Fincrime Briefing: El Chapo gets life, FinCEN BEC advisory update, Congress grills Calibra, and more
Wednesday, July 17, 2019
Posted by: Brian Monroe
By Brian Monroe
July 17, 2019
Quote of the Day: “To succeed in life, you need three things: a wishbone, a backbone and a funny bone.” – Reba McEntire
In today’s ACFCS Fincrime Briefing, Judge sentences El Chapo to life in prison, tacks on more than $12 billion forfeiture, FinCEN BEC advisory update, analysis, Congress grills Facebook's crypto coin, Calibra, and more.
Please enjoy this unlocked story, part of the many benefits of being an ACFCS member.
Want to talk about industry trends, story ideas or get published? Feel free to reach out to ACFCS Vice President of Content Brian Monroe at the email address above. Now, on to more sweet sweet content!
Judge sentences ‘El Chapo’ to life in prison, plus 30 years, tacks on $12.6 billion forfeiture
A federal judge Wednesday sentenced Sinaloa Cartel leader “El Chapo” to life plus 30 years in prison, a charge that included more than two dozen drug offenses, money laundering charges and a murder conspiracy – and ordered the much-feared, and now fallen, head of the violent Mexican organized criminal group to pay a forfeiture of $12.6 billion.
A federal jury convicted Joaquin Archivaldo Guzman Loera, known by various aliases, including “El Chapo” and “El Rapido,” on Feb. 12, 2019, following a three-month trial, of all 10 counts of the superseding indictment, including narcotics trafficking, using a firearm in furtherance of his drug crimes and participating in a money laundering conspiracy in the billions of dollars.
From the mid-1980s until his arrest in Mexico in 1993, Guzman Loera was a mid-level operative of the Sinaloa Cartel, earning a name for himself and the nickname “El Rapido” for how quickly he transported drugs from Mexico to the United States for the Colombian cartels.
After he escaped from a Mexican prison in 2001 by hiding in a laundry cart, Guzman Loera formed an alliance with fugitive co-defendant Ismael Zambada Garcia and, together, they became the preeminent leaders of the Sinaloa Cartel.
Guzman Loera enforced his will and maintained control of his drug empire through an army of lethal bodyguards and a sophisticated communications network.
The trial highlighted the methods Guzman Loera and his organization used to transport the cartel’s multi-ton shipments of narcotics into the United States, including fishing boats, submarines, carbon fiber airplanes, trains with secret compartments and transnational underground tunnels.
Once the narcotics were in the United States, they were sold to wholesale distributors in New York, Miami, Atlanta, Chicago, Arizona, Los Angeles and elsewhere.
Guzman Loera then used various methods to launder billions of dollars of drug proceeds, including bulk cash smuggling from the United States to Mexico, U.S.-based insurance companies, reloadable debit cards and numerous shell companies, including a juice company and a fish flour company.
Guzman Loera and his organization also relied on a vast network of corrupt government officials and employees to protect and further the interests of the Sinaloa Cartel. They included local law enforcement officers, prison guards, high-ranking members of the armed forces and elected office holders.
In exchange, the Cartel paid these individuals millions of dollars in bribes, (via DOJ).
This case, conviction and sentencing is a big feather in the cap of the U.S. Justice System, but unfortunately likely won’t make a major dent in the flow of illicit drugs into this country or the billions of dollars laundered in and out of our borders.
One major chess piece has been taken off the board, but many others are already jostling to get into the game. All areas of the financial crime arena – including AML compliance officers, investigators, regulators and auditors – must redouble their efforts to detect and prevent financial crime.
Only with the public and private sectors working more closely together than they ever have before, expanding that out internationally to the regions housing the mega laundering hubs and then further pushing learning, thought leadership and investigative and compliance capacity to all areas of the world can we – as a community – crush not just the current and prior heads of criminal groups, we can bring them all crashing down.
