The Structure and Warning Signs of Circular Transactions: Lessons from the KDDI Case

“Are there any compliance issues here?”

One of the three major telecommunications companies in Japan, KDDI, began investigating after Makoto Takahashi—then President and now Chairman—found the sudden surge in revenue unusual and raised compliance concerns. The investigation ultimately revealed that revenue at KDDI subsidiaries had been overstated by JPY 246.1 billion (approximately KRW 2.29 trillion), and that 99.7% of the total consisted of fictitious transactions structured through circular arrangements.

According to the recently disclosed investigation report related to KDDI, this case is significant not merely because it involved fictitious transactions, but because it shows how sham transactions without real substance were made to appear as legitimate sales, while funds circulated through multiple companies and eventually returned to the starting point. In that sense, it stands as a noteworthy example of long-running circular transactions maintained over an extended period.

According to the report of KDDI’s Special Investigation Committee, the advertising agency business involving subsidiaries BIGLOBE and G-PLAN included sham circular transactions lacking economic substance, involving a total of 21 advertising agencies. The cumulative impact on reported revenue was disclosed as JPY 246.1 billion.

What is particularly striking in this case is how sophisticated the transaction structure appears to have been. The report explains that the flow of funds moved from upstream advertising agencies to the subsidiaries, then to downstream advertising agencies, and ultimately back again to the upstream agencies. On the surface, this could easily look like a series of legitimate transactions involving multiple counterparties. In reality, however, it was a structure in which transactions without economic substance were sustained through the circulation of funds.

More importantly, this structure was reportedly sustained by exploiting differences in payment terms. Some downstream counterparties and BIGLOBE operated on short payment terms, such as 15 days. As a result, it became possible to make advance payments downstream before funds were received from upstream. This advance-payment structure effectively served as the fuel that kept the circular scheme running. As the transactions repeated, the total volume had to grow larger to cover payments from prior cycles as well as fees taken by participating parties.

Another notable point is the concentration of responsibilities in the hands of a very limited number of individuals. According to the report, two individuals—Person A and Person B—effectively controlled the transaction design, performance reporting, allocation of amounts, invoicing, and payment-related communications. This made it difficult for other employees to fully understand or challenge the overall transaction flow. Contracts and invoices existed, but substantive verification was weak, and fabricated performance reports were allegedly adjusted in ways that made them look even more plausible.

Fraud of this kind can easily appear, on the surface, to be nothing more than a “fast-growing new business.” In fact, external reporting also described the advertising business as a rapidly growing operation, and the employees involved reportedly received promotions and rewards. Yet the investigation found that only 0.3% of the transactions involved actual advertisers, while the remaining 99.7% were fictitious. In other words, visible growth and real business substance were two entirely different things.

From a practical risk management perspective, this case brings to mind several common red flags:

• Repeated transactions where payments are made before collections are received

• Unusually short payment terms applied to a particular group of counterparties

• Large-value transactions occurring soon after new vendors or counterparties are created

• Contracts and invoices exist, but evidence of actual performance is weak

• Transaction creation, modification, approval, and settlement communications are concentrated in one employee or a very small number of individuals

The KDDI investigation report likewise identified several root causes, including overreliance on certain personnel, failure to segregate duties in the ordering and payment processes, insufficient verification of transaction substance, weak credit management, and inadequate internal audit oversight.

Ultimately, this type of issue is difficult to detect by reviewing a single journal entry or voucher in isolation.

Only when payment terms and advance payment patterns, transaction substance and supporting evidence, counterparty network structures, segregation of duties, and concentration of responsibilities are analyzed together does the broader structural abnormality become visible.

Recent cases make one thing clear.

Fraud is no longer limited to simple fake invoices or one-off embezzlement. It is increasingly evolving into schemes that are designed to look like normal business transactions, with funds, documents, and operational processes carefully aligned and sustained over long periods. That is why CEOs, CFOs, and internal audit leaders need to look beyond isolated unusual transactions and focus on abnormalities in the overall transaction structure.

From this perspective, companies need a more sophisticated approach to proactive risk review. For example, it is becoming increasingly important to analyze combined scenarios such as the following:

• Payment terms by counterparty that are unusually short or otherwise structurally inconsistent

• Abnormally fast payments to specific counterparties

• Payments made without sufficient support from actual order records, performance evidence, or inspection trails

• Unusually rapid spending involving newly created counterparties

• Cases where a limited number of employees simultaneously handle vendor creation, modification, and approval

• Self-approval by specific employees

• Abnormally short lead times from order approval to AP payment

From this perspective, GRAM Radar is a data-driven Financial Risk Quick Scan designed to assess financial and transaction data in a combined manner—covering unusual payment terms, advance-payment patterns, weaknesses in transaction substance, anomalies in counterparty networks, concentration of responsibilities, and signs of control override. Rather than viewing recent cases as issues that happened only at other companies, a far more practical and cost-effective response may be to assess whether similar signals already exist within your own company’s data.