In today’s Finshots, we explain how a fintech startup allegedly defrauded one of America’s largest banks.

Also, a quick side note. If you're someone who has great communication skills and are enthusiastic to join our team, Ditto is looking to recruit new Insurance Advisors. You don't even have to know much about Insurance-- We will train you from scratch and you can enjoy working remotely with a great team. Click here to apply.


The Story

Step 1: Scream from the rooftops that the American college system is broken! That students graduate with $30,000 in student loans.

Step 2: Start a fintech business to fix this problem. Target Gen-Z college students and help them fill out arduous forms to get scholarships and financial aid.

Step 3: Get on the celebrated Forbes 30 Under 30 list for fighting for a worthwhile cause. People will notice you now.

Step 4: Attract the attention of a bank that’d love to get its hands on your user list. After all, your college-going user list is the perfect future customer for a bank. Catch ’em when they’re young.

Step 5: Finally, and this is the most important step of them all — If you don’t have the 4.25 million users to ask for a $175 million buyout, just fake the customer data!!! Yup, do whatever it takes to fool the bank into believing that the startup was a phenomenal success. And keep your fingers crossed.

Or as the tech bros say, “Fake it till you make it.”

That’s what Charlie Javice, the founder of fintech startup Frank, did. Or at least that’s what JPMorgan Chase, the bank that paid $175 million to buy the startup is now alleging. It’s saying that it got scammed by Javice.

Now you’re probably wondering — how on earth did a massive bank like JPMC miss the red flags before coughing up all that money? Who did all the due diligence to check if Javice’s claims were airtight?

Well, let’s just say that Javice outplayed the banking giant. And made a mockery of its due diligence process.

Before we get into how she did that, we first need to see how JPMC finally realized that it may have been duped.

In January 2022, after the acquisition was done and dusted, the bank decided to spam Frank’s users with a campaign. Probably to get them to buy some financial product that would make the bank some money. So it randomly picked 400,000 users from the list Frank provided it during the due diligence process and sent out emails.

But…the campaign went horribly wrong.

You see, only 28% of emails were delivered. And JPMC usually has a high a 99% delivery rate for its campaigns. And even worse — only 1.1% of the delivered emails were opened. Compared to 30% for a typical JPMC campaign.

That’s when JPMC smelt something suspicious. It launched an investigation. It managed to get a hold of all of Charlie Javice’s old emails. And voila, the sham emerged in all its glory.

See, Frank did not have the 4 million customers that it claimed. It only had a measly 300,000. But you don’t get $175 million for that, right?

So what did Javice do?

Apparently, Javice first sent her Director of Engineering an email with a link to an article titled “Generating Tabular Synthetic Data Using GANs.” The article notes that “[t]he goal is to generate synthetic data that is similar to the actual data in terms of statistics and demographics.”

Basically, she wanted to artificially inflate the user base with fake data!

The Director wasn’t impressed. He asked if it was even legal to do this. Now you can imagine that Javice’s response would’ve been in the affirmative. She even said that it was standard practice during investments and that no one would end up in an ‘orange jumpsuit’ (meaning prison time) over this.

Okay.

But the Director was having none of this. He refused to play along (clap, clap) and sent a list of only the real users — just 293,000 of them.

Oh yeah, not even 10% of what Frank claimed to have.

But Javice couldn’t send this to JPMC, no? She wanted the $175 million. So, she took external help.

Her colleague and Chief Growth Officer Olivier Amar jumped in. He reached out to a company called ASL Marketing, Inc. A firm that claimed to have “the most comprehensive, accurate and responsive data of high school students, college students and young adults available anywhere.” It could give Frank exactly what it needed!

So Amar paid ASL $105,000. And bought a list of 4.5 million students.

He then tapped another company called Enformion for the email addresses of students who were part of ASL’s list. And paid them $70,000 for their troubles.

Meanwhile, Javice was cooking up something too. She’d found a “Data Science Professor.” A teacher at a college in New York City. And wanted his help to create fake lists.

And that’s when it becomes really scandalous!

So, Javice asked the Professor to generate addresses for the fake students. And the Data Science Professor emailed Javice asking, “I can’t seem to find addresses in my raw files . . . Should I attempt to fabricate them?”

Javice responded saying, “I just wouldn’t want the street to not exist in the state.” Basically, the addresses could be fake. But she didn’t want a non-existent XYZ street name to pop up. It had to be real.

