In this week’s Financial Crime Wave, a U.S. regulator is in the hot seat over bank insider fraud oversight, Dubai gets dubbed a money laundering haven due to anonymous influx of lux, cybercrooks going old-school messaging to thwart investigators, and more.


OCC grilled over broad practice of unauthorized account openings in banking industry, decision not to name dozens of offenders beyond Wells Fargo

The nation’s top banking regulator has found evidence that institutions other than Wells Fargo & Co. may have created accounts without customers’ authorization — and a prominent Democrat wants the regulator to name names. The revelations have also raised questions as to what group inside financial institutions must own oversight of insider abuses, with some stating it should be anti-money laundering compliance teams. Ohio Sen. Sherrod Brown, the ranking Democrat on the Senate banking committee, said Tuesday he wants the Office of the Comptroller of the Currency to release more details of a review, spurred by Wells Fargo’s accounts scandal, of sales practices at more than 40 large and mid-size banks.

Comptroller Joseph Otting will likely face questions about the matter from Brown and other lawmakers this week. Otting will testify before the House Financial Services Committee on Wednesday and before Brown’s panel on Thursday. The OCC’s review found that some banks had opened accounts without proof of customers’ consent, but the agency has declined to name those banks saying the results of regulatory exams are private. The results of the review, completed at the end of last year, were first reported last week by the publication American Banker, (via the LA Times). To view Wednesday’s hearing, click here.

Real estate  

Is the secretive, ultra-lux Dubai real estate sector a haven for money laundering from a wide array of illicit sources?

War profiteers, terror financiers and drug traffickers sanctioned by the U.S. in recent years have used Dubai’s real-estate market as a haven for their assets, a disturbing dynamic as global watchdogs focus on the dangerous combination of when weak counter-financial crime laws, opaque owners and the ultra-wealthy converge, a new report released Tuesday alleges. The report by the Washington-based Center for Advanced Defense Studies, relying on leaked property data from the city-state, offers evidence to support the long-whispered rumors about Dubai’s real-estate boom. It identifies some $100 million in suspicious purchases of apartments and villas across the city of skyscrapers in the United Arab Emirates, where foreign ownership fuels construction that now outpaces local demand.

For its part, the center known by the acronym C4ADS said Dubai has a “high-end luxury real estate market and lax regulatory environment prizing secrecy and anonymity above all else.” That comes as the U.S. already warns that Dubai’s economic free zones and trade in gold and diamonds poses a risk. “The permissive nature of this environment has global security implications far beyond the sands of the UAE,” the center said in its report. “In an interconnected global economy with low barriers impeding the movement of funds, a single point of weakness in the regulatory system can empower and enable a range of global illicit actors,” (via ABC News).


Dark web bazaars are so last year: Cybercrooks are switching to Telegram, other old-school messaging forums for illicit deal-making

Underground cybercrime marketplaces are in decline because cybercrooks have begun switching to chat channels to trade illegal goods, a trend that could actually make it harder to target and takedown large dark net nodes as they become more decentralized and insular, according to a new report. The climate of fear and mistrust following the AlphaBay and Hansa takedowns in July 2017 has resulted in criminals switching tactics and using less convenient platforms, such as Telegram, according to research from Digital Shadows.

Alongside this, digital crooks have adapted their processes to increase the security, reliability, and trust of existing sites. These trends predate the AlphaBay and Hansa takedowns, but have become more acute as the marketplace model continues to struggle. Telegram in particular is proving increasingly popular as an alternative. Digital Shadows said that over the last six months, its analyst teams detected over 5,000 Telegram links shared across criminal forums and dark websites, of which 1,667 were invite links to new groups. These covered a range of services, including cashing out, carding and crypto currency fraud, (via the U.K. Register).

DOJ leads international BEC cyber sweep, nabbing more than 70, including dozens in U.S., Nigeria

The U.S. Department of Justice (DOJ) and other U.S and international federal authorities Monday announced the results of a six-month sting operation, arresting 74 fraudsters involved in business email compromise (BEC) attacks, an insidious cyber hacking technique that uses spoofed and impersonated emails to hijack wire transfers from businesses and individuals to enrich criminals. The coordinated effort also included 29 arrests in Nigeria, and three in Canada, Mauritius and Poland. The operation also resulted in the seizure of nearly $2.4 million, and the disruption and recovery of approximately $14 million in fraudulent wire transfers.

BEC, also known as “cyber-enabled financial fraud,” is a sophisticated scam often targeting employees with access to company finances and businesses working with foreign suppliers and/or businesses that regularly perform wire transfer payments. The same criminal organizations that perpetrate BEC also exploit individual victims, often real estate purchasers, the elderly, and others, by convincing them to make wire transfers to bank accounts controlled by the criminals. This is often accomplished by impersonating a key employee or business partner after obtaining access to that person’s email account or sometimes done through romance and lottery scams. Those individuals are often members of transnational criminal organizations, which originated in Nigeria but have spread throughout the world, (via DOJ).

