In today’s ACFCS Fincrime Briefing, tips, tactics to counter scams on Elder Abuse Awareness Day, the six hats of the anti-money laundering compliance officer, Baltimore still recovering from ransomware attack, and more.

Please enjoy this unlocked story, part of the many benefits of being an ACFCS member.

Want to talk about industry trends, story ideas or get published? Feel free to reach out to ACFCS Vice President of Content Brian Monroe at the email address above. Now, on to more sweet sweet content!

Elder Abuse Awareness Day 2019: ACFCS highlights tips, tactics to counter scammers targeting country’s most vulnerable population

June is Elder Abuse Awareness Month, and June 15 is Elder Abuse Awareness Day, a designation meant to highlight the ongoing criminal tactics targeting one of the world’s most vulnerable populations, and better sensitize financial crime compliance professionals, law enforcement and caregivers about an issue growing in scope.

The issue of how to protect the elderly and spot fraudsters attempting to take advantage of the elderly is also very important to the Association of Certified Financial Crime Specialists (ACFCS).

We have extensively covered the dynamics at play in detailed stories, webinars and during live events, a challenge as standard anti-money laundering (AML) compliance risk assessments may miss the more nuanced red flags at play in this crime.

For instance, in most cases, direct relatives and caregivers are low-risk entities tied to certain accounts, where compliance analysts typically look for risky entities outside the bank trying to break in – but that changes when the elderly are involved.

Ironically, for many cases of elder abuse, it is a close family member attempting to take advantage of an elder parent or relative that is incapable of saying no to certain transactions when individuals attempt to drain their savings, investments or run up credit card debt in their name.

According to the Census Bureau’s “middle series” projections, the elderly population will more than double between now and the year 2050, to 80 million. By that year, as many as 1 in 5 Americans could be elderly.

This puts more pressure on bank compliance teams to look for the signs of elder abuse, including:

• Has an elder customer with a stable account balance suddenly started incurring non-sufficient funds (NSF) charges or low account balance?
• Has an elder customer account shown a large increase in withdrawals or checks to unfamiliar recipients?
• Do accounts of an elder customer show large transfers into the account from investment accounts, only to be quickly withdrawn?
• Is an elder customer with no or infrequent ATM withdrawals now showing an increased pattern of ATM withdrawals?
• Is an elder customer with consistent spending patterns now showing a sharp increase in spending?

To help compliance teams and investigators better spot transactions tied to crimes against the elderly, ACFCS has culled some guidance and tips from our archives.

While usually available only to members, we’ve unlocked this content for public access to help spread awareness of this critical topic, and the role all financial crime professionals can play in combating elder financial exploitation, (via ACFCS).

United Nations

As elders grow older, abuse against global aged population set to soar: UN

Virtually all countries are expected to see substantial growth in the number of older persons between 2015 and 2030, and that growth will be faster in developing regions – a rise that will correspondent with more cases of criminals targeting this population.

Because the numbers of older persons are growing, the amount of elder abuse can be expected to grow with it.

While the taboo topic of elder abuse has started to gain visibility across the world, it remains one of the least investigated types of violence in national surveys, and one of the least addressed in national action plans.

Key facts about elder abuse:

• Around 1 in 6 older people experience some form of abuse, a figure higher than previously estimated and predicted to rise as populations age worldwide.
• Rates of abuse may be higher for older people living in institutions than in the community.
• Elder abuse can lead to serious physical injuries and long-term psychological consequences.
• Elder abuse is predicted to increase as many countries are experiencing rapidly ageing populations.
• The global population of people aged 60 years and older will more than double, from 900 million in 2015 to about 2 billion in 2050.

Elder abuse is a global social issue which affects the health and human rights of millions of older persons around the world, and an issue which deserves the attention of the international community.

The United Nations General Assembly, in its resolution 66/127, designated June 15 as World Elder Abuse Awareness Day. It represents the one day in the year when the whole world voices its opposition to the abuse and suffering inflicted to some of our older generations, (via the UN).

Investigations

DOJ forms new Transnational Elder Fraud Strike Force to better identify, investigate, counter foreign fraud schemes targeting U.S. seniors

The Strike Force will focus on investigating and prosecuting individuals and entities associated with foreign-based fraud schemes that disproportionately affect American seniors. These include telemarketing, mass-mailing, and tech-support fraud schemes.

The fraud schemes include classic romance scams, Nigerian Prince schemes and foreign lottery and inheritance tales that fleece desperate seniors for, in some cases, hundreds of thousands and even millions of dollars.

The Transnational Elder Fraud Strike Force will be comprised of prosecutors and data analysts from the Consumer Protection Branch, prosecutors with six U.S. Attorneys’ Offices (Central District of California, Middle and Southern Districts of Florida, Northern District of Georgia, Eastern District of New York, Southern District of Texas), FBI special agents, Postal Inspectors, and numerous other law enforcement personnel.

