Specializing in financial investigations as we do, I am always fascinated when new financial frauds come to light, and I always want to know how the person got caught.

In the case of the recent Yale School of Medicine fraud in which an administrator took more than $40 million in fake computer purchases (desbribed in The Washington Post) the end came down to an anonymous tip.

It should not have required a tip to catch this one. It needed someone who can do percentages. To do that going into an investigation, you need to make sure you know what sizes and distances you are talking about.

A percentage is the answer to the question, “Compared to what?” Is a million computers sold in a year a lot? We all intuitively know that a million computers sold in one year in China is a drop in the ocean among a billion people, but a million computers sold in Plattsburgh, New York in one year sounds far-fetched. [I thought Plattsburgh had maybe 50,000 people in it. The real answer is 19,500 – and a million units is nuts with either figure.]


The Yale Facts

Jamie Petrone-Codrington was an administrator at the Yale School of Medicine’s Department of Emergency Medicine. She bought equipment on behalf of the department, some of which would be extremely expensive. But she didn’t need higher approval to buy any lot of goods under $10,000. Since one X-ray machine or MRI costs a lot more than $10,000, she decided to fake purchases of things that cost less than that – computers.

According to the criminal complaint and plea agreement, Petrone bought some $30 million worth of goods for the medical school between 2018 and this year. Since January 2021, she bought 8,000 iPads and Surface Pro tablets for use by the department. She broke up all the purchases into lots of less than $10,000. Her fraudulent purchases (at least the ones she’s paying back) started in 2013 with a mere $82,825, but like most fraudsters she started taking increasingly as the years went by and she didn’t get caught.

[“But she’s been here for years!” is what co-workers often say when they learn that a colleague has been robbing the company under their noses for many years. That’s because it takes years to make sure the systems are so lax that you can start taking really big money.]

Petrone pleaded guilty to two counts of wire fraud and filing a false tax return. In addition to prison time, she agreed to make restitution of some $47 million.

The fraud was basic. Petrone would buy these thousands of unneeded computers for the medical school, and then would have them shipped to a company she controlled. The company would then sell the equipment on and she would keep the money.


The Crazy Percentage Nobody Noticed

While it’s true that Petrone broke up her thousands of computers into lots of $10,000 or less, at the end a certain period her department still had those thousands of machines on its books.

This made no sense. Just as a million computers for Plattsburgh is nonsense, so is the idea that this department needed 8,000 computers in a year.

If you work at the medical school as Petrone’s supervisors would, you know that for the 476 students enrolled there you have more than 11,000 faculty and staff. Is it remotely reasonable to be buying 8,000 computers a year? These things last 3-5 years, so maybe if you hadn’t bought any computers in years you might buy 8,000 for the entire medical school.  But Petrone was only buying for one department. The 8,000 number is bonkers.


All Size is Relative

I have seen suspect purchasing before, and there too it all turned on the size of the place being bought for.

We were hired by one of two warring unions, asked to examine the rival union’s LM-2 financial returns filed with the Department of Labor.

The first thing we did was to find out how big our target local was. How many members did they have? How big was their office and how many people worked there?

We then started looking at the financials and noticed something odd: For a really small local, they bought an awful lot of office furniture. Either they were buying for phantom members who didn’t work there, or they were buying top-of-the-line office furniture that had no place in a union local representing hard-working people doing dangerous work for less than what your average plumber charges.

It all turned on percentages: this many dollars compared to this many people.

A good investigator fills in the blanks. Not just the dollars on the page, but the number of people the dollars service.

Raw numbers mean nothing without context.

I’ve done a lot of interviews about people over the years, but you can always get better.

A fascinating conversation last week with an angel investor about what he looks for in a candidate to run a new company gave me a question I will always ask from now on, but not just about people running startups.

The word for this investor is coachability and it’s a big thing when you have a person running a company for the first time. The idea for more experienced managers might be expressed as open-mindedness, but it all comes from the same place: Can a person in charge admit he doesn’t know everything, and then work to get up to speed on that weak area?

First some definitions: Angel investment is the first-stage investment in a company, also known as seed capital. Often it’s family and friends that get the entrepreneur started – funding the equipment or employees working out of a garage, a WeWork space or, as was the case with Dell, Microsoft and Facebook, a dorm room.

All the rounds of fundraising after the angel stage, including when venture capital and private equity usually get involved, are explained at Crowdcrux. In the end, while some companies remain private, the usual goal is an initial public offering (“IPO”) when you sell shares to the public.

The angel investor I talked to said that ten percent of all of his investments provided his entire return over the past few years. In other words, nine out of ten are losers, but the others make him a lot of money. A typical angel investor would put in anywhere from $5,000 to $50,000, sometimes alone and sometimes in a pool of investors. Many then set aside two or three times that amount for the next round of funding. If they don’t, their initial stake gets diluted if the company moves forward toward profitability.

What is Coachability?