U.K. ‘most breached’ country in Europe as ‘tidal wave’ of hack attacks soars across bloc: report

The UK is the most breached country in Europe, according to a survey of 400 senior security managers by cyber security company Thales released today – with 37 percent of respondents saying they were breached in 2017 – up from 22 percent on the previous year, following a global trend of more public and private firms stating they are victims of cyber thefts large and small. Rates of failure in the last year or faults found in data security compliance audits also soared: more than one in three of respondents polled in European enterprises reported a failed compliance audit in the last year.

Chief Strategy Officer at Thales, Peter Galvin said, “A tidal wave of data breaches is continuing to roll across Europe, with three in every four organizations now a victim of cyber-crime. As a result, people are feeling more vulnerable than ever before, worried about where the next threat will come from, and in what form.” The report found that respondents clearly recognize the defenses designed specifically for protecting data are the most effective tools for doing so. Data-at-rest defenses, or air-gapped backups, were rated as the most effective tools for protecting data, with 72 percent responding that they were either ‘very’ or ‘extremely’ effective. However, data-at-rest security tools are not getting a high priority in spending increases, (via CBR Online).


As U.S. AML bill losing steam, strength as it goes through committee

The U.S. House of Representatives Committee on Financial Services has scheduled a Thursday markup on the Counter Terrorism and Illicit Finance Act (H.R. 6068), which has been stripped of provisions that would require collection of beneficial ownership information at the time of company formation, a necessary step to address this widely-recognized and well-documented vulnerability in the U.S. AML regime. A November 2017 version of the same bill included a section to address this critical issue, (via GFI).

Virtual Currency

FATF to take stand on crypto currencies, calling for binding regulations in potential boon to fledgling sector

International financial crime-fighting group Financial Action Task Force (FATF) will start discussions later this month on introducing binding rules governing cryptocurrency exchanges, a Japanese government official familiar with the matter said this week, in a move that could add much-needed legitimacy to a sector still mostly known for connections to organized criminal and cyber hacking groups, (via Reuters).

Federal enforcement crackdown on illegal money transmission through peer-to-peer virtual currency swaps continues in LA ‘Bitcoin Maven’ case

A judge will soon decide the fate of a Los Angeles woman dubbed the “Bitcoin Maven” for trading as much of $10 million in bitcoins, profiting some $300,000, through the BTC peer-to-peer exchange, Localbitcoins, in violation of U.S. anti-money laundering (AML) laws requiring her to be licensed and registered at the state and federal levels. The 50-year-old Theresa Tetley “fueled a black-market financial system in the Central District of California that purposely and deliberately existed outside of the regulated bank industry,” for three years, say prosecutors. Under a guilty plea, she faces between 12 and 30 months in prison.

These cases also have import to bank compliance teams, as individuals like Tetley have to have business or personal bank accounts to exchange virtual currency for fiat currencies. Tetley is one of many instances where US Localbitcoins traders have been taken into custody for illegal money transmission. In Missouri, a trader named Jason R. Klein pleaded guilty for trading BTC for fiat without registering with the financial authorities. Thomas Constanzo, (aka ‘Morpheus’) was arrested by Homeland Security in Arizona for the same crime. An Ohio man named Daniel Mercede was arrested in May of last year for selling large quantities of BTC overseas. Further, Richard Petix from New York was another trader who was found guilty for selling BTC and charged with “illegal money transmitting business” and “making false statements,” (via Bitcoin News).

Corporate Transparency

British territories still chafing, straining against incoming beneficial ownership regulations, obligations

British overseas territories in surreptitious talks to keep tax haven secrecy, despite U.K. plan to impose public registers to publish and share beneficial ownership data sparked protests and calls for constitutional separation, (via the Guardian).

Perennial U.S. company formation foil, Delaware, changes tune, endorses bill tackling anonymous companies – but only to deflect stronger transparency reforms

Delaware’s top government official overseeing company formation in the state endorsed a bipartisan federal proposal to require companies to disclose their true owners at the time of formation in new a new letter to Congress.  The correspondence from the Delaware Secretary of State comes as the U.S. House of Representatives Committee on Financial Services risks derailing a bipartisan effort to counter illicit finance by dropping the key transparency proposal from a package of reforms that will be voted upon in committee this week.

Without the key beneficial ownership disclosure provisions, several portions of the remaining bill would weaken safeguards against terror finance and criminal money laundering, according to the Financial Accountability and Corporate Transparency (FACT) Coalition, a non-partisan alliance of more than 100 state, national, and international organizations promoting policies to combat the harmful impacts of corrupt financial practices, (via the Fact Coalition).


DOJ charges eight, including Russian and Syrian nationals, with laundering millions of dollars for blacklisted Russian firm shipping jet fuel to Syria

The U.S. Department of Justice (DOJ) has charged eight businessmen, including five Russian nationals and three Syrian nationals, with conspiring to evade U.S. economic sanctions against Syria and Crimea, by sending jet fuel to Syria and making U.S. dollar wires to Syria and to sanctioned entities in Syria without receiving a license from the U.S. Treasury Department. Court documents cite transactions conducted by Joint Stock Company Sovfracht (Sovfracht), a Russian shipping company and freight forwarder. According to the indictment, as early as 2011, banks began rejecting U.S. dollar wires by Sovfracht that were destined for Syria.

The alleged conspirators began using front companies and falsifying information in shipping records and the related U.S. dollar wires in order to circumvent the sanctions. In subsequent conversations in 2015, the defendants allegedly sent e-mails warning about the effect of “Western sanctions” and the related prohibition on U.S. dollar transactions. The indictment alleges that the defendants used vessels owned by Transpetrochart Co. Ltd. (Transpetrochart), a Russian based company that owned the petroleum tankers Mukhalatka and Yaz, to transship jet fuel and other items surreptitiously to Syria, (via the U.S. DOJ).


A look at how to craft, expand counter-corruption risk assessment programs

Analysis of an anti-corruption risk assessment, including how to better counter graft risks internationally and how to extend compliance programs and best practices in sections and jurisdictions not heavily regulated – but that still have home-country penalty exposure, (via KPMG).

FinCEN issues guidance nudging financial institutions to uncover connections between corrupt PEPs, serial human rights abusers

FinCEN issues advisory reminding financial institutions about connections between corrupt, powerful foreign PEPs, particularly those in risky regions with weak rule of law, their lackeys and facilitators and how they can be inextricably intertwined with wide-scale human rights abuses, (via FinCEN).


To cement U.S.-Iran nuclear deal, former administration contravened own sanctions policies

A look at the secret Obama-era permit that let Iran convert funds to dollars, a contravention of virtually every U.S. sanctions rule related to the country, and how the trepidations of penalty-weary banks put a kibosh on the deal, (via AP).

With the U.S. focusing its diplomatic might on wooing North Korea, Iran eschews ascribing to global counter-terror standards  

With a new wave of US sanctions just two months away, there appears to be growing opposition in Tehran to the Iranian government’s long-standing policy of falling into line with international rules to prevent terrorism financing and money laundering, with the recalcitrant regime voting recently to table signing up to United Nation’s counter-terrorism conventions, (via Forbes).

Money laundering

EU authorities agree on bloc-wide penalties for money laundering, including minimum jail terms, bans

New measures to step up the European Union’s fight against money laundering have been informally agreed by Parliament and Council negotiators, including minimum jail terms and bans from individuals working again in the financial sector – an overall vital move to prevent criminals from gaming the system where certain countries have weaker penalties.

Currently, the differences between the EU countries in defining and sanctioning money laundering offences affect cross-border police and judicial co-operation and can be exploited by criminals and terrorists. The new strengthened EU-wide rules would improve enforcement in this area and act as a greater deterrent to terrorist and criminal activity. Parliament and Council negotiators agreed to:

  • EU-wide definitions of money laundering-related crimes, including practices that are not currently deemed a crime in all EU countries, such as “self-laundering” (situation where the person who has committed a crime tried to hide the illicit origin of the proceeds from that crime);
  • EU-wide minimum penalties, such as a minimum of four years of imprisonment for money laundering maximum sentences, and;
  • an obligation for EU countries to add additional sanctions where necessary, such as barring those convicted of money laundering from running for public office, holding a position of public servant or excluding them from access to public funding.

As for next steps, Parliament and Council negotiators reached a preliminary agreement on the new rules on 30 May and on 7 June the Council at ambassadors’ level confirmed the agreement. The agreed text now needs to be formally approved by the Civil Liberties Committee, Parliament as a whole and the Council before entering into force. According to the Commission, the proceeds from criminal activity in the EU are estimated to be €110 billion per year, corresponding to 1 percent of the EU’s total GDP. The number of money laundering cases in the EU has been growing: according to Europol there were 148 money laundering cases in 2012, 202 in 2013, 221 in 2014, and 285 in 2015, (via the EU Reporter).

Terror financing

EU tackles terror financing through virtual value

New EU study explores the terrorist financing (TF) risks of virtual currencies (VCs), including cryptocurrencies such as Bitcoin. It describes the features of VCs that present TF risks, and reviews the open source literature on terrorist use of virtual currencies to understand the current state and likely future manifestation of the risk, along with AML and other regulations at play to mitigate risks and aid law enforcement, (via the EU Parliament).

Insider fraud

Dozens of banks took advantage of customers, opened accounts without customer consent, beyond Wells

In the wake of penalties and exec shakeups at Wells Fargo for allowing insiders to take advantage of customers, press reports indicate that the U.S. Treasury’s Office of the Comptroller of the Currency (OCC) has discovered that 40 more financial institutions have been opening new consumer accounts without consent. The OCC has also said that it does not plan to release the names of these institutions, and that the matter is being handled administratively, something that will not sit well with Congress and watchdog groups, (via American Banker).