Cloud Services Fraud: How Does This Embezzlement Scheme Work?

June 10, 2025

The U.S. Attorney's Office for the Western District of Washington announced that Francis-Curley, 31, was found guilty of two counts of wire fraud and one count of aggravated identity theft, resulting in nearly $700,000 in restitution.

His fraudulent activities began in 2019 when he exploited his position at a tech company to embezzle funds. By misusing cloud computing resources and accounts accessible to him, he purchased cloud services using company money and then resold or leased them back to the firm, personally profiting by more than $550,000.

He used these illicit gains to fund a lavish lifestyle, including private jet travel, luxury hotel stays, and a penthouse apartment in Seattle's Harbor Steps complex. Even after his employer discovered the fraud, he attempted to secure another half-million dollars by contacting customer service and corporate executives.

In 2020, Francis-Curley expanded his fraudulent activities by exploiting the Paycheck Protection Program (PPP), which was designed to support small businesses during the COVID-19 pandemic. Using fabricated companies, he obtained nearly $100,000 in relief funds, diverting money intended for struggling businesses.

His final scheme occurred in October 2022 when he fraudulently obtained a credit card in the name of his former romantic partner, accumulating an unpaid balance that continues to affect the victim.

Source: https://mynorthwest.com/crime_blotter/seattle-tech-worker/4066117\
 

Commentary

The perpetrator committed fraud on several levels. At his employer, he was provided purchasing authority that allowed him to embezzle funds; had access to the company's cloud computing resources; and then was in a position to sell those resources back to his employer.

Here's a general outline of how such a scheme might work:

  • An employee, often in a position of authority or with access to company funds, purchases cloud storage services from a third-party provider. This purchase is usually made under the guise of fulfilling a legitimate business need.
  • The employee sets up a shell company or uses an existing one that they control. This company is then positioned as a vendor that can provide cloud storage services.
  • The employee then resells the same cloud storage services to their employer at an inflated price through the shell company. The employer, unaware of the connection between the employee and the shell company, approves the purchase, believing it to be a legitimate business transaction.
  • The shell company invoices the employer for the cloud storage services. The employer processes the payment, which is then funneled back to the employee through the shell company.
  • To avoid detection, the employee may manipulate records, create false documentation, or use their position to bypass standard procurement procedures. They might also ensure that the transactions appear routine and within the scope of normal business operations.

The final takeaway is that this type of fraud is difficult to detect, especially if the employee has significant control over the procurement process or financial records. It often requires a thorough audit and investigation to uncover the connections between the employee and the shell company.

Finally, your opinion is important to us. Please complete the opinion survey: