FinCEN highlights key red flags for coronavirus pandemic medical scams, cyber-enabled frauds, including fake tests, phantom deliveries

The Skinny:

  • FinCEN has highlighted key trends and red flags tied to COVID-19 frauds and stimulus scams, including fake cures, tests and vaccines, fictitious deliveries, masks and more
  • The U.S. Treasury bureau, and arbiter of the country’s anti-money laundering defenses, also exhorted institutions and individuals to report such schemes as quickly as possible – ideally in less than 24 hours.
  • That way FinCEN has a chance to strike back against more aggressive cyber-enabled frauds, including business email compromise attacks, with domestic and international allies.
  • As a response to the rise in such frauds, scams and schemes, FinCEN stated it has temporarily expanded its “Rapid Response” arm and recouped hundreds of millions of dollars thought lost to criminal groups – a lone bright spot in a pandemic that has taken lives, life savings and hampered the cumulative countercrime efforts of compliance teams, regulators and investigators.
  • FinCEN is also hoping to build on that success with its flurry of COVID-19-related medical scam red flags, including some classic, and other more nuanced tips, such as nudging bank AML teams to sniff out when a company is too new to be able to provide such a depth and breadth of desperately needed supplies – or they are simply an illusory shell.


By Brian Monroe
bmonroe@acfcs.org
May 27, 2020

The U.S. Treasury has highlighted key trends and red flags tied to COVID-19 frauds and stimulus scams, including fake cures, tests and vaccines, fictitious deliveries and masks, and exhorted institutions and individuals to report such schemes as quickly as possible – ideally in less than 24 hours.

The Financial Crimes Enforcement Network (FinCEN), the country’s financial intelligence unit (FIU) and administrator of anti-money laundering (AML) rules, stated that haste and urgency should be paramount for financial institutions related to the coronavirus as fraudsters and cyber hacking groups have increased their attacks against banks, corporates and individuals.

In response, FinCEN has expanded its “Rapid Response” group and is more aggressively reviewing tips, suspicious activity reports (SARs) in its AML database and working more closely with domestic and foreign law enforcement agencies to recover pilfered funds – in one case alone recouping $300 million.

When it comes to various cyber-fueled fusillades, such as business email compromise (BEC) attacks – an attack vector soaring in popularity in recent years and even more potent in the chaos of a global pandemic – FinCEN has successfully assisted in the recovery of approximately $900 million with the assistance of 64 countries.

But to recapture funds stolen from a bank, corporate or person, the bureau has an incredibly short window – something that financial institution fraud, AML and investigations teams must be aware.

While FinCEN does not ensure recovery of BEC stolen funds, FinCEN has “achieved greater success in recovering funds when victims or financial institutions report BEC-unauthorized and fraudulently induced wire transfers to law enforcement within 24 hours.”

The advisory is also notable for financial crime compliance teams and beyond as FinCEN stated the red flags should be shared in and outside of AML, to the upper echelons of the chief executive and chief compliance officer, to cyber defenders and even frontline staff, including bank tellers and customer service agents.

In a series of missives in recent days, FinCEN has highlighted key trends across banks, AML suspicious activity report (SAR) filings and active law enforcement cases evincing possible COVID-19-related medical scams, including:

  • (1) fraudulent cures, tests, vaccines, and services;
  • (2) non-delivery scams; and
  • (3) price gouging and hoarding of medical-related items, such as face masks and hand sanitizer.

Examples of fraudulent medical services include claims related to “purported vaccines or cures for COVID-19, claims related to products that purportedly disinfect homes or buildings, and the distribution of fraudulent or unauthorized at-home COVID-19 tests.”

Some of these scams may be perpetrated by illicit actors “who recently formed unregistered or unlicensed medical supply companies,” according to FinCEN, a critical clue for AML teams and a quick way to winnow out scammers: see how long the business has been around and scrutinize incorporation documents.  

To read FinCEN’s “Advisory on Medical Scams Related to the Coronavirus Disease 2019,” click here.

To read FinCEN’s “Notice Related to the Coronavirus Disease 2019,” click here.

Financial indicators of these scams may include:

  • History of fraud: U.S. authorities, such as the Federal Trade Commission (FTC), the Food and Drug Administration (FDA), or the DOJ, have identified the company, merchant, or business owners as selling fraudulent products.
  • Web of lies: A web-based search or review of advertisements indicates that a merchant is selling at-home COVID-19 tests, vaccines, treatments, or cures.
  • Make it personal: The customer engages in transactions to or through personal accounts related to the sale of medical supplies, which could indicate that the selling merchant is an unregistered or unlicensed business or is conducting fraudulent medical-related transactions.
  • What’s in a name: The financial institution’s customer has a website with one or more indicia of suspicion, including a name/web address similar to real and well-known companies, a limited internet presence, a location outside of the United States, and/or the ability to purchase pharmaceuticals without a prescription when one is usually required.
  • Image control: The product’s branding images found in an online marketplace appear to be slightly different from the legitimate product’s images, which may indicate a counterfeit product.
  • The price is right: The merchant is advertising the sale of highly sought-after goods related to the COVID-19 pandemic and response at either deeply discounted or highly inflated prices.
  • Card sharks: The merchant is requesting payments that are unusual for the type of transaction or unusual for the industry’s pattern of behavior. For example, instead of a credit card payment, the merchant requires a pre-paid card, the use of a money services business, convertible virtual currency, or that the buyer send funds via an electronic funds transfer to a high-risk jurisdiction.
  • Miscreant merchants: Financial institutions might detect patterns of high chargebacks and return rates in their customer’s accounts. These patterns can be indicative of merchant fraud in general.

Non-delivery scams

In these non-delivery scams, fraudsters often target the most vulnerable and needy operations. Victims can include unsuspecting companies, hospitals, governments, and consumers, according to FinCEN.

These fraudulent transactions occur through “websites, robocalls, or on the Darknet. Some schemes involve shell companies to facilitate transactions.”

In its March warning to the health care industry, the FBI told the medical community to “exercise due diligence and appropriate caution when dealing with unfamiliar vendors and when relying on unidentified third-party brokers in the supply chain.”

Financial indicators of these scams may include:

  • The merchant does not appear to have a lengthy corporate history (e.g., the business was established within the last few months), lacks physical presence or address, or lacks an Employer Identification Number.
  • Additionally, if the merchant has an address, there are noticeable discrepancies between the address and a public record search for the company or the street address, multiple businesses at the same address, or the merchant is located in a high-risk jurisdiction or a region that is not usually associated with the merchandise they are selling.
  • Searches in corporate databases reveal that the merchant’s listing contains a vague or inappropriate company name, multiple unrelated names, a suspicious number of name variations, multiple “doing business as” (DBA) names, or does not align with its business model.
  • The merchant cannot provide shipment-tracking numbers to the customer or proof of shipment to a financial institution so it may process related financial transactions.
  • The merchant claims several last minute and suspicious delays in shipment or receipt of goods. For example, the merchant claims that the equipment was seized at port or by authorities, that customs has not released the shipment, or that the shipment is delayed on a vessel and cannot provide any additional information about the vessel to the customer or their financial institution.
  • The merchant cannot explain the source of the goods or how the merchant acquired bulk supplies of highly sought-after goods related to the COVID-19 pandemic.

FinCEN puts banks, crypto exchanges ‘on notice’ for pandemic fraud intersection

The first foray into detailed pandemic-related red flags is not the first FinCEN has made to illuminate the intersection of the criminal element and the still-raging coronavirus.

Earlier this month, FinCEN put the virtual value sector on notice that as the COVID-19 pandemic fuels new waves of fraud and hacks, criminals are increasingly using crypto coins and related exchanges to purchase malware packages and reap the profits of phishing, ransomware and other cyberattacks.

These illicit actors are also attempting to make it harder for investigators to uncover and cripple their coronavirus-themed scams and schemes by engaging “anonymity-enhanced cryptocurrencies,” also called privacy coins, and going through “tumblers,” tactics that take advantage of crypto exchanges with weak AML programs.

Those were just some of the criminal trends, compliance vulnerabilities and regulatory focal points highlighted by Ken Blanco, director of the Financial Crimes Enforcement Network (FinCEN), during a virtual Consensus Blockchain Conference.

“FinCEN has observed that cybercriminals predominantly launder their proceeds and purchase the tools to conduct their malicious activities via virtual currency,” Blanco said just weeks ago.  

“Your institutions have the opportunity, and obligation, to help identify these illicit criminal networks in your suspicious activity reporting to FinCEN, so that FinCEN can aggregate and analyze this information to identify red flags, permitting industry to spot risks.”

To read Blanco’s full statement, click here.

The missive tacitly put more pressure on crypto exchanges – and other operations that create, sell or move virtual funds – to ensure they are not inadvertently acting as a gateway for organized criminals and hacking collectives to monetize their more aggressive digital fusillades during the pandemic.

Special ACFCS Video Financial Crimecast: Quantaverse CEO David McLaughlin talks AI, AML and compliance in a time of coronavirus

The Skinny:

  • David McLaughlin, the CEO of QuantaVerse, talks criminal trends, AI and financial crime and compliance in a time of coronavirus in a special video version of the ACFCS Financial Crimecast. 
  • In some cases, the COVID-19 pandemic has crimped certain criminal groups engaged in human and drug trafficking. 
  • Conversely, AML alerts at some institutions tied to fraud, sanctions evasion and corruption have soared. 
  • McLaughlin also took time to share some tips and tactics for fincrime professionals to improve efficiency and effectiveness without a technology upgrade. 

By Brian Monroe
bmonroe@acfcs.org
May 22, 2020

Welcome everyone to this special video version of the ACFCS Financial CrimeCast, where we talk to many of the brightest minds in the financial crime and compliance fields to discuss the news, views and trends relevant to professionals today.