The exchange that provided me with my new great question about a CEO went this way:

Q: What do you look for most of all in someone who is going to run a company you’ll invest in?

A: The track record of running other companies. If they’ve done well with three or four companies before this one, we’re comfortable.

Q: What if there isn’t much of a track record, or no track record of being a CEO at all?

A: Coachability.

He explained that this means, “How open is the person to learning? Do they know what they don’t know?”

It struck me that coachability is a virtue many of us could stand to improve a little bit. There’s taking direction, but then there’s the ability to recognize that even though you think you know a lot about real estate, marketing or whatever it is, there is always something more to learn.

That may not mean just delegating. If you say, “I know semiconductors but I just don’t understand real estate” and hire someone to take care of the real estate end of the business, (warehouse, office and retail space), how will you know if that real estate person is doing  a good job?

As we’ve written before, including in Google is Not a Substitute for Thinking most of what you know about yourself is not available through a Google search, and that goes for everyone you are trying to evaluate before investing money. The qualities of a manager or entrepreneur won’t be a matter of public record. You will need to talk to people who have interacted with them.

The Value Proposition for Due Diligence

No service is free for long if it provides a great benefit. Either you pay for it, or someone is donating their time and money to bring the service to you or someone who can’t afford it.

If you can afford to put down $10,000 on a high risk investment, spending $1,800 to $2,400 on due diligence is a high fee, especially if you make ten such investments a year. On the other hand, many angel investors pool their money. Now you are talking about, for instance, eight investors each with $20,000, but they will be sharing that $2,000 check on an executive. A one percent charge

It makes sense for many angel investors, and at later rounds of investment, the $2,000 cost just keeps dropping as a percentage of the money at stake. Before a Series A investment of $8 million, don’t you want to know more than whether or not someone has been convicted of a crime? Good due diligence gets you there.

Strange then that Ycombinator’s Series A due diligence checklist makes no mention of looking into the people running the whole enterprise.

One hopes that can change. TechCrunch wrote last year about a stampede out of a company appearing at a Ycombinator event after easily discoverable things about one of the principals was, finally, discovered: “… it’s net positive to vet your future partner, back the right startups…”

The more carefully you hire, the less you may need to hit the ejector button on the candidate who probably shouldn’t have been hired in the first place.


Want to know more about how we work? Our website has a wide range of publications and videos. You can also read my book, The Art of Fact Investigation which is available at bookstores online and for order from independent book sellers. And check out our other blog, The Divorce Asset Hunter.

Due diligence is about trying to look around corners. Not only do you look backward at a person’s history, but you also want to try to anticipate potential problems for the client if they hire Mr. X. or go into business in Country Y.

Country Y for the purposes of this blog today is Canada.

Things are moving quickly under Canada’s new emergency powers regime, yet there appears to have been little legal guidance published in the U.S. about the new world for banks in that country.

This is Know Your Customer on steroids, and it applies not only to banks but to payment service providers and fundraising platforms, which will now have to file suspicious transaction reports.

First a little background. Even after the three weeks of demonstrations against Canada’s Covid policy were cleared from around the country’s Parliament and from several border crossings, Canada’s government declared a Public Order Emergency, which suspends certain rights in the country (some forms of assembly, but also permits the freezing of financial accounts with a court order). You can see the sweeping rules in the Canada Gazette, published Feb. 15.

The law in Canada allows for the government to declare an emergency but then needs to have the emergency confirmed by Parliament. The House of Commons voted this week to confirm the emergency, though it is still being debated in the country’s appointed Senate, which rarely overturns a Commons vote.

In the meantime, the rules are sweeping and changing by the day. It would make sense for any U.S. financial institution operating in Canada to pay close attention. In addition, the rules cover accounts by certain people held anywhere, not just in Canada.

The rules prohibit banks from dealing with a “Designated Person… dealing in any property, wherever situated, that is owned, held or controlled, directly or indirectly, by a designated person or by a person acting on behalf of a designated person.”

We asked ourselves: If an American bank operating in Canada has a U.S. account for a lawyer who represents one of the demonstrators, does that lawyer get swept up in the rules that require an account freeze?

So far, it appears the answer is no, but who knows what next week will bring?

Last week the Justice Minister said donors to the demonstrations were subject to having their bank accounts frozen. “Trump supporters,” he said, “ought to be worried” about this. Then last night, an Assistant Deputy Minister of Finance told a House of Commons committee that the Royal Canadian Mounted Police were working with financial institutions to unfreeze such accounts. How many have been unfrozen? Who knows?

Still, banks are under a duty to “determine on a continuous basis whether they are in possession or control of property that is owned, held or controlled by or on behalf of a designated person.”  Canadian law firm Blakes writes that this means doing an information sweep at least once a week. Their commentary on the rules is here.

