AML teams note rise in employment scams, drop in securities, currency trading, new sanctions wrinkles in ACFCS virtual event

ACFCS Articles - Microscopic close-up of the covid-19 disease. Coronavirus illness spreading in body cell. 2019-nCoV analysis on microscope level 3D rendering

The Skinny:

  • In a new initiative to connect with members, network and share knowledge to bolster compliance in a time of Coronavirus, ACFCS holds second Virtual Happy Hour in a ‘Toast to Resiliency’
  • In a lively discussion, more than a dozen anti-money laundering officers, sector stakeholders and top ACFCS executives noted some key trends at play during the COVID-19 pandemic.
  • The coronavirus continues to cause compliance frustration as a sprint to react to shifting AML alert patterns becomes a marathon, with fatigue setting in across the field.
  • For many sectors, including big spends by many businesses, currency exchange operations and securities trading, transactions have fallen, meaning any aberrations could be indicative of illicit activity.
  • Conversely, consumers continue to wire and withdraw wildly, making it a challenge to separate what is frenzied and fearful transactions from fraudsters successfully pilfering someone’s dwindling life savings.
  • Sanctions investigations have also taken new twists and turns, with public and private groups having to work in less secure environments and more aggressively peel back the layers of front companies and what can be complex and attenuated global trade supply chain links to uncover blacklisted groups selling black market protective equipment.
  • Fincrime teams are now also dealing with a surge in employment fraud scams, the unfortunate aftershock of billions of dollars in government funds being doled out quickly to companies in an effort to prop up a foundering global economy.

By Brian Monroe
bmonroe@acfcs.org
June 5, 2020 

For many financial institutions, as the deepening pandemic has caused a global economic downturn, many transaction types have changed drastically, with wires, ACH payments, currency exchanging and general securities trading down – other than, of course, investors frantically cashing out as the stock market plummets.

Conversely, as some business spending has dwindled – in some cases entire sectors like restaurants, retailers, travel and tourism operations crumbled in the face of lockdowns, stay at home and “shelter in place” orders – money movements by individuals surged as individuals bought more supplies in larger quantities and pulled out cash for themselves and deposited for others.

Those are just some of the trends discussed with more than a dozen financial crime compliance professionals, along with staff and executives from the Association of Certified Financial Crime Specialists, during the association’s second “Virtual Happy Hour,” a brief respite for colleagues to commiserate and share tips on broader illicit finance trends.

The theme for this event was “Toasting to Resiliency,” mirroring the association’s latest Quarterly Focus on “Fincrime Resilience,” an initiative informed by the novel COVID-19 pandemic.

For many bank fincrime compliance teams, they have been in “survival mode,” said Dev Odedra, an independent AML expert and director at Minerva Stratagem Consulting, noting the rise in alert volumes, increase in investigative backlogs and hurdles adjusting to working remotely. “They are literally just trying to work through these challenges the best that they can.”

In some cases, either due to risks, lack of resources or overwhelmed AML risk assessment teams, some banks have seen a “decrease in onboarding,” he said, adding that even though some banks have seen profits fall amidst an economic downturn, many are “reluctant to bring in new business.”

At the same time, classic disaster recovery plans some banks have used – for instance, regrouping at a designated disaster recovery, or war site – are “effectively useless” right now, Odedra said, because quarantine orders at the city, county and even country levels prevent groups of more than a handful from gathering.  

“A lot of banks don’t have experience in having staff work from,” he said, adding that along with the stumbling blocks of communicating quickly and effectively with more disparate and disconnected teams, some institutions are also facing technical issues keeping connected to very sensitive AML databases and monitoring systems.

In pandemic epicenter, the U.S., virus still spreading quickly

Unfortunately for fincrime teams, particularly those in the United States, they could be working in disaster mode for the foreseeable future.

The coronavirus, first identified in Wuhan China in December, has in recent months leapt across international borders and cemented itself in anchor points in Brazil, Russia, Italy, Spain and now the jurisdiction with the most confirmed cases: The United States.

Global cases are nearing 7 million with more than 402,000 deaths, according to Worldometers.

The United States currently has the most COVID-19 cases in the world, at just under two million, and more than 112,000 deaths.

The total number of cases in the U.S. is more than the rest of the top five countries combined – Brazil at 676,494, Russia at 458,689, Spain at 288,390, and the United Kingdom at 284,868.

Overall, financial crime compliance professionals are dealing with a challenging time, with some teams working from home around the globe – and some operations trimming staff – and juggling large-scale disruptions in anti-money laundering alert patterns, while trying not to fall behind on filings of actual potential suspicious activity.