My name is Brian Monroe, VP of Content at ACFCS. I will be your host for today’s festivities.

As we are all aware, the COVID-19 pandemic has hit the world hard, with more than 200 countries and territories around the world reporting a total of nearly 3.4 million confirmed cases of the coronavirus.

The pandemic has taken lives and life savings and slowed the global economy as many sectors have shut down or instituted work from home protocols as individuals shelter in place.

Not surprisingly, this has created compliance challenges and opened the door for criminal money laundering, fraud and phishing and other scam fusillades.

For anti-money laundering (AML)and other compliance teams, they have been tasked to do more with less while at home, with some teams scattered or trimmed as some financial institutions lay off workers as transactional throughput falls.

That’s why I am excited to talk to today’s guest, David McLaughlin, about how banks are responding, in some cases through buttressing the loss of human capital through technology, to analyze compliance in a time of coronavirus.

He is the Chief Executive Officer of QuantaVerse, an artificial intelligence-infused compliance technology firm.

McLaughlin has extensive experience in leading mission critical teams to adapt and overcome challenging objectives through his military and corporate careers.

He spent six years as a naval officer, starting in 1986 as an Ensign in the U.S. Navy and attending flight school in Pensacola, FL. A graduate of the highly regarded TOPGUN program, McLaughlin also completed a combat tour in the Persian Gulf, where he was awarded the Distinguished Flying Cross and two Air Medals for bravery in combat.

Prior to founding QuantaVerse, he held senior executive positions with IPR International, NES Financial, and SEI. McLaughlin graduated from West Virginia University and received a master’s degree from Webster University.

In this more than hour-long conversation, he touched on the promise and potential of when AI converges with AML compliance, including helping overcome some of the industry’s most endemic and enduring challenges.

An AML glass half full, or empty?

As a point of context, the combined might of fincrime compliance professionals, regulators, investigators and auditors – the four pillars of the world’s countercrime edifice – only capture a fraction of a percent of the trillions of dollars in illicit finance that flow around the globe.

In the words of a longtime investigative professional before Congress, the U.S. is a “decimal point away from failure.”

One way to look at this is that as a community we have a long way to go because the criminals are mostly winning.

A counterpoint perspective: that also means there are massive areas for improvement – something AI can, and already is, helping to improve in the areas of efficiency, effectiveness and results.

McLaughlin also offered some use cases where AI can help AML teams overcome a key historical scourge to actually creating rich, relevant and timely intelligence for law enforcement: separating the criminal wheat from the swirling transactional chaff.

The current bane of transaction monitoring systems everywhere is the seemingly everpresent avalanche of false positives draining and diverting the finite resources of investigative analysts.

Pandemic alerts: frauds, sanctions surge, trafficking tumbles

McLaughlin also shared information on trends QuantaVerse is seeing across institutions that have changed as a result of COVID-19, including that AML alerts tied to fraud, sanctions and bribery have surged some 30 percent, while alerts of suspected drug and human trafficking have experienced the exact inverse, a drop of 30 percent.

Overall, however, alert volumes in the early months of the pandemic have soared by roughly 50 percent, likely related to individuals and corporates drastically changing purchasing patterns to stock up on essentials, pull out funds for themselves or others and criminals and fraudsters reaping the benefits of more aggressive cyber-enabled attacks.  

In AML vs. COVID-19, make regulators, investigators stronger allies

McLaughlin also shares some tips and tactics for fincrime compliance professionals attempting keep their investigations units strong during the pandemic, including:

Human resilience: Make sure to crosstrain your AML, fraud, corruption and cyber teams with broad, holistic training so they can pinch hit for each other and more quickly and efficiently close investigations and manage alerts.

Regulator rapport, report: As AML teams are scattered and working from home, it might be a challenge to accurately risk rate transaction alerts and choose which to turn into cases and SARs.

McLaughlin advises that if a team is struggling, reach out to their examiner contacts. Regulators are able to see criminal trends and compliance gaps during COVID-19 across multiple institutions.

Investigator allies: McLaughlin also offered a powerful tip for AML professionals to help focus on where risk could be rising even as resources may be retreating: Find the number of your local DOJ, FBI and federal investigator contact and give them a call.

Investigators can help fincrime compliance professionals marshal their forces to counter where criminals are attempting to exploit.

AI, alert automation: One of the most immediate ways to strengthen AML team resources even if some team members are not feeling well is infusing AML alert management systems with automation and artificial intelligence, McLaughlin said.

He highlighted that in a bevy of instances, from customer risk ranking to transaction alert analysis, these technologies are designed to do more with less and improve efficiency and effectiveness in all areas of fincrime investigations, including AML, fraud, corruption and cyber.

Q&A, discussion points, timestamps

Here are some of the questions, timestamps and tips from the interview to help you jump around to exactly what you need:

  • What criminal trends have you seen change during the COVID-19 pandemic? 2:30
  • Managing false positives: 5:00
  • What is the difference between transaction monitoring systems that use rules-based, and thresholds-based systems and ones that used AI, automation and machine learning? 6:30
  • AI example of finding statistical anomalies with businesses transacting with each other: 9:00
  • How the financial crime community is a “decimal point” away from failure and how to change that: 11:00
  • The AML and investigative regimes have Patriot Act Section 314(a), for law enforcement to query and share information with banks, 314(b), for banks to share information with each other, but no 314(c), a platform or safe harbor for banks to share compliance best practices with each other: 12:40
  • How are banks responding and where are you seeing them shift more resources and, conversely, what areas are they pulling away? 15:00
  • How to better ally with regulators and investigators to improve resource allocation: 16:25
  • FinCEN’s “free pass” on AML: 17:00
  • For banks that are falling behind on alerts and cases, due to layoffs or teams under the weather, what advice do you have to help them work through the backlog? 18:00
  • After the Dec. 2018 interagency statement, an invitation to innovation, are you seeing more banks breaking through the “inertia of good enough” to tinker with technology to improve results? 19:00
  • With some institutions not able to outsource some of their compliance functions, how are they tinkering with technology to bridge the gap in human capital? 20:00
  • How AI can take rote, repeatable AML tasks, and investigational steps, and automate them: 22:20
  • Financial crime compliance resilience is a huge challenge right now. How can technology help with banks dealing with fincrime compliance and fraud investigators working from home and overall compliance business continuity? 26:00
  • Creative ways to deal with the backlog, pushing the frontline to the frontline and arming customers with knowledge: 28:00
  • Do you have any examples or use cases on how AI has helped AML teams better manage resources vs. alerts and improve efficiency and effectiveness? 33:00
  • Statement from regulators about on invitation to innovation: 40:00
  • How criminals are targeting people unemployed due to COVID-19 for scams and money laundering: 42:30
  • How AI can take some of the subjectivity out of AML decision-making and alert dispositioning: 44:00
  • Are there any specific prongs of the AML program that can be more immediately improved related to AI? Potentially CDD, EDD, maybe risk ranking? What other areas can AI help in AML and how can that strategy be implemented? 47:40
  • Key tips to improve AML in a time of COVID-19: 51:30

ACFCS announces recipients of certification scholarships for ‘Agents of Resiliency’

Recipients chosen from more than 150 applicants globally to support professionals building resilient fincrime programs in the face of the pandemic

May 19, 2020 – MIAMI – The global pandemic caused by the novel coronavirus has led to historic disruption in business, finance, and daily life. Yet financial crime has hardly slowed down, and the confusion engendered by COVID-19 has been ripe breeding ground for fraudsters, cyberattacks and scammers.

In this tumult, the work of those in financial crime prevention is more important than ever before, even as adjusting to this new reality posed unforeseen obstacles.

Being adaptable and tough – Being resilient, in other words – is not easy, but it is what’s required of fincrime professionals in the current moment.

Against that backdrop, the Association of Certified Financial Crime Specialists (ACFCS), launched an “Agents of Resiliency”  scholarship program as part of its Quarterly Focus on building resilient financial crime prevention programs.

Fincrime professionals around the world have stepped forward to help their programs navigate uncertainty and adapt to a strange new world. ACFCS is recognizing and rewarding the efforts of 20 exceptional individuals by providing them with CFCS scholarships.

The scholarship offers complimentary registration for the Certified Financial Crime Specialist (CFCS) certification, the full suite of prep materials, and a year of membership in ACFCS.

After receiving more than 150 applications from professionals in over 10 countries, ACFCS is proud to announce the 20 recipients. 

Those chosen for the scholarship submitted applications with compelling experiences in developing and maintaining resilience against financial crime, from securing their institutions against scammers taking advantage of work-from-home, to investigating fraudulent sales of personal protective equipment, and much more.

The winners come from the public and private sectors in 10 different countries. They include law enforcement agents, anti-corruption comissioners, heads of compliance at banks, and data scientists, reflecting the reality that the pandemic has impacted all walks of life and the diverse skill sets needed to respond.

ACFCS prioritized applicants in regulatory roles, and those still relatively new in their careers.

“Our associatoin is committed to supporting the fincrime community throughout the historic disruptoin of the pandemic, and celebrating those who have risen to the challenge,” said Joseph Yerant, president of ACFCS. “We are thrilled to provide these certifications to these ‘agents of resiliency’, and we look forward to welcoming them all to the CFCS-certified community.”

The full list of scholarship recipients is below. ACFCS will be running in-depth profiles on these professionals in the coming weeks.

