Corporate Compliance Scam Continues. . .

. . But some of the perpetrators may have been caught.

California

California businesses have recent reports.  The scam seems to have been operating in California for years.

Colorado

There are reports of the scam in Colorado: State Corporate Compliance fraud. The Secretary of State is also getting complaints about the Colorado Compliance Recorder: Updated Notice Regarding “Annual Minutes” Solicitations

Indiana

Indiana issued a warning that several businesses have reported receiving a deceptive letter that would appear to come from an official government source. The letter solicits an annual fee of $125 or $150 and claims it will be used for record keeping and processing of a company’s annual minutes. It gives the appearance of coming from a legitimate government agency and cites fictitious state law. Scam Alert for Businesses in Indiana. But the Secretary of State has filed a complaint to try to stop the scam.

Montana

Montana has issued a warning, although the Secretary of State has not received any complaints and is not aware of any Montana businesses being affected: Business Scam Alert (.pdf) (I am not sure that I agree that the scam is “potentially dangerous.”)

New York

In the Empire State, it looks like the scam has spread to condominiums and cooperatives: Scam or Useful Service? The Corporate Records Compliance Office Speaks

Texas

It looks like the scam has been operating in Texas for a few years, masquerading as a state agency.  They may have caught the person behind some of it: Californian Charged With Unlawfully Profiting From Fake State Document Scheme.

Others

Previously, I noted that the scam was found in Florida, Georgia, IllinoisMassachusetts, and Ohio.

Catching the Bad Guys

Its not clear if the scams in each state are perpetrated by the same group. The Indiana Secretary of State filed a complaint against Aaron V. Williams of Las Vegas, Lisa Diane Brown of California and several companies affiliated with them. (Of course these people have merely charged and are not necessarily guilty.)

UPDATE:

The Texas Attorney General filed suit against other parties, but the suit was dismissed.

References:

Six States Now Require Social Security Number Protection Policies

Miriam Wugmeister, Nathan D. Taylor of Morrison & Foerester wrote the December Privacy and Data Security Update: Six States Now Require Social Security Number Protection Policies.

  • Connecticut – Ct. H.B. 5658.
  • Massachusetts – 201 Mass. Code Regs. §§ 17.01 – 17.04.
  • Michigan – Mich. Comp. Laws § 445.84.
  • New Mexico – N.M. Stat. §§ 57-12B-2 – 57-12B-3.
  • New York – N.Y. Gen. Bus. Law § 3990dd(4).
  • Texas – Tex. Bus. & Com. Code § 35.581 (effective through March 31, 2009); Tex. Bus. & Com. Code § 501.051 – 501.053 (effective April 1, 2009).

These state SSN protection policy requirements highlight the importance of maintaining up-to-date privacy policies that comply with the evolving requirements under applicable state laws.  To get started, an organization should consider taking the following steps:

  • determine if you collect or maintain SSNs;
  • review your policies and procedures that are employee-facing to determine if you have sufficient policies to meet the obligations under the various state laws;
  • update your policies and procedures as needed;
  • train employees on the new policies and procedures; and
  • audit your employees to ensure that they are complying with your policies and procedures.