Q3-2017
ERAI, INC QUARTERLY NEWSLETTER
Dear ERAI Members and Colleagues,

Counterfeit mitigation is similar to disaster preparation, a reality fresh on our minds thanks to Hurricane Irma, which passed directly over our Naples office. While we were fortunate that the “strongest hurricane on record” managed to diminish in strength prior to landfall, preparedness plans were key to minimizing property damage and ensuring the safety of both our staff and our business.

Nevertheless, even with the best preparations, we did face minor interruptions in service due to lack of electricity, Internet and phone service, despite having implemented preventative measures. Similarly, having a documented counterfeit mitigation plan and routinely updating the plan helps your organization avoid the intrusion of counterfeits and prepares your staff for the appropriate action IF a counterfeit is detected. As Irma showed us, even though you think you are prepared, disasters can come at you from different angles than you had anticipated.

Accordingly, this issue highlights some back to basic lessons and best practices. We cover some easy steps you can take during your supplier assessment, review how new Department of the Navy guidelines for counterfeit part mitigation can be implemented within your organization, understand how and why defense suppliers face flowdown requirements set forth in industry standards, introduce you to our new InterCEPT class ST-01, which provides an overview of key industry standards, and hear how bad actors have infiltrated the chain of supply. Additionally, we discuss difficulties in determining if a part is suspect or counterfeit, a highly debatable topic that has gone largely undefined throughout the industry.

We were touched to hear so many of you asking how we fared and greatly appreciate your patience during Hurricane Irma. Now that we are “back in business”, please let us know how we can help your business succeed.

Anne-Liese Heinichen
Editor-in-Chief
anne@erai.com

U.S. Navy Enhances Counterfeit Risk Mitigation for Weapon Systems in New Guidebook

By: Anne-Liese Heinichen

In June, the U.S. Department of the Navy released the "Counterfeit Materiel Process Guidebook, Guidelines for Mitigating the Risk of Counterfeit Materiel in the Supply Chain". As stated within, the purpose of the guidebook "is to equip DON activities with a practical tool for implementing a risk-based counterfeit materiel prevention program and provide implementing guidance to address the requirements delineated in the DON policy."i

Given the often-cited statistic provided in the Senate’s 2012 "Inquiry Into Counterfeit Electronic Parts in the Department of Defense Supply Chain" of over 1 million suspect counterfeit parts existing in the military supply chainii, the Department of the Navy’s (DON) concern is not unwarranted. During this year alone, the Navy has experienced four collisions, one resulting in the death of 10 sailors aboard the USS McCain, prompting some news outlets to speculate on the possibility of at least one of these events as a cyber-attack against the military. While to date no evidence has been provided to support the claim, naval investigators are reportedly looking at cybersecurity in their investigations into the USS McCain incidentiii as the risks to weapon systems remain a valid threat regardless of the results of the probe. Of note, within the definition of counterfeit materiel in the Guidebook, a specific example of "Materiel containing additional features or capabilities not intended by the OM* (e.g., added malicious functions, modified firmware, etc.)" has been included. *Editor’s note – OM is defined as Original Manufacturer throughout the Guidebook.



The Guidebook provides a risk-based approach for the acquisition of electronic parts, mechanical parts and other materiel through seven different categories: Part I, Assessing Counterfeit Materiel Risk; Part II, Supplier Selection and Procurement; Part III, Documentation; Part IV, Contracting; Part V, Detection; Part VI, Containment, Disposition, and Reporting and Part VII, Contractor Assessment. By culling various industry standards and other resources, the DON has created a compendious plan which provides best-practices and implementation strategies from leading industry resources.

Risk assessment is performed by a risk assessment matrix factoring in supplier type and materiel criticality, addressing the likelihood of encountering a counterfeit part through factors such as obsolescence, lead times, versions, and item type (e.g., “integrated circuits are currently the most commonly counterfeited item.”), and analysis of the severity of the impact based upon criticality of the materiel and strategic value.

As is prevalent in industry standards, the Guidebook stresses the purchase of material directly from the original manufacturer or authorized suppliers whenever possible, though the document does recognize obsolescence as a “justifiable reason” for sourcing materiel from an unauthorized supplier, despite the greater risk of encountering a counterfeit part. For purchasing from unauthorized sources, annual maintenance of a tiered Approved Supplier List, on-site assessments, review of the unauthorized suppliers’ Approved Supplier List with differentiation between authorized and unauthorized suppliers, review of GIDEP and other peer databases for unresolved quality issues, trade references, verification of QMS certifications and insurance and warranty, past history and banking information are recommended. Appendix J provides a contractor compliance audit checklist, a tool developed by the Missile Defense Agency to assess an organization’s counterfeit mitigation processes. Of additional note is DON’s recommended usage of preferential supplier types (e.g. small businesses, veteran-owned, HUB, etc.) only for non-critical and low risk materiel.

