• Nearly 6,000 financial crime compliance professionals – current and former anti-money laundering officers and fraud fighters, regulators, investigators and watchdog groups – registered for ACFCS’ Second Annual Fincrime Virtual Week, which started Monday with the overarching theme of empowering the community to be “Agents of Innovation.”
• The day started with a rousing dance, acrobatics and art show, with a talented troupe flipping, twirling and an artist crafting a live picture of a secret image – which when he turned it around, was Sean Connery’s legendary James Bond. But while the beginning of the day was devoted to spectacle and style, the sessions captured the attention of attendees with their weight, relevance and substance.
• Some key themes for the first day of the event and threading through the various sessions, included better capturing, taming and wielding big data, the importance of pairing technology with stronger training to sharpen human decision-making and wooing budget overlords to better balance, risks, resources, regulators – and most importantly, results. Another theme is the broader and more aggressive creation and use of public-private partnerships (PPPs).

By Brian Monroe
bmonroe@acfcs.org
August 2, 2021

Nearly 6,000 financial crime compliance professionals – current and former anti-money laundering officers and fraud fighters, regulators, investigators and watchdog groups – registered for ACFCS’ Second Annual Fincrime Virtual Week, which started Monday with the overarching theme of empowering the community to be “Agents of Innovation.”

The day started with a rousing dance, acrobatics and art show, with a talented troupe flipping, twirling and an artist crafting a live picture of a secret image – which when he turned it around, was Sean Connery’s legendary James Bond.

The multi-talented painter, after his big reveal, then started break dancing.

The intro also saw ACFCS President Joseph Yerant soaring on the silks, as other dancers clambered up and dropped down the shimmering sheets, with only their skill, strength and training keeping gravity at bay.

But while the beginning of the day was devoted to spectacle and style, the sessions captured attention with their weight and substance.

Some important, relevant and enduring themes for the first day of the event and threading through the various sessions, included better capturing, taming and wielding big data, the importance of pairing technology with stronger training to sharpen human decision-making and wooing budget overlords to better balance, risks, resources, regulators – and most importantly, results.  

These always herculean challenges have ratcheted up in recent months in terms of complexity and scrutiny, from federal law enforcement and examiners to review the outputs and cumulative efforts of the private sector with the updated overarching focus on effectiveness and results.

That is foundation underpinning the U.S. Anti-Money Laundering Act (AMLA) and just released U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) National Anti-Money Laundering (AML) priorities, tectonic and historic changes causing disruption as the biggest update since the seminal 2001 U.S.A Patriot Act.

Another theme is the broader and more aggressive creation and use of public-private partnerships (PPPs).

A message from the premier investigative agency in the U.S.: Mess with the best, get caught like the rest

In our first session, Jim Lee, head of IRS-CI, had a message for criminals: don’t get in the crosshairs of his agents.

Why?

The agency has a broad ambit to go after all areas of financial crime, with 75 percent of investigations related to tax, 12 percent tied to illicit narcotics and the last 12 percent covering crypto, money laundering, corruption, terrorism, cyber and more.

The conviction rate for IRS-CI cases is “among the highest in federal law enforcement,” 92 percent across the board, and 96 percent in pure tax cases, he said.

The agency’s major cases in recent years include taking down child exploitation networks, cyber-enabled terror financiers, pandemic fraudsters and more. IRS-CI also could see that momentum surge with an expected hefty budget bump coming if Congress can agree on the impending Infrastructure package.

Lee also touched on the power, potential and promise of stronger public-private partnerships in the form of a new ACDC, the Advanced Collaboration and Data Center.

This pioneering initiative would create a “centralized hub for cyber training, tools and collaborative efforts for every cyber channel, not just crypto,” including those in government, out in the field, external brain trusts, investigators, national security groups and others to keep pace with rising cyber risks, vulnerabilities and soaring cyber-enabled fraud, like ransomware.

In our second session, speakers honed in on the difference between information and intelligence.

