The tldr version of the Stenn scandal is that HSBC alleges Stenn issued $220+ million in fake billings and created matching fake payments from Foxconn, Repsol, etc., in an elaborate fiction that involved the names of dozens of companies that never did business with Stenn.
The tldr version of the Greensill scandal is similar. Credit Suisse extended a $140 million emergency loan secured by invoices from Liberty Commodities, which named companies that had no business dealings with Liberty, effectively making them fraudulent collateral. Those invoices cited sales of nickel to firms like Cargill and Mitsui Bussan Metals.
Before Greensill, there was The Receivables Exchange (TRE), with a story murky enough to defy a good tldr but that began to encounter fraudulent receivables in the 2013-2016 timeframe. TRE eventually became part of LiquidX, and the court's finding that this was a deliberate "wrong" rather than a business failure suggests that the move was mainly to shed the old company's non-performing assets.
Mini-scandals like HeadSpin and Corcoran Group add to the sense that it’s easy to fake trade receivables and that otherwise savvy, intelligent people often fail to catch it in time.
Hapless finance
So while AI model trainers and security researchers are making great use of synthetic data today, it's understandable why asset-based lenders, structured finance teams, and credit risk departments are less enthusiastic about the speed and ease with which anyone can now generate realistic financial data. Based on what we know already about receivables, the same technology that enables LLM improvement in the field of AI and enables fuzzing in cybersecurity presents considerable operational risk for asset-based finance. If someone wants to dress up their books or bolster a few transactions in convincing ways, this is the tool to do it, and it's not too complicated or time-consuming.
Soon, the Stenn and Greensill scandals may seem simplistic and benign compared to a potential avalanche of AI-fueled first-party and circumstantial fraud techniques that defy traditional detection tactics and perhaps lead to substantial losses.
Prompting is all you need
To demonstrate how trivial it is to generate receivables that can be imported into accounting systems, we prompted an LLM to imagine a particular automotive company. There is nothing unique or clever here, and we're only publishing the first few lines of the prompt:
Excerpt from the prompt requesting trade receivables for a fictional automotive parts supplier
Notice how the above fragment mentions three files for customer, product, and invoice data. Those correspond to templates we downloaded from QuickBooks that are available to any logged-in user. We send them along with the prompt for added context:
Preparing to prompt the LLM to generate customer, product, and invoice data
After a few minutes of waiting, we get the results:
ChatGPT 4o offering three files of generated data for download
And then we can upload the customers file to QuickBooks:
i.e., the generated product file:
And then the synthetic invoice file:
Now we have a cooked QuickBooks account:
The fabrication and import process for 100 invoices took about two hours. A bad actor or a bad actor's AI agent could then continue dressing up this account with sales receipts, credit memos, chargebacks, etc., until the whole picture looks convincing. Perhaps when it comes to finance, Kurt Cobain was right when he said, The worst crime is faking it.