For the detection of suspect counterfeit materiel, once again, a risk-based method should be used to determine the necessary detection protocols. For all materiel, regardless of the supplier, basic incoming and visual inspection techniques are called for; however, for high risk materiel, a suggested authentication process flow is provided in Appendix E. For electronic parts, an acknowledgement that functional testing may not be sufficient to determine whether or not the product is authentic should be included as counterfeit parts may pass functional testing. DFARS clause 246.870 calls for the use of industry standards to guide DON through inspection and tests for the authentication of material; specifically, the Guidebook cites SAE AS6081’s guidance as the preferred standard. Of note, the Guidebook addresses stockroom material that has not undergone authentication and notes that authentication should be performed on this material. To assist with a counterfeit determination, Appendices F and H contain lists of indicators along with a minor, moderate or major categorization. By using these categorizations, a threshold for reporting is reached if: one major indicator and one moderate indicator are found; or if three or more moderate indicators are found; or if two or more moderate indicators and two or more minor indicators are found.

Once materiel is classified as suspect counterfeit, the Guidebook, similar to industry standards, calls for the containment, disposition and reporting of the materiel. One difference in the Guidebook when compared to industry standards is that the guidelines state that the supplier should not be contacted regarding the suspect counterfeit material. Of note, Figure 7, Disposition Decision Tree, points to the consideration of use of suspect counterfeit materiel in assemblies under certain conditions.

It is evident that the DON has endeavored to provide practical guidelines for the implementation of a counterfeit mitigation program. Through the use of this Guidebook, a clearer understanding of the process should provide DON staff a valuable tool for the avoidance, detection and disposition of counterfeit materiel. This resource is also useful for any organization, especially those in the medical, nuclear, aerospace and defense-related high reliability sectors, for the development or update of a counterfeit avoidance plan. The document is publically available to all organizations and non-government entities at:

http://www.secnav.navy.mil/rda/Policy/2017%20Policy%20Memoranda/DON%20Counterfeit%20Materiel%20Process%20Guidebook.pdf




ihttp://www.secnav.navy.mil/rda/Policy/2017%20Policy%20Memoranda/DON%20Counterfeit%20Materiel%20Process%20Guidebook.pdf
iihttps://www.armed-services.senate.gov/press-releases/senate-armed-services-committee-releases-report-on-counterfeit-electronic-parts
iihttp://foreignpolicy.com/2017/09/14/u-s-navy-investigating-if-destroyer-crash-was-caused-by-cyberattack/


DoD Adoption Notices (SAE AS6171 and AS6496)



On March 28, 2017, the Defense Logistics Agency announced the adoption of SAE Aerospace Standards AS6171, "Test Method Standard; General Requirements, Suspect/Counterfeit, Electrical, Electronic, and Electromechanical Parts" and AS6496, "Fraudulent/Counterfeit Electronics Parts" Avoidance, Detection, Mitigation and Disposition – Authorized/Franchised Distribution" for use by the Department of Defense (DoD). According to SAE, AS6171 “standardizes inspection and test procedures, workmanship criteria, and minimum training and certification requirements to detect Suspect/Counterfeit (SC) Electrical, Electronic, and Electromechanical (EEE) parts”i. AS6496 sets forth requirements for the mitigation of counterfeit products for authorized distributors.

The use of industry standards is recommended under section 12 (a) (3) of P.L. 104-113, the National Technology Transfer and Advancement Act of 1995 (NTTAA) which allows the DoD, “to compare standards used in scientific investigations, engineering, manufacturing, commerce, industry, and educational institutions with the standards adopted or recognized by the Federal Government and to coordinate the use by Federal agencies of private sector standards, emphasizing where possible the use of standards developed by private, consensus organizations”ii. Additionally, Office of Management and Budget (OMB) Circular No. A-119, "Federal Participation in the Development and Use of Voluntary Consensus Standards and in Conformity Assessment Activities," dated January 27, 2016, “directs agencies to use voluntary consensus standards in lieu of government-unique standards except where inconsistent with law or otherwise impractical.”iii

Adoption of a non-governmental standard allows government contracting offices to require adherence to requirements, whole or in part, contained in the standard if the language is included within the contract. The same is true for any organization – any or all requirements contained in a standard must be invoked within the contract with the supplier. Through the use of industry standards, the government can “set the bar” for its expectations from their suppliers, which can then be flowed down throughout the supply chain, in a fashion similar to the counterfeit detection and avoidance flow down requirements contained in the May 2014 DFARS 252.246-7007.

To accompany AS6171, SAE has released a Counterfeit Defect Coverage Tool which “provides potential test sequences for the identification of counterfeit electrical, electronic, and electromechanical (EEE) parts along a range of risk levels and EEE part types…allowing users to compare alternative test sequences as a function of resources needed to implement those tests.”iv While DoD adoption has been referred to essentially as a “seal of approval ”v, AS6171 and its accompanying Counterfeit Defect Coverage Tool have faced criticism with some citing concerns over increased costs, specifically due to the need for specialized equipment (and, of course, trained staff) and the perceived potential for “overtesting”. However, controversy is not unusual when a new standard or updates to a standard are released as many of these standards are risk-based, allowing users of the standard to determine the appropriate steps based on factors such as end-use, application, and criticality.

For DoD users, both standards can be found in the ASSIST database at http://quicksearch.dla.mil/qsSearch.aspx. The ASSIST database is available to DoD personnel and is the official source for standards, specifications and related documents used by the DoD.

