Letter from the Editor, December 2014
In this issue, AFN Board member Greg Valenti explains the legal regime in Italy that governs fraud committed through debit and credit cards. The first part of the article addresses the relevant legal provisions; the second considers the stance taken by the Italian Supreme Court with regard to credit card fraud committed over the internet; the third part looks at the measures adopted by the Italian Government to prevent credit card fraud.
We are also pleased to be able to offer a 10% discount to AFN newsletter readers on IIR fraud courses. Fundamentals of Detecting & Preventing Fraud takes place on 27 January 2015 at The Hatton in central London; Advanced Techniques to Detect, Prevent & Investigate Fraud takes place on 28 January 2015 at The Hatton in central London. Click here for more information. Register your place either online, by calling +44 (0) 20 7017 7790 or emailing email@example.com. Use VIP code FKW52862AFNWL to save 10%.
We are always interested in articles and book reviews written by AFN members and readers. If you would like to contribute to the AFN newsletter or the website, please contact us at firstname.lastname@example.org.
Under Italian criminal law, there are two main legal provisions that prohibit fraud committed through the use of debit or credit cards:
- Article 55(9) of Legislative Decree no. 231 of November 21, 2007 (which implements EC Directive 2005/60 on the prevention of the use of the financial system for the purposes of money laundering resulting from criminal activities and financing terrorism, and EC Directive 2006/70, which contains the relevant enforcement measures) regulates the illegal use of credit or debit cards and distinguishes between three types of criminal conduct resulting from actions put in place by those who, in order to make a profit for themselves or for others
- Improperly use credit or debit cards or any other similar document that allows them to collect cash, purchase goods or provide services.
- Forge or alter a credit or debit card or any other similar document that allows them to collect cash, purchase goods or provide services.
- Possess, sell or acquire from an illegal source such cards or documents and the payment orders produced with those cards or documents.
These crimes are punished with a term of imprisonment of between one and five years and a fine ranging from €310 to €1,550.
- Article 640ter of the Italian Criminal Code, entitled Computer Fraud, which provides that
Whoever, by altering in any way the functioning of a computer system or intervening—without the right to do so—on data through any means, procures an undue profit for himself or for others, is punished with a term of imprisonment from six months to three years and a fine ranging from 51 euro to 1,032 euro.
Types of fraud
In order to understand the application of these provisions, it is necessary to look briefly at the different types of fraud that can be perpetrated by means of debit and credit cards.
Lost and stolen cards fraud involves the theft of a payment card or its improper use by someone other than the owner. The theft of the card can occur in different ways, including trapping the card in an automatic teller machine (ATM) or the physical theft of the card.
Counterfeit cards fraud involves the physical alteration of the card in order to record, transfer, clone, alter or replace the data on the card. This type of fraud includes practices such as “skimming”, a process whereby genuine data on a card’s magnetic strip is electronically copied onto another for the purposes of making counterfeit cards.
Mail-intercepted card fraud involves the interception and stealing of a card during the period between the issuer sending it and its legitimate owner receiving it, usually by mail.
Fraudulent use of the card number occurs through the use of the code on the card, which is unlawfully obtained via different methods, without any material intervention on the magnetic card. One method is by “phishing”, which is an internet fraud that aims to steal valuable information such as card numbers, user IDs and passwords. A fake web site is created to look similar to that of a legitimate organisation—typically a financial institution such as a bank or insurance company—and an e-mail or text message is sent requesting that the recipient access the fake web site and enter their personal details, including security access codes. The page looks genuine but users entering information are inadvertently sending their information to the fraudster.
Assumed ID fraud occurs through the fraudulent use of the cardholder’s personal data to obtain other payment cards. This practice includes “account takeover fraud”, which can occur when a criminal—having gathered a person’s relevant documents and information—calls the credit card company requesting a change of address to one controlled by the criminal. The criminal impersonates the legitimate cardholder by submitting proof of identity to the credit card company and requests a replacement card to be sent to the new, fake address.
Specifically with regard to ID fraud, Legislative Decree no. 64 of April 11, 2011(which amended Legislative Decree no. 141 of 2010) introduced a “Public system of prevention, on the administrative level, of fraud in the field of consumer credit with specific reference to identity theft”. This new legal framework provides a dual definition of identity theft, which is defined in Article 1 as
- Total embodiment: the total concealment of one’s identity by means of the unlawful use of another person’s identity and income. The embodiment may relate to the misuse of data relating to a living person, as is usually the case for fraud on payment cards, or to a deceased person.
- Partial embodiment: the partial concealment of one’s identity by using data relating to oneself, combined with the misuse of data relating to another person.
The legal issue Continue reading
The Anti-Fraud Network is a network of professionals who specialise in the prevention and investigation of fraud and white collar crime, and the pursuit of claims arising out of the theft or other dishonest appropriation of assets, corruption, misuse of confidential information or similar breaches of duty. Recovering the proceeds of fraud and corruption is one of the truly global problems facing organisations today. Proceeds rarely stay in the country where they have been stolen. For organisations to recover stolen or corrupt assets they need access to lawyers and professionals specialising in their recovery across the world.
The Anti-Fraud Network is dedicated to providing access to trusted points of contact across the globe and offering a unified first-class international service to clients, at a time when experience, speed, co-operation and highly responsive service are most important.
The Anti-Fraud Network has been Highly Commended by the Financial Times in the 2008 FT Innovative Lawyers Awards Report
Nicholas Burkill of Dorsey & Whitney is an expert in bribery and corruption matters, and is widely considered by sources to be an authority on the implications of the new Bribery Act. Sources describe Burkill as “extremely personable, very bright, client-focused and always looking for the best commercial solutions.”
The Dorsey team is an excellent choice for tax and fraud disputes, and group head Nicholas Burkill is ‘an enormously experienced fraud litigator, with great depth of knowledge; intelligent and hardworking, with an excellent sense of humour. One of the best around’.
Legal 500 2010
Dorsey & Whitney’s practice head Nicholas Burkill is a ‘cool-headed and determined litigator’.
Legal 500 2011