Some key snapshots: level setting about what are some of these trending terms: Intelligence collection strategies, for government investigators or AML and bank countercrime teams, including:

• Human intelligence or HUMINT: This is what you can find, adding or mitigating risk, on the real human acting and interacting with your financial institution.  
• Open Source intelligence or OSINT: This could be something like social media comments and snapshots that reveal someone is tied to a terror group – or may not even be a real person at all, just a scammer or synthetic identity.
• Imagery, or IMINT: How can an AML officer risk rate a business, quickly? Go to Google Earth and see if the address is a thriving business, a single family home – supposedly holding a 100-person manufacturing operation, or is the address of the big money client an overgrown empty lot.  
• Cyber, digital threat intelligence, or CYBINT: Which in some cases can only be accessed on the dark web and combined sources in and out of the bank.

• This, though, must also be paired with advanced training in the bank to combined data, information collection, and the power of sharper human decision-making to defend the bank or get deep, detailed and timely information to law enforcement in a suspicious activity report (SAR).

In burnishing stronger cyber shield, wargame to imagine attacks, defensive strategies

In another afternoon session, speakers offered practical insight to better counter rising cyber risks – even before an attack has occurred.

So how do you get budget approval, resources and strengthen technology and training to prevent cyberattacks – if the firm you are at has never been the victim of a breach or ransomware fusillade?

Our speakers at ACFCS’ Fincrime Virtual Week 2021 tackled just that question during the “Cyber Threat Intelligence – Building Your Toolkit Against Cybercrime” panel, a subject that has risen to near mythic status in recent months as high-profile, record cyber-enabled frauds have brought corporates across the board to their knees.

“Security has been in place and you haven’t had a problem because security has been placed at the top,” said Roderick Chambers, Deputy Superintendent for the Cyber Intelligence Unit at the New York Department of Financial Services (NYDFS), one of the most innovative and aggressive state regulators in the country in countering financial crimes, including AML, fraud and cyber.

But that begs the question, how do you quantify what hasn’t happened yet?

That is the arena of cyber “vulnerability management intelligence” and “threat quantification,” he said.  

You need to ask: “What would the cost of a breach impact us? What would a denial of service (DDOS) attack cause to our business if we are down for three, or four or five days?” Chambers said. “So whenever you are building a threat intelligence program and implementing this toolkit, you have to go back and do table top exercises.”

So what questions do you ask when wargaming on a potential virtual assault – and the digital, smoking aftermath?

“How much revenue would our business suffer if we are down for two days?” he said. “Can we pivot to another internet service provider if there is a DDOS attack? What happens if we are breached? Doing these tabletop exercises can help put a dollar sign behind getting funds for your program, getting personnel, getting vendors and getting resources.”

Where to put sanctions compliance focus? Try global trade tensions, serial regional evaders

In our panel on sanctions we answered the question: Why is compliance with U.S. and international sanctions programs so difficult?

For one, they are massive.

“The big sanctions programs are always targeting country trade relationships,” said Lakshmi Kumar, the Policy Director at Global Financial Integrity, during the “Slipping the Sanctions Net – The Evolution of Sanction Evasion Techniques” panel.

“The majority, including drugs, occur through land, air and sea. Understanding that is critical. Sanctions activity and trade activity, they are very very interconnected.”

But there are some countries that go out of their way to evade sanctions: like Iran, North Korea and Venezuela.

These are countries where “every resource of the government is set out to evade sanctions. Everyone who is supposed to stop this is an active participant,” Kumar said.

In FinCEN AMLA priorities, how do you better comply – with what you are already doing?

The day ended with an amazing and spirited analysis and debate between former compliance professionals and DOJ around the U.S. Anti-Money Laundering Act (AMLA), the biggest change in the country since the USA Patriot Act 20 years ago.

The good: the focus on effectiveness and results is where the industry needs to be, and is working to make real.

Capturing the details of company beneficial owners and getting them in a FinCEN database could be great, but there will be challenges to keep this timely and accurate.

But in some ways, some believe the recent release of the FinCEN AML priorities will not move the industry forward in the meaningful way required to better detect and prevent large scale financial crimes and related money laundering networks.

The reason: because many of these priorities are subjects banks already know well and are trying to fight, including money laundering, corruption, cyber-enabled fraud and such.

The vexing challenge: what could or should we be doing differently as a community when we are already devoting resources to the bulk of the formalized priorities.

But there are some “newish” additions, like domestic terrorism and crypto, that could nudge some bank AML teams to retool systems and resources to better uncover the growing national security threat of dangerous extremists at home.