For non-DoD users, the standards can be purchased directly through SAE. To learn more about SAE AS6171 or to purchase the standard, visit http://standards.sae.org/as6171/. Please note that the standard consists of a main document and 11 separate supporting “Slash Sheets” containing individual test method requirements, each of which must be purchased separately.

The SAE Counterfeit Defect Coverage Tool can be accessed at http://www.sae.org/standardsdev/cdctool/. To purchase the AS6496 standard, please visit http://standards.sae.org/as6496/.


ihttp://standards.sae.org/as6171/
iihttps://www.gpo.gov/fdsys/pkg/PLAW-104publ113/pdf/PLAW-104publ113.pdf
iiihttp://www.dsp.dla.mil/Programs/Non-Government-Standards/
ivhttp://www.sae.org/standardsdev/cdctool/
vhttps://counterfeitparts.wordpress.com/2013/06/24/dod-adoption-of-industry-standards/

Q: WHO CAN REPORT PARTS TO ERAI?
A: ANYONE. Membership to ERAI is not required.


We have made the process as simple as possible by offering two ways to report parts:

1. Report a part online at: http://www.erai.com/SubmitHighRiskPart
2. Or even simpler, email your report to reportparts@erai.com


We require: 1) the part information, manufacturer, part number, date code, lot code; 2) a text description of the non-conformance or findings and; 3) digital images that support the findings.

Ideally, you can send all archived data you have and make reporting future cases routine by including a report to ERAI in your existing inspection process.

Please note that you can report parts anonymously. We will not include your company name on an alert. You do not have to report the supplier that shipped you counterfeit devices unless you choose to. The major benefit to the industry at large is knowing there is a suspect counterfeit part out there.



Department of Transportation’s OIG Audit of FAA Highlights Need for Reporting

Under the direction of Representative Peter DeFazio and Representative Rick Larsen, the Office of Inspector General of the United States Department of Transportation has conducted an audit report of the Federal Aviation Administration’s (FAA) oversight of the suspected unapproved parts program. As contained in the report, Suspected Unapproved Parts (SUP) are, “aircraft parts that may have been manufactured without FAA approval or intentionally misrepresented” and notes that, “intentionally mispresented parts have inaccurate paperwork or were produced via counterfeit manufacturing”.i

Starting in 1993, the FAA implemented a SUPs program to mitigate the threat posed by unapproved parts entering the aviation supply chain. The program permits repair stations, manufacturers, distributors and other related entities to voluntarily report suspect parts. In 1996, the DOT OIG issued a report on the program and found that the program and its processes “lacked adequate management controls”.ii The program office was later disbanded. Since then, reports are sent to the FAA’s Aviation Safety Hotline, who then forwards the reports to the SUPs program officials. The SUPs program officials then investigate and determine if the parts are unapproved and if the information should be submitted to law enforcement agencies.

The OIG report found many inconsistencies in the reporting process, including inaccurate data tracking, lack of uniformity with regard to the completion of data in the reports, reports which failed to determine the location of the suspect parts, not verifying whether corrective actions were performed and reports that were not shared with federal law enforcement agencies. The investigation uncovered that out of 265 SUPs entries made in the database from April 2011 to September 2015, 51% were either duplicate, incomplete or invalid.iii Additionally, during the FAA’s manufacturer risk assessment process, only one risk indicator takes into consideration data related to unapproved parts.iv The audit continued to state that the FAA does not consistently notify the aviation industry about unapproved parts, inspectors do not ensure that unapproved parts are removed from the supply chain and that the FAA doesn’t require organizations within the industry to access SUPs information.

The OIG’s findings are not without merit. Recently in 2016, Chaosheng “Charles” Shi, the former East Asia Supply Chain Manager of the aircraft division of Moog, alleged that one of Moog’s subcontractors located in China was improperly manufacturing parts. An FAA investigation found no evidence of his claims. When Shi requested further investigation, according to an article in the Tucson Sentinel, “the regional FAA inspector found evidence that improperly manufactured parts had been installed in commercial Boeing 777s around the globe. The same subcontractor, according to the report, had outsourced other critical parts to an unapproved supplier. What’s more, the subcontractor had fabricated production records.”v

According to Shi, substitute material was used by a Chinese subcontractor during the manufacture of a spoiler actuator, which is a single point of failure part for the Boeing 737; meaning that if the part failed, the entire system which controls the wing flaps will stop functioning, possibly resulting in an accident.vi Shi also allegedly uncovered that the subcontractor was falsifying material certification and did not state that substitute material was being used. Additionally, Shi states that more irregularities were observed, including a subcontractor who used unapproved second tier suppliers in violation of FAA regulations and alludes that this was done in attempt to increase profit margins. The suspect parts were allegedly the result of an “accounting error” made by the Chinese subcontractor according to Moog’s own internal investigation. The explanation was accepted by the FAA and no federal law enforcement agencies were notified as the investigator believed that the appropriate corrective actions had been taken.vii



Shi estimates that between 300 and 500 B737s could be affected, including aircraft destined for military use. Shi states his employment was terminated by Moog in January 2016 due to whistleblowing.viii Shi asserts that other organizations remain unaware of this incident, endangering the general public.