Name Organization Title
Saleem Raza Abdool Raman Independent Commission Against Corruption, Mauritius Senior Investigator, AML/CFT
Jacob Avery Internal Revenue Service (IRS) Special Agent
Martyn Birchall Fredel Governance Director
Jason Blair NY State Office of the Attorney General Principal Auditor Investigator
Celena Boles Coin Cloud Compliance Analyst
Merissa Esposito Clearview Federal Credit Union BSA/AML Specialist
Michelle Ferrero Ohio Attorney General Major Case Investigator
Elena Helmer Global Transact Compliance Adviser
Junwei Huang Scotiabank Data Scientist Senior Manager
Janie Immanuel US Treasury, Office of Foreign Assets Control Sanctions List Coordinator
Meghan Kulkarni Uber Senior Security Analyst – Risk Insights
Romeo Makhaza Deutsche Bank Consultant
Itayi Owen Marumba Bedfordshire Police

Financial Intelligence Development Officer

Yiannis Mavris RCB Bank Head of Compliance
David Mchembere Kenya Port Authority Head of Ethics and Integrity
Eunjung Park Agricultural Bank of China Head of Compliance Training
Adam Pearlman U.S. Department of State, Bureau of International Narcotics and Law Enforcement Affairs Senior Justice and Rule of Law Advisor
Pavankumar Potukuchi Laurentian Bank Lead Advisor, Compliance
Stephanie Sinko U.S. Bank Senior Investigations Quality Assurance Analyst
Otis Yeboah Fidelity Bank Ghana Senior Financial Crime Analyst

 

About the FinCrime Resiliency Quarterly Focus:

A collaboration between ACFCS members, its partners and the greater financial crime prevention community, the Quarterly Focus offers tools, training and resources to bolster financial crime risk mitigation during the the pandemic.

To learn more, visit the overview page here.

About ACFCS

The Association of Certified Financial Crime Specialists (ACFCS) is a worldwide organization for private and public-sector professionals who work in diverse financial crime disciplines, including anti-money laundering, fraud prevention, anti-corruption, cybersecurity, compliance, regulation, enforcement and more.

ACFCS awards the Certified Financial Crime Specialist (CFCS) certification to qualified candidates who pass a proctored examination offered at authorized testing centers around the world. Professionals in the financial crime field from more than 75 countries and jurisdictions have obtained the CFCS certification.

New White House Executive Order requiring regulators to waive, adjust regulations hampering recovery could come with AML, fincrime tethers

The Skinny:

  • New White House executive order requiring regulators to trim or adjust regulations that can hamper an economic recovery could clash with financial crime compliance duties. 
  • The order could pressure federal regulators to publicly, or behind the scenes, nudge banks to pull back on AML requirements now – only to have examiners chastise financial institutions later if broad or “egregious” failures come to light. 
  • What’s worse, is if federal regulators choose to ease up on AML oversight or enforcement, and banks similarly focus more on supporting COVID-19 stimulus goals to support an economic rebound, that lack of compliance focus could give criminal groups easy entre into the international financial system. 

By Brian Monroe
bmonroe@acfcs.org
May 19, 2020

A new White House executive order requiring regulators to temporarily or permanently adjust or waive regulations viewed as a stumbling block to economic growth in the face of the COVID-19 pandemic could complicate financial crime compliance initiatives and open the door for criminals to legitimize illicit finance.

President Donald Trump Tuesday called on the “heads of all agencies to “identify regulatory standards that may inhibit economic recovery and shall consider taking appropriate action, consistent with applicable law, including by issuing proposed rules as necessary, to temporarily or permanently rescind, modify, waive, or exempt persons or entities from those requirements.”

The “Executive Order on Regulatory Relief to Support Economic Recovery” also pushes regulators to “consider exercising appropriate temporary enforcement discretion or appropriate temporary extensions of time as provided for in enforceable agreements” with respect to those requirements – which could include anti-money laundering (AML) rules. To read the full order, click here.

At issue is that if regulators get soft on AML oversight, or enforcement, and banks themselves allow gaps in fincrime compliance programs to fester, its gives easier entre for criminals looking to cleanse ill-gotten gains generated from frauds, corruption, cyber hacks and other crimes, said Jim Richards, the former head of AML for Wells Fargo.

The executive order tacitly ordering regulators to ease up on enforcement is “where an agency can effectively dismantle those pesky [customer identification program, customer due diligence and enhanced due diligence (CIP, CDD, EDD)] regulations.”

How? “To consider exercising appropriate temporary enforcement discretion or appropriate temporary extensions of time as provided for in enforceable agreements with respect to those requirements…,’” Richards said, quoting a line directly taken from the order.

In short, a regulator doesn’t even have to formally or publicly adjust or update a regulation to blunt its power, Richards said.

“So why rescind or waive a regulatory requirement when you can simply stop enforcing it?” he said, noting that such a mindset will only embolden criminal groups already made more creative and aggressive due to the pandemic.  

“I thought I was woken by an earthquake last night: but it was the hand-clapping and foot-stomping of every fraudster and money launderer on the planet, celebrating this Executive Order.”

In AML vs. economy, compliance taking back seat

The executive order is the latest move by Congress, the President and policymakers to restart the economy, which has constricted in the face of COVID-19-related lockdowns, shutdowns and record unemployment.

This is also not the first time economic stimulus packages have clashed with AML program goals.

In recent months, banks bemoaned Bank Secrecy Act (BSA) beneficial ownership requirements frustrating the doling out of Small Business Administration (SBA) emergency loans under the multi-trillion dollar CARES Act.

The result: the U.S. Treasury and Financial Crimes Enforcement Network (FinCEN), the country’s administrator of AML rules, was forced to publicly provide guidance stating already-captured BSA beneficial ownership details could count for similar, but not exact, SBA requirements.

The verdict: In BSA vs. SBA, economic aims won out.

Regulators: Listen to me now and I will get mad at you for doing it later

This latest order also highlights the duality of federal regulators.

These agencies may be forced to pull back on exam scrutiny and enforcement now, to appease the administration or Congress, but this is a group that can just as easily ramp up enforcement later in the face of fraud, corruption or money laundering concerns – leaving banks to pay the piper for actual or perceived AML failings.

In short: if regulators nudge AML teams to pull back on compliance now, these same examiners can come back months, or even years, later, and get mad at institutions for doing what they said – particularly if the institution is mired in allegations and investigations of stimulus-fund frauds.   

What’s more, any lapse in regulatory enforcement, and related gap in filings to law enforcement, could also result in more criminals engaging in larger scams and frauds for longer – opening the door for more AML program examiner criticism when the economy rebounds and even lawsuits by individuals and investors.

Banks must balance propping up economy, not breaching national security

Financial institutions also must realize that any failure in their AML programs – even if seen as acquiescing to the executive order – could also be viewed as a breach of national security, as money launderers, rogue regimes and terror groups are constantly probing the globe for banks with weak countercrime compliance defenses.

That is also one of the few bright line boundaries the executive order states regulators and institutions should keep sacrosanct: national security.

Government agencies should trim regulations “for the purpose of promoting job creation and economic growth, insofar as doing so is consistent with the law and with the policy considerations,” according to the order.

The potential easing of these rules does, however, come with the balancing factor that these changes must also be “consistent with applicable law and with protection of the public health and safety, with national and homeland security, and with budgetary priorities and operational feasibility.”

While not specifically mentioning AML, or other financial crime compliance programs in particular, the executive order does have a section related to “Compliance assistance for regulated entities,” which touches on government and regulatory agencies, by requesting them to “consider” updating the parameters around enforcement discretion and making such analyses and decisions public.

“The heads of all agencies shall consider whether to formulate, and make public, policies of enforcement discretion that…decline enforcement against persons and entities that have attempted in reasonable good faith to comply with applicable statutory and regulatory standards, including those persons and entities acting in conformity with a pre-enforcement ruling.”

Enforcement burden shifts more heavily to agencies

The executive order also appears to shift the enforcement pendulum more in the favor of institutions – particularly if they lapsed on AML in an attempt to better support the business interests of COVID-19-affected and afflicted customers.

The order, under its “Fairness in Administrative Enforcement and Adjudication,” section states: “The heads of all agencies shall consider the principles of fairness in administrative enforcement and adjudication listed below, and revise their procedures and practices in light of them, consistent with applicable law and as they deem appropriate in the context of particular statutory and regulatory programs,” including:

  • (a)  The Government should bear the burden of proving an alleged violation of law; the subject of enforcement should not bear the burden of proving compliance.
  • (b)  Administrative enforcement should be prompt and fair.
  • (c)  Administrative adjudicators should be independent of enforcement staff.
  • (d)  Consistent with any executive branch confidentiality interests, the Government should provide favorable relevant evidence in possession of the agency to the subject of an administrative enforcement action.
  • (e)  All rules of evidence and procedure should be public, clear, and effective.
  • (f)  Penalties should be proportionate, transparent, and imposed in adherence to consistent standards and only as authorized by law.
  • (g)  Administrative enforcement should be free of improper Government coercion.
  • (h)  Liability should be imposed only for violations of statutes or duly issued regulations, after notice and an opportunity to respond.
  • (i)  Administrative enforcement should be free of unfair surprise.
  • (j)  Agencies must be accountable for their administrative enforcement decisions.

AML duties and economic stimulus goals: a delicate balance

AML compliance accountability must also be paired with economic flexibility in the face of the order.

But when it comes to AML compliance, a financial institution can only yield so far to support the economy and seemingly comply with the executive order, said Eric Young, the former Chief Compliance Officer for BNP Paribas Americas.

As well, if a bank is looking to uphold the status quo of fincrime compliance programs, sections 1, 5(a) and 9 of the executive order “should preserve a level of KYC, AML, and Sanctions controls needed” to satisfy current regulatory expectations and create rich, relevant and timely intelligence to law enforcement.  

Sections 1, 5(a) and 9 invoke language that the [executive order (EO)] remain “consistent with the law” including “health and safety,” “national security,” and “homeland security,” Young said.

The USA PATRIOT Act, and other [Office of Foreign Assets Control (OFAC)]-driven applicable laws are “meant to protect our national security and homeland security,” and not interfere with Section 9’s reference to our “military affairs,” he said.

