Registrar and Transfer Agent Frauds – failure of governance over outsourced activities?

RTA fraudSteven*, a working professional, approached a Registrar and Transfer Agent (RTA), Philip*, for transmission of shares bought by his father who passed away six years ago. He was alarmed when informed by Philip that the shares held by his father were dematerialised (converted from physical shares into electronic format) and had been sold through the stock exchanges. Steven found this disconcerting as he had been taking care of his father’s accounts and investments at the time of this alleged sale. And the transfer was not authorised by him!

While discussing his predicament with a friend who was a stock market enthusiast; Steven was surprised when he was told that the shares must have been fraudulently transferred to benefit key employees of the Registrar and Transfer agency. He realised that by adopting an “invest and forget” philosophy, he had presented the fraudsters with an opportunity to defraud him.

This is not a one-off case. It has been seen that a host of ‘passive’ investors such as Steven have lost money due to fraudulent practices adopted by RTAs.

Veteran investors have often lived by this “invest and forget” philosophy to earn stable yet good returns on equity. However, volatility in the global financial markets and rising incidents around fraud is leading them to rethink this conventional approach. Today, companies as well its investors are being increasingly targeted by suave fraudsters for financial gain.

Why are RTAs required?  

In order to have a single agency process the registry work related to physical and dematerialized shares, many listed companies had outsourced share transfers and other allied activities to registered third-parties. However, after outsourcing and over a period of time, companies began to lose focus on supervision and governance over the activities carried out by these outsourced vendors, or RTAs. This led to RTAs gaining extensive access and control of critical activities including interaction with banks, which led to misuse of authority as well as gaps in the shareholder management processes. This lack of supervision resulted in a surge in fraudulent practices.

These frauds are not a recent occurrence – such practices have been seemingly going on since a decade now. The situation remained hidden in most cases, as there were no claimants or the amounts involved were very low. They were therefore, neglected by investors or did not come to the notice of the company or the regulator.

But as the saying goes “nothing can be hidden forever”, these frauds eventually surfaced and companies woke up to notice the vulnerabilities in their processes over a period of time.

Modus operandi

Close analysis around the trend shows that fraud vulnerabilities were initially exploited by fraudsters using smaller values as well as volumes. However, the inability of organisations to detect this led to bigger volumes with higher values. It was also observed that the failure to detect fraudulent practices was not due to lack of capability, but more because of omission or even ignorance.

The following critical red flags would have been typically overlooked by organisations, which may have helped boost the confidence of fraudsters:

RTA fraud_1

Little intervention due to unawareness by both company and investors would tend to enable fraudsters to exploit these vulnerabilities through some of the methodologies listed below:

RTA fraud_2

Despite fraud risks and vulnerabilities coming to the surface, it was seen that some companies rationalized by saying that these are issues only with certain RTAs and their company could not fall prey to such risks, especially as they have a different RTA on board. But it is in the interest of companies’ to proactively check whether their existing processes and supervision takes care of the risks and weaknesses associated with the process.


As these kind of cases could damage the reputation of organizations and shake shareholder confidence, it is imperative for them to revisit the existing controls and their effectiveness to identify and address fraud risks. Outsourcing without assessing impending threats or deploying adequate monitoring mechanisms could potentially do more harm than good. Thus, outsourced governance may lead to erosion of investor confidence and impact organisational growth.

*All names and cases in the above article are fictitious 

(This is the second of a two-part series on outsourced governance)

Follow @EY_India and track #EYForensic for regular updates

One thought on “Registrar and Transfer Agent Frauds – failure of governance over outsourced activities?

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.