This incident, along with the OIG report, demonstrate the importance of reporting suspect material, not just to law enforcement but throughout all organizations involved in the chain of supply. As always, participation through nonconformance and suspect parts from Members (and non-Members) is a crucial element in counterfeit part risk mitigation. The mutual sharing of information benefits the supply chain at large. Ensure that reporting to industry, government and law enforcement is a regular part of your organization’s processes.

The OIG audit report can be viewed online at:
https://www.oig.dot.gov/sites/default/files/FAA%20Oversight%20of%20SUPs%20Final%20Report%5E5-30-17.pdf

Listen to Chaosheng "Charles" Shi’s interview detailing his alleged discovery of falsified documents that stated parts were safe when they may have been manufactured by substandard materials:
https://www.youtube.com/watch?v=RmBdBXKrjDw


iOffice of Inspector General. Enhancements are Needed to FAA’s Oversight of the Suspected Unapproved Parts Program, United States of America Department of Transportation, Memorandum.
https://www.oig.dot.gov/sites/default/files/FAA%20Oversight%20of%20SUPs%20Final%20Report%5E5-30-17.pdf
iiIbid. p. 4.
iiiIbid., p. 6.
ivIbid., p. 9.
vMckenzie, Victoria. “Can America’s Air Safety Watchdogs Police Aviation Fraud?” Tucson Sentinel, The Crime Report, 20 Sept. 2017, http://www.tucsonsentinel.com/nationworld/report/092017_aviation_fraud/can-americas-air-safety-watchdogs-police-aviation-fraud/.
vi“Boeing 737 Airliner Fake Parts: Safety Whistleblower Charles Shi Ex Moog Aviation, China.” YouTube, Peter Borenius, 8 June 2017, http://www.youtube.com/watch?v=RmBdBXKrjDw.
viiMckenzie, Victoria. “Can America’s Air Safety Watchdogs Police Aviation Fraud?” Tucson Sentinel, The Crime Report, 20 Sept. 2017, http://www.tucsonsentinel.com/nationworld/report/092017_aviation_fraud/can-americas-air-safety-watchdogs-police-aviation-fraud/.
viii“Boeing 737 Airliner Fake Parts: Safety Whistleblower Charles Shi Ex Moog Aviation, China.” YouTube, Peter Borenius, 8 June 2017, http://www.youtube.com/watch?v=RmBdBXKrjDw.


Enhancing Your Supplier Verification Process

By: Anne-Liese Heinichen

With the release of DFARS 252.246.7008, supplier qualification requirements remain front and center in the US Government’s efforts to prevent counterfeit parts from entering the military supply chain. Of importance, not only to government contractors, is the topic of supplier assessment as a key element in every organization’s documented mitigation program/control plan.

While sourcing from the original component manufacturer or an authorized supplier should be specified whenever possible, the reality is that organizations are sometimes left with few options and are forced to seek alternate sources of supply, increasing the risk of a counterfeit encounter.

One of the responses we have seen at ERAI is the inclusion of statements in purchase order documents stating that, “no parts from China will be accepted” or that organizations will not procure from suppliers that have purchased parts from China. But provenance for a part is many times difficult and/or impossible to obtain directly back to the OCM if purchasing from outside of the authorized distribution channels.

When looking at ERAI alert statistics from 2007 through the third quarter of 2017, specifically at organizations that have been identified as the supplier of nonconforming parts, we see that the majority of suppliers are located in China (40%); 33% were located in the USA and the balance (27%) in different countries around the world, showing that a policy of not purchasing from Chinese suppliers alone is not a sufficient policy.



The inclusion of such language, although helpful, is not an adequate substitute for sourcing parts outside of your organization’s approved vendor/supplier list. Qualification of a supplier should ensure that the organization has implemented its own documented counterfeit mitigation program and maintains its own approved vendor list.

Common industry best practices cite requirements such as audits (on-site preferable), adherence to industry standards, quality certifications (which should always be validated), documented warranties and return policies, personnel certifications and training, documented purchasing and acceptance processes, trade references, performance history, and any recorded problems reported by industry data sources (e.g. ERAI and GIDEP). However, there are additional simple steps that organizations can take to enhance their supplier selection process.

Along with our public website (www.erai.com), ERAI maintains an internal proprietary database containing profiles of over 28,000 organizations that either purchase, sell, and/or integrate electronic parts and/or provide additional services to the industry. The profiles include addresses, individuals and their contact information, banking details, relationships to other organizations and references, when available.

As part of ERAI’s data collection process, we verify corporate registration (state, provincial, or federal); tax documentation; whether or not an organization has a CAGE code and addresses and contacts provided therein; searches for individuals and corporations on the US Consolidated Screening List; when and by whom a website domain was registered; and social media accounts. When focusing on an organization’s address, we use resources such as Google maps to initially determine if the address is legitimate or if the organization is using a virtual office space or mailbox facility (e.g. UPS Store). We may even go further to investigate who owns the property and for how long. Even simply “Googling” an organization, address, contacts and phone numbers can yield surprising results.

A recent example highlights how ERAI’s processes can be applied in your organization’s documented counterfeit mitigation program to identify supplier risk. An individual sought to subscribe her distribution company to ERAI’s services. The individual referenced her company’s website which featured UK phone and fax numbers, no company address, an ISO 9001 logo, and a statement that the organization was an “ISO9001-2008 certified company”.