FinCEN released updated BEC advisory, new trend analysis, as monthly SARs tied to crime soar to more than $300 million a month
The U.S. Treasury’s Financial Crimes Enforcement Network Tuesday unveiled critical updates to counter the rising scourge of Business Email Compromise attacks, scammers and the cadre of criminals and scofflaw opportunists who profit from their schemes – a missive that retextures risks spelled out in a similar advisory in 2016.
Similar to the prior advisory, this piece urges financial institutions to more tightly knit together their anti-money laundering, fraud and cybersecurity teams to better thwart an explosion of online attacks against individuals and businesses, a criminal tactic relying on human error to compromise accounts to the tune of billions of dollars.
That is the continuing crux of the latest advisory and related guidance released this week by the Financial Crimes Enforcement Network (FinCEN) exhorting these teams to break down silos in order to tackle the rising scourge of business email compromise (BEC) and email account compromise attacks (EAC). The advisory amounts to a championing of the virtues of compliance convergence by the country’s arbiter of anti-money laundering (AML) rules.
Email compromise fraud schemes typically entail criminal attempts to compromise the email accounts of victims to send fraudulent payment instructions to financial institutions or business associates in order to misappropriate funds or to assist in financial fraud.
Based on data from FinCEN’s Suspicious Activity Reports (SARs), hackers and other illicit actors’ BEC scams generated more than $300 million a month in 2018, a jump from just more than a $100 million from an analysis in 2016, with a cumulative total exceeding billions of dollars stolen from businesses and individuals.
FinCEN Exchange Forum Focuses on BEC Scams
In New York City Tuesday, FinCEN also convened the latest in a series of meetings under its ongoing FinCEN Exchange forum, focusing on fighting potential BEC and resultant money laundering and terrorist financing activities.
Representatives from depository institutions, Federal and State government agencies, a Federal task force, money transmitters, third-party service providers, and technology companies attended the session.
The FinCEN Exchange is a voluntary program established in 2017 to convene law enforcement and financial institutions from across the country to share information.
Updated advisory to FIs on E-mail compromise fraud schemes
FinCEN also issued today an update to its “Advisory to Financial Institutions on E-mail Compromise Fraud Schemes,” first published in 2016.
The latest advisory offers updated operational definitions, provides information on the targeting of non-business entities and data by email compromise schemes, highlights general trends in BEC schemes targeting sectors and jurisdictions, and alerts financial institutions to risks associated with the targeting of vulnerable business processes.
The advisory also highlights the potential for financial institutions to share information about subjects and accounts affiliated with email compromise schemes in the interest of identifying risks of fraudulent transactions and money laundering, something banks have been wondering if they could under Patriot Act Section 314(b).
To read ACFCS coverage of the original 2016 FinCEN BEC advisories, click here and here.
Financial Trend Analysis of AML Data
In addition, FinCEN issued an in-depth Financial Trend Analysis of Bank Secrecy Act (BSA) data that explores industries targeted and methodologies used by BEC scammers.
It notes that the number of SARs describing BEC incidents reported monthly has more than doubled, from averaging nearly 500 per month in 2016, to above 1,100 per month in 2018. The total value of attempted BEC thefts reported in SARs has almost tripled, to an average of $301 million per month in 2018 from $110 million per month in 2016.
The use of fraudulent vendor or client invoices grew as a methodology, from 30 percent of sampled 2017 incidents, to 39 percent in 2018, becoming the most common BEC method.
Impersonating a CEO or other high-ranking business officer as a methodology declined, accounting for 12 percent in 2018 from 33 percent of sampled incidents in 2017. Impersonation of an outside entity was described in 20 percent of 2018 reports.
Manufacturing and construction businesses were the top targets for BEC fraud in 2017 and 2018, and those sectors may have particular interest for compliance professionals at banks and corporates in this report.
FinCEN’s Rapid Response Program Surpasses $500 Million in Recovered Funds
In another ongoing effort, FinCEN’s Rapid Response Program, in collaboration with law enforcement, recently surpassed $500 million in recovered funds.
The program utilizes FinCEN’s ability to rapidly share information with counterpart Financial Intelligence Units (FIU) in more than 164 jurisdictions and leverages these relationships to encourage foreign authorities to intercede and hold funds or reverse wire transfers.
Egmont Group Public Bulletin Outlines Typologies of BEC Fraud Schemes
In addition, the Egmont Group of FIUs this week issued a public bulletin to alert competent authorities and reporting entities of key typologies and money laundering risks associated with BEC fraud schemes.
This bulletin was the result of an initiative by FinCEN and the FIU of Luxembourg in collaboration with nine other FIUs, (via FinCEN).
This advisory and analytical dump by FinCEN is incredibly important for banks as it is not only another resounding call for compliance convergence – covering AML, fraud and cyber – it further enlists top executives to support the breaking of silos and paradigms.
Though not saying it, FinCEN’s latest call for convergence is and has been the mission of ACFCS since its founding, teaching on and tackling all areas of financial crime in a holistic manner that increases the efficiency and effectiveness of compliance teams through stronger understanding, communication, cooperation, coordination – and faster action.
Congress grills official for Facebook’s new crypto coin, Calibra, citing mistrust, fears of financial crime, wild value swings
Democrats and republicans in both the Senate and House committees for banking and financial services had a chance this week to grill Facebook related to its upcoming crypto coin Calibra and did something that rarely happens: agree – they have a bevy of rising fears, from financial crime to losing control of fiat currency value, about the new virtual initiative.
U.S. Senate Banking Chairman Mike Crapo (R-Id.), and Ranking Member Sherrod Brown (D-Oh.), led a litany of lawmakers sounding off on key concerns, with a common theme among them a lack of trust about how Facebook, Calibra and the association backing it will manage the crypto coin and potentially set or change its value and keep it safe from criminals, hackers and sanctions evaders.
The sentiment is not surprising with Facebook in recent days reaching a $5 billion deal with the Federal Trade Commission for mishandling users’ data and privacy violations – a penalty it reportedly paid with ease, with many calling the seemingly hefty fine a joke that barely fazed the social media behemoth.
The skepticism is Congress is also informed by side-eyed comments by many world financial leaders, worried that Calibra could become the illicit coin of the realm for criminal and terror groups.
Since its formal announcement and whitepaper, “U.S. and global regulators have taken notice, including the Federal Reserve, U.K.’s Financial Conduct Authority, Financial Stability Board, G-7 and others,” Crapo wrote.
Last week during the Federal Reserve’s Semiannual Monetary Policy Report to Congress, Chairman Powell raised concerns about the cryptocurrency’s potential for inciting money laundering and financial instability problems, and also expressed concern over customers’ privacy.
Similarly, this week, U.S. Secretary Steven Mnuchin stated the Treasury Department has “very serious concerns that Libra could be misused by money launderers and terrorist financiers.”
In tandem, The Bank of England Governor Mark Carney stated, “Libra, if it achieves its ambitions, would be systemically important. As such it would have to meet the highest standards of prudential regulation and consumer protection. It must address issues ranging from anti-money laundering to data protection to operational resilience.”
For Crapo, he had a laundry list of concerns including:
- How the payment system will work?
- How it will be managed?
- How will Libra, the Libra Association, Calibra and Facebook all interact?
- What consumer protections will apply?
- What are the potential implications for consumers with respect to financial loss from fraud or the project’s failure?
- How will individuals’ data be protected?
- How will individuals’ privacy be preserved?
- How will the Libra ecosystem interact with the Bank Secrecy Act and other existing anti-money laundering regulations?
- What are the ways that Libra could threaten financial stability and what are some steps that could be taken preemptively to mitigate those risks?
A day after the Senate Hearing, House Financial Services Committee Chairwoman Maxine Waters (D-Ca.) held a hearing with the same Libra official, CEO David Marcus, and raised similar alarms bells about how the new coin will collide with historical banking laws and opportunistic criminal entities.
The discussion took place in the looming context of a draft discussion bill that could become a huge stumbling block for Calibra, the “Keep Big Tech Out of Finance Act,” which would prohibit large platform utilities, like Facebook, from becoming chartered, licensed or registered as a U.S. financial institution or otherwise becoming affiliated with such financial institutions.