The Strike Force will also collaborate with the Federal Trade Commission and industry partners, who have pledged to engage with the Department to help end the scourge of elder fraud. It will further benefit from the help of the Elder Justice Coordinators now assigned in every U.S. Attorney’s Office.

“Fraud against the elderly is on the rise,” said Attorney General William Barr. “One of the most significant and pernicious causes for this increase is foreign-based fraud schemes. The Department of Justice is committed to ending the victimization of elders across the country,” (via DOJ).

DOJ also offers an Elder Abuse Roadmap to better guide law enforcement investigators, support victims and arm compliance officers, (via DOJ).

As mentioned above, the global initiative to better identify criminals attempting to take advantage of the elderly is an absolutely vital and worthy effort. The problem, sadly, is only going to get worse as seniors in the U.S., and around the world, get older.

But that’s why ACFCS has created a bevy of resources to help financial crime compliance professionals better understand the red flags, both transactional and in-person ticks, that are indicative of financial abuse of the elderly.

We applaud banks, local, state and federal investigative agencies and international watchdog groups in taking up the fight. After all, we are protecting our parents, relatives and mentors, the individuals who protected us when we couldn’t yet protect ourselves.

The 6 Hats of the AML Officer: How the fincrime compliance leader’s role must evolve to meet expanding requirements, counter creative criminals

The increasing complexity and regulatory scrutiny of combating money laundering has put the spotlight not only on a financial institution’s AML program, but also on the person chosen to run it.

Financial institution boards, CEOs and AML officers thus need to ensure that the role’s job description is aligned with reality.

While the core responsibility of the AML officer is to design, implement and manage an effective AML program, that is only the beginning of his or her responsibilities in the current environment. At most institutions today, the ideal AML officer must be able to fulfill six distinct roles:

• Risk Manager: While financial institutions are expected to have effective AML programs, what constitutes “effectiveness” is often left undefined.
• Business Strategist: The repercussions of an incident make money laundering not just a compliance risk, but also a business risk.
• Functional Advocate: AML is on every decision-maker’s agenda – but so are digital transformation, globalization, disintermediation and a host of other forces.
• Global Thinker: AML efforts have always been multijurisdictional by definition.
• Cultural Standard-Setter: When an AML breach occurs, it is usually because commitment has flagged somewhere in the organization.
• Innovator: The challenge of the AML officer is to prevail in an asymmetrical fight against people who don’t play by the rules, (via Corporate Compliance Insights).

I really enjoyed this story because it clearly spelled out many of the critical talents and abilities the financial crime compliance officer of today, and tomorrow, need to employ to be successful – to appease auditors, regulators and create rich, timely intelligence for law enforcement.

Key things that have been highlighted by ACFCS members – effectiveness, innovation, a compliance culture supported from top to bottom, from tellers to top management – also weigh heavily in this feature.

In short, gone are the days where compliance zealots and acolytes gathered in a bank’s basement, illuminated by candles and garbed in scarlet robes, where they scrutinized the holy scrolls of the AML interagency manual, agonizing and arguing over the nuances of actions and guidance most everyone gave nary an afterthought.

AML compliance officers must possess a knowledge that is both broad and deep, with a knowledge of arcane historical regulations and undulating current guidance, but they must also be and do so much more.

Particularly the higher you go in a bank, a compliance officer must be part data scientist and systems engineer, a passionate advocate to protect the bank against all manner of criminal risks and empathetic ally to the business line and senior executives – the classic foils of compliance.  

Many small, medium and large banks are going through a drastic physical and digital transformation, shrinking compliance teams and leaning more on new technologies to make connections too vast and complex for human decision-makers, through things like artificial intelligence, process automation and machine learning.

This calls for a special breed of professional to lead this new vanguard to counter criminals, adroitly shepherding these complex systems changes while at the same time training the next generation of compliance analysts to tackle financial crime in a holistic, convergent manner – a lofty but necessary task that is also the mission of ACFCS.

Hack that cost Baltimore $18 million a mystery after experts review NSA link

A major U.S. city is still reeling from a cyber hack attack that more than a month later has still paralyzed many systems and services and cost nearly $20 million, a crippling fusillade that may have been prevented had employees and agencies simply kept their software updated.

Weeks after Baltimore and a North Carolina city fell victim to ransomware known as “RobbinHood” — attacks some experts say involved a tool developed by the National Security Agency — Maryland officials and intelligence agencies don’t have a clear picture of exactly what or who caused the crippling cyberattack.

Attacks targeted Greenville, N.C., on April 10 and Baltimore on May 7, which locked both local governments out of their computer servers for ransom. City systems are slowly recovering from the attack, which officials said cost Baltimore more than $18 million.

Last month, it was reported that an NSA tool called EternalBlue was part of the cyberattack – a claim Maryland Rep. Dutch Ruppersberger said the agency denied during a briefing between Maryland representatives and NSA leaders last week.

Multiple security experts briefed on the case initially told The New York Times EternalBlue was a key component in the attack. Joe Stewart, a malware expert at security firm Armor, said the NSA component could have been used in the attacks — but it’s unlikely.

The exploit eventually was obtained — either through infiltration or an insider leak — by a group of hackers known as the Shadow Brokers, who attempted to sell it for profit before leaking it online for other hackers to use.

EternalBlue was linked to previous large-scale cyberattacks, such as WannaCry, which paralyzed computers in more than 150 countries in 2017. The NSA is believed to have reached out to Microsoft after that attack, which issued a patch that addressed the vulnerabilities.

Baltimore is following a road map to restore infected systems, he added — systems that include email, city payments and real estate. The entire recovery is expected to take months. The $18 million cost includes $10 million to restore the infected systems and $8 million in lost revenue, (via UPI).

This case has been a cautionary tale for cities, corporates and financial institutions of all stripes – being that many of these groups have been known to tarry on updating hardware and software systems, leaving vulnerabilities for cyber criminals to exploit.

The cost and aftershocks of the attack against Baltimore, crippling critical infrastructure for weeks on end, are also a broader warning cry for local, state and federal agencies across the board to shore up their virtual entry points.

Why? Imagine this attack happened against a power company and a regional power grid went offline. Or worse, as has played out in a bevy of movies and post-apocalyptic novels, what if this attack targeted and paralyzed a nuclear power facility? Or, worst case scenario, causes a domestic meltdown?

Yes, this kind of dystopian future is exceedingly rare. But the bleak reality is it takes a given entity, public or private, to have so many things go right to ensure no digital brigands get in. For the megabit bad guys, conversely, it just takes one thing to go right for them – and it’s lights out.

Canada looking to bolster defenses against money laundering, terror financing by cracking open beneficial ownership bastions, boosting investigator budgets

Canada’s top governmental financial crime officials stated this week the country is committed to taking action to combat financial crimes, including money laundering and terrorist financing.

When illegal money is hidden in the Canadian economy, it not only threatens people’s safety and security, but also makes life less affordable, such as causing real estate prices to skyrocket while at the same time safeguarding the illicit assets of criminal networks, corrupt oligarchs and terror groups.

On Thursday in Vancouver, Finance Minister Bill Morneau and Minister of Border Security and Organized Crime Reduction Bill Blair met with a number of provincial and territorial counterparts to talk about new and continuing approaches to stop financial crimes in Canada.

Canada has agreed to tackle several critical issues, including:

1. Ownership opacity: Making it easier to find out who owns what by improving beneficial ownership transparency. Participating provinces and territories will initiate open consultations towards a beneficial ownership public registry. These consultations will examine the benefits to a public registry in combatting financial crimes, and will prioritize businesses’ competitiveness, individuals’ privacy and respect of jurisdictional responsibility.
2. Budget bump: Helping governments investigate and prosecute financial criminals. This includes an intention to provide up to $10 million to the Royal Canadian Mounted Police, beyond Budget 2019 commitments, to help it invest in information management and IT infrastructure and digital tools to pursue complex financial crimes.
3. Guarding gatekeepers: Creating a new working group with the Federation of Law Societies of Canada to address the inherent risks of money laundering and other illicit activity that may arise in the practice of law. The working group will hold its first meeting later this month.
4. Cooperation nation: Working cross-government on anti-money laundering best practices, and reporting back to Ministers by January 2020, (via Canada’s Department of Finance).

In March, Canada stated in its budget it was proposing a special ops-style financial crime compliance and investigations task force to deepen, broaden and tighten investigative resources, effectiveness and outcomes – and find and crush the mega laundering networks.

The goal:counter a growing array of money laundering loopholes allowing criminals to cleanse billions of dollars through real estate, casinos, international trade and more in the Great White North – a process watchdog groups call “Snow Washing.”

The new tactic by the federal government was just one of the many ways Canada stated at the time it is attempting to improve its regulatory, compliance and investigative track record for countering large scale, complex and international money laundering operations.

The country, as is the case with many of its ally regimes, is beset by criminal groups, corrupt oligarchs, cyber hackers and others.

In recent years, Canada has been accused of becoming a destination for billions of dollars in questionable funds from China, Russia and other risky regions, so much so, that one group even coined a money laundering tactic through casinos called the “Vancouver Method.”

To outside watchdog groups, these improvements to Canada’s AML compliance and investigations regimes are desperately needed.