ERAI requested a copy of the ISO 9001 certificate to which the individual responded that her company was “in process now” and when pressed, admitted that her organization was not certified.

Verification on the United Kingdom’s Companies House website showed the company was registered in 2012. A search of the registered office address in Google maps revealed the address appears to be a residence in a Welsh town. A Google search of this address produced Companies House data showing that a total of 222 companies are registered at this same address. Through cross-checks in our proprietary internal database, we uncovered five other industry-related organizations that purport to be located at the same Welsh address. ERAI has submitted an inquiry to the Welsh Coordinator of Companies House asking if or how registered addresses are verified but, to date, no response has been received.

The registered director is a Chinese national with an address in mainland China. An ERAI membership application was completed and returned providing the name of ten customers, located in Germany, Hungary, Turkey, Austria, Spain, Netherlands, South Korea, and China, as references. It is unknown whether those organizations are aware that the distributor is operating from mainland China.

Organizations are encouraged to follow the same processes as those in place at ERAI and perform verifications from all available data sources. Additionally, organizations should be proactively sharing their experiences with other organizations so that they too can use this data to identify risks before a financial loss or a counterfeit part enters their facility. The reality is that risk mitigation is a team sport, and every one of you is an important part of this team.

ERAI encourages members to contact our office for assistance with the supplier verification process. Prior to sustaining a loss or receiving counterfeit goods, if you receive a suspicious email or if you need tips on locating information publicly available on the Internet, let us know. Many times, even small insignificant details can be valuable data. Contact our office at 239-261-6268 or eraiinfo@erai.com with any inquiries.

ERAI Members: Did you know?

Under the ERAI search tab, Members can search the US Government’s Consolidated Screening List. Per the Bureau of Industry and Security, "the CSL is a streamlined collection of nine different "screening lists" from the U.S. Departments of Commerce, State, and the Treasury that contain names of individuals and companies with whom a U.S. company may not be allowed to do business due to U.S. export regulations, sanctions, or other restrictions. If a company or individual appears on the list, U.S. firms must do further research into the individual or company in accordance with the administering agency’s rules before doing business with them."




Florida Independent Distributors Plead Guilty to Exporting Prohibited Aircraft Parts to Syria

By: Kristal Snider

In October 2016 owners and employees of AW-Tronics, LLC, a Florida-based independent distributor, were charged with exporting prohibited articles to Syria and for their alleged participation in a conspiracy to violate the International Emergency Economic Powers Act (IEEPA), the Export Administration Regulations (EAR) and the Global Terrorism Sanctions Regulations by exporting dual-use goods, which are goods with both civilian and military applications.

On October 3, 2017 three of the named defendants, Ali Caby, Arash Caby and Marjan Caby, pleaded guilty for their role in the scheme and now await sentencing scheduled for mid-December. They face a statutory maximum sentence of up to 5 years in prison, 3 years of supervised release and a $250,000 fine.

The indictment laid out a history of illegal transactions dating back to 2013. When goods were purchased from US based vendors, the end-use declarations falsely listed the destination country as “USA” but would actually ship via DHL from the US to AW-Tronics’ Bulgarian office where they were forwarded on to Syrian Arab Airlines. Payments were then funneled from Syria to a travel agency in the United Arab Emirates (UAE) before being forwarded to accounts belonging to Ali and Arash Caby. The Treasury Department says the government-run airline transports weapons and ammunition in conjunction with the Hezbollah extremist organization and the Iranian Revolutionary Guards.

Arash Caby’s hearing proceedings revealed the government’s investigation uncovered other illegal transactions including the shipment of military items identified as air navigation equipment to China.

Ali Caby, aka “Alex Caby”, and Arash Caby, aka “Axel Caby”, were managing partners of AW-Tronics. Marjan Caby, an employee who worked in the Miami, FL office, was an internal auditor responsible for export compliance. The Cabys, including Catherine Caby aka Catherine Kafi-Keramati who was not named in the indictment, have owned and operated numerous companies in addition to AW-Tronics including but not limited to: Arrowtronic LLC, Aero Troniks LLC, aka Aerotroniks LLC, Dixie Air Parts Inc. and Factory Direkt LLC.

The Cabys’ companies started operating more than ten years ago grossing over $60 million in sales. The companies have sold over 500,000 aviation parts worldwide and had 720 active customers and over 100 employees. The number of customers has significantly diminished, the number of employees has dropped to eleven and the Bulgaria office has closed but the company remains in business.i


iArash Caby Hearing Proceedings Page 10

Additional Reading

Indictment
Department of Justice Press Release
Arash Caby Hearing Proceedings
Arrest Warrant Ali Caby aka Alex Caby
Plea Agreement Ali Caby aka Alex Caby
Arrest Warrant Arash Caby aka Axel Caby
Plea Agreement Arash Caby aka Axel Caby
Arrest Warrant Marjan Caby
Plea Agreement Marjan Caby



Counterfeit Electronic Parts Sold by MVP Micro and Affiliates Remain Unaccounted For