The bill would also prohibit large platform utilities from establishing, maintaining, or operating a digital asset that is intended to be widely used as medium of exchange, unit of account, store of value, or any other similar function as defined by the Federal Reserve.
Waters also touched on other worries about Calibra being targeted by cyberattacks to destroy it outright, hackers to steal and monetize it for their own gain or countries on U.S. blacklists, like Iran and North Korea, somehow working through proxies and shell companies and using the cryptocurrency to evade sanctions.
In comments after the hearing, the always outspoken Waters thought Marcus “skirted some of the most significant questions.”
Though the hearings are taking place in Washington, D.C., the issues around Calibra have potential global import as Facebook – the built in user-base of the crypto coin – is used by a third of the world’s population, (via Congress in two hearings).
Facebook already has a checkered history for keeping unsavory characters from using their platform.
So how can a company that has broken the trust of users and authorities build that back – and then not only be trusted with very valuable data, but now actual monetary value? These are the questions Facebook, Calibra and its backers will have to answer.
The company has already said it plans on instituting the highest levels of AML compliance, but uncertainties remain.
Can even the most advanced AML program ever created keep up with the sheer volume and potentially tiny micro-transactions that will take place covering billions of people and likely trillions of dollars?
This debate won’t be settled any time soon, but the final arbiters of this will most likely be regulators and investigators.
If examiners look and don’t like what they see, we will find out the failures in formal Calibra penalties. And if too many criminal money laundering roads lead to Calibra, investigators will tell that tale in formal federal indictments.
Drug makers flooded US with billions of opioid pills as epidemic surged, data shows
Statistics are a blow to country’s biggest pharmaceuticals that paid millions of dollars in out of court settlements. Drug makers and distributors flooded the US with more than 75bn opioid pills in the crucial years when the country’s epidemic of painkiller addiction and deaths surged to record levels, according to previously secret data released by an American court.
The publication of the Drug Enforcement Administration statistics is a blow to some of the country’s biggest pharmaceutical firms that have paid hundreds of millions of dollars in out of court settlements in part to keep sealed evidence that they profiteered from escalating demand for opioids even as public health officials were declaring an epidemic.
The database covers 2006 to 2012 when opioid prescriptions reached a peak of 282m a year, enough to supply every American adult with a month’s worth of pills. By then, annual sales of narcotic painkillers had surged past $8bn.
US district judge Dan Polster, in federal court in Cleveland, Ohio, is hearing about 2,000 civil cases brought by cities and counties coast-to-coast against opioid makers and distributors, wrapped into a giant case known as a multi-district litigation.
He ordered the release of the data following a year-long legal battle by newspaper companies the Charleston Gazette-Mail in West Virginia, the state worst hit by the opioid epidemic, and the Washington Post.
Deliveries of the two most common opioids, hydrocodone and oxycodone, escalated by more than 50% in the years covered by the database, to 12.6bn pills in 2012 alone, an analysis of the DEA numbers by the Washington Post found.
By then the federal agency the Centers for Disease Control and Prevention (CDC) had declared a public health crisis because of the surging death toll from overdoses. Some of the largest increases in sales were to parts of the country already devastated by opioids.
Nearly nine out of 10 of the pills were manufactured by subsidiaries of three pharmaceutical multinationals – Mallinckrodt, Endo and Actavis, since renamed Allergan, (via The Guardian).
This new data, and the court cases, further begs the question how much these companies knew where going on related to the doctors prescribing their products and how much individual patients were actually taking.
In short, as profits soared did anyone, inside or outside these companies, raise any alarms, particularly after news stations by the dozens started reporting on surging opioid overdose deaths.
Or did company executives simply look the other way and count their bonuses? The answers to the questions will be played out in these court cases, but the outcomes also have direct import to financial crime compliance professionals and the issue of reputational risk.
Do you want to be known as the bank that banks the drug companies killing more Americans that most other illicit drugs combined? As well, now that the names of these companies are public, did any banks notice what appear to be fraudulent or corrupt payments from these operations to clinics or doctors’ offices? Many questions to consider indeed.