Thursday, April 25, 2019

Tom Cronkright of CertifID Talks Fraud

By MBA Insights Staff
July 16, 2018

Thomas W. Cronkright II

MBA Insights posed questions to Thomas W. Cronkright II, CEO of CertifID, Grand Rapids, Mich., a software company focused on preventing wire fraud in the real estate, lending and title industries. He is also a founding member of Sun Title Agency, Grand Rapids, and serves as its CEO. He is an attorney admitted to practice in Michigan and holds a real estate broker's license. More about CertifID can be found at

MBA INSIGHTS: You were once a victim of fraud. Can you explain what happened and how it impacted you personally and professionally?

TomCronkrightTHOMAS CRONKRIGHT II, CERTIFID: My title company, Sun Title, fell victim to a $180,000 wire fraud in 2015. We spent two years recovering $140,000 of those stolen funds.

When wire fraud hits an organization and its owners, it's a life event. You're immediately gripped with fear, anxiety and the realization that you have been exposed. You never get over that feeling and each day you wake up with a level of paranoia that extends far beyond the general business risks. That said, we are grateful it happened because it forced us to tighten up our security measures and create a solution to prevent wire fraud in United States.

INSIGHTS: How did your experience motivate you to form CertifID?

CRONKRIGHT: Our experience gave us an inside view of the sophistication and relentless commitment of the cyber fraud syndicates. What led us to create CertifID is that 16 months following our fraud, we had a buyer on one of our transactions standing in a credit union branch holding fake wiring instructions purporting to be ours. The buyer believed they were communicating with one of our employees, when in fact a cyber perpetrator had created a fake domain, employee email address and fraudulent wiring instructions that were provided to the buyer. The timing, sophistication, and accuracy of this fraud provided awareness that a new dimension of their understanding and domain expertise for real estate transactions had opened up. CertifID had to be created to keep enterprises, clients and customers safe from the evolving threat.

INSIGHTS: It's been a year since the Equifax data breach. Have we as an industry learned any lessons from that?

CRONKRIGHT: Equifax was just one of a multitude of breaches that have taken place in the past year or so. Due to media coverage surrounding that breach, industry awareness increased around the risks associated with collecting and storing personally identifiable information.

We have to assume that the personal information of our customers has been compromised and may be used at any time to impersonate them. The industry participants who have invested further in cyber security and refined practices should be applauded. For example, Bank of America appears to have deployed a real-time fraud detection solution that flags suspicious wire transfers coming into an account and proactively notifies the sender if there is an issue--brilliant.

It's the industry participants who think cyber fraud is "someone else's problem" that expose the rest of the transaction ecosystem. This is everyone's problem and we have to work together to solve it.

INSIGHTS: Do you see the regulatory or legislative landscape changing, as some lawmakers express pessimism in the ability of the industry to effectively prevent cybercrime?

CRONKRIGHT: Great question. It feels like the war on cybercrime is similar to that to the war on drugs--just when you take one cybercriminal off the grid, two more appear. The good thing is that cyber criminals leave a digital fingerprint, so the optimist in me says we should be able to shut it down. Operation Wire Wire and the most recent Operation Keyboard Warrior should send clear signals to these criminals that their actions will not go unaccounted for.

From a legislative perspective, any new laws would need to delicately balance providing access to critical information we need as enterprises to safely transfer funds with the privacy rights of account holders and transaction participants. If we move in the direction of more transparency down the account level, we would have to tread very lightly so as to avoid opening Pandora's Box.

INSIGHTS: You recently published a white paper ( noting cybercriminals are targeting the construction industry for wire fraud. Do they see this field as less sophisticated as other industries? Why should lenders be on alert over this?

CRONKRIGHT: It's really a matter of transaction unit volume and transactional complexity--both creating fertile opportunity for fraudsters. New construction is the fastest-growing segment of the real estate market. As refinance transactions dwindle, fraudsters move their attention to where the activity is taking place--where the money is.

Now, consider that new construction transactions involve more parties than refinance, which means several additional possibilities for fraud. For example, we've seen developers' identities being spoofed (the email with wiring instructions seems to come from that developer, but is actually coming from a fraudster) so that their proceeds from a new lot purchase at close are sent to the cybercriminal. Similarly, some builders are spoofed so that the lender sends monthly draw payments to the fraudster, rather than the actual builder.

Lenders, real estate agents, title and escrow providers and attorneys must be on high alert because we are ALL at risk. We are all responsible for doing our best to inform and protect the consumer from being defrauded. As fraud increases and losses mount, it's entirely possible that ALL participants to the transaction are held liable to some degree when a consumer is defrauded. A long-standing legal principle asks, "Who is in the best position to protect and defend against the loss or crime?" With all of the industry's awareness and knowledge, there is a duty to do more to inform and protect consumers from loss.

INSIGHTS: Are these fraudsters domestic, or international?

CRONKRIGHT: Both. The fraud perpetrated on Sun Title extended across six different countries and included a network of stateside "money mules" that receive and transfer funds in real time. Recent enforcement actions support the fact that it's a multi-jurisdictional issue.

INSIGHTS: Most victims don't know they've been a victim of wire fraud until after the fact. How does your company work to ensure that there are protocols in place to prevent such fraud?

CRONKRIGHT: CertifID is simple: confirm identity and securely share information directly to a device. We harness billions of digital records to confirm a device has not been tampered with. We also confirm the identity of the individual through other security layers that we've implemented. This allows enterprises to confirm wiring information before they release funds and allows buyers and lenders to safely receive trustworthy wiring instructions. We also guarantee each transfer up to $500k. Wire fraud is a symptom of the inability to confirm identity at critical points in a transaction. CertifID fills that void.

INSIGHTS: Cybercriminals have demonstrated the ability to adapt as new anti-crime measures are put in place. How does your company stay ahead of these mutations?

CRONKRIGHT: In the past two weeks we have seen cases where wiring instructions include the name of the company and the person the recipient believes they should be dealing with, but the account number that's included is an entirely different account which is actually under the control of the fraudster. We're also seeing more and more instances in which fraudsters are actually calling buyers and impersonating the title company to convince the buyer to trust wiring information that's being emailed to them. These calls are timely, accurate and incredibly convincing.

Most frauds are hatched after the fraudster gains access to somebody's email account. This means a fraudulent caller can even win the trust of a skeptical lender or buyer by knowing otherwise protected information-such as the exact amount of cash expected at close.

CertifID ensures customers and enterprises that wiring information will never be sent or acknowledged through email, attachment, or hyperlink. And once an identity has been confirmed, the information that is being shared automatically displays on the recipient's device. This is a significant differentiation in the security landscape and makes it extremely easy for consumers.

Finally, we're aware that almost every day brings a more advanced and sophisticated type of fraud. So we work around the clock to stay on top of new threats as well as how to counter them.

(Views expressed in this article do not necessarily reflect policy of the Mortgage Bankers Association, nor do they connote an MBA endorsement of a specific company, product or service. MBA Insights welcomes your submissions. Inquiries can be sent to Mike Sorohan, editor, at; or Michael Tucker, editorial manager, at

Share this article