We are not experts in banking law in either the U.S. or Canada. But when,

  1. New sweeping rules are put into place and then (perhaps) reversed, we know enough to recommend proceeding with extreme caution.
  2. The rules say on their face that they apply to bank holdings the world over, that is something an institution would want to get a grip on right away.

After all, if more demonstrations break out this story could be back on the front pages of the world’s papers, from which it has now largely disappeared.

After years in business, one of my biggest marketing challenges is still explaining to potential clients why an investigator can’t just use a few mysterious databases and “deep Googling,” as one hopeful person described it, and produce an answer in an hour or two.

Someone’s well-hidden assets? The eight-month job in 1998 that ended badly and was conveniently less off the resume by expanding the dates of the jobs before and after? The ugly fallout with a business partner last year over a company you didn’t know about?

Those things take time to find. Following is a typical assignment and what each step costs:

Assignment: Background of new CEO of a tech company with sales of $2.5 billion a year. Client is considering a $3 million investment.

Databases: Some of these are pay as you go, and sometimes we use databases such as Lexis Nexis ($300 a month) and Bloomberg Law ($600 a month) that are fixed price. We allocate a portion of the monthly bill for the fixed ones to each case we do. In this case, total database costs are $140.

Courthouse Retrievers: The CEO has lived and worked in five counties around the U.S. since 1996. We want to check civil and criminal cases in which he was involved in all of these. Remember, not all litigation is online, and sometimes even the dockets (case summaries) are not online either.

In our current assignment, one county (Miami-Dade in Florida) has all the cases we need online. But three counties are in California, and we need to send someone to the three difference county courthouses to search and retrieve any records. The CEO has a moderately common name, so they will need some time to sort through all the records to make sure the case relates to our person. Finally, the CEO has a home in Montana. In that state, not only are cases not online, but the clerk has to do the computer search for you. That means two trips to the courthouse – one to drop off the search and one to pick up the records. This step could cost about $700 even if we find nothing. If we find cases, those run to $1.25 a page (at cost, but note that Bloomberg and Westlaw charge $2 a page if you get them to retrieve documents).

Say we find eighty pages of litigation, and say we want copies of his mortgages in California. Call that $150 in copy costs. That a retriever bill of $850 and a running total of $990.

In addition, we found three securities class actions on PACER, the website of the federal courts. Running total is now $1,030.

Our Work: On top of the time it takes for us to search the databases, find and manage the subcontractors who go to the courts across the country, we need to put in time. For instance, our man worked for years in the auto industry, a business that is intensively covered by the media (as opposed to vitally important companies that make braking systems of trucks or trains and get very little coverage). We needed to look through some eight hundred news articles mentioning his name. We had to fine-tune the search parameters to get the field down from 4,500 stories. That took time. In the end, we found an early story that revealed a job he left off his LinkedIn profile.

We spent some time looking for people who might have worked with him at that job – people we or our client could interview to find out why he lasted such a short time there. We also had to add the newly-found company to our searches for legal and regulatory issues. There was every possibility that the company got sued for something our man participated in, but got sued two years after our man left. That would be significant and reportable even if our man were not named in the litigation.

Also, our man had formed two limited liability companies over the years. What did they do? What did they own? It took some time to find out.

We also looked at the man’s social media and that of his wife and grown children. Some people say nasty things on social media or display themselves in a way that might call into question their fitness for the job. (One person we once examined commuted back and forth between the east and west coasts for many years, and interviews painted a picture of someone who was always halfway out the door to get to the airport and who drank too much).

We look at electoral contributions (they sometimes list place of work), whether he’s ever been to tax court, whether any of his data ever turned up on the Dark Web.


The Value Proposition

Even if we did all this in four hours (and that can be done with someone who is not that complicated and has a light litigation and corporate structure), you would be up to a bill of $2,390.

You are thinking of investing $3 million into this company. Even a $3,000 investigation taking one to two weeks that could alert you to a big problem constitutes one tenth of one percent of the investment. Doesn’t it make sense to look before you write that check?

If you think you would be able to do it yourself and save money, go right ahead. Subscribe to the databases, find the courthouse retrievers (and pay their copy markups), figure out the many techniques we have for reverse searches based on addresses, phone number and social media handles. Play around on the Secretary of State websites to turn up secret LLCs.

Chances are, someone who does this all the time will think of a few things you did not, which is only natural. This is all we do. In the same way an immigration lawyer would be foolish to  handle even a mildly complex bankruptcy matter, we recommend that experienced litigators and transactions lawyers let us help them with this kind of research.


Want to know more about how we work? Our website has a wide range of publications and videos. You can also read my book, The Art of Fact Investigation which is available at bookstores online and for order from independent book sellers. And check out our other blog, The Divorce Asset Hunter.

We were asked recently about the ethics and legality of Dark Web searches, increasingly part of many investigations. I realized we had never posted on this issue and it’s about time.

Since a lot of what we use from the Dark Web is stolen information, can we make use of it?

In short, the answer is yes as long as we have the right reasons.

Firstly, a few terms. The Dark Web is a subset of what’s known as the Deep Web. That’s everything on the internet that you can’t get to by using a search engine such as Google. Think not only about all the proceeds of crime on the dark web, but useful legal things including your credit card statement or your medical test results. You can’t get the results for such pages from Google because we don’t want just anyone looking at confidential banking, medical and other information that is on the internet but is private. The Deep Web is vastly larger than the Web you can get to with a search engine.

The Dark Web refers mostly (but not entirely) to illicit activity that includes human trafficking, drug dealing and all sorts of other criminal activity including the theft of personal data. In some authoritarian countries, political dissidents exchange information on the Dark Web that would get them arrested at home if they did so out in the open.

Is it Legal?

In many cases, handling Dark Web material is forbidden by law. If they find child pornography on your computer, you’re probably going to prison. But what about stolen information?

In January 2020, the U.S. seized a web domain weleakinfo.com, which provided “a search engine to review and obtain the personal information illegally obtained in over 10,000 data breaches containing over 12 billion indexed records,” according to the government release. These included names, email addresses, usernames, phone numbers, and passwords for online accounts. The seizure was part of an international operation that involved U.K., Dutch and German law enforcement.

You would think that any remaining such business in the U.S. would be rolled up, but that would be wrong. What’s the difference?

One obvious case is that it should always be OK to research your own information. Many people pay for Dark Web monitoring, so that someone with access to the Dark Web itself or databases derived from the Dark Web can let you know if any of your personal information has been hacked and publicized.

But what about looking at someone else’s information? You didn’t steal it, you didn’t pay anyone to steal it or tell them how to do it. You’re just getting access to something already published.

In the United States newspapers have had the right to publish stolen information since the famed Pentagon Papers case, New York Times v. U.S., 403 US 713 (1971). When newspapers publish private company information such as the Panama Papers they are publishing the fruits of stolen property. The decision of what to publish and what to withhold belongs to the publisher, not to the victim of the theft.[1]

If the authorities catch the party that engineered the theft, they go after that party. Chelsea Manning and now Julian Assange have been in trouble not for publishing but for stealing. But the publishers are legally in the clear. It’s explained in a helpful article by the Nieman Foundation. The big discussion among journalists is not whether it’s legal to publish certain material, but whether it’s ethical in some cases.

Since the United States does not license journalists, anyone can “publish” anything they want and be subject to the same First Amendment protections as well as limits (the First Amendment makes no exception for libel, for instance).

And yet, some websites get rolled up and others don’t, even though they operate in the open.

Justice Department Guidance

A month after they seized weleakinfo.com, the Justice Department issued a guidance memo in February 2020 called “Legal Considerations when Gathering Online Cyber Threat Intelligence and Purchasing Data from Illicit Sources.” You can get it here.

Remember, this is a group of prosecutors (not a court or a legislature) opining about what’s legal. The salient part of the guidance for our purposes:

… many of the federal criminal statutes associated with the type of stolen data that tends to be sold in Dark Markets—e.g., passwords, account numbers, and other personally identifiable information—only apply if there is intent to further another crime: for instance, an intent to use the information to defraud. For this reason, a purchaser of the stolen data who lacks a criminal motive is unlikely to face prosecution under those statutes.

So, if we are using the data we buy to find a witness in a case, to track down someone defaming our client, or just doing regular anti-fraud due diligence on a prospective borrower who wants $50 million of our client’s funds, we feel as if we are on solid ground.

But the DOJ cautions that when you buy someone else’s stolen data, it’s much more likely to “raise questions about the purchaser’s motives and result in scrutiny from law enforcement and the legitimate data owner, particularly if a trade secret is involved.”

So for anyone buying this data, you need to ask, “Why do you need it?”

Things We Will Do with Dark Web Data

We have used Dark Web data to try to figure out who is behind a website defaming one of our clients. In another case a client was being harassed and there was no way to know who had bought the throwaway (“burner”) phone making the calls.

In both cases, we went to the databases of information gathered from data breaches. We hoped to find numbers and email addresses that we could link to physical addresses in order to identify who was behind the suspect activity.

Sometimes, you can take a “handle” from an email address (say paulb3222) and see if that prefix is associated with any individuals. You then need to do more work to make sure the paulb3222 you are looking for is the same person as the guy in Australia who goes by paulb3222. Believe it or not, such handles are more common than you would think.

We think this kind of work is permissible and ethical because we are not engaged in fraudulent activity. Indeed, we are trying to stop what is allegedly criminal or tortious activity, and we are using data that has already been published.

Things We Will Not Do with Dark Web Data

Beyond the obvious – reselling illegal images, dealing in drugs, violating medical privacy – there are uses of the data we can find on the Dark Web that are illegal. If you find out what someone’s password used to be when their Target account was hacked and dumped on the Dark Web, it would be illegal to use that password to hack into other accounts they may have. And as the DOJ makes clear, you shouldn’t be in the business of stealing trade secrets.

