In record turnout, nearly 8,000 compliance champions, regulators and investigators took part in ACFCS’ Fourth Annual Fincrime Virtual Week: dogged detectives dedicated to deducting, deterring dirty money

By Brian Monroe
bmonroe@acfcs.org
August 14, 2023

Nearly 8,000 financial crime compliance professionals – current and former anti-money laundering officers and fraud fighters, regulators, investigators and watchdog groups – took part in ACFCS’ Fourth Annual Fincrime Virtual Week, a record from our prior best of nearly 6,000.

The virtual conference ran last week, from August 7-11, with the overarching theme of empowering the community to “Crack the case and change the world,” a return to the classic archetype of the pipe-smoking, ruthlessly relentless, details-driven detective.

Whether you considered yourself more of a quick-thinking Hercule Poirot, a dogged Lieutenant Columbo or methodical Sherlock Holmes, from greenhorn gumshoe to seasoned sleuth, FVW 2023 had something for everyone across 35-plus sessions and dozens of speakers with decades of public and private-sector experience.

The event had top investigative and regulatory agencies from around the globe, including the United States, Canada, Europe and more, offering practical tips, tricks and tools across the spectrum of financial crime, from technology tuning to risk pruning, open-source data dives to tracking trafficking, changing, even saving lives.

Here are some overarching snapshots:

• Tech for good: The double-edged sword of technology is getting sharper – as fincrime compliance teams, government investigators and blockchain analytics groups better tame and wield data using artificial intelligence.
• Tech for ill: The other side of the machine arms race: criminals are also getting better at using these same tools to deepfake themselves into anyone, sports stars, celebrities – even you.
• Until all are one: More formally distinct frauds and crimes are also merging into monstrous hybrids: romance scams, crypto frauds and money muling into pig butchering. To counter this, more banks are engaging in specialized monitoring, and even training, for vulnerable populations, such as students and seniors.
• Partnering up: At an institution level, more than ever, you need to be more connected to other institutions, regulators and the government agencies you deserve, ideally in formalized and streamlined public-private partnerships.
• Career fears: On an individual level, to grow in your career, expand knowledge and broaden skills: don’t dread mistakes – fearing to fail is failing to learn. Moreover, share your insight, understanding and unique perspective in your own voice by writing, publishing and becoming a content producer, breaking the job search paradigm by drawing recruiters to you.

Through the eyes of an attendee: FVW 2023 – a tapestry of innovation, convergence, community

But maybe the best sentiment about what the conference means to the community comes from attendees themselves.

• The event covered the “newest trends while anticipating future challenges as well as best shared practices for adoption.”
• The conference “catered seamlessly to every diverse learning style. What set this event apart was its commitment to delivering valuable content without compromising on convenience by accommodating even for participants with the most demanding of schedules.
• A true testament to its expansive reach, the event offered an intricate tapestry of focus areas, spanning from the rigors of OSINT research and money mule detection to the beguiling realm of forecasting how fraudsters harness generative AI.
• This heterogeneity of subject matters ensured that every attendee was engaged, enlightened, and equipped to navigate the dynamic facets of financial crime.
• The interactive nature of the sessions was a standout feature, where engaging polling sequences, thought-provoking questions, and immersive real-world scenarios that were crafted meticulously with attention to detail, fostered an enriching learning environment for all.

In all, Saadon stated that attendees were “empowered with a treasure trove of high-level insights,” he said.

The thought leadership spanned the gamut of fincrime compliance risks, with sessions “offering guidance on emerging risks, cross-examining case studies that bridged criminal trends with compliance controls and investigative techniques, with practical training that transcended the traditional role of a financial crime professional.”

FVW Day One: The Game is Afoot – U.S. Treasury highlights challenges, incoming counterbattery fire

So what is the biggest vulnerability for financial crime, fraud and money laundering for crypto?

That is just one of the many illicit finance issues analyzed in our keynote session Monday to kickoff ACFCS’ Fourth Annual Fincrime Virtual Week

The panel, chaired by a top U.S. Treasury official, spanned the gamut of fincrime compliance and investigative challenges, including cyber-enabled fraudsters, terrorist financing, corrupt oligarchs and their enablers and the continued fight to illumine corporate opacity.

One gaping gap across the globe continues to be crypto – a persisting ignoble irony as many large economies work to bolster oversight of virtual value.

The reason: because even as the U.S., the United Kingdon and, in particular, Europe, craft historic rules to graft anti-money laundering, counter fraud, and investor consumer protection rules to virtual assets, illicit groups simple slither away to another region with weaker regulations or enforcement.

“Virtual assets’ biggest vulnerability is the lack of global regulation and supervision on a consistent basis,” said the government official. “It is something we are working on with our partners who do supervise and regulate [virtual assets] to bilaterally encourage jurisdictions without these [rules, controls and oversight] to up their game.”

Beyond that, federal investigative agencies across the U.S. government will be focusing and refocusing on a broad array of priorities, the panelist said, and fraud is at the top of the list.

For instance, investigators will be devoting more resources to healthcare fraud, including telemedicine scams. They will also be more aggressively going after cyber-enabled frauds, including business email compromise (BEC) attacks.

Teams will also be working to better protect and triangulate when virtual investment scams, BEC and malware and ransomware attacks target seniors, a vulnerable and victimized group on the radar of scammers.

Federal law enforcement also want to stamp out a seemingly endless stream of money mule networks, a key portal that actually – wittingly and unwittingly – moves the proceeds of the above-referenced scams through banks, money remitters, and crypto exchanges.

The war in Ukraine has also refocused the lens on the proceeds of corruption, including professional enablers, trustees and professional services firms creating legal entities with impenetrable ownership structures and Russian money laundering networks attempting to take advantage of peer-to-peer payment apps, like Cash App, Zelle and Venmo.

FVW Day Two: Cracking the case – tracking, tackling human, wildlife traffickers, mules, scammers

Day two was devoted to honing and harnessing old-school investigative tactics, in some cases to change and even save lives, such as in the case of human trafficking.

On that note, When it comes to fighting human trafficking, fincrime compliance officers need to look for more than just a business that might be trafficking or a victim that needs saving.

There are also professional human trafficking “brokers” who have made it their business to try and keep the supply of individuals, typically women, moving from one origin country, like China or South and North Korea, to places like the United States and Canada, according to speakers in our session Tuesday on Day Two of ACFCS’ Fincrime Virtual Week.

These illicit human trafficking brokers – such as VISA or immigration facilitators – bear similarities to other “professional” illicit operators like professional money launderers and professional services firms, who create shell companies to hide beneficial ownership details.

But that begs the question: how can you tell a bad VISA operation from a legitimate one?

One key red flag: their advertising.

Potentially illicit VISA brokers say things like foreign workers don’t need any experience, any skills and that the target company will even pay their entire tuition.

“Who offers to pay for your entire tuition, just to come work for them from another country?” said Youngbee Dale, head of Dale Consulting. “No one, unless you are doing something shady.”

Wildlife trafficking: A $10 billion illicit industry built on hunger, greed to needlessly exploit animals for fur, fins, tusks

Our afternoon session on wildlife trafficking was particularly emotional and galling, putting front and center the greed and callousness of a human heart gone dark.

In this illustration, an artist captures some of the key points, money laundering tactics and ways fincrime compliance professionals can get involved in stopping wildlife trafficking, a horrible crime that has soared in recent years to a nearly $10 billion a year industry – and that’s not even counting illegal fisheries.

The session included speakers from Canada’s financial intelligence unit, Fintrac, which engaged in analysis of the illicit wildlife trade and related laundering red flags called “Project Anton.”

Canada has been an international trailblazer in the area of public-private partnerships to go after specific criminal acts and laundering tactics, including human trafficking, child exploitation and others.

In this project, they parsed out important typologies and transactional tells, eventually producing an operational alert to help banks in Canada, and the world over, better identify, report on and stop those profiting from the senseless harming and killing of animals for things like tusks, fins and furs.

One tip for banks when filing suspicious transaction reports is to be more concise and precise with their business descriptors by putting more accurate North American Industry Classification System (NAICS) codes.

NAICS codes are used to classify businesses by type, so that data for businesses in North America, in such regions as the United States, Mexico, and Canada, can be presented and analyzed in a uniform manner.

For instance, in the report, don’t just refer to a store that has pets or sells items that could be tied to illicit wildlife trafficking under the general “retailer” NAICS code.

To help with data mining, actually say the suspicious business is a pet store or restaurant.

“The general electronics code is not helpful for counterproliferation finance issues,” one speaker said.

How to break up with a romance scammer: It’s not me, it’s you

While wildlife traffickers can be cruel inhumane to animals, foreign scammers can be cruel and inhumane to their fellow humans.

