The single most important hard drive in the Wirecard fraud, the one that eventually brought down Europe’s most valuable fintech, was nearly destroyed by a mother who had no legal training, no finance background, and no idea what an offshore escrow account was. She just knew her son was being followed in Singapore, and she knew the documents on his laptop were the only thing keeping him alive.
Her name is Sokhbir Kaur. Her son is Pavandeep Gill, known as Pav, then a junior in-house lawyer at Wirecard’s Asia-Pacific headquarters. In early 2018, when Wirecard’s Munich leadership shut down his internal investigation and pushed him out of the company, it was Sokhbir who copied the files, kept them when Pav wanted to walk away, and eventually picked up the phone to the Financial Times.
Without that phone call, Jan Marsalek is probably still the chief operating officer of a DAX 30 company. Markus Braun is probably still a billionaire. And €1.9bn that never existed is probably still being audited as if it did.
The lawyer in Suntec Tower Two
Pav Gill joined Wirecard’s Singapore office in the mid-2010s as a legal counsel for the Asia-Pacific region. The job looked like a clean upward step. A fast-growing German fintech, a regional headquarters in Suntec, the kind of role that builds a career.
Within months, he was reading internal emails that described what looked like round-tripped revenue, forged contracts and money moving through third-party acquirers in Dubai, Manila and Auckland to inflate Wirecard’s reported earnings. Gill commissioned an internal investigation, the kind of step a competent in-house counsel takes when staff start describing what sounds like accounting fraud in writing.
The investigation produced a draft report that described potential forgery, falsification of accounts and money laundering. It named names. It was, in effect, the receipt for the entire later scandal.
What happened next is the part that should be taught in every corporate governance class. The investigation was not escalated to the supervisory board. Gill was sidelined, then forced out. The internal investigation was paused. Munich, the company’s headquarters and the seat of CEO Markus Braun and COO Jan Marsalek, treated the Singapore findings as an inconvenience to be managed, not a fire to be put out.
The mother who refused to let it go
Pav Gill went home to his mother’s flat in Singapore. He was, by his later accounts to the FT and to Bloomberg, exhausted, frightened and ready to move on. He had a new job to find. He had legal exposure to worry about. The simplest thing was to delete the files and never speak about Wirecard again.
Sokhbir Kaur would not let him.
She copied the documents off his laptop and stored them. When private investigators began following him around Singapore, surveillance later linked in court reporting to a network around Wirecard, she became more, not less, determined. She wrote to journalists. An email that eventually reached Dan McCrum at the Financial Times came from her. She asked McCrum to speak to Pav. She told him there was a story.
Watch the full story on the Silicon Canals YouTube channel.
It is hard to overstate how unusual this is. Whistleblower research describes a fairly consistent profile: morally sensitive individuals with a strong ethical identity who act despite the predictable cost. The psychology of whistleblowing tends to focus on the individual employee at the centre of the storm. The Wirecard case is one of the few large modern frauds where the decisive act of moral courage was performed by a family member of the whistleblower, not the whistleblower himself.
A second source the company did not know existed
By the time Wirecard’s lawyers were sending threatening letters to the FT and BaFin, Germany’s financial regulator, had filed criminal complaints against journalists for alleged market manipulation, McCrum already had a parallel archive. He had the internal investigation draft. He had internal Wirecard emails. He had spreadsheets showing the suspicious flows.
These were the documents that powered the FT’s investigation from 2019 onwards, the series that produced “House of Wirecard” stories naming the alleged Singapore wrongdoing, prompting the KPMG special audit and ultimately the KPMG report published in April 2020. KPMG concluded it could not verify the bulk of Wirecard’s reported profits from its third-party acquiring business. That was the same business model Gill’s investigation had flagged two years earlier.
Two months later, on 22 June 2020, Wirecard’s management board admitted in an ad-hoc disclosure that €1.9bn supposedly held in trustee accounts in the Philippines “probably does not exist.” The Philippine central bank confirmed it had no record of the money ever entering the country’s banking system. BDO and BPI, the two banks named in Wirecard’s fabricated paperwork, denounced the documents as forged.
The company filed for insolvency a week later. Marsalek vanished. A German federal warrant for his arrest is still live on the BKA website. Markus Braun denies wrongdoing and says he was deceived by Marsalek; his Munich trial verdict is expected in 2026.
What the Singapore investigation actually said
The detail that makes Gill’s case so unusual among modern corporate frauds is timing. He did not raise his concerns in 2020, after the collapse. He raised them in 2018, two years before the public unravelling, while Wirecard was still being valued by the market at more than €24bn, briefly more than Deutsche Bank.
