Procurement Compliance

Procurement compliance and security are often put on the back burner when companies try to save money. They see the same devices they could buy from a reputable source for a much lower price on an eCommerce site. So they buy the cheaper version without a second thought. But as the old saying goes, “you get what you pay for.”

A recent $1 billion counterfeit Cisco device scheme is the perfect example of what happens when companies try to cut costs and ignore the warning signs that a deal is too good to be true.

According to recent reports, Onur Aksoy was arrested for allegedly selling counterfeit Cisco devices. Mr. Aksoy bought counterfeit devices from China and sold them on eCommerce sites such as Amazon and eBay. 

Once customers set up the equipment, they quickly discovered that the devices they bought from Aksoy’s online stores were defective. “Often, they would simply fail or otherwise malfunction, causing significant damage to their users’ networks and operations—in some cases, costing users tens of thousands of dollars,” the Justice Department said. “Customers of Aksoy’s fraudulent and counterfeit devices included hospitals, schools, government agencies, and the military.”

Through customer complaints, both Amazon and eBay shut down his online stores. However, he continued to sell the device on these sites by changing his company’s name, operating under 19 different company names from 2013 – 2020.

Cisco also caught on to the scheme, sending seven cease and desist letters to Aksoy from 2014 – 2020. Cisco said, “We are committed to maintaining the integrity and quality of Cisco products and services. Cisco is grateful to law enforcement and customs officials for their tremendous collaboration in this investigation and to the DOJ for bringing the perpetrator to justice.”

Let’s Simplify Compliance

HIPAA and device security go hand-in-hand. Protect your business, become compliant today!

Learn More!
HIPAA Seal of Compliance

How did he get away with the scheme for so long? Other than changing his company name multiple times and using an alias (Dave Durden), the devices that Aksoy was selling looked genuine. The counterfeit devices were older and inexpensive equipment retrofitted to appear as newer, more expensive models. They were also packaged with realistic-looking boxes, labels, and documentation.

“As alleged, the Chinese counterfeiters often added pirated Cisco software and unauthorized, low-quality, or unreliable components—including components to circumvent technological measures added by Cisco to the software to check for software license compliance and to authenticate the hardware,” the Justice Department said. 

In July 2022, the fraudulent scheme finally caught up to Aksoy when the Department of Justice indicted him. However, the government has long known about his scheme, with the US Customs and Border Protection seizing approximately 180 shipments of his Chinese counterfeiters since he started his scheme. U.S. agents also raided one of his warehouses in July 2021 and seized 1,156 counterfeit Cisco devices (worth $7 million).

Procurement Security: Mitigating Procurement Compliance Risk

There is a lot to be learned from a case like this. When it comes to procurement security, saving a few bucks is definitely not worth the risk. Using these faulty devices can cost a business infinitely more than it may have “saved” by buying devices from an untrusted source. Procurement compliance