Comment by anonzzzies

Yes, in an ideal world, they would find the fraudster and lock them up. But that’s not feasible and they need something to happen. Punishing the business owner makes no sense in many cases (like this one; you are not going to try to fraud your own system after 7 years of no issues), but that’s the only one they can get to.