With increasing frequency, unsuspecting importers are being victimized by unscrupulous persons who have discovered how easy it is to assume a legitimate importer or corporation's identity.
Just like its counterpart, individual identity theft, a case of corporate identity fraud can cripple an otherwise law-abiding company.
We are working with a client who recently had two Immigration and Customs Enforcement (ICE) agents show up unannounced at their east coast offices one sleepy morning. The news they brought turned their world upside down and they are still untangling the mess.
Somewhere along the way, the bad guys secured the company's Employer Identification Number (EIN) or Internal Revenue Service number. A malicious person in possession of this number can simply have a customs broker perform a bond query to obtain the other necessary information to make entry.
Armed only with the EIN number and a company's bond information, the bad guys can prepare a bogus Power of Attorney (POA) and retain a customs broker. It's basically that simple.
Once the above steps have been completed, the bad guys present the customs broker with a set of documents covering one or more consignments of counterfeit goods. If the bad guys pay the customs broker for their fees and the duties, this scheme could go unchecked for months.
In most cases that we are familiar with, however, the bad guys abscond with the goods following release, and they do not pay the broker or the duties. This of course limits the damage done, but is still very problematic for the importer. The default on the surety bond will need to be addressed and all of the bogus entries identified and reported to U.S. Customs and Border Protection (CBP).
CBP has recently been reminding customs brokers to be ever-vigilant in accepting POA's from new customers; however a broker's ability to verify the POA signatory and other corporate information represented therein is fairly limited.
Protecting Your Company From Identity Theft
So how can you best protect your company from identity theft? First and foremost, to the greatest extent possible, jealously guard and protect your corporate information.
Secondly, all companies should periodically review their entry data with CBP. You do so in one of two ways, by accessing the Automated Commercial Environment (ACE) or by making a Freedom of Information Act request (FOIA) for your company's Importer Trade Activity (ITRAC) data. At this particular point in time the ITRAC data is more robust.
The necessity of doing this is largely dictated by your volume, but at a minimum it should be done annually. In order to view your ACE data you will need to establish an ACE Portal account for your company with CBP; the process is free.
For more information on the ACE Portal, visit the CBP web page: Introduction to an ACE Secure Data Portal Account. To find out more about making a FOIA request for your ITRAC data, visit the CBP web page: FOIA Importer Trade Activity (ITRAC) Requests.
Some of the things you want to look for when reviewing this report are for activity in unusual ports of entry, unusual broker filer codes, or the importation of suspect commodities. Last but certainly not least, pay close attention to all CBP correspondence and communication, and all dates and deadlines imposed. If you receive a Request for Information (CF-28) or Notice of Action (CF-29) for a suspicious shipment, investigate it immediately and, if warranted, discuss it with CBP.
One other way to monitor your activity with CBP is through your surety company. Really good sureties have comprehensive reporting programs that tell them and their clients when something has gone awry with CBP or something suspicious appears in their activity report.
Corporate identity theft is becoming an increasingly pervasive problem for importers, CBP and customs brokers alike. The best way to combat it is by closely scrutinizing your customs entry activity on a regular basis and by taking quick affirmative action if anomalies are found.