Professionals, Canadian Association of Accredited Mortgage, Consumer Information on Real Estate Fraud (2008) <http://www.caamp.org/fraud_intro.htm> at 16 April 2008 Queensland Government Treasury, 'Cost-effective Internal Control Guidelines: Underpinning Agency Performance' (Queensland Treasury, 2002) Real Estate Council of Alberta, Initiatives to Reduce Mortgage Fraud in Alberta (2005) <http://www.reca.ca/consumer_information/pdfs/RECA_Initiatives.pdf> at 4 September 2006 Riem, Anthony, 'The Weakest Links' (2006) 16(2) Intersec 36
325
Rodrick, Sharon, 'Forgeries, False Attestations and Impostors: Torrens System Mortgages and the Fraud Exception to Indefeasibility' (2002) 7(1) Deakin Law Review 97 Ruoff, Theodore, An Englishman Looks at the Torrens System (1957) Sakurai, Yuka and Smith, Russell, 'Identifying and Responding to Risks of Serious Fraud in Australia and New Zealand' (Australian Institute of Criminology, 2003) Schneier, Bruce, Secrets and Lies : Digital Security in a Networked World (2004) Schellekens, M.H.M, Electronic Signatures: Authentication Technology from a Legal Perspective (2004) Siebrasse, Norman, 'Report on Land Title Practices and Fraud' (Canada Mortgage and Housing Corporation, 2003) Simpson, S Rowton, Land Law and Registration Book 1 (1976) Singh, Kamaljit, 'On Improvements to Password Security' (1985) 19(1) AGM SIGOPS Operating Systems Review 53 Smith, Luke, 'Public Key Infrastructures: Debunking the Myths' (2001) 3(9) Internet Law Bulletin 120 Smith, Richard, Authentication: From Passwords to Public Keys (2002) Smith, Russell and Graycar, Adam, 'Identifying and Responding to Corporate Fraud in the 21st Century' (Paper presented at the Australian Institute of Management, Sydney, 2003) Smith, Russell, 'Identity-Related Crime: Risks and Countermeasures' (Australian Institute of Criminology, 1999) Smith, Russell, 'Examining the Legislative and Regulatory Controls on Identity Fraud in Australia' (Paper presented at the Marcus Evans Conferences, Corporate Fraud Strategy: Assessing the Emergence of Identity Fraud, Sydney, Australia, 2002) Smith, Russell, 'Best Practice in Fraud Prevention' (Australian Institute of Criminology, 1998) Smith, Russell G, 'Addressing Identity-Related Fraud' (Paper presented at the Cards Australasia 2003, Melbourne, 2003) Smith, Russell G, 'Biometric Solutions to Identity-Related Crime: Evidence Versus Policy' (Paper presented at the Delivering crime prevention: Making the evidence work, Sydney, 2005) Smith, Russell G, 'Defining, Measuring, and Reporting Fraud Risk Within Your Organisation' (Paper presented at the IIR Conference, Applying Risk Management to Implement a Proactive Fraud Prevention Strategy in Financial Services, Sydney, 2001)
326
Smith, Russell and Graycar, Adam, 'Identifying and Responding to Corporate Fraud in the 21st Century' (Paper presented at the Australian Institute of Management, Sydney, 2003) Solly, Jane, 'Fraud and the Mortgagee - How a Registered Mortgage Can Be Undone' (2000) 14(8) Australian Property Law Bulletin 77 Spencer, Beverly, 'E-Registration' (2001) 25(5) Canadian Lawyer 17 Spry, Fiona, 'Indefeasibility of Title and the Fraud Exception: Bank of South Australia Ltd v Ferguson' (1998) 18(6) Queensland Lawyer 193 Srivastava, Aashish, 'Is Internet Security a Major Issue With Respect to the Slow Acceptance Rate of Digital Signatures?' (2005) 21(5) Computer Law and Security Report 392 Stanfield, J David, 'Insecurity of Land Tenure in Nicaragua' (Research Paper 120, Land Tenure Center, University of Wisconsin-Madison, 1995) Stein, Robert, 'The "Principles, Aims and Hopes" of Title by Registration' (1983) 9(2) Adelaide Law Review 267 Stein, Robert and Stone, Margaret, Torrens Title (1991) Stein, Robert, 'Sir Robert Richard Torrens, 1814-1884: Select Documents. Transcribed and With an Introduction by Robert Stein' (1984) 