Future-Proofing White-Collar Crime Defenses
How GCs Can Protect Their Organizations in the Face of Emerging Technology
November 01, 2023
The general counsel (“GC”) is no stranger to the problem of white-collar crime. The stakes have risen as rapidly evolving technology such as artificial intelligence (“AI”), digital assets and the virtual world have introduced new methods of committing corporate crime and now complicate the ability to mitigate emerging areas of risk effectively.
As technological progress accelerates, it is increasingly important to not only fight white-collar crime where it emerges but to anticipate where and how new crimes might emerge. This article covers several imminent examples of how cutting-edge technology provides bad actors with new avenues to commit classic crimes — and how the GC and their organizations can tackle them.
What’s Old is New Again
Emerging technology has introduced innovative tools for both legitimate business operations and white-collar crime. But these crimes, at their core, are not unprecedented.
AI usage has surged in every sector — it can automate processes, identify patterns, return predictions and, most recently, generate complex text and images based on user prompts. While businesses are looking to take advantage of these capabilities, including in the fight against white-collar crime, criminals are, too.
As more businesses implement AI solutions, criminals may exploit digital vulnerabilities to manipulate data or compromise an organization’s security. By using generative AI to mimic the tone of legitimate business communications, scammers can attempt to gain access to company servers and sensitive information, often through phishing links, which can lead to financial theft or exploitation. Digital scams are nothing new, but AI makes them easier to commit and more difficult to identify, so organizations must prepare accordingly.
When the exchange of money is involved, the risk increases. The growing number of digital assets, such as cryptocurrency and non-fungible tokens (“NFTs”), may present one of the largest threats of white-collar crime in the emerging technology space. The U.S. Department of Justice’s (“DOJ”) acknowledgment of crypto misuse as an “evolution of corporate crime” led to the creation of the National Cryptocurrency Enforcement Team, which recovered more than USD5 billion in lost or stolen funds in 2022 and has prosecuted dozens of crypto criminals. Crypto crimes have made headlines for years, from market manipulation to crypto exchange hacks to recovery scams. Large amounts of money are at risk, such as in the August 2023 DOJ court filing against Tornado Cash, a “cryptomixer” – an advanced form of money laundering that uses digital assets to disguise the illicit origins of funds – that allegedly laundered more than $1 billion in criminal proceeds.
Despite the risks, many companies are open to utilizing digital assets. Ninety-four percent of leaders surveyed by FTI Consulting in the 2022 Digital Insights & Risk Management Study said their organizations are considering digital asset solutions, although nearly half admitted to believing that blockchain and digital assets regularly facilitate illegal activity. The good news is that crypto is not untraceable, but the complexity of digital assets and the extent of potential damage from misuse underscore the need for proper risk management and due diligence strategies.
The metaverse, digital twins and immersive virtual environments have also exploded in interest. The virtual world has been hailed as a tool for customer acquisition and engagement, but it also harbors ample white-collar crime risks, like investment schemes that eventually turn out to be fraudulent or scams involving digital assets that users buy with real money. Both consumers and merchants are at risk from virtual spaces with access to user data, like poorly secured gaming accounts and unprotected virtual reality devices. This technology provides criminals with yet another avenue for committing familiar crimes like hacking and fraud, leading to privacy breaches and identity or financial theft. In the metaverse, white-collar crimes can challenge an organization’s ability to safeguard customers, assets and information, and diligence will be essential as business moves into the virtual world.
The nature of white-collar crime has not changed, but the methods employed by corporate criminals have certainly evolved. New threats appear as quickly as technology advances, and it can be challenging to predict what risks the next innovation will bring. By developing a strategy to anticipate and combat white-collar crime as it emerges, GCs can future-proof their organizations to take a proactive and technology-resilient approach to combatting white-collar crime.
Understand emerging technology. The GC must distinguish technology, which is constantly progressing, from the related risks. Emerging technology can be identified by observing trends in innovation and should be assessed for corporate crime risk. By understanding how technology can be manipulated for white-collar crime, the GC can prepare a strategy before their organization is threatened.
Identify changes in the market that create new opportunities for risk. Agility is key to adapting in fast-paced environments, especially when striving to innovate and keep up with competition. Performing proper due diligence will help ensure adequate precautions are in place in advance of a problem. When potential customers use emerging technology, the GC should be involved as early as possible. The GC should brief leadership on what technology is entering the market, how it will impact an organization’s industry and what defenses to consider in order to safely compete.
Know how technology is used within an organization. As previously discussed, third-party technology has provided new tools and opportunities for digital transformation in business. It also introduces new risks. The GC must prepare for potential threats by understanding how new technology is implemented within their organization. Even if an organization isn’t utilizing new technology, its business partners might — don’t underestimate the risk that can arise from vendors, suppliers or any third party involved with business operations. Detect potential threats by identifying high-risk customers, especially in banking and real estate, and developing robust Know Your Customer (“KYC”) standards.
Consider the risks an organization is exposed to during M&A. Companies engaging in M&A should be aware of emerging white-collar crime risks in addition to typical due diligence. The DOJ is encouraging voluntary self-disclosure through a safe harbor policy, which incentivizes acquiring companies to report misconduct uncovered during pre- or post-acquisition M&A due diligence.
Businesses and their leaders need to be continually vigilant and innovative when anticipating and dealing with the risks that new technologies present. As in-house risk mitigators, GCs should understand how new technology can be exploited by criminals and develop a strategy to prevent and respond to these threats. Organizations should also prepare for emerging areas of regulatory scrutiny, especially as the DOJ has expressed eagerness to tackle white-collar crime.
Emerging technology is not slowing down and will only continue to bring new risks. Future-proofing should not be a consideration but rather a necessity for the long-term viability of an organization.