“Having said this, those sections and the EO still enable a level of streamlining of processes and leaves the burden of enforcement on the Government,” Young said. “It’s a balance to speed the recovery while not compromising national and homeland security nor interfere with military affairs.”

In pandemic fraud, cyber fusillades, more criminals choosing crypto to buy virtual weapons, get paid after successful attacks: FinCEN

The Skinny:

  • FinCEN is putting the virtual value sector on notice that criminals are increasingly using crypto coins and related exchanges to purchase malware packages and reap the profits of COVID-19 pandemic-related phishing, ransomware and other cyberattacks.
  • These illicit actors are also attempting to hide connections to scams and schemes by engaging “anonymity-enhanced cryptocurrencies,” also called privacy coins, and going through crypto exchanges with weak or non-existent AML programs.
  • The country’s financial intelligence unit and administer of counter-crime compliance defenses also stated it is “concerned” about foreign MSBs that are unregistered and don’t have stout AML programs doing business in the U.S. or with U.S. persons – evading regulatory and investigative scrutiny.  

By Brian Monroe
bmonroe@acfcs.org
May 15, 2020

The U.S. Treasury is putting the virtual value sector on notice that as the COVID-19 pandemic fuels new waves of fraud and hacks, criminals are increasingly using crypto coins and related exchanges to purchase malware packages and reap the profits of phishing, ransomware and other cyberattacks.

These illicit actors are also attempting to make it harder for investigators to uncover and cripple their coronavirus-themed scams and schemes by engaging “anonymity-enhanced cryptocurrencies,” also called privacy coins, and going through “tumblers,” tactics that take advantage of crypto exchanges with weak anti-money laundering (AML) programs.

Those are just some of the criminal trends, compliance vulnerabilities and regulatory focal points highlighted by Ken Blanco, director of the Financial Crimes Enforcement Network (FinCEN), in a virtual Consensus Blockchain Conference this week.

“FinCEN has observed that cybercriminals predominantly launder their proceeds and purchase the tools to conduct their malicious activities via virtual currency,” Blanco said 

“Your institutions have the opportunity, and obligation, to help identify these illicit criminal networks in your suspicious activity reporting to FinCEN, so that FinCEN can aggregate and analyze this information to identify red flags, permitting industry to spot risks.”

To read Blanco’s full statement, click here.

The missive puts more pressure on crypto exchanges – and other operations that create, sell or move virtual funds – to ensure they are not inadvertently acting as a gateway for organized criminals and hacking collectives to monetize their more aggressive digital fusillades during the pandemic.

The crypto exchange sector is still wrestling with more formalized compliance duties coming domestically and internationally, most recently in June when the Paris-based Financial Action Task Force (FATF) updated a key recommendation to include the “Travel Rule,” a requirement that critical customer details “travel” with the transaction through the various interlinked parties, with a deadline date of June 2020.

But while the rule has been a longtime staple for bank transactions, it has become a crypto industry flashpoint, with a bevy of crypto companies, associations and thought leaders offering potential solutions in dense and didactic essays, whitepapers and analyses.  

Financial crime in a time of coronavirus

Beyond just crypto exchanges and their compliance challenges, Blanco’s comments also tacitly increase the scrutiny that brick-and-mortar banks – the nexus between the realm of crypto coin and fiat value – must engage in related to their crypto exchange customers.

In essence, similar to other historical relationships with operations like money services businesses (MSBs), banks must act as a de facto regulator to their crypto clients, lest their own federal regulators uncover these relationships first and judge that institutions didn’t have enough compliance oversight.

Here are some of the financial crime trends tied to the pandemic:

  • COVID-19 as Lure: FinCEN and U.S. law enforcement have seen reports of cybercriminals leveraging COVID-19 themes as lures, often targeting vulnerable individuals and companies that seek healthcare information and products or are contributing to relief efforts. 
  • Healthcare vulnerabilities: This type of cybercrime in the COVID-19 environment is especially despicable, because these criminals leverage altered business operations, decreased mobility, and increased anxiety to prey on those seeking critical healthcare information and supplies, including the elderly and infirm.
  • Adapting to Opportunities: Because of increased remote work by many companies and government institutions worldwide, many distinct threat vectors, risk considerations, and mitigation strategies are being used by criminals and bad actors.  
  • Remote exploits: FinCEN is aware that cybercriminals are targeting vulnerabilities in remote applications—including virtual private networks and remote desktop protocol exploits—to steal sensitive information and compromise transactions. 
  • One fish, two fish, three Phish: Whether with COVID-19 lures or not, cybercriminals and malicious state actors are using wide-scale phishing campaigns, malware, extortion, business email compromise, and other exploits against remote platforms to steal credentials, conduct fraud, and spread disinformation.
  • Scams and spam: Many prevalent scams involving virtual currency payments exploit COVID-19, from extortion, ransomware, and the sale of fraudulent medical products, to initial coin offering investment scams, which will likely continue to grow during the pandemic.
  • Undermining Due Diligence: Criminals are also working to undermine “know your customer” processes in the remote environment. Virtual currency businesses should remain vigilant against attacks targeting their onboarding and authentication processes, for example “deepfakes” manipulating digital images and account takeovers facilitated by credential stuffing attacks. 
  • Digital assurance: Financial institutions should consider the risks of the current environment in their business processes, and the appropriate level of assurance needed for digital identity solutions to mitigate criminal exploitation of your products and platforms. 
  • Better virtual vigilance: Even financial institutions that typically manage their lines of business remotely, such as some virtual currency exchangers, may find themselves more exposed given the changing threat environment.

Anonymity-enhanced coins mirror anonymous beneficial ownership structures

Virtual exchanges may also face more risks of being infiltrated by illicit entities if they can’t accurately drill down to see what individuals or companies are tied to which transactions – a key hurdle in some crypto transaction chains.

There remain “significant issues that concern us in the virtual currency space,” Blanco said, including:

  • Privacy vs. anonymity: Risks associated with anonymity-enhanced cryptocurrencies, or AECs, remain unmitigated across many virtual currency financial institutions. 
  • Risks vs. rewards: We expect each financial institution to have appropriate controls in place based on the products or services it offers, consistent with the obligation to maintain a risk-based AML program. 
  • Coin purse: This means we are taking a close look at the AML/CFT controls you put on the types of virtual currency you offer—whether it be Monero, Zcash, Bitcoin, Grin, or something else—and you should too. 
  • Regulators, investigators are coming: To be sure, FinCEN and our delegated examiners at the IRS are focused on this.

There are even parallels between coins that offer privacy shields and one of the country’s – and really the world’s – most persisting financial crime vulnerable. anonymous shell companies with opaque beneficial ownership structures, according to Jim Richards, the former top AML officer for Wells Fargo, in an analysis of the statement.

“I agree with Director Blanco that anonymity-enhanced cryptocurrencies are a key risk,” he wrote. “Just as anonymity-enhanced legal entities are a key risk: lack of a federal standard that legal entities disclose their beneficial ownership, and provide that information to a publicly-available central registry, remains the biggest risk facing the American AML/CFT regime.“

Unregistered foreign MSBs flouting AML a ‘concern’ for FinCEN

FinCEN also touched on another vexing vulnerability for the country’s fincrime defenses: foreign MSBs doing business in the U.S. or with U.S. persons that don’t have stout AML programs.

The bureau is “increasingly concerned that businesses located outside the United States continue to try to do business with U.S. persons without complying with our rules,” including registering, maintaining a risk-based AML program, and reporting suspicious activity, among other requirements. 

“If you want access to the U.S. financial system and the U.S. market, you must abide by the rules,” Blanco said, adding that FinCEN wants banks to include “detailed information” about suspected unregistered foreign MSBs. “We are serious about enforcing our regulations, including against foreign businesses operating in the United States as unregistered MSBs.” 

FinCEN stated it is also trying to put more of the information in crypto-related SARs to good use.

Since 2013, FinCEN has received nearly 70,000 SARs involving virtual currency exploitation. 

Just over half of these reports originated from virtual currency industry filers.

Others came from traditional financial institutions that “also have a unique window into illicit financial flows involving virtual currency, such as banks that may see ransomware payments made by customers or MSBs that see funds transfers derived from account takeovers,” Blanco said, exhorting institutions to not skimp on the details as they can make or break ongoing cases.  

This reporting is “incredibly valuable to FinCEN and law enforcement, especially when you include technical indicators associated with the illicit activity, such as Internet Protocol (IP) addresses, malware hashes, malicious domains, and virtual currency addresses associated with ransomware or other illicit transactions.”

Special ATII Contributor Report: COVID-19 and Human Trafficking – Exacerbating Modern Slavery with a Global Health Pandemic

The Skinny: 

  • The relentless march of the COVID-19 pandemic has affected human trafficking and human smuggling groups in different ways – causing one arena to dry up and another to surge.
  • For some human trafficking operations, they have seen profits fall as communities, states and even full countries lock down and “shelter in place,” so that means fewer customers for sex workers, in seedy motels or massage parlors.
  • Conversely, some human smuggling operations have seen demand for their services skyrocket as foreign nationals in already impoverished regions reach their breaking point and risk everything to illegally enter the U.S. or EU.
  • Overall, however, the severe economic downturn resulting from so many industries grinding to a halt has put millions out of work, making them easy prey for fork-tongued traffickers looking to reap new victims.
  • However, even without the influence of formal trafficking groups, some desperate individuals may themselves decide that with no one hiring and unemployment a paltry substitute or unavailable, they will become sex workers as a last resort.
  • These criminal trafficking trends also can leave a bevy of digital footprints for financial crime compliance professionals to follow, potentially uncovering the fiscal underpinnings of larger organized criminal groups and even saving victims.