Post-Breach Security Tips

If you want to find out if your email address was part of a data breach, you can do so for free at https://haveibeenpwned.com/ The site has no specifics beyond where the breach took place, but if you see your breach happened with Target, it would be a good idea to change your Target password — if you haven’t already — and to change all other passwords that are identical or very similar.

Our recommendation: get a password keeper that assigns a different, long, randomly generated password for every site you use. You only need to remember the one password for the password keeper. That way if there is a breach, they only have the one password they stole which won’t resemble any of your other ones.

[1]One caveat: All of the law referred to in this article is American law, and American law is probably the most permissive when it comes to what you can publish without worrying about state intervention.


Investigators get information in exchange for money, so why in the world would an investigator want to tell people how to get that information for free?

As I wrote last week on our companion blog, The Divorce Asset Hunter in an article called Giving it Away is Great for Business, it’s not a matter of ethics (the usual subject of this blog) but of good business practice.

A speech I gave last month generated tremendous response around the simple topic of five kinds of information you can often get for free and that your hired investigator will get in much the same way.

At The Divorce Asset Hunter, I explained why giving something away is good for business. People buy from people they like and especially in businesses such as ours, people they trust.

Here, I want to go into more detail about what I gave away.

The speech was about asset searches, but the sources we look at in an asset search are sources we use in pretty much any investigation about a person. They are:

Company information, real estate ownership, court records, liens and securities records.

Here (in brief) is what I told the audience:

  1. Company Information. People don’t hide assets just in their own names. They form companies to hold the assets. Even if they are not trying to hide anything, companies limit personal liability and are a standard business device across the western world. I walked them through a couple of Secretary of State websites to show how easy it is to get rudimentary information on private companies. I included the proper caveats, such as the varying amount of information the states offer, the fact that some make you pay a small fee, and some reveal close to no information much of the time (that’s you, Delaware). Still, to get a full picture of someone’s commercial activities, you can’t just look at the companies you know someone runs or works for. They could have a whole second life structured around companies or partnerships that have been secret.

The takeaway was that companies are arranged by state – not by city, county and not nationally as in England or France. A person in Sioux Falls, South Dakota a few miles from the Minnesota line may have companies in either state. Check both.

  1. Real estate ownership. The U.S. has more than 3,000 counties, and real estate ownership is recorded at the county level. The websites differ and some don’t give you much. But others can give you deeds, mortgages and more. Exceptions include a good bit of New England where towns record real estate, and in New York City there is a unified city department.

I told them to search widely, looking for the person as both grantor and grantee and searching for both company and individual names. Sometimes deeds aren’t online but ownership is via the website of the county’s tax assessor.

  1. Court records. Not all records are on line, but many are (especially in Florida). As with real estate these are almost always by county (in New England you may need to check county and town courts). As for federal court records, it’s usually much easier. Anyone can sign up for PACER, the federal court records site. It’s not free but it’s not expensive either. Nearly all federal courts take part in PACER, and while some records are not on line, the majority are (especially in newer cases). All bankruptcies are heard in federal court and are findable here.

The wonderful thing about court records is that they can be gold mine of information. You want to know about Mr. Garcia, and you see he got sued along with some company you never heard of. It turns out that by reading the court papers you find out that this is Mr. Garcia’s company. Now you take that company name search it for real estate (see step 2 above).

  1. Liens. We recently were trying to find out what assets someone had. We found a lien against them that had been satisfied, but the collateral listed included a couple of investment funds they may still have owned. That’s the only place on the public record you would see that kind of information. If they didn’t owe someone money, the ownership would be a matter of private contract only.

Securitized debt (debt that’s backed by a thing) is known as a UCC lien. Usually the state’s Secretary of State keeps track of these as it does of companies. Some states such as Florida and New York have free UCC records, but in Texas they will cost you a whole dollar each. UCC’s are like mortgages on anything that’s not real estate. But like mortgages, the first person to record an interest in something gets first crack at it.

  1. Securities records. If someone is senior enough, a public company will report on how much he gets paid and what stock options he was granted. Even better sometimes is that the company will report that the executive gets paid via a side company. You can then look that company up, see if it owns real estate and has been to court.

U.S. securities records are on a service called EDGAR, maintained by the Securities and Exchange Commission. There’s a free version of EDGAR. Note that this only covers public companies (listed on the stock market).

I like to do the widest possible search on EDGAR because there are a lot of different SEC form numbers. If you restrict your search you could miss something. But if you’re looking at someone with a common name, you may need to pick a form. The one that will reflect compensation in stock is Form 4.

Any investigator you hire should be doing all of the above. They will do a lot of other searches in addition, and also will make use of paid databases you won’t have. No matter.