By: Kristal Snider

In January 2010, Mustafa Abdul Aljaff pleaded guilty to federal charges of conspiracy to traffic in counterfeit goods, defraud the United States and trafficking in counterfeit goods.  Co-defendant Neil Felahy pleaded guilty to federal charges of conspiracy to distribute counterfeit integrated circuits, commit mail fraud and trafficking in counterfeit goods.  Both men went to prison for their crimes.  A significant amount of data was contained in the sentencing memorandums and other court documents that had not been made public including, but not limited to, numerous parts identified as counterfeit during the government’s investigation that now appear in ERAI’s High Risk Part Database and are linked to the companies affiliated with Aljaff and Felahy.  Relevant publicly available court documents outlining the intricacies of this integrated circuit counterfeiting operation have also been uploaded and can be readily accessed through the ERAI website.

Aljaff and Felahy engaged in at least three types of counterfeiting activity.  They traded in salvaged, remarked parts purchased from China and other sources believed to be the byproduct of e-waste, personally enlisted the services of third parties to demark and remark parts, and directed and participated in the manufacturing of harvested integrated circuit die into new IC packaging.   Photographs of legitimate integrated circuits were sent to re-packaging/re-marking facilities with explicit instructions as to how to mark and manufacture these counterfeit integrated circuits.

From January 2006 until February 2009, Aljaff and Felahy took in gross receipts exceeding $7.5 million dollars. The government seized nine computers from MVP Micro which revealed the company’s office in China procured about 80% of its imported product.  Testimony given by Felahy estimates at least 50% of the parts sold by MVP and affiliated companies were counterfeit.  During the government’s investigation, undercover purchases were made for twelve part numbers:  six (50%) were identified as counterfeit by the IP holders, which aligned with Felahy’s estimation. 

According to CBP import records, during the two-year time period reflected in the indictment, 23 shipments containing 13,379 individual integrated circuits, which included devices marked military-grade and had military applications, were seized after being identified as counterfeit.  During this same time period, 787 shipments from China were delivered containing untold numbers of counterfeit parts.  None of the seized shipments were challenged as being legitimate goods which suggested Aljaff was aware the goods he was importing were counterfeit.  It is worth noting the 23rd seizure was made after the indictment in this case was returned.

MVP Micro sold and distributed parts to approximately 420 buyers in the United States and abroad, including the U.S. Department of the Navy, defense contractors and other broker/distributors within numerous industry sectors including industrial, consumer electronics, transportation, infrastructure, medical devices and systems, spacecraft, and military while using numerous company names and Internet websites including, but not limited to:

MVP Micro, Inc.
Labra
Pentagon Components
RH Distributors
Red Hat Distributors
Red Hot Distributors
Force One

The whereabouts of the majority of the parts sold by Aljaff and Felahy are unknown. 



“Defendant Felahy and co-defendant Aljaff had numerous employees working in a back office area “harvesting” die from integrated circuits. Surveillance of the MVP Micro location revealed several employees who were observed working inside the garage-type area, which has a roller door. The employees were observed dragging a drill press outside and into a nearby shaded area. One employee was observed drilling die using this machine. De-capped integrated circuits were found on the ground nearby. The workers would apparently take an integrated circuit, drill it to a certain depth, use acid to melt the remainder of the plastic encasement, then pluck the internal metal die using tweezers. On the MVP computers, the Government located transactions in which MVP sent a number of harvested die to Taiwan for repackaging with explicit instructions concerning the markings to be applied to the new encasement. This action is particularly disturbing as a buyer would have no possible external inspection method to determine that a device was suspect; on the outside it would appear brand new, complete with accurate markings.”i


iMustafa Aljaff Memorandum In Aid of Sentencing


Aerospace Distributor Sentenced for Supplying Defective Parts to DLA

By: Kristal Snider

On February 29, 2016, Paul Skiscim, President of Aerospec Inc., was arrested on federal charges of supplying defective airplane parts to the federal government for use in its aircraft, including military aircraft.i On September 18, 2017, Skiscim was sentenced to 26 months in prison, ordered to pay $420,000.00 in restitution to the Defense Logistics Agency and to forfeit cash and real-estate holdings valued at approximately $500,000.00 after entering a plea of guilty to count one of an eight count indictment: 18:38(a)(1) and 18:38(b) Fraud Involving Aircraft Parts In Interstate Commerce. Counts 2-8 were dismissed.ii

Details of the Scheme

In 2003 Paul Skiscim registered Aerospec Fastners, Inc. with the United States Government as a contractor and began bidding on contracts with the Defense Logistics Agency (“DLA”). Aerospec was engaged in the business of selling “fasteners” (screws, bolts and rivets) to both private industry and the government. Thousands of orders were awarded; numerous were found to be “non-conforming or defective” and bore falsified labels, which resulted in both Aerospec and Paul Skiscim being debarred on or about May 29, 2013 from doing any business with the United States Government until February 29, 2016.