23(1) South Australiana 2 Sullins, Lauren, '"Phishing" for a Solution: Domestic and International Approaches to Decreasing Online Identity Theft' (2006) 20 Emory International Law Review 397 Surdo, Anthony Lo, 'Fraud - In What Circumstances Will it Render a Mortgage Void?' (1998) 14(4) Australian Banking & Finance Law Bulletin 56 Taylor, Warrington, 'Scotching Frazer v Walker' (1970) 44 Australian Law Journal 248 Teranet, Securing Your Information <http://www.teraview.ca/ereg/security_brochure.html> at 5 June 2007. Teranet Inc, Acknowledgment and Direction <http://www.teraview.ca/resupgrades/downloads/ADR.pdf> at 26 April 2006 Teranet Inc, Electronic Registration Rollout Schedule <http://www.teraview.ca/ereg/ereg_rollout_schedule.html> at 18 April 2006 Teranet Inc, PASS (PortasTM Administrative Self-Service): Automated Security Key Activation Recovery Service <http://www.teraview.ca/mediaCentre/portasPass.html> at 20 April 2006 Teranet Inc, Personal Security Package <http://www.teraview.ca/ereg/ereg_PSP.html> at 20 April 2006 Teranet Inc, Securing Your Information <http://www.teraview.ca/ereg/security_brochure.html> at 20 April 2006
327
Teranet Inc, Teranet Authorized Group Services Form 200 (2006) <http://www.teraview.ca/purchase/downloads/Form200.pdf> at 19 April 2006 Teranet Inc, Teraview Reference Guide 5.3.3 (2007) <http://www.teraview.ca/resupgrades/ru_manuals.html> at 28 April 2008 Teranet Inc, Teraview Authorized Services Application and Payment Form (Form 100) (2006) <http://www.teraview.ca/purchase/downloads/Form100.pdf> at 19 April 2006 Teraview Inc., Who is Teranet? <http://www.teraview.ca/whois.html> at 4 June 2007. Teranet Inc, Purchase Teraview Software <http://www.teraview.ca/purchase/purchase.html> at 7 December 2006 Teranet Inc, Teranet White Paper Series: Security (2005) <http://www.teranet.ca/corporate/publications/teranet-security.pdf> at 17 May 2006 The Audit Office of New South Wales, Fraud Control: Developing an Effective Strategy (1994) <http://www.audit.nsw.gov.au/publications/better_practice/1994/fraud_vol1/fraud_control_vol_1.pdf> at 1 February 2007 Toomey, Elizabeth, 'Certainty of Title in the Torrens System: Shifting Sands' (2000) 4 Flinders Journal of Law Reform 235 Toomey, Elizabeth, 'Fraud and Forgery in the 1990's: Can Our Adherence to Frazer v Walker Survive the Strain?' (1994) 5(3) Canterbury Law Review 424 Torstensson, Johan, 'Property Rights and Economic Growth - An Empirical Study' (1994) 47 Kyklos 231 Towle, Holly K, 'Identity Theft: Myths, Methods and New Law' (2004) 30 Rutgers Computer and Technology Law Journal 237 United Kingdom Cabinet Office, 'Identity fraud: A study' (Cabinet Office, 2002) Verisign, Gatekeeper Digital Certificates Overview <http://www.verisign.com.au/gatekeeper/overview.shtml> at 5 June 2007 Verisign, Individual (Type 1) Digital Certificate <http://www.verisign.com.au/gatekeeper/individual.shtml> at 5 June 2007. Verisign, Identification Requirements <http://www.verisign.com.au/gatekeeper/validation.shtml> at 5 June 2007 for identification requirements. Verisign, ABN-DSC Digital Certificate <http://www.verisign.com.au/gatekeeper/abndsc-info.shtml> at 5 June 2007. Walsh, Jeremy, 'Fraud and Personal Equities Under the Queensland Torrens System' (1992) 4(2) Bond Law Review 228
328