Say you are doing an asset search on your spouse, prior to a divorce filing. The more research you can do yourself the better. It gives your investigator a basis on which to start and saves you money because investigators should not charge you to retrieve what you already have. Most importantly, it’s an easy way to monitor some of the key indicators that your joint financial affairs may be heading a direction you did not know about.

Wouldn’t it be nice to be able to find out:

  • Whether your spouse has set up a secret company to hold assets?
  • Whether a disgruntled former business partner may have sued your spouse?
  • What kind of money your spouse has borrowed against land or equipment?
  • What initial public offerings your spouse was subscribed to, and what stock awards and options may have been awarded?

In most cases you will still need to hire a professional, but now if a pro tells you that everything he looks for is on line, and you know perfectly well that mortgages in California are not online, you’ll know this is not the investigator for you.

I closed my speech with this: I could give a day-one investigator the password to all of my databases, plus put a huge pile of public record documents in front of them, and they would probably still fail to come up with all that I can. That’s because part of what you pay an investigator for is the ability to keep a number of competing theories in play at any one time, and to generate new inquiries based on what an initial sweep of records turns up.

Not to worry. More knowledge is nearly always preferable to less knowledge – certainly when it comes to finding money, deciding whether to invest or lend, or fighting for your financial life in litigation.

It’s one of the tried and true ways investigators have to explain their work. “Connecting the dots.”

What we usually mean is that in a sea of data, we can find the relevant material and put it in the right context by showing how it relates to other facts.

You sometimes end up with a compelling narrative in chronological order of someone’s life or business dealings, all plucked from billions of possible public records and interviews.

The problem is that in many dynamic investigations, people keep moving and doing different things. The dots are in motion.

A perfect illustration hit me last week when I looked at the painting above by Sophie Taeuber-Arp, a brilliant painter, sculptor and designer who died far too young in 1943. The painting from 1934 is called “Equilibrium,” but its equilibrium looks like it lasted for less than a second. If you look at the picture, the green ball on the right and the figure on top are not held up by anything. The rest of the figures look precarious.

Lots of investigations present a “snapshot” of what we find, but things are often about to change, as in this picture.

Ten years ago we wrote about the arrest of an employee of New York’s Catholic Archdiocese Background Checks for All. Anita Collins had been charged with embezzling funds from the church. After our article, she pleaded guilty to taking $1 million in 450 small payments to herself over many years. She was sentenced to as many as nine years in prison.

What made the case interesting for us is that Collins had been hired just before a new policy took effect, requiring background checks on all employees. A background check would have turned up previous problems she had with handling money.

Later on, when the church went back and required checks on employees there from before the policy’s start date, they required checks only for longtime people who dealt with children. Collins was exempt.

Where the dots are in motion in this kind of situation is simple: An employee could come aboard with minor responsibility and then work his way up to the point where he handles a lot of cash. But, his time with the company usually counts as some kind of quasi-investigation. [“But they’ve been with us for years!” is what bosses usually say when presented with evidence of employee theft.]  In reality, the more senior an employee, the more important a background check is, whatever the due diligence equilibrium used to be. People are always on the move, like the shapes in the painting. For really important employees, companies could consider periodic reviews to catch drunk driving, domestic violence, or financial stress taking place after hiring.

Other examples of connected dots in motion:

  • Databases have time lags and need to be checked repeatedly. We once needed evidence that a particular person was living in a particular apartment. When we started the case in February, nothing showed up for him. Then we looked again in April and there he was, having associated his cell phone with the apartment back in February. The time lag between recording the data and selling it to the database was two months. February’s “equilibrium” was different from April’s.
  • Social media, or course, is always being refreshed. If the case is active, keep monitoring it. People sometimes (carelessly) ask friends to call them on a cell phone you didn’t know about the month before. They give away vacation spots and the names of trusted friends. Very useful!
  • Asset searches. The minute the subject may think you are looking at his company, get ready for him to form a new company. If you discover a new company and ask him about it, the money may be on the move again. Sure, it could be a case of fraudulent transfer, but you still have to keep track of where the funds are going and when.

Taeuber-Arp’s picture is exciting to me the way investigations are: Things never stay the same for long.


If you enjoyed this article, you may also want to look at our other blog, The Divorce Asset Hunter (divorceassethunter.com).



I was puzzled this week at the reaction to a bomb of a story by the Wall Street Journal. The paper’s rightfully cautious lawyers allowed it to go to press and declare that 131 federal judges had broken the law by hearing cases in which they or their families had a direct financial interest.

Photo: Uwe Kils, Creative Commons

Even though a bunch of judges admitted they had acted incorrectly, other than a couple of reports by The Hill and Esquire.com, the reaction was zero.[1]

The story and its aftermath yielded a couple of interesting lessons.

