You Can Teach an Old Enforcement Model New Tricks


OSC’s Director of Enforcement Gives 3 Pieces of Advice to Fraud Examiners

Jeff Kehoe began his address at the ACFE Fraud Conference Canada in Toronto yesterday by discussing context. “Context is important today,” explained Kehoe, the Ontario Securities Commission’s director of enforcement. “It is one of embracing change.” Along with a message about transforming an old, traditional model of enforcement, Kehoe shared the Canadian regulator’s recent enforcement mandate and their mission to send a strong message about enforcement.

Kehoe said they began their transformation by reflecting on why mandates exist and what useful role they play. “We exist because investors must be confident that those who violate rules will be investigated and will be sanctioned,” Kehoe said. “We wanted to send a strong message about deterrence, as well as use proven techniques, efficient partnerships and new ways of doing and thinking.”

Kehoe then outlined three key pieces of advice — suggestions that read like life lessons — that the commission has taken on to enable them to “embrace and confront new realities”:

  1. Always bring the right tool to fix the problem. Kehoe discussed the history of the enforcement model that began with assessing a complaint. “If it looked like it had merit, we would assign it to someone, start the investigation with a request for documents, then the hunt would begin. Investigations would take months and years. Sometimes matters got concluded years after the event occurred. This did not protect investors … Our efforts were seen as weak due to the limits of our sanction tools. This led to new thinking about how we were going to move forward.” Kehoe said they soon realized that a one-size-fits-all approach was not viable or effective, and that “different types of misconduct required different tools.” They moved from the older, traditional model to an innovative model complete with a new whistleblower program that offers whistleblower rewards and protection, a dedicated team tailored to tackle white-collar crime and a proactive approach to preventing binary options fraud — a scam that touches multiple countries and has cost upwards of $10 billion. “Regulators had to abandon traditional technology. We joined together and reached out to Google to remove fraudulent apps. We went to credit card companies and told them who was stealing, and the credit card companies denied these transactions. We were successful. There were no reports and no prosecutions, but binary options [fraud] is a dying scam.”
  2. Don’t bring a pencil to a data fight. Kehoe emphasized the importance of using the right tools to handle the vast amount of data regulators examine and comb through daily. “The future will rely more and more on data scientists and data analysts,” Kehoe said. “A lot of fraudsters are early adopters of advanced technology tools. The only way to track them is to match them.” Kehoe also mentioned the importance of not just hiring data analysts, but encouraging a working relationship between the data scientist and the investigator.
  3. As investigators, make certain to look up because you might end up investigating the wrong thing. Kehoe told the room full of anti-fraud professionals to take the time to stop what they are doing and look up at the evolving world around them. “Not so long ago it was real simple; we investigated stock manipulations,” he said. “But now we have high frequency trading and robo advisors. You can’t interview a robo advisor. We now think about cryptocurrencies. Anyone here investigating cryptocurrencies? Well, five years from now, you will deal with it on a weekly basis.”

Kehoe ended with a sobering statistic that reminds us all of the vulnerabilities awaiting in our future. “By 2025, one in six companies could be hacked, and by 2030 one in two could be hacked,” he said. “Financial technology will change everything. How do we investigate these companies? When we look up from our traditional investigations, what will we find?”