The years 2015 through 2019 were sweet for an IT services and product outfit calling itself Interactive Systems.
It submitted 52 invoices to a global internet business in Manhattan for a slew of stuff: 10 servers here, 16 servers there, 3 firewall devices, plus fat setup fees for all of it.
Funny thing about those invoices, though: four of them were submitted as Microsoft Word documents. The metadata for all four of the Word docs pointed to the same author: an IT boss working for the internet company being billed.
That IT exec’s name is Hicham Kabbaj, and on Friday, he pleaded guilty to one count of wire fraud for having set up a shell company and billing his employer for firewalls and services that “Interactive Systems” never actually installed.
To make it all perfectly circular, Kabbaj even addressed the invoices to himself.
As prosecutor Scott McNeil described in court filings, from around August 2015 through to around April 2019, Interactive Systems submitted approximately 52 invoices to “Company-1”. Once Company-1 paid up, Kabbaj would slide the cash on over to his own bank account – a scam that netted him a cool $6 million.
The last payment he got his hands on was in May 2019. After that, investigators spoke with two of Kabbaj’s colleagues.
One of them was a datacenter employee who worked under Kabbaj. “Employee-1” was in charge of Company-1’s datacenters since sometime in 2016, including being in charge of purchases during the time that Kabbaj was working for the company. Employee-1 told the Feds that he never purchased the firewall devices described in a March 2018 invoice, nor in a February 2019 invoice. Ditto for the 10 servers listed in an April 2019 invoice.
And no, said Employee-2 – a senior IT manager in charge of the datacenter at the parent company’s subsidiaries – we never saw anybody from Interactive Systems show up to do the services they billed us for. To do so, a vendor would have had to get his approval, and he’d never even heard of a vendor called Interactive Systems, he told investigators.
And when investigators checked with the manufacturers of the gear that Interactive Systems says it installed, they found out that the bogus company wasn’t listed as an authorized dealer for their products. Nor did it ever file a tax return.
As far as the payments for those invoices goes, equivalent amounts were often transferred to Kabbaj’s personal account within a few days.
A few months later, in September, Kabbaj was collared and charged.
Pretty bad, for an exec to abuse their position of trust like that, said IRS-CI Special Agent in Charge Jonathan D. Larsen:
Today, Mr. Kabbaj pled guilty to a serious felony because he chose to misuse his position of trust as a corporate executive to steal company funds for his own personal gain.
Kabbaj, 48, is looking at a maximum sentence of 20 years behind bars, though of course, he’ll spend less time than that: maximum sentences are rarely handed out. He’s awaiting sentencing now. He’s also going to be handing back the goodies he bought with the loot: namely, one house in Palm Beach Gardens, Florida, and one in Hewitt, New Jersey.
He’ll also be paying restitution of $6,051,453.
Kabbaj isn’t the first IT boss gone bad, and he likely won’t be the last.