If you feel like you can’t go anywhere without getting a scam call on your house phone, a scam text to your cell phone or spam in your email, you are correct.

In our session “Romancing the Scam - The New Reality of Romance Scams,” speakers from the public and private sectors covered many of the scheming and devious ways scammers get people to part with their money.

One scam that is on the rise, and is part of a fraudster industry stealing tens of billions per year, is pig butchering.

This hybrid scam vector combines elements of a romance scam with a relationship that moves into a cryptocurrency scam.

It can start with a stray text, saying they are a friend in the area, their dog needs a doctor’s appointment or they miss you – even if the text wasn’t meant for you.

After weeks or months, the scammer “introduces” the victim to a crypto investment platform that has made them rich. You know this investment strategy works because the scammer shares their wealthy, luxurious lifestyle with you, the love of their heart.

And then, when you try to take the money out, the scheme collapses.

“Pig butchering is a term that comes from China,” said Erin West, a Cybercrime and Crypto Prosecutor and Deputy District Attorney in Santa Clara County in California.

“It is a form of scam that they have invented and perfected and is done to this day. They will fatten up their victims for a series of months and then eat that victim from tail to snout and take every penny they have.”

FVW Day Three: Fincrime Around the Globe – Africa, Canada, the EU and more

Day Three of FVW had the theme of hopscotching the planet to get regional perspectives of challenges and tips to solve them from top thought leaders in the government and private industry spaces in Europe, the Nordics, Africa, Canada and more.

One illuminating stop was Nigeria, a hub of innovation in Africa, with a burgeoning financial technology sector and a growing community of fincrime professionals looking to bolster compliance countermeasures across the region.

But it is also a region facing a host of challenges, in part due to Nigeria’s duality.

The country is among the most aggressive across Africa to adopt and use cryptocurrencies, a more recent avenue for criminals and fraudsters to launder money, and has wrestled with ever more creative fraudsters in the region.

This puts new pressure on compliance teams and government investigators to work together to follow the money in and out of virtual worlds, including through stronger public-private partnerships, engaging the budding industy of blockchain analytics firms and leveraging emerging technologies, such as artificial intelligence.

One longstanding tension tackled by speakers in our Nigeria Chapter Session was the best time to bring fincrime compliance professionals in when a company is working on a new product?

In some cases, profit-driven product teams might want to keep compliance out of the room until they get far enough along that an unveiling is inevitable.

That tactic would stymie AML teams with little they could do to stop the momentum of a new product – even if the risks of the new endeavor could eventually outweigh its revenue potential.

The answer to when compliance should be brought in when banks – or fintechs or payment firms or money remitters – are working on new products is in the beginning, according to Olaniyi Alao, the Compliance Lead at Paystack, a platform allowing operations to accept funds from different payment channels.

“Our seat is no longer at the table, our seat is in the kitchen or in the lab,” he said. “Essentially what this means is that where the products are being developed, where the ideation process is going on, anti-financial crime professionals should be sitting in that room and learning to understand the nuances of such products.”

That could help preview certain risk hotspots early on, “rather than sitting at the table when the product has actually been defined and you actually begin to risk assess,” Alao said. “At that point, some of the [fincrime risk] nuances may have been lost.”

The perils of innovation: when to do it, how to do it and what not to do

One challenge that is as universal as it is international is how best to innovate in a roiling world where artificial intelligence, generative AI and automation are providing wondrous opportunities for banks to stop crime – just as criminals seek to unlock new AI capacities to get richer.

From ChatGPT to generative AI writ large that is disrupting the business and arts worlds, these technologies can create entire books, detailed pictures and videos from certain prompts, everyone is asking how can I use this to innovate.

While tempting to the fincrime compliance world, that begs the question: what is the best wat to innovate?

The answer: very carefully and not all at once, according to a top federal bank examiner during a widely-watched and highly-anticipated afternoon session during Day Three of Fincrime Virtual Week. The response built on recent public statements by top agency officials.

“I would say approach innovation responsibly and purposefully and do it in three steps,” said the panelist. “The first is innovate in stages. The second is build the brakes while you are building the engine. You build your mitigating controls along with your risks.”

Lastly, engage the regulators early and often.

“You want to make sure we are in the loop and we are not taken by surprise,” the panelist said. “You want to be engaging your regulators in active conversation every step of the way.”

Day Four: Plot Twists – Emerging Threats and Risks, very real threats against vulnerable customers by deepfaked scammers, synthetic IDs

In this illustration, speakers covered the world of generative AI and deepfakes, which have soared in recent years to the point they can accurately mimic celebrities or be entirely fictitious to hide the identity of a fraudster.