But the Professor replied that “‘real addresses’ may not be doable.”

So Javice had a brainwave. She figured out that, “[I]f we can’t do real addresses whats the best we can do for that? Worse comes to wors[t] we can try a unique ID.”

Basically, she fooled JPMorgan by convincing them that the Unique ID in the list was to protect the confidentiality of the student users. That the Unique ID was tied to real addresses in the back end. And the bank believed her.

Then came the email IDs. And this is even juicier.

Here’s an excerpt from JPMC’s complaint.

In an email at 12:56 p.m., the Data Science Professor, referring to the template Javice sent an hour earlier, asked Javice: “You have the student email marked as ‘provided as unique ID’ but didn’t we agree to make fake ones a la ‘asdugnsdf@gmail.com’? Or do you want unique ID after all?”

In a response sent six minutes later at 1:02 p.m., Javice asked, “will the fake emails look real with an eye check or better to use unique ID?”

At 1:37 p.m., the Data Science Professor confirmed “[t]hey will look fake. So let’s use unique ID.”

So yeah, the Unique IDs emerged again. All under the veil of ‘privacy.’

It all seemed so genuine. So when JPMC did the due diligence, it passed with flying colours.

And finally, there’s the scam invoicing bit after the deed was done.

When the Professor sent Javice a bill of $13,300 for the work done, he was quite elaborate. He described that he’d performed “college major generation” that included creating “first names, last names, emails, phone numbers”.

Quite an honest man!

But Javice freaked out. A sharp auditor would definitely ask questions about this.

So she asked him to remove it all. And simply send a one-line invoice saying “for data analysis.” She even sent him a bonus of $4,700. Probably to keep his mouth shut.

And the Professor’s response was: “Wow. Thank you. Here is the new invoice.” Yeah, the fraud didn’t really matter anymore.

But Javice sweetened the deal further. She even offered the Professor a full-time position at JPMC after the buyout. Now hiring the man into the same bank he helped defraud is quite the killer move!

It all sounds crazy to be true.

But that folks is how a Forbes 30 Under 30 winner fooled one of America’s largest banks.

To sum it up — Frank paid a total of $193,000 to ASL, Enformion, and the Professor for a list of ‘fake’ email addresses. And then sold that list to JPMorgan for a whopping $175 million.

Definitely a contender for the scam of the year, don’t you think?

Until then…

Don't forget to share this article on WhatsApp, LinkedIn and Twitter

PS: Charlie Javice has filed a suit against JPMorgan Chase too alleging that she hasn’t been paid her due and that the bank’s plan to monetise the student data by bombarding them with emails about credit cards and loans was a poor business plan. So make of this what you will.


Ditto Insights: Why Millennials should buy a term plan

According to a survey, only 17% of Indian millennials (25–35 yrs) have bought term insurance. The actual numbers are likely even lower.

And the more worrying fact is that 55% hadn’t even heard of term insurance!

So why is this happening?

One common misconception is the dependent conundrum. Most millennials we spoke to want to buy a term policy because they want to cover their spouse and kids. And this makes perfect sense. After all, in your absence you want your term policy to pay out a large sum of money to cover your family’s needs for the future. But these very same people don’t think of their parents as dependents even though they support them extensively. I remember the moment it hit me. I routinely send money back home, but I had never considered my parents as my dependents. And when a colleague spoke about his experience, I immediately put two and two together. They were dependent on my income and my absence would most certainly affect them financially. So a term plan was a no-brainer for me.

There’s another reason why millennials should probably consider looking at a term plan — Debt. Most people we spoke to have home loans, education loans and other personal loans with a considerable interest burden. In their absence, this burden would shift to their dependents. It’s not something most people think of, but it happens all the time.

Finally, you actually get a pretty good bargain on term insurance prices when you’re younger. The idea is to pay a nominal sum every year (something that won’t burn your pocket) to protect your dependents in the event of your untimely demise. And this fee is lowest when you’re young.

So if you’re a millennial and you’re reading this, maybe you should reconsider buying a term plan. And don’t forget to talk to us at Ditto while you’re at it.

1. Just head to our website by clicking on the link here

2. Click on “Book a FREE call”

3. Select Term Insurance

4. Choose the date & time as per your convenience and RELAX!