By Alexandra Helminski, intelligence expert, ATII, The Data Initiative and Lizz Morse, expert, ATII
May 12, 2020

With editing and minor content additions by ACFCS VP of Content, Brian Monroe

As COVID-19 has evolved into a global health crisis, it has plunged much of the world, and financial sector, into an economic downturn, as well as created new opportunities for criminals to infiltrate institutions and exploit those who have suffered from this pandemic.

As the Office of Trafficking in Persons stated, “As in times of disaster response, we recognize that disruptions to local services, housing and economic stability, and social disconnection can further increase risk for victimization and exploitation.”

The relentless march of the pandemic since its rise in Wuhan, China in December has been the very definition of disruption to society, jumping borders and targeting rich and poor countries alike.

The coronavirus is affecting 212 countries and territories around the world, with some 4.3 million active cases and more than 290,000 deaths, according to Worldometers.

COVID-19 has also affected financial crime fighters at all levels, including compliance officers, regulators, investigators and auditors – the four key pillars of the worldwide counter-crime citadel.

In tandem, with individuals and families losing jobs, losing income and potentially even losing their homes or apartments, you can even argue that COVID-19 has created certain problems specific to human trafficking – opening the door for criminals to create a new class of victims because all some people have left to generate value is their corporeal forms.

These disruptions have affected human trafficking, human slavery and prostitution across the spectrum of such crimes and even potentially put young people at risk of being taken advantage of by online predators because schooling across the country and at nearly all grade levels has gone digital.

That means large, international trafficking groups will have to adapt to keep filing their massive global coffers.

Human trafficking is one of the most profitable crimes in the world, generating an estimated $150 billion annually. There are estimated to be more than 40 million victims of human trafficking globally.

With so much of a population “sheltering in place” due to forced quarantines and state-wide – and even countrywide – lockdowns, that has hampered one area of trafficking but conversely caused a second facet of the crime, human smuggling, to surge.

For human traffickers, they have seen, in some cases, illicit funds from sex work dry up as customers stay home – choosing not to visit seedy motels or go to massage parlors with blacked out windows.

The response: some trafficking groups and individuals have started cam shows – paid for by crypto coins and credit and prepaid cards.

In an inversely proportional dynamic to human traffickers, human smugglers are seeing demand for their services skyrocket.

Why?

Because in some parts of the world that are already impoverished, the COVID-19 pandemic has made an already difficult life unbearable due to a lack of capacity, healthcare workers, equipment and support services – pushing fearful and anxious masses to leave places like Africa and the Americas to Europe and the United States.

But these transactional changes could also give clues to anti-money laundering (AML) compliance professionals to better understand when a human trafficking group, victims or others – when out of desperation have turned to prostitution – have started moving illicit funds through their institutions.

Desperation, eviction, evolution, devolution

Here are some tips to help better understand the more nuanced financial trails of human trafficking operations during the COVID-19 pandemic:

Prostitution: Desperate times call for desperate measures  

While likely rare, there could be some individuals unable to work, due to being laid off as entire sectors – including travel, tourism and entertainment – have evaporated who decide that the only option to keep a roof over their head or provide for their family is prostitution.

But how would this look through the lens of a bank transaction monitoring system?

Examine for an evolution to a darker path. For instance, someone who had been getting ACH deposits, or had been depositing roughly similar amounts on a regular basis, all of a sudden has a gap. There is also a corresponding gap in typical payments for rent, mortgage, water and electric bills.

The account might get some deposits from state unemployment or no help from government assistance at all. Then, all of a sudden, the person starts depositing large amounts of cash at irregular intervals – a potential red flag for prostitution.

Some further details to strengthen reasonable grounds for suspicion and to file a suspicious activity report (SAR) is if the account suddenly starts sending credit card or debit payments to known online escort or adult websites – clear evidence a person is advertising their services.

As well, closing the illicit loop, is if the account exhibiting the above signs also, for the first time, starts receiving payments from sketchy virtual currency exchanges, which is how the person is accepting payment from clients, attempting to keep the ties anonymous.

Human trafficking: As full sectors implode, traffickers raise their scythe

Similar to the above scenario, but this time, the person isn’t making the choice to engage in sex work of their own accord: they were recruited by a human trafficker bent on exploiting individuals who are scared, desperate and worried about losing it all.

Traffickers have an array of tactics to recruit people, promising easy or quick money, modeling gigs, or stable hospitality work in a foreign locale.

But the goal is always the same: get these people out of an environment, or region, where they have money, choices and a support system to make them dependent on the trafficker.

But again, that begs the question: How would that look in a transaction monitoring system?

One key that could help fincrime professionals risk assess what accounts could, or are, could be at risk being infiltrated by trafficking groups is to keep abreast of what sectors in what regions have been the most decimated by the coronavirus.

For instance, in South Florida, a typically teeming mecca of sun, sand and sin for tourists, many hotel workers, cruise workers and entertainers have lost their jobs. The tourism industry alone in Florida supports some 1.5 million jobs, according to Visit Florida.

So it might behoove compliance teams to tighten the transactional alert thresholds for customers in these sectors to get a better sense of when, or if, a trafficker has co-opted an out-of-work server, bartender or dancer.

Likely, in a case like that, the transactions would change considerably, again, from a person’s account having regular deposits from known companies, banks and HR companies in the thousands of dollars, to smaller cash transactions in the hundreds of dollars – in particular below thresholds where someone has to produce on ID.

As well, the account could start seeing deposits at different ATMs for the same bank, or many ATMs, from different banks that rotate around a given region within driving distance of a few hours.

The account could also then start seeing deposits out of state, with a corresponding larger transaction later wired to foreign destinations known to be trafficking and smuggling hubs – such as Asia Pacific and Africa – in classic funnel account form.  

The trafficker also might take a person’s credit and debit cards and start using them to pay for items like hotels, takeout food and Netflix or Redbox – to keep trafficking individuals occupied during their downtime.

Another red flag: the trafficked person’s social media accounts disappear or go dormant.

This trafficker, now handler, may essentially take over the person’s bank account – even walking into banks with them while not allowing an obviously nervous individual to speak – or refer to the person as an “employee” who is moving money overseas to help family members, even if the victim is not from that country and the handler is clearly not family.  

Other red flags for human trafficking that could be viewed by AML teams are ATM/credit card transactions in even, hundred dollar amounts, between 11 p.m. and 3 a.m. and using anonymous cashier’s checks and the like to pay for things, even bills, instead of ACH or personal checks.

Human smuggling: As countries lock down, smugglers get creative, expensive

Human smuggling during COVID-19 has gotten more dangerous, more expensive and more difficult.  

The crime is defined by the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) as involving foreign nationals choosing to immigrate illegally by paying a smuggler to help them cross the border.

So how does this crime look in an AML transaction monitoring system?

One key red flag: “Frequent exchange of small-denomination for larger denomination bills by a customer who is not in a cash intensive industry,” according to FinCEN. “This type of activity may occur as smugglers ready proceeds for bulk cash shipments.”

But to better understand the details of when smuggling could touch your institution, it’s vital to put the transactions into proper context, including what regions already struggling financially, with lack of rule of law or basic services, could have their migrant exodus numbers accelerate.

AML professionals must also be cognizant that human smuggling has three segments: Solicitation, transportation and payment.

Payments from families to smugglers could be in advance, a partial payment or be paid in full on arrival – giving opportunities to be identified by AML teams. But to best understand where the payments could be coming from and going, you need to analyze where migrants are moving.

Historically, the United States is the country that is the largest destination for migrants – legal and illegal, according to an analysis by Pew Research.

The decline in the unauthorized immigrant population is due largely to a fall in the number from Mexico – the single largest group of unauthorized immigrants in the U.S. Between 2007 and 2017, this group decreased by 2 million.

Meanwhile, there was a rise in the number from Central America and Asia.

As more migrants move, depending on their wealth and influence, they could be calling on the services of human smugglers – some that are just trying to provide a service to those seeking a better life, and others part of organized criminal gangs.

These past immigration patterns now must also be overlaid with what is happening globally as a result of the coronavirus.

Even while the United States and Europe have the most COVID-19 cases – the U.S has more than 1.4 million cases while Spain, Italy, France and Germany are in the top 10 – other countries that are already struggling with poverty, corruption or a lack of rule of law could be hit even harder during the pandemic.

Some current global coronavirus hotspots that could spur immigration include: Brazil with nearly 180,000 cases, Peru with some 72,000, Mexico at just more than 38,000 and Philippines and South Africa at 11,350 each, according to Worldometers.

Illegal immigration is also big business – with some reports stating that the human smugglers, or “coyotes” are charging more for their services.

According to experts, coyotes gross more than $5 billion a year. Crossing fees can range from $1,500 to $2,500 in Mexico. Police note that on a “good day” large coyote organizations can transport 500 people into the United States, according to Time.

That means, as an example, an institution might see a customer, or their family, in these regions withdraw thousands of dollars, let’s say $1,000, in Mexico, and then have a similar amount pulled out at or near ATMs in the southwest border to pay the other half of a coyote’s fee.

FATF weighs in on COVID-19 and tendrils to financial crime

The Paris-based Financial Action Task Force (FATF) touched on the human trafficking and smuggling ties to the pandemic in a just-released report, its first major statement on COVID-19. To read the full, 34-page report, click here.

“Criminals may take advantage of the pandemic to exploit vulnerable groups,” according to FATF, the global standard bearer for fincrime compliance best practices. “This may lead to an increase in the exploitation of workers and human trafficking.”

What’s worse, investigators may not uncover the rise of some trafficking groups until things start going back to normal.

“The suspension or reduced activity of government agencies regularly engaged in detecting human trafficking cases and identifying victims of trafficking (including workplace inspectors and social and health care workers) means that cases may go undetected.”