His draft internal investigation report described practices that matched, line for line, what KPMG would later confirm it could not verify and what Munich prosecutors would later allege in court. He gave the company a chance to fix itself. The company chose not to take it. Singapore police later raided Wirecard’s regional office in February 2019. The company publicly described the raid as a misunderstanding while privately treating Gill, by then long gone, as the leak.
That same month, BaFin took the extraordinary step of banning short selling in Wirecard stock — the only single-stock short ban in German regulatory history — and referred FT journalists to prosecutors for suspected market manipulation. The regulator was, in effect, defending the company against the people trying to expose it. The information that BaFin needed to draw the opposite conclusion was already sitting on Sokhbir Kaur’s copy of her son’s hard drive.
Why the mother mattered more than the son
Writing on moral courage describes a familiar gap between what people believe they will do under pressure and what they actually do. Most adults believe they would refuse an unethical instruction almost immediately. The historical data, and decades of laboratory work, say otherwise. The people who actually intervene tend to feel the wrongness more sharply. They are harder to talk down.
Pav Gill, by his own later accounts, had done the morally courageous thing inside the company. He commissioned the investigation. He documented the findings. He pushed for escalation. Then he was worn down. By surveillance, by legal threats, by the simple exhaustion of being a junior lawyer fighting a multibillion-euro company that controlled his career references.
His mother was not worn down. She had no career inside Wirecard to lose. She had no professional relationships to preserve. She had a son being followed and a stack of documents she believed proved why.
Family dynamics rarely show up in fraud case studies. They probably should. The Greater Good Science Center at UC Berkeley has written extensively about how parental relationships shape adult decision-making during crises, usually in the context of repair after rupture. The Gill case is the inverse: a functional, close mother-son relationship that supplied the second person needed to keep moral courage from collapsing into self-protection. One person inside the building knew. Two people, one of them outside the building and refusing to forget, could act.
The cost of being right early
Pav Gill spent the years between 2018 and 2020 in a kind of professional purgatory. He had left Wirecard. The fraud he had documented was, on paper, not a fraud. The company was still listed, still audited by EY, still defended by BaFin. The German press was largely hostile to the FT’s reporting. Anyone who Googled Gill’s name found a former Wirecard lawyer with a complicated exit story.
The pattern of whistleblower experience is described with grim consistency in foundational academic work: career damage, social isolation, financial strain, and a long delay between disclosure and vindication. Gill’s vindication arrived in June 2020, two and a half years after he first raised the alarm internally. By then he had already lived through the version of the story where he was wrong.
He has since founded Confide, a whistleblower platform built around the lesson he learned the hard way: that the moment of disclosure is not the dangerous moment. The dangerous moment is the eighteen months afterwards, when the company is still standing, the regulator is still on the wrong side, and the person who spoke up is alone with their evidence.
What Munich did not find
German prosecutors in Munich have spent years assembling the criminal case against Markus Braun and his co-defendants. The trial has heard from auditors, board members, banking partners and one of Braun’s former deputies who turned state’s witness. The documents that drive much of the prosecution’s narrative on the Asia-Pacific side trace back, directly or indirectly, to the Singapore investigation that Wirecard tried to shut down in 2018.
What Munich did not have in 2018, and what BaFin did not have, and what EY did not have, and what the supervisory board did not have, was the same evidence that one mother in Singapore had decided not to throw away. Whether senior officials in Germany would have used that evidence had they received it earlier is a separate question, and one the parliamentary inquiry into BaFin and the audit profession has spent years arguing about. The evidence itself survived because of a decision made at a kitchen table, not at a regulator’s desk.
The Wirecard story is usually told as the story of two men: Markus Braun, the CEO who insists he was deceived, and Jan Marsalek, the COO now believed by Western intelligence services to have been working with Russian services for years and last reported to be living in Moscow. The 2025 Old Bailey convictions of a Bulgarian spy ring that allegedly took instructions from Marsalek deepened that part of the story considerably.
But the reason any of it became public, the reason the €1.9bn that did not exist was finally admitted not to exist, is a quieter story. A junior lawyer documented a fraud. The company tried to make the documentation disappear. His mother decided it would not.
Corporate frauds do not succeed because regulators are stupid or because auditors are lazy, though sometimes they are both. They succeed because the paper trail gets shredded before anyone with subpoena power thinks to ask for it. Wirecard nearly worked. It came within one laptop, one mother, and one refusal of being the perfect crime. The institutions paid to catch it — BaFin, EY, the supervisory board, the German financial press — did not catch it. A woman in a Singapore flat did, and only because she would not be talked out of caring. That is not a system. That is luck dressed up as oversight, and the next €1.9bn is being audited as we speak.