Fincrime teams are “having to find solutions working in a totally different dynamic,” Odedra said, including identifying, verifying and risk assessing clients and corporates using all digital means as meeting in person is impossible.

At the same time, teams are more hard-pressed to separate what is actual illicit transactions as patterns have changed so drastically during the pandemic – a massive surge in volumes as businesses and individuals stockpiled necessities and then a drop in transactional throughput for many operations deemed “non-essential.”

“Everyone is trying to work out what is the normal in this sudden change in transactions,” Odedra said. But with the changing in customer behavior happening so quickly, over a span of days and weeks, it’s almost impossible for AML teams to “react fast enough to do anything meaningful.”

The solution: Grab now, review later.

Teams must “capture the data and do something about it later,” he said. “Try to update rules and interdict this, as much as possible, and at least you have the transactional data and alerts later to do a mini-lookback.”

Pandemic sprint turning into compliance marathon

The sprint for compliance professionals to quickly react to the pandemic and try to not fall behind burgeoning backlogs is turning into more of a marathon – meaning many teams are frayed, frustrated and getting fatigued.

That’s just keeping up with the day-to-day challenges – teams also are tasked with strengthening training for longtime staffers, those recently onboarded and broader frontline and business line groups that may be feeling more pressure to skirt AML rules to bring in new revenues as the economy teeters toward oblivion.

That was one of the difficulties noted in the association’s first virtual event. More than a dozen top thought leaders highlighted several trends in the space at play during the COVID-19 pandemic, including:

  • AML and fraud fighters at banks are working longer hours, in some cases 12 to 16-hour days because alerts have risen while resources have fallen, scattered or remained the same.
  • Everything is taking longer. With many formerly centrally located teams now quarantined and working from home, compliance duties that might take one hour are now taking two. So effectiveness and productivity are even greater pain points.
  • Training can’t be given short shrift. In some cases, compliance officers are taking several hours each day to update current staff on criminal trends and core AML duties – or must take even longer to bring new AML analysts up to speed.
  • Without access to a hotel room or illicit massage parlor, human trafficking patterns are changing.
  • Some trafficking groups are going online and offering cam shows. As well, there is less exchanging of cash and a movement to credit and prepaid cards and virtual currencies to pay for such shows – which technically may not even be illegal.

To read the full story about the virtual event in April, click here.

Shifting compliance, investigative focus from direct sanctions risks to exposure through trade, supply chain, front companies

One of the most technically complex areas of fincrime compliance – and the subject of massive penalties soaring into the billions of dollars – has also not gotten any easier during the pandemic: sanctions.

It has, however, morphed.

With so many industries grinding to a halt and bank activity dropping for many businesses, sanctions busters have to be more careful because their transactions will stick out all the more.

Their response: pivoting to other kinds of risks.

For instance, some designated groups have created shell companies and advertised black market personal protective equipment (PPE) on darknet market sites, trying to muddy the financial trails in the often attenuated trails of global trade supply chains.

Some sanctions groups are trying to game the system by selling unqualified masks – such as changing the description to M95, rather than the highly in-demand N95 masks – to desperate countries.

“We are seeing that all around the world,” said one of the ACFCS virtual event attendees, adding that further hampering investigations of these fraudulent actions is that government and private sector analysts are “working in an unclassified environment,” with more care and hesitation to share sensitive details of illicit groups and their sanctions evasion networks.

While sanctions has historically been a mystery wrapped within an enigma for fincrime compliance professionals, these teams must now also deal with the rising specter of employment fraud – an unfortunate aftershock of country efforts to provide companies with incentives to keep or rehire workers as the pandemic spurs record unemployment rates.

In some cases, fraudsters are creating fake companies and telling the government they are employing dozens or hundreds of individuals to get massive fraudulent payouts – something that institution AML and counter-fraud teams are on the frontline to sniff out.

At issue: In the United States, for instance, under the CARES Act Paycheck Protection Program (PPP), banks are lending billions of dollars to companies and if these operations can keep or rehire workers, the loan effectively becomes a grant and the company doesn’t have to pay it back – a potential piggy bank for unscrupulous scammers.

Not surprisingly, some companies are inflating numbers to get more money for workers that never existed in the first place.

In another instance, in the United Kingdom, some companies have taken a different approach: telling the government they need funds for furloughed workers – but instead are forcing individuals to work and getting the government to foot the bill.