How deep do you go to find out if the customer is real and the transaction is not fraudulent?

Potentially, depending on the size of the scam, you might have to very deep – because you might be dealing with a deepfake.

That was one of the conclusions in our illuminating, but also at times terrifying, session to start Day Four of ACFCS’ Fincrime Virtual Week. The session was on trend with our theme of the day, “Plot Twists – Emerging Threats and Risks.”

These deepfakes present challenges to what many consider one of the core foundational areas of a strong anti-money laundering (AML) program and counterfraud program: identifying, authenticating and truly knowing your customers.

Why?

The depth and accuracy of that customer information informs the risk assessment, which further sensitizes the automated transaction monitoring system.

So missing something at the early stage of customer onboarding can have a cascading effect later – a particularly persnickety snowballing risk if the person was a deepfaked scammer to being with, a ghost in the machine indeed.

These challenges could magnify as faster and larger payment methods, like FedNow, which went live last month.

FedNow is an instant payment service, similar to Zelle or CashApp, but was developed by the Federal Reserve for depository institutions in the United States allowing individuals and businesses to send and receive money.

But a potential massive issue for financial institutions and opportunity for scammers relates to how much can be moved at one time.

The maximum amount for a FedNow credit transfer is $100,000, according to published reports.

Financial institutions can lower or raise their credit transfer limit to $500,000. The Federal Reserve will evaluate the credit transfer limit on an ongoing basis and adjust as appropriate.

The coming years also likely won’t be any easier for banks trying to spot these scams – and might even open some institutions up to more liability for fraud losses, even if it was the customer, or even another institution, that made the mistake.

In the United States and United Kingdom, governments are working on counterfraud controls that put the onus on the bank to spot and spot the scam – even if the mistake was the fault of a customer or even another bank.

So that means even if you authenticate a customer, and get it right, if that customer is duped by a romance scammer or Nigerian lottery, and the bank missed the payment or payments, the bank could end up having to reimburse the customer.

“Authentication will not stop fraud,” said Uri Rivner, the CEO and Co-Founder of Refine Intelligence, a fincrime compliance technology vendor. Moreover, larger and “faster payments are a magnet for fraud.”

Victims and vulnerabilities: why seniors are so often targeted by scammers

As the day progressed and sessions focused on new ways scammers can scam and payment methods they could target, one panel shifted the lens to who schemers are targeting and why.

The natural evolution of the question: how can fincrime compliance and fraud teams best safeguard their elder and senior customers?

The above illustration from our closing session Thursday for ACFCS’ Fincrime Virtual Week reveals that answer is not an easy one.

In recent years, criminal scams and scammers targeting seniors have soared, in part due to willingness to actually answer unexpected mail, emails, texts and phone calls, but also because fraud syndicates are more aggressively parsing stolen data by age – hoping to find a sweet old lady or gent to swindle.

Panelists noted that, sadly, the average figure for money lost tied to victims over 60 is more than $35,000.

The top schemes of choice include customer service or tech support scams, romance scams and investment scams – or their monstrous hybrid creation, pig butchering.

For AML and fraud teams, this means banks may need to take more time to teach, coach and even train their frontline staff to recognize when seniors could be making a strange transaction to a foreign scammer.

Beyond that, banks should consider keeping a running list of the latest elder scams and proactively send these alerts to senior customers, possibly stopping a fraud before it starts.

FVW Day Five: A Break in the Case – Big Ideas in FinCrime Transformation, including bridging the divide between fraud and AML, turning tribulation to triumph

In our final day or Fincrime Virtual Week, speakers offered fresh guidance on ways to tweak transaction systems to better tackle human traffickers, bridge the eternal divide between fraud and AML teams, open your mind to OSINT, and help attendees learn how to rise in your career from others’ failings – turning tribulation to triumph.

One of the central themes of this year’s event – and past years – is the importance of breaking down barriers to working together and sharing information, within the institution, with other banks and law enforcement.

But though they may be on the same “team” the fraud and AML fighters in a bank can have wildly different goals, deadlines and perceptions about their value to an organization.

Two longtime AML and fraud, FRAML frenemies, illustrated this in their session: “Fraud vs AML – How Compliance Professionals Can Learn From One Another.”

“With fraud you save the bank money, with AML you save the world,” said Luke Raven, a prolific social media poster and finfluencer, speaker and former Senior AML compliance Manager at Cabital.