There are also more potential victims for traffickers to target.

“The shutdown of workplaces, slowdown in the economy, rising unemployment, and financial insecurity are factors that could result in an increase in human exploitation,” according to FATF.

Aggressive compliance focus on trafficking can help prevent infections

A critical reason why fincrime compliance professionals must adapt and overcome quickly – many teams are dealing with scattered workers and even layoffs and a significant surge in alert volumes – during the pandemic is helping law enforcement identify and shut down trafficking rings can save lives.

One problem COVID-19 poses to human trafficking victims concerns the health and well-being of such victims and the individuals exploiting these victims, such as clients purchasing their services and the traffickers themselves. 

Because this virus is highly contagious, human trafficking increases the risk of exposure for all parties involved, potentially leading to becoming infected and suffering health-related symptoms.

This not only poses an issue for both the trafficker and client, but also for the trafficking victim.

The trafficker could expose him or herself, as well as business partners and clients, to the virus. If a victim were to contract the virus, seeking medical care for the victim could risk exposure of the business operations.

However, if the trafficker chooses not to seek medical care for the victim, the victim could succumb to the illness, risk exposure to the general public and anyone who comes into contact with him or her, and/or the trafficker could end up releasing the victim leaving the victim to fend for him or herself.

Additionally, border closures and restrictions can pose a risk for exposure and lack of medical care.

Potential risk of financial crime resulting from human trafficking during this pandemic has not only increased, but has resulted in red flags in some banking transactions and activity noticed by AML professionals working behind the scenes.

In a move to adapt to an inability to actually meet individuals for sex, trafficking groups and individuals have started offering online cam shows and moving payments to credit cards, prepaid cards, and virtual currencies for such activities.

Ironically, video voyeurism may even technically be considered legal, said Brian Monroe, Vice President of Content for the Association of Certified Financial Crime Specialists (ACFCS), in the article, “Fincrime Compliance Professionals Highlight Longer Hours, Shifting Illicit Patterns of Finance, Training Challenges in First ACFCS ‘Virtual Happy Half-Hour.”

To read the full story, click here.

However, Monroe further explains that with hotel room or massage parlor access becoming limited, human trafficking patterns have adapted.

As the landscape of the financial industry has since changed course due to COVID-19, it has also impacted the way criminals operate their business.

It is critical for financial industry professionals to remain diligent in their efforts to flag and prevent future financial crimes, specifically those related to human trafficking, as well as continue mitigating and deterring these bad actors.

As children spend more time online, they become more of a target

Another problem COVID-19 poses to human trafficking stems from the amount of time kids are spending at home, specifically time spent online.

Schools have since switched to online learning from home. Predators utilize the internet to exploit vulnerable individuals, including children.

Children’s increased time spent online playing games with friends, social media outlets, and websites may increase their risk and exposure to potential predators that lurk in such online sources.

“There are reports from some members of a rise in the production and distribution of online child exploitation material, often for profit,” FATF stated in its COVID-19 and fincrime report.

“With the closure of schools, children are increasingly using the internet during “lockdown” periods, which could lead to an increase in online child exploitation,” the group said, citing U.S. and Australian authorities. “There are also reports that “lockdowns” and travel bans are increasing demand for this material.”

While the old tactic of “trust, but verify,” was once effective, we live in an age where technology has evolved and is more prominent in everyday life than it was just five to ten years ago.

A few tips for parents looking to monitor their children’s online activities without alienating their children include:

Be present: Find out what tools and apps they are actively using, check in on what content they post and receive, and conduct open, honest dialogues with them about what they see, how they respond, and your concerns over what you prefer they did or did not see or partake in.

Share passwords: Many parents will require their children to share passwords with any apps they use across all their devices. From smartphones to tablets to gaming systems, it is a good idea to have access to your children’s devices.

Install monitoring software: Monitoring apps and software can limit children’s activities and posts. There are plenty of reviews on the pros and cons of different monitoring software programs. Many monitoring software programs are reasonably priced as well.

Before considering sex work, reach out for help

Financial strain has impacted many families during this pandemic.

With unemployment, layoffs, and companies closing their doors completely, many families are facing the economic hardships as a result. This may cause individuals to look for alternative ways to earn money to support their families or simply themselves.

Prostitution is oftentimes the alternative method for “easy” money, especially for individuals in a desperate situation who need to survive or provide for their families.

However, there are other alternatives to maintaining financial stability during this crisis.

The Polaris Project points out that “policies like rent moratoria that stabilize existing housing and vouchers to provide emergency access to short term housing will alleviate tremendous pressure for potential victims and their families.

Job incentives for employers to hire in vulnerable communities at living wages will allow people to safely access the resources they need.”  In addition, the federal government has since instituted an Economic Payment Impact, which is currently issuing stimulus checks to those who qualify.

COVID-19 has impacted our lives at social, economic, financial, and mental levels.

While human trafficking is exacerbated during this time of crisis, there are valuable solutions to combatting it.

“Information sharing, intelligence, and ultimately awareness is at the center of countering issues like human trafficking,” said Vic Maculaitis, Founder and Chief Executive of The Data Initiative. “Sharing our data products and applications with non-profits, such as ATII, is a way of aiding and multiplying the force.”

Human trafficking victims have resources and services available to assist them during this global health crisis.

These resources include the National Human Trafficking Hotline (NHTH), The Domestic Victims of Human Trafficking Program (DVHT), Trafficking Victim Assistance Program (TVAP), as well as other state and local resources.

Other resources to address challenges related to COVID-19 include caregiver and household resources, shelters and transitional living programs, child care alternatives, substance use treatment and support programs, food assistance, economic impact payments, and many more.

Please do not hesitate to reach out to Anti-Human Trafficking Intelligence Initiative (ATII) and our partners at Association for Certified Financial Crime Specialists (ACFCS) to learn more about following the money and joining the fight against modern slavery.

Sources:

Pandemic has hampered AML supervision, international investigations, cooperation, could help criminals evade CDD: FATF

The Skinny:

  • A global watchdog group is warning that the COVID-19 pandemic is creating hurdles for running financial crime compliance programs, reporting suspicious activities to law enforcement and working together to identify larger, interconnected criminal groups.
  • The Paris-based Financial Action Task Force (FATF), the standard bearer of anti-money laundering (AML) compliance best practices, is also highlighting that the relentless march of the coronavirus is also hampering compliance regulatory oversight and law enforcement investigations – preventing agencies from communicating, cooperating and quickly closing large cases.
  • Part of the issue is that many banks are struggling to balance quickly processing billions of dollars in stimulus payments to small businesses to prevent a foundering economy from falling further with ensuring the funds are not lost and stolen due to graft and fraud – a key concern noted by FATF.
  • One tactic employed by illicit organized groups is creating shell companies to act as a small business and attempting to skimp on AML customer due diligence details, critical information that could have uncovered a risky or criminal entity – or forensically could have tracked down pilfered stimulus funds.

By Dev Odedra
Independent AML expert, director, Minerva Stratagem Consulting
May 6, 2020

With editing and minor content additions by ACFCS VP of Content, Brian Monroe

The COVID-19 pandemic has created compliance stumbling blocks while opening the door to more criminal scams and laundering opportunities – including illicit entities evading customer scrutiny as banks focus more on doling out emergency stimulus loans to keep the world economy afloat, according to a just-released report by a global counter-crime watchdog.

The coronavirus pandemic has “led to a rise in COVID-19-related crimes, including fraud, cybercrime, misdirection or exploitation of government funds or international financial assistance,” the Paris-based Financial Action Task Force (FATF) said Monday.

With criminals trying to take advantage of pandemic fears with a surge in spam phishing fusillades on one end of the tainted spectrum and a charitable desire to help on the other, these coronavirus infection inflection points are “creating new sources of proceeds for illicit actors,” according to FATF, the international standard bearer of fincrime compliance best practices.

To read the full report, click here.  

It is also negatively affecting anti-money laundering (AML) oversight at all levels, along with the ability for financial institutions to broadly analyze for aberrant patterns and large-scale organized criminal patterns and related suspicious activity report/ suspicious transaction report (SAR/STR) reporting and international cooperation for law enforcement agencies.

“As the world is focusing on responding to the COVID-19 pandemic, it is impacting on the ability of government and the private sector to implement anti-money laundering and counter terrorist financing (AML/CFT) obligations in areas including supervision, regulation and policy reform, suspicious transaction reporting and international cooperation,” FATF said.

The missive to the compliance and investigative communities is the first major communique the influential world body has made related to the coronavirus and its tendrils to international crime fighters.

FATF in two more diminutive statements touched on the pandemic in recent weeks to exhort institutions to be a willing, but wary, partner of non-profit groups purporting to support COVID-19 causes and that institutions should consider digital onboarding and verification and employ simplified due diligence in certain cases to balance calibrating AML risk assessment requirements and social distancing protocols.

While acknowledging the AML obstacles of the financial sector, FATF also noted it is not immune to coronavirus-related compliance difficulties, admitting it is dealing with logistical challenges of its own and would be suspending on-site country evaluations along with extending assessment and follow-up deadlines.

To read the FATF pandemic statement tied to non-profits, click here.

To read the FATF statement tied to updated evaluation timelines, click here.

In frenzy of stimulus loans, criminals will attempt to evade AML scrutiny

It’s not a surprise that even the disciplined and typically well-oiled FATF evaluation train has gone off the rails.

Few individuals, businesses and even countries have remained unscathed by the relentless march of the coronavirus.

Overall, more than 200 countries and territories around the world have reported a total of nearly 3.8 million confirmed cases of COVID-19 that originated from Wuhan, China, and a death toll of more than 260,000, according to Worldometer.