The defective parts, “pin rivets”, were tested by DLA where it was determined the “shear strength” of the parts provided by Aerospec was 88% of the requirement of the specification called out in the government contract. These lower strength rivets, used to ensure the structural integrity of aircraft, “were to be used as replacements in C-5 cargo planes, A-10 fighters and B-52 bombers, according to a U.S. Department of Defense report to Congress.”iii

During this debarment period, Skiscim formed shell companies using the names of relatives or an alias to conceal his identity and continued to sell parts to the government collecting payments exceeding $2.8 million dollars in bank accounts controlled by Skiscim for parts, some of which were later identified as defective and non-conforming.

“It is critical that federal aircraft, including military aircraft, be built with the best parts available.  The defendant’s alleged scheme of supplying defective parts not only violated the law but showed a callous disregard for the safety of federal employees and our military personnel,” stated United States Attorney Capers. 

Aerocon Corp.
D & B: 079526429
Cage Code: 77VQ5
Aerospec Fastners, Inc.
D & B: 140781613
Cage Code: 3M7A1
Specialty Components, Inc.
D & B: 138848374
Cage Code: 3M0M5
Sun Tech Air Parts
D & B: 079154341
Cage Code: 6ZX41


iDepartment of Justice – Press Release https://www.justice.gov/usao-edny/pr/president-aviation-parts-company-arrested-fraudulently-supplying-defective-airplane
iiUnited States of America v. Paul Skiscim – Judgment In A Criminal Case
https://www.law360.com/articles/765078/aircraft-parts-co-prez-arrested-for-selling-faulty-parts
iiiUnited States of America v. Paul Skiscim - Complaint


How To Spot A Counterfeit Part: The “Counterfeit” Determination Dilemma

By: Anne-Liese Heinichen

While most government and private organizations can agree upon the definition of a counterfeit part, how, who and when to label a part as counterfeit remains a debatable issue. Within common industry standards, neither SAE AS9100, AS6081 nor AS5553 provide guidance on the matter. ARP6328 determines that, “the extent of inspection and testing depends on the level of risk the Organization and the Customer are willing to assume if a counterfeit part were used in the end-item equipment.”i

AS6171 does provide guidance in 3.7.1 Factors in Determination of Suspect/Counterfeit Parts, which includes the following language:

“The sum total of the observations from the complete Test Sequence is what establishes the overall conclusion. Counterfeit risk assessment requires an interpretation of the observation(s) and may require additional investigation within and outside the standard Test Sequence to determine if the indicator(s) are a quality concern in an authentic part or a counterfeit concern (see Appendix D).”ii

AS6171 goes on to provide some factors such as stating that one indicator may be enough for a determination if “conclusive enough” such as in the case of wrong or absent die; however, the next factor states that sometimes several factors may not be enough for a determination. Another factor recommends consultation with the original component manufacturer for a determination. It concludes by stating that, “if parts do not exhibit indicators that lead to a conclusion with a reasonable level of confidence that the parts are suspect/counterfeit, then the Test Laboratory shall make a final determination that the parts passed required testing and that there was no evidence of counterfeiting based on the testing performed.”iii Unfortunately, controversy surrounds AS6171 with many citing that the standard’s requirements do not allow for organizations to determine their own acceptable level of risk, are too strict and result in increased costs for organizations and their customers.

The Department of the Navy’s recently released “Counterfeit Materiel Process Guidebook, Guidelines for Mitigating the Risk of Counterfeit Materiel in the Supply Chain”, provides more detailed guidelines for determining whether or not materiel is suspect or counterfeit:


SUSPECT PART: (1) Part does not have the cut out "ears" on both sides of the mounting tab as shown on the mechanical drawings. (2) The assembly lot code and IR logo/date code lines appear on the part in wrong order compared to the spec. (3) Date code marking meets TO-263 format for RoHS and assembly line, but not the TO-220 format it should meet. (4) Part number is incomplete: "IR" missing. (5)Font of printing is different from a known good device. (6) “Shoulders" on outsides of exterior leads only; the spec shows “Shoulders” on both sides of all leads including center leg.

KNOWN GOOD PART: (1)Full Part Number. (2)Line sequence has IR logo and Date code in proper position per spec. (3) Date code format matches TO-220 format from IR marking per spec. (4) Cutouts on tab in place for both "ears". (5)All legs have "shoulders" on both sides.
“The two best methods by which to determine materiel is suspect counterfeit are to:

1. Identify multiple suspect counterfeit indicators.
2. Obtain information from the OM to support that it is counterfeit.

Appendices F and H list many of these indicators, along with a minor, moderate, or major significance, defined as follows:

• Minor indicator - sign of quality or handling issues that might not be related to counterfeiting
• Moderate indicator - definite cause of suspicion for the part’s authenticity
• Major indicator - strong risk that the part has been modified and qualifies as counterfeit

Using the above as a basis for assigning significance, a threshold for reporting materiel to PDREP and GIDEP as suspect counterfeit would occur if any one of the following conditions is true:

• One major indicator and one moderate indicator
• Three or more moderate indicators
• Two or more moderate indicators and two or more minor indicatorsiv

However, other than having direct confirmation from the Original Component Manufacturer, there is no widely accepted method for determining if a part is counterfeit. Many of the suspect parts reported to ERAI have undergone external and internal visual inspection test methods and were then classified as suspect counterfeit without further electrical testing being performed. Understandably, no organization would be expected to spend additional monies for extra testing on material that is already being rejected. Another problem involves the level of difficulty that organizations face when attempting to obtain assistance in authenticating product from original component manufacturers, especially for parts purchased from outside authorized or franchised distribution.