But many bank budget overlords still consider AML compliance a “cost center,” he said.

“What? AML is a cost center but fraud saves us money! You are triggering me,” said John Wiethorn, the Bank Secrecy Act Officer at Gusto, with feigned indignation. “That is an old thing that needs to die.”

The true value of AML, and how it should be perceived more broadly, is not as a perpetual money pit, but valuable product, he said.

“AML is a product,” Weithorn said. “Law enforcement consumes that product. If you don’t have a good quality [AML] product, your business will cease to exist. But it’s an existential risk.”

Beyond that, a strong countercrime compliance program has good optics and is a hedge against reputational besmirching.

“It’s an extension of your brand,” Weithorn said. “I think AML is 100 percent an investment in the business if you want you invest in your business long term. It’s a product, just like you invest in marketing and sales.”

The Fincrime Virtual Week Finial: When it comes to growing, success in your career, fearing to fail is failing to learn

FVW 2023 closed its final learning session with a focus on the power of failure to be one of life’s greatest teachers in the session: “I failed so you don’t have – fincrime professionals share transformative career mistakes.”

The panel, while light and full of laughs and humorous stories, covers an important topic.

While the panels are geared to talk about what you can do right, what we don’t talk about enough is what went wrong.

How did you struggle? What was your biggest mistake? How did you overcome it? What did you learn from it?

Fear of failure is setting yourself up to fail. Mistakes are life’s greatest teachers. And this is an oft-avoided subject because by nature, fincrime compliance professionals are risk averse.

They are in the business of anticipating risks, finding them, grading them, updating them and doing everything in their power to prevent a failing – particularly one that could rile a regulator.

So this is kind of a taboo subject. In this panel, a group of courageous professionals talked about what went wrong, and right, in their careers, revealing that with creativity, tenacity, honesty and grit, you can build something that will draw companies and recruiters to you.

As a preview, in one case, a woman broke the glass ceiling by opening the door – to another institution.

Another professional started breaking barriers by breaking down complex cases and then sharing those insights in a now very in-demand newsletter.

And yet another professional saw their family touched by terror, losing relatives in an attack.

Years later, this person became a warrior against criminal, fraud and terror syndicates, teaching and training fincrime and compliance professionals to report on their transactional tells and starve their illicit funding networks.

Here are some snapshots of the session, including tips, tricks and some dos and don’ts.

From Anna Stylianou, an AML Expert, thought leader, writer, consultant and owner of AML Cube.

• Don’t try to make everyone happy.
• Don’t underestimate your knowledge.
• Don't chase jobs; instead, attract employers.
• Create your personal brand – make yourself a gift!
• Overthinking can kill progress.
• People don’t care about what you can do. They care about what you can do for them.
• Copying others strategy kills your brand.
• Stop chasing opportunities – start adding value.
• You will never be happy unless you help others.

From Baptiste Forestier, a Podcast Host, Lecturer, writer, newsletter creator and Head of Compliance at B2B payment and financing platform, Hero

• Persistence pays off: Discovering the right format takes time, requiring adjustments to content and presentation.
• Not starting earlier resulted to missing out opportunities.
• Allowing the fear of not getting likes to slow you down, while recognizing that engagement varies.
• Experiment with content until you find what suits to you.
• Be yourself – don’t try to do what others are doing.
• We are stronger together – work with other content creators.
• Many people are open to conversations, even those with impressive profiles.
• Rejection is part of the process to success.

From Souzan Esmaili, the Founder & CEO of TCAE, which engages in training, consultancy, recruiting and events:

• Have a clear goal and plan for your career.
• Invest in yourself (Mentorship, Certification, Soft Skills, etc.)
• Shifting your mindset and have positive attitude.
• Focus on giving back and adding value.

Here are also some tips that you could you before applying for your next job opportunity, Esmaili said.

“Shift your mindset and attitude,” she said, noting that a major force that drives her is the knowledge that before she was born, she had close relatives killed in a terrorist attack.

In a sense, her life has come full circle, being a champion against evildoers and their funding networks. That passion and drive is one way to separate yourself from other jobseekers.

“Differentiate yourself from other candidates,” Esmaili said. “One way is by building your personal brand. Rather than chasing jobs and recruiters, that effectively turns you into a magnet to attract the best jobs.

Critical as well is networking, both with individuals who can help you and those seeking help, to “create meaningful connections and relationships,” Esmaili said.