Authorities believe Adekunle Adetiloye organized a scheme to open nearly 600 fraudulent bank accounts and bilk 22 major banks, potentially costing those banks and credit card firms up to $5 million. Assistant U.S. Attorney Nick Chase in North Dakota, where the case was handled, said the 40-year-old had an "insatiable hunger for other people's money."
Investigators said Adetiloye incorporated two different companies in Delaware — Syspac Financial Services and Commet Consultant Inc. — that claimed to be debt collection companies. He gained access to commercial data providers, including large-scale outfits LexisNexis and ChoicePoint that only allow access to law enforcement, financial services and debt collection companies.
With access to those data providers, Adetiloye and others obtained the personal identification information to about 38,000 people, most of whom were medical professionals. They used that information to open credit card, debit and checking accounts, prosecutors said.
Those data providers said it was only the second such breach of that scale.
"Characterizing this fraud scheme as massive, if anything, is an understatement," Chase said in court documents.
Defence attorneys had argued that their client, the only person charged in the case, was a "marginal and minimal participant" whose role was to handle mail and withdraw money from ATMs. But prosecutors and the judge believed otherwise.
Investigators' interest in Adetiloye, a native of Nigeria, was piqued after figuring out he was unemployed and receiving welfare yet living lavishly, complete with a Range Rover vehicle, extended trips to England and an expensive condominium. Then there were two credit cards tucked away in his wallet, each bore different names — Donald Douglas and Vincent Andriole — that seemed to confirm suspicions that he was up to something nefarious.
The complexity of the scheme — which took five years to investigate and litigate — was highlighted in a sentencing phase that has lasted nearly a year and included numerous hearings and briefings, and some 12,000 pages of court documents. The case wound up in North Dakota after U.S. Bank's customer service centre in Fargo intercepted calls by Adetiloye and others.
U.S. District Judge Ralph Erickson handed down a 214-month prison term and scheduled a Feb. 15 hearing to discuss returning nearly $1.5 million in losses to credit card companies and banks. The judge has said losses may have been as much as $5 million.
Defence attorney Richard Henderson had asked for a sentence of fewer than 16 years for his client, who pleaded guilty to mail fraud charges. Henderson said any prison time is more difficult than it would be for American citizens because he has no family in the United States. No decision has been made about whether he plans to appeal, said Neil Fulton, lead federal public defender for North Dakota and South Dakota.
"The sentence imposed today should send a strong message to those who would seek to scam the citizens and businesses of North Dakota and the United States," U.S. Attorney Timothy Purdon said in a statement released Monday. "We take the growing problem of foreign financial fraud seriously here and seeking justice for the victims of such crimes is a priority for our office."
Greg Krier, lead credit card fraud investigator for U.S. Bank, testified during the sentencing phase of the case that it was the most complex case he had ever seen. His company, which has its own fraud unit, launched special training sessions focusing on the case in hopes of catching the culprits.
The lead investigator, one of 25 people who worked on the case, put in 2,000 hours, authorities said.
Investigators initially said the operation accessed information of nearly 16,000 people, about 500 of whom had their identities stolen for the purpose of obtaining credit cards. It's alleged that more than 100 commercial mailboxes were opened under false or stolen identities.
But further investigation showed that the scheme actually accessed personal information to some 38,000 people. The government said Adetiloye went so far as to mask his handwriting after a judge ordered a test of his calligraphy.
Erickson, the federal judge, said in court documents ahead of the sentencing that the evidence "indisputably demonstrates" that Adetiloye was a leader or organizer of the scheme. The judge calculated losses to banks at about $1.5 million, but said it could have been as high as $5 million if credit limits had been maxed out.
The trauma cannot be measured, Erickson said.
"The non-monetary harm to the victims was substantial," the judge wrote. "They lost sleep, they lost time with their families, they lost time at work, and they lost their sense of security. Some victims spent hours trying to reclaim their credit record and their identities."
Court documents show that U.S. Bank suffered the most number of tainted accounts, at 130, for a total loss of about $76,000. The companies alleged to have lost the most money were Citibank, at about $271,000, and Discover, at about $248,000.
Brett Bogan, the security investigations manager at Reed Elsevier, the parent company of LexisNexis and ChoicePoint, told the court that data breaches of this type are extremely rare and knew of only one other case like it. He said the company sent out notices to more than 32,000 people whose personal information was compromised by the scheme.
"With their combined extensive and nationwide perspective, those entities place this fraud scheme at or near the top of their historical lists in terms of size and complexity," Chase said in court documents.