In the face of lockdowns and rising unemployment, many financial institutions have seen profits fall and risks soar, in some cases choosing to trim or reorganize now-scattered fincrime compliance teams.

For some institutions, this has resulted in a “perfect storm” scenario where banks have fewer resources to review an avalanche of alerts – both from normal people drastically shifting money to support themselves and others and from fraudsters, scammers and spammers trying to game the system.

What this means for AML professionals: Even as you adjust to support your bank extending emergency stimulus loans, if you can’t proactively risk assess before the money goes out, forensically analyze after the fact so that when law enforcement eventually follows fraud funds to your door, you are seen as a SAR-armored ally, and not a co-conspirator.

The pandemic, according to FATF, could help criminals to:  

  • Bypass customer due diligence measures;
  • Increase misuse of online financial services and virtual assets to move and conceal illicit funds;
  • Exploit economic stimulus measures and insolvency schemes as a means for natural and legal persons to conceal and launder illicit proceeds;
  • Increase use of the unregulated financial sector, creating additional opportunities for criminals to launder illicit funds;
  • Misuse and misappropriation of domestic and international financial aid and emergency funding;
  • Exploit COVID-19 and the associated economic downturn to move into new cash-intensive and high-liquidity lines of business in developing countries.

To counter these criminal vulnerabilities, AML/CFT policy responses should include:

  • Domestic coordination to assess the impact of COVID-19 on AML/CFT risks and systems;
  • Strengthened communication with the private sector;
  • Encouraging the full use of a risk-based approach to customer due diligence; 
  • Supporting electronic and digital payment options.  

Putting all the pieces together

But this latest FATF report, titled “COVID-19-related Money Laundering and Terrorist Financing.  Risks and Policy Responses,”[1]must also be viewed with the broader context of what other non-government corruption and transparency groups have said and through the lens of the increasing aggressiveness and creativity of criminal groups.  

Although the paper is for information purposes only and does not constitute the official view of the FATF, nor imply or constitute any changes to the FATF Standards, it is of great value to anti-financial crime professionals as a knowledge piece.

Whilst much of the attention related to COVID-19 from a financial crime perspective has focused on fraud, cybercrime and regulatory responses to managing risks, the FATF paper may highlight some of lesser known financial crime related areas to be considered, especially when combined lesser known developments reported in the media.


[1] http://www.fatf-gafi.org/media/fatf/documents/COVID-19-AML-CFT.pdf

Criminals finding ways to bypass customer due diligence measures

With many bank branches closed due to ‘lockdown’ measures instituted by countries, a significant shift in focus has turned to online banking for transactions and digital verification for AML know your customer (KYC) duties. 

Whilst some regulators have issued guidance on alternatives to face-to-face KYC[1], such as requesting clients to provide ‘selfies’ or videos, this is not a relaxation of financial crime risk management requirements. 

Institutions looking to incorporate new measures should be mindful that they need to be able to spot, for example; high resolution digital photos, “deepfakes” and 3D silicon/latex masks.

Increased misuse of online financial services and virtual assets to move and conceal illicit funds

Whilst much attention has been turned to fraud during the pandemic, there is likely little slow down of those involved in criminal activity involving virtual assets, regardless of new regulatory measures coming into force covering Virtual Asset Service Providers (VASP’s). 

A case involving Bitcoins that received little attention but has a much larger significance for financial crime and compliance professionals was that of money laundering charges against William Anderson Burgamy IV[2]

Burgamy, arrested and charged in April, was alleged to have operated as a Darknet vendor selling medications, including prescription opioids. 

He allegedly laundered the proceeds of his criminal activity by cashing out his Bitcoin drug payments into United States dollars and moving the funds through a variety of accounts, including his business bank accounts, in an effort to conceal and disguise the nature and source of his illicit proceeds. 

Although the activity precedes the pandemic, it clearly continued and thrived throughout it, as Burgamy is said to have posted on his Darknet market vendor page: Even with Corona Virus [sic] the shop is running at full speed.”


[1] https://www.fca.org.uk/publication/correspondence/dear-ceo-letter-coronavirus-update-firms-providing-services-retail-investors.pdf

[2] https://www.justice.gov/usao-edva/pr/darknet-vendor-arrested-distribution-and-money-laundering-charges

Misuse and misappropriation of domestic and international financial aid and emergency funding

Although there may already be many discussions in anti-financial crime circles on the exploitation of stimulus packages by criminals to falsely claim funds by posing as legitimate companies, much less focus has been on the risks of bribery and corruption involving the pandemic and funding.

The FATF report states that financial institutions claim that there is a risk that emergency financial aid to countries can be misappropriated by corrupt officials, especially in countries where the rule of law is weak combined with poor measures over transparency and accountability. 

Government contracts involving the purchase of significant amounts of COVID-19-related medical supplies can open the door to risks for corruption and the misappropriation of state funds. 

There also is a risk that individuals could use corruption or informal channels to obtain lucrative government contracts outside standard procurement procedures.

The bribery and corruption risks during a time where contracts and funds are quickly (and significantly) being disbursed should not be underestimated. 

The Office of Economic Co-operation and Development (OECD) has said that their Working Group on Bribery will be examining the possible impact and consequences of the pandemic on foreign bribery[1]

In a joint letter[2] to the IMF’s Executive Board, NGOs; Transparency International, Human Rights Watch and Global Witness, urged for transparency and anti-corruption measures in coronavirus-related relief programs.


[1] http://www.oecd.org/corruption/the-global-response-to-the-coronavirus-pandemic-must-not-be-undermined-by-bribery.htm

[2] https://www.transparency.org/files/content/feature/TI_HRW_GW_Letter_IMF_COVID19_Emergency_Funding.pdf

U.S. Congress must proactively prevent corruption from derailing coronavirus response: NGO coalition

These groups are also working at the country level to garner political support to weave in counter-corruption components tied to pandemic stimulus packages at their legislative foundations.

Transparency International, Global Witness, Global Financial Integrity and others have recommended more than two dozen anti-corruption measures to U.S. congressional leadership, including ensuring that government contracts go toward fighting the virus, and are not stolen or misappropriated by graft-gilt actors.

To read the full story click here

Increased use of the unregulated financial sector, creating additional opportunities for criminals to launder illicit funds

Like past economic downturns, individuals (and even businesses) can find themselves quickly in need of funds either through job losses or loss of access to liquidity from banks. 

With criminals finding regular channels of illicit activity being cut off due to the pandemic, those out of work and in need of funds can find themselves falling prey to loan sharks[3] or even being recruited to work for the criminals[4]

Not only during, but even post-pandemic, criminal groups could invest in efforts to rebuild the economy, again this could be for smaller businesses but also larger projects[5]

It is not only vital to ensure existing client relationships are understood, including how they are weathering economic hardship, but also applying extra scrutiny on new clients during and post pandemic – particularly if they quickly return to pre-coronavirus transaction levels or even exceed them.

[3] https://www.occrp.org/en/blog/11905-cocaine-corona-how-the-pandemic-is-squeezing-italian-crime-groups

[4] https://www.occrp.org/en/daily/12096-mafia-aid-may-come-at-a-steep-price-in-southern-italy

[5] https://www.politico.eu/article/mafia-plots-post-coronavirus-pounce/

Terrorist Financing

Both the US[1] and the United Nations[2] warned that threats connected to terrorism remain high despite the pandemic, with terrorist groups seeing increased opportunities for terrorist activity and terrorist financing whilst the attention of governments is focused on COVID-19. 

Terrorist groups may see a window of opportunity to strike while the attention of most governments is focused on managing the pandemic. 

Humanitarian organizations delivering assistance to conflict areas can face potentially higher risk of aid diversion in support of terrorist financing.

Terrorist financing can be difficult to spot, but anti-financial crime professionals should maintain vigilant. 

If ever an example was required of the reality of the threat, despite the pandemic, this was highlighted in media reports in April[3]

A number of individuals were arrested in Germany plotting to carry out attacks on US bases in Germany and to finance their operations, they had planned to travel to Albania to raise finances by carrying out an assasisnation to raise $40,000[4].

In Closing

Anti-financial crime professionals should maintain a heightened sense of vigilance despite lockdowns in many countries. 

Criminals forced to adapt to the pandemic will continue to look for new avenues to exploit, as the FATF paper and under-reported developments show, illicit activity continues and may take on new forms.  


[1] https://home.treasury.gov/news/press-releases/sm969

[2] https://www.un.org/sg/en/content/sg/statement/2020-04-09/secretary-generals-remarks-the-security-council-the-covid-19-pandemic-delivered

[3] https://www.thenational.ae/world/experts-warn-that-high-profile-isis-terror-arrest-in-spain-shows-group-is-using-virus-lockdowns-to-move-around-europe-1.1009825

[4] https://www.thelocal.de/20200415/germany-arrests-five-tajiks-in-suspected-is-terror-cell-prosecutors

About the author

Dev Odedra is an independent anti-money laundering and financial crime expert. 

He has more than a decade of experience in managing financial crime risk in the retail, corporate and investment banking
sectors. 

His expertise covers investigations, advisory and controls implementation and improvement. 

Dev is also a prolific author and gathers and analyzes many of the biggest financial crime compliance news stories on social media to help the community keep abreast of key criminal, regulatory and program trends. 