Weir, Michael, ‘Indefeasibility: Queensland style’ (2007) 15(1) Australian Property Law Journal 79 Whalan, Douglas, 'Electronic Computer Technology and the Torrens System' (1967) 40 Australian Law Journal 413 Whalan, Douglas, The Torrens System in Australia (1982) White, Robert, 'The Elements of a Torrens Title' (1973) 11 Alberta Law Review 392 Whitman, Dale, 'The Robert Kratovil Memorial Seminar in Real Estate Law: Digital Recording of Real Estate Conveyances' (1999) 32 John Marshall Law Review 227 Winn, Jane, 'The Emperor's New Clothes: The Shocking Truth About Digital Signatures and Internet Commerce' (2001) 37 Idaho Law Review 353 Woodman, Roy, 'The Torrens System in New South Wales: One Hundred Years of Indefeasibility of Title' (1970) 44 Australian Law Journal 96 Winn, Jane, 'The Emperor's New Clothes: The Shocking Truth About Digital Signatures and Internet Commerce' (2001) 37 Idaho Law Review 353 Wright, David, 'Forgery and the Real Property Act 1886 (SA)' (1994) 16 Adelaide Law Review 227 Yates, Ian, 'Authenticating Yourself in the Virtual World: Digital Signatures' (2004) 42(7) Law Society Journal 20 Ziff, Bruce, Principles of Property Law (2nd ed, 1996) Cases Arcadi v Whittem (1992) 59 SASR 515 Arcadi v Whittem; Whittem v Arcadi, Nield and Mortimer (Unreported, Supreme Court of South Australia, 12 April 1991) Australian Guarantee Corporation v De Jager [1984] VR 483 Breskvar v Wall (1971) 126 CLR 376 Beatty v Australia and New Zealand Banking Group Ltd [1995] 2 VR 301. Behn v Registrar-General [1979] 2 NSWLR 496 Challenger Managed Investments Ltd and Anor v Direct Money Corporation Pty Ltd and Others (2003) 59 NSWLR 452 Damdounis v Recorder of Titles for the State of Tasmania; Damdounis v Hatzis (2002) 11 Tas R 185 Daniell v Paradiso (1991) 55 SASR 359 Fairless v Official Trustee in Bankruptcy; Australia & New Zealand Banking Group v Doran (Unreported, Supreme Court of Victoria, 20 June 1994)
329
Fels v Knowles (1906) 26 NZLR 604 Frazer v Walker [1967] 1 AC 569 Gibbs v Messer [1891] AC 248 Grgic v ANZ Banking Group Ltd (1994) 33 NSWLR 202 Household Realty Corporation Limited v Liu (2005) Court of Appeal for Ontario C41837 and C41838 Igarashi v APC International Pty Ltd [1996] 1 Qd R 26 Macquarie Bank Ltd v Sixty-Fourth Throne Pty Ltd [1998] 3 VR 133 National Australia Bank Ltd v Maher & Anor [1995] 1 VR 318 National Australia Bank Ltd v Maher (No 2) [1999] 3 VR 589 Northside Development Pty Ltd v Registrar General (1987) 11 ACLR 513 Northside Developments Pty Ltd v Registrar General and Others (1990) 170 CLR 146 Pyramid Building Society (in liq) v Scorpion Hotels Pty Ltd [1998] 1 VR 188 Pyramid Building Society (in liq) v Scorpion Hotels Pty Ltd (1996) 20 ACSR 214 Public Trustee v Paradiso & Anor (1995) 64 SASR 387 R v Belias (Unreported, Supreme Court of Victoria Court of Criminal Appeal, Crockett, Southwell and McDonald JJ, 15 December 1994) Rabi v Rosu (2006) CanLII 36623 (Ontario Supreme Court of Justice) Ratcliffe v Watters (1969) 89 WN (Pt 1) (NSW) 497 Registrar-General v Behn (1981) 35 ALR 633 Registrar of Titles v Fairless [1997] 1 VR 404 Fairless v Official Trustee in Bankruptcy; Australia & New Zealand Banking Group v Doran (Unreported, Supreme Court of Victoria, 20 June 1994) Registrar of Titles of the State of Western Australia v Franzon & Others (1975) 132 CLR 611 Robinson v Registrar-General (1982) BPR 9634 Russo v Bendigo Bank Ltd [1999] 3 VR 376 Sansom v Westpac Banking Corporation (1996) Aust Torts Reports 81-383 Schultz v Corwill Properties Pty Ltd (1969) 90 WN (Pt 1) (NSW) 529
330
Yaktine v Perpetual Trustees Victoria Ltd [2004] NSWSC 1078 Young v Hoger [2001] QSC 453 Young v Hoger [2000] QSC 455 Vassos & Anor v State Bank of South Australia & Anor [1993] 2 VR 316. Westpac Banking Corporation v Sansom & Anor (Unreported, Supreme Court of New South Wales, 22 November 1994) Legislation Australia Corporations Act 2001 (Cth)
Real Property Act 1900 (NSW)
Transfer of Land Act 1958 (Vic)
Land Title Act 1994 (Qld)
Real Property Act 1886 (SA)
Transfer of Land Act 1893 (WA)
Land Titles Act 1980 (Tas)
Land Title Act 2000 (NT)
Land Titles Act 1925 (ACT)
Explanatory Memorandum, Natural Resources and Other Legislation Amendment
Bill 2005 (Qld)
International Land Transfer Act 1952 (NZ)
Land Transfer (Computer Registers and Electronic Lodgement) Amendment Act
2002 (NZ)
Land Title Act 1996 (RSBC)
Land Titles Amendment Act 1979 (Ont)