  1. If a story can’t be politicized these days, it goes away fast. The judges named in the story came from across the political spectrum. Obama appointees, Bush (both of them) appointees, Clinton appointees, Trump appointees. They should have recused themselves but didn’t. No political points to be scored here.
  1. As an investigator, the story was a wonderful illustration of the idea that the world is packed with information that nobody either looks at or analyzes. This story scratches the surface of what lies ahead as artificial intelligence (AI) both increases the amount of data we can search, and the speed with which we can analyze it. Imagine being able to see not just the part of the iceberg above the water, but the whole thing – right away.


In this case, the paper relied on a non-profit called The Free Law Project which put together the stock ownership data for the judges. How did the Free Law Project get this information, which judges are required by law to submit? They asked for it. That’s it. Now it’s a public database on their website.

There is a lot of other wonderful information that is there for the asking. Freedom of information requests at the federal and state government levels have given us all kinds of material over the years as we investigate.

Did someone really serve in the military? What did a charity say its mission was when it was established? What kind of things did a company import and declare to U.S. Customs? We’ve found it all by asking for it.

All sorts of other great information is there for the taking. We once linked two people using state-level lobbying records freely available on the government’s website. If your database doesn’t look at lobbying records, that should be the database’s problem, not yours.


The brilliance of the Journal’s story wasn’t just the sea of data the Free Law Project gave them. It was the critical task of seeing what happens when you match one set of data with another. The second set, of course, was looking at cases all the judges had heard. When a party before the judge turned out to have been owned in part by the judge or the judge’s family (personally or in trust and known to the judge), that was where the law was broken.

One of the keys to a good investigation is how databases and other forms of information work together. I’ve written for years that we employ an “all windows open” approach. It’s no good running a search on Bloomberg and then checking it off your list as a source already consulted. If later in the investigation you find out in an interview or court record that your subject has a company you didn’t know about when the investigation started, you have to look at that company on Bloomberg again. [2] Think of it as having each information source in a separate open window on your computer. Don’t close all until the investigation is done.

It probably took the Journal a long time to do its analysis, but note that the story only handles cases between 2010 and 2018. Nearly three years of cases since then have been heard – thousands – and the “investigation” is far from complete.


On a very basic level, the Journal used AI to parse all the data. Once parties and stockholdings are fed into a database, a computer can spit out conflicts in a second. Human beings need to carefully review the findings, but doing the entire job by hand would have taken years.

AI helps in processing time, but it also is helping to create searchable data sets that were never searchable before. I discussed this at length in a law review article a few years ago, Legal Jobs in the Age of Artificial Intelligence. Imagine being able to search in seconds the transcripts of every podcast or YouTube video on the internet.

That time is coming. More data, more analysis, more human hours to make sense of it. This Wall Street Journal story is just a taste of the future.






[1] The Administrative Office of the U.S. Courts, which runs the federal judiciary, told journalists it was looking into the matter. Many cases may have to be retried. It’s a mess for the judiciary which will play out over weeks, months, years, probably.

[2] My book, The Art of Fact Investigation discusses this concept, and I’ve included it for years in my courses and lectures to lawyers around the country.

The longer you investigate people, the more bad behavior you will be able to talk about. But there is little I have encountered in my work that is more sickening than deed fraud – the subject of a recent case we had.

Philadelphia. Photo Credit: Creative Commons.

A form of identity theft that allows the crooks to take not just cash out of your bank account but your entire home, deed fraud is rampant and preys on the weak: A New York Grand Jury empaneled to investigate the issue said in 2018, “The victims of residential real estate fraud are largely from the most vulnerable segments of our society – the elderly, the financially disadvantaged, the medically infirm, the uneducated, and the unsophisticated.”

It turns your stomach. It’s been around a long time, but now in cities with rapidly gentrifying neighborhoods, crooks appear to be moving in on older people in greater numbers.

What I found in my case is that there are people who do it repeatedly, but seldom face criminal charges. If someone catches them at it and sues to get the property back, they just don’t show up in court and move on to scam someone else.

New York, Philadelphia and Miami have charged a few people in recent years, but based on what we saw in our investigation, it’s a tiny portion of the cases out there.

The New York City Sheriff got 2,000 complaints of deed fraud in the four years up to 2014, with a combined fair market value of $112 million for the properties concerned. Multiply that by 2, 3 or 4 and then multiply that figure by a number of other cities, and you’ve got theft in the billions.

An FBI report on elder fraud from its Internet Crime Complaint Center said identity theft of all types cost $39 billion in just 2020.

The Basic Pattern

Front men identify a property that appears run down or is behind on its property taxes. Often these are homes in gentrifying neighborhoods, occupied by people who may have paid under $100,000 for them decades ago and are sitting on big capital gains but can’t afford the upkeep.

The front men either make a bogus claim that they will buy the home and satisfy the mortgage (in order to induce the owner to leave so they can put in tenants) or more commonly, they will just forge a deed and sell it to an LLC that is either theirs or connected to the people running the scam.