The need to detect, identify and classify material as authentic is of significant global importance in the electronics industry. Without clear industry or government direction, it is the responsibility of each organization in the supply chain to ensure that they have clearly defined how and when a counterfeit part determination is made and that this is specified within their documented counterfeit mitigation plan.


iSAE. Counterfeit EEE Part Detection. SAE ARP6328, SAE International, p. 19.
iiSAE. Factors in Determination of Suspect/Counterfeit Parts. SAE AS6171, SAE International, p. 46.
iiiSAE. Factors in Determination of Suspect/Counterfeit Parts. SAE AS6171, SAE International, p. 47.
ivOffice of the Assistant Secretary of the Navy (Research, Development & Acquisition) Acquisition and Business Management. Determination of Suspect Counterfeit. Counterfeit Materiel Process Guidebook, Guidelines for Mitigating the Risk of Counterfeit Materiel in the Supply Chain, Department of the Navy, p. 28.


New Class Added to InterCEPT’s Training Portfolio



ST-01: Industry Response to Counterfeits: An Overview of the Industry Standards

There are numerous industry standards that have been written specifically to address the issue of counterfeit electronic parts. Because many of the standards are written for a specific sector of the supply chain, an organization may be implementing one standard while requiring a different standard for their suppliers. Are you confused about which standards you should be using?

InterCEPT offers on-line classes in topics that are relevant to the effort to stop the proliferation of counterfeit electronic parts. The most recent on-line class offered by InterCEPT presents an overview of the various industry counterfeit mitigation standards, including the purpose and application of each standard. It also provides insight into how to select the right industry standard for your organization and how to use industry standards as requirements for your critical suppliers.

The approximately one hour class is recommended for anyone involved in the purchase, sale, inspection or integration of Electrical, Electronic, and Electromechanical (EEE) parts and materiel with job roles in contracting, management, purchasing, sales, quality, and engineering at Original Equipment Manufacturers (OEM), Integrators, Independent Distributors, Authorized Distributors, and Government Agencies.

ST-01 reviews the following standards setting organizations:

SAE
IDEA
IEC
CTI, Inc. (CCAP)

The following standards developed for manufacturers and integrators:

SAE AS5553
SAE ARP6328
SAE AS6462
SAE AS6174
SAE AS6886
IEC TS 62668

These standards developed for distributors:

SAE AS6081
SAE AS6301
SAE ARP6178
SAE AS6496
CAAP

Standards developed for counterfeit detection test methods:

SAE AS6171
IDEA-STD-1010B
CCAP

And discusses the application of standards within your organization including:

Best Practices
Self-Assessment
Certification
Flow-down on Purchase Orders

After reviewing the class content, students will:

Be familiar with the standard setting organizations.
Understand the purpose and application of each standard.
Be able to select the appropriate standard for implementation within your organization.
Understand how to use industry standards to develop a counterfeit mitigation program.
Understand how to flow-down industry standards to your suppliers.

Course handouts include a cross reference of standards to applicable organizations.


To receive notifications when new classes are added register for InterCEPT updates. You'll receive information as it becomes available on new classes, special offers, and more.





Q3 2017 Articles You Can’t Afford to Miss

Operation Wafers: over one million counterfeit semiconductors seized, reports ESIA
http://www.eenewseurope.com/news/operation-wafers-over-one-million-counterfeit-semiconductors-seized-reports-esia

Demand surge causes a shortage of components
https://www.electronicsweekly.com/news/business/distribution/demand-surge-causes-shortage-components-2017-07/

Quantum technology helps prevent counterfeit electronics
http://www.digitaljournal.com/tech-and-science/technology/quantum-technology-helps-prevent-counterfeit-electronics/article/497766

Field Failure is Not an Option
http://smt.iconnect007.com/index.php/article/105332/field-failure-is-not-an-option/105335/?skin=smt

Fake Chips on Amazon Are Nothing New
https://www.eetimes.com/author.asp?section_id=40&doc_id=1332054

SOS! Sourcing and Obsolescence Solutions
http://www.newelectronics.co.uk/electronics-technology/sos-sourcing-and-obsolescence-solutions/158350/

Counterfeit and Unapproved Aircraft Parts: Status
http://www.aviationsuppliers.org/COUNTERFEIT-AND-UNAPPROVED-AIRCRAFT-PARTS-STATUS

Danger signs in the electronics supply chain
http://www.autonews.com/article/20170828/OEM10/170829854/electronics-supply-chain

US institute aims to tackle microelectronics counterfeiting
https://www.securingindustry.com/electronics-and-industrial/us-institute-aims-to-tackle-microelectronics-counterfeiting/s105/a5553/#.WdKSk8ZryUm

Blockchain system tackles component counterfeiting
http://www.eenewseurope.com/news/blockchain-system-tackles-component-counterfeiting

Can America’s air safety watchdogs police aviation fraud?
http://www.tucsonsentinel.com/nationworld/report/092017_aviation_fraud/can-americas-air-safety-watchdogs-police-aviation-fraud/