The new bogus owner then borrows money from the company of an associate, maybe to renovate or demolish the place with an eye to flipping it. Sometimes, the mortgage gets assigned to a reputable bank. The crooks bet that they can move fast and flip the place before the rightful owner can get to court and have the sale reversed. People thrown out of their own homes have turned to living on the streets.

What Can Be Done

The main problem appears to be the use of unreliable or plainly criminal notaries. All transfers of real property need to be notarized, but if a notary is happy to have a dodgy ID card put in front of him before attesting that the actual owner of the house appeared before him, the sale will go through in most every case.

The New York Grand Jury and the National Notary Association recommend that other states adopt California’s longstanding requirement that the seller provide a thumbprint as well as a signature. That could help catch perpetrators more easily. In several cases we saw in our investigation (and in one famous case in Philadelphia), the fraudsters are ex-convicts whose prints would be on file with the police.

Another helpful suggestion is to delete the signature image from on-line records of property transactions, so that crooks can’t practice imitating the signature of the rightful owner.

Perhaps the best hope is a pilot project being evaluated in New York to put the property registry on blockchain. This could help because each rightful owner of a property would have a private key and only use of that key would allow the land registry to transfer the property. At least that would prevent forgers from pulling a property out from under the owner without ever contacting them.

In the meantime, the New York Sheriff has good tips for anyone to follow for themselves or on behalf of elderly relatives who can’t:

  • Check your property’s deed at the registry at least once a year. This is often on line depending on your county. Make sure the county has the right mailing address for you.
  • If your county offers it, sign up for notification in the event anyone files anything relating to your property with the county clerk.
  • Contact the government if you stop receiving tax bills.
  • If the property is vacant, drive by or hire someone to do so to make sure it isn’t occupied.
  • If you don’t have title insurance, look into it.

It won’t stop all of the thievery out there but it’s like having a second lock on your door or a home alarm system. Whatever makes it harder for the criminals to steal from you is a good thing.

Any litigator tasking interviews of potential witnesses needs to know about the no-contact rule (ABA Model Rule 4.2)[1], which forbids talking to represented people on the other side of a case. This also goes for most current employees of the other side —  certainly any employee senior enough to make critical decisions or who was involved in the matter under dispute.

Ordinarily, the interviewing of former employees of the company on the other side is OK, but there are lots detailed issues that come up before deciding an interview is permissible.

Does your investigator know what those issues are? Even if he knows, will he care or just proceed as he would have anyway? The difference is important, because interview material improperly gathered could be ruled inadmissible and you could be sanctioned. You may be able to talk to the former employees, but you’re not allowed to get privileged or confidential information out of them. Your investigator should know what those concepts mean.

The topic of permissible ex-employee interviewing came up recently when Honeywell talked to a former employee of a company called ICM Controls and then retained him as a consultant to Honeywell. ICM had sued Honeywell for patent infringement, and Honeywell wanted to interview the former employee Andrew Nguyen, co-inventor of the patent in question (the other inventor is the current ICM president).[2]

ICM alleged that Nguyen may have disclosed privileged or confidential information he obtained as a result of his employment.  Honeywell responded that Nguyen had not worked for ICM for more than 20 years and that ICM had never disclosed him as a person with information relevant to its claims, “much less privileged or confidential information.”

Honeywell relied on a New York case, Muriel Siebert v. Intuit, 8 N.Y. 3d 506 (2007), which recognized that contacting an opponent’s former employee (even those privy to confidential or privileged information) may be appropriate as long as counsel operates within certain boundaries and takes measures to avoid disclosure of privileged or confidential information.

Those measures are all-important, and are why for years our firm has gone into interviews with a template agreed to by our clients. This includes how we represent ourselves and makes certain that we first tell the person we are interviewing that we do not want them to give us any privileged or confidential information. We also ask them whether or not they are represented by a lawyer. If they are, we terminate the call.

We posted about our procedures in Trial Ethics: A Template Can Save Your Life and I’ve been talking about the issue for years and have given CLE courses all over the country to state bars and the ABA. If your investigator can’t pass the simple test of flagging problems in the case we wrote about or the Honeywell matter, find yourself an investigator who can.

In the Honeywell case, Honeywell’s lawyer first made sure that Nguyen wasn’t working with ICM and wasn’t privy to privileged information, the court said. Continuing to use Ngyuen as a consultant “would entail some risk of straying into arguably privileged information,” the court warned, but that is a highly unusual fact pattern for most interviews with former employees.

The Honeywell case was a closer call than most, but in the end it affirmed that with careful precautions in place, former employees of opposing parties may be interviewed if they are unrepresented.

As long as you know the rules and follow them.


[1] In representing a client, a lawyer shall not communicate about the subject of the representation with a person the lawyer knows to be represented by another lawyer in the matter, unless the lawyer has the consent of the other lawyer or is authorized to do so by law or a court order.

[2] ICM Controls Corp. v. Honeywell International, U.S. District Court, N.D.N.Y. 5:12-cv-01766.