Want to chat with Dev? Feel free to connect with him here

Regional Report – Europe: Fraud, cybercrime, surging now, AML must later look for launderers hiding in economic recovery, volatility

The Skinny:

  • Europe is firmly in the grip of the COVID-19 pandemic, with Spain, Italy, France and Germany among the top 10 in countries with the most total cases at more than 750,000 combined – still less than the United States at some 1.1 million.
  • Not surprisingly, with banks facing a massive surge in fraud and cybercrime attacks, that puts more pressure on anti-money laundering compliance professionals to better protect themselves and customers.
  • Europol, the bloc’s top investigative agency, is responding by more aggressively trying to share information on larger schemes across Europe and with international partners. But they face a daunting hurdle: large, sophisticated organized criminal groups are attempting to launder money and hide among the shifting transaction patterns and economic volatility.
  • What’s more, these criminal groups won’t slink back to the shadows if and when the economy improves, propped up by stimulus checks, but are expected to redouble their efforts to launder ill-gotten gains when overarching financial throughput rises.
  • As for specific criminal trends, while COVID-19-related lockdowns have made it harder for human traffickers to ply their trade, there has been an inversely proportional, sinusoidal rise in human smuggling as desperate individuals attempt to flee from already impoverished regimes, further crushed by the coronavirus, to Europe.  

By Brian Monroe
bmonroe@acfcs.org
May 1, 2020

Financial crime compliance professionals in Europe are facing a massive surge in fraud and cybercrime attacks, against themselves and customers, as organized criminal groups attempt to take advantage of the fear, uncertainty and desperation tied to COVID-19 pandemic.

Like hundreds of other regions, Europe is also in the grip of the COVID-19 pandemic, with Spain, Italy, France and Germany among the top 10 in countries with the most total cases at more than 750,000 combined – still less than the United States at some 1.1 million, according to Worldometers.  

But anti-money laundering (AML) teams can’t lose focus as illicit organizations are attempting to exploit the chaos and confusion of the coronavirus – which has locked down whole countries, shuttered businesses and plunged much of the world into a financial recession – to launder money now, and will also later move to cleanse illicit funds as economies recover.

Those are just some of the fincrime trends highlighted by the European Union Agency for Law Enforcement Cooperation, or Europol, the bloc’s top investigative body, related to what compliance professionals, regulators and investigators should be watching out for currently and in an emerging post-pandemic world.

But this is not just crystal ball gazing.

Europol has seen this before, with the counter-crime strategies now based on what has happened in prior regional disasters along with the security threats at play and general tactics employed by “serious and organized” criminal groups in the wake of the 2008 economic crisis. 

In response, the investigative agency is working harder to share information with international allies to put all the pieces of the tainted financial puzzle together to better identify large, interconnected groups working across the bloc.  

In short for AML compliance professionals and fraud teams: get ready to work even harder to separate the criminal wheat from the swirling transactional chaff – because regulators will be judging later how your teams adjusted and reacted now.

“Serious and organized crime is exploiting the changing circumstances during the pandemic,” said Catherine De Bolle, Europol’s Executive Director.

“Now more than ever, international policing needs to work with the increased connectivity both in the physical and virtual worlds. This crisis again proves that exchanging criminal information is essential to fighting crime within the law enforcement community.”

Europol has broken down how COVID-19 is affecting and could affect criminal groups in three phases:

Phase 1 – the current situation: COVID-19-related criminality, especially cybercrime, fraud and counterfeiting have followed the spread of the pandemic throughout Europe, similar to other jurisdictions that have reported a rise in phishing, scam and spam attacks tied to the pandemic, protective equipment or, more recently, stimulus checks. More on the current situation can be read in Europol’s previous reports published in March and April 2020.

Phase 2 – mid-term outlook: An easing of lockdown measures will see criminal activity return to previous levels featuring the same type of activities as before the pandemic.

However, the pandemic is likely to have created new opportunities for criminal activities that will be exploited beyond the end of the current crisis.

It is expected that the economic impact of the pandemic and the activities of those seeking to exploit it will only start to become apparent in the mid-term phase and will likely not fully manifest until the longer term.

Some of the relevant crime areas are:

  • Anti-money laundering: the pandemic and its economic fallout will exert significant pressure on the financial system and the banking sector. AML regulators must be vigilant and should expect attempts by organized crime groups to exploit a volatile economic situation to launder money using the on-shore financial system. 
  •  Shell companies: criminals will likely intensify their use of shell companies and companies based in off-shore jurisdictions with weak AML policies at the placement stage to receive cash deposits that are later transferred to other jurisdictions. 
  • The real estate and construction sectors: These will become even more attractive for money laundering both in terms of investment and as a justification for the movement of funds. 
  • Migrant smuggling: While the economic impact of the COVID-19 crisis in Europe is not yet clear, it is expected that the impact on economies in the developing world is likely to be even more profound. Prolonged economic instability and the sustained lack of opportunities in some African economies may trigger another wave of irregular migration towards the EU in the mid-term.

Phase 3 – the long-term impact: 

  • Organized crime is highly adaptable and has demonstrated the ability to extract long-term gains from crises, such as the end of the cold war or the global economic collapse of 2007 and 2008. 
  • Communities, especially vulnerable groups, tend to become more accessible to organized crime during times of crisis. Economic hardship makes communities more receptive to certain offers, such as cheaper counterfeit goods or recruitment to engage in criminal activity.
  • Mafia-type organized crime groups are likely to take advantage of a crisis and persistent economic hardship by recruiting vulnerable young people, engaging in loan-sharking, extortion and racketeering. 
  • Organized crime does not occur in isolation and the state of the wider economy plays a key role. A crisis often results in changes in consumer demand for types of goods and services. This will lead to shifts in criminal markets. 

In new normal of pandemic, working from home, job insecurity, opens door to criminal infiltration

Several factors have a significant impact on serious and organized crime during the COVID-19 pandemic, according to Europol, including that more people are online and answering strange emails that may, or may not, be from work and others may be desperate for funds due to losing a job – and not concerned about where the money originated.  

These include:

  • Online activities: more people are spending more time online throughout the day for work and leisure during the pandemic, which has increased the attack vectors and surface to launch various types of cyber-attacks, fraud schemes and other activities targeting regular users. 
  • Demand for and scarcity of certain goods, especially of healthcare products and equipment, is driving a significant portion of criminals’ activities in counterfeit and substandard goods and fraud. 
  • Payment methods: the pandemic is likely to have an impact on payment preferences beyond the duration of the pandemic. With a shift of economic activity to online platforms, cashless transactions are increasing in number, volume and frequency. 
  • Economic downturn: A potential economic downturn will fundamentally shape the serious and organized crime landscape. Economic disparity across Europe is making organized crime more socially acceptable as these groups will increasingly infiltrate economically weakened communities to portray themselves as providers of work and services.
  • Rising unemployment and reductions in legitimate investment may present greater opportunities for criminal groups, as individuals and organisations in the private and public sectors are rendered more vulnerable to compromise. Increased social tolerance for counterfeit goods and labor exploitation has the potential to result in unfair competition, higher levels of organized crime infiltration and, ultimately, illicit activity accounting for a larger share of GDP. 

“These factors shape criminal behavior and create vulnerabilities,” the group said. “Based on experience gained during prior crises, it is essential to monitor these factors to anticipate developments and pick up on warning signals.”

Regional Report – Asia: India struggles on outsourced AML, Hong Kong fraudsters impersonate banks, Japan regulator reduces onsite exams

The Skinny:

  • In this regional snapshot, Asia is in the spotlight, reviewing how several key powers have worked to counter a global pandemic while not losing ground to criminals, fraudsters and cyber hackers.
  • India, one of the world’s compliance outsourcing capitals, has seen its AML community rush to adapt to working from home – potentially losing the trust of large international banks – and straight into the jaws of rising cyber risks.
  • In Hong Kong, fraudsters and phishermen attempt to impersonate banks in scam, spam blasts.
  • The Land of the Rising Sun, Japan, has stated banking regulators will perform fewer onsite AML exams to protect banks and themselves in a nod to social distancing protocols, choosing instead to focus on banks with checkered pasts.

By Brian Monroe
bmonroe@acfcs.org
April 30, 2020

With much of Asia being in propinquity to the epicenter of the coronavirus pandemic, regional powers are under even more pressure and scrutiny to counter the spread of COVID-19 while not losing ground to rising fraud, money laundering and cyber threats.

Overall, more than 200 countries and territories around the world have reported a total of nearly 3.4 million confirmed cases of the coronavirus COVID-19 that originated from Wuhan, China, and a death toll of 239,443 deaths, according to Worldometer.

Countries, including India, Hong Kong and Japan, have different histories, ideologies, capacity and resources, but are united in a fight against a common relentless enemy. Here are some snapshots about how they are responding related to financial crime and compliance:

India: One of the world’s compliance outsourcing capitals must adapt to working from home, rising cyber risks

India and its financial crime fighting teams have faced a bevy of challenges when attempting to balance compliance in a time of coronavirus – issues that have touched many large global banks due to outsourced anti-money laundering (AML) duties.

The country, with a population of more than 1.3 billion, currently has the largest national COVID-19 lockdown in the world, and it faces some daunting hurdles when it comes to AML compliance, countering a rise in fraud and phishing fusillades and girding cyber defense gaps.

Overall, India coronavirus cases have reached nearly 35,000, with a death toll at more than 1,100, according to Worldometer.

But India uniting against the pandemic, and bolstering fincrime compliance, must do so against a panorama of “diverse states, health inequalities, widening economic and social disparities, and distinct cultural values,” according to media reports.

With so many people working from home, large and small business alike, banks requesting digital details for identifications and transactions and even food and essentials ordered online, that opens the door to criminals breaching systems and stealing data along with individuals accidentally clicking on a diseased link.

“There’s going to be some compromise in security because of digitalization. The numbers of phishing cases have increased immensely in India, with lots of frauds happening around this time masked as Covid19 threats,” said the Global Cyber Security practice, Co-Leader & Partner, KPMG India, Akhilesh Tuteja, as part of a conference on these issues.

The COVID-19 crisis has also “exposed a lot of unfamiliar reliance on globalization and outsourcing – including regulatory compliance,” according to Forbes.

This has directly impacted the ability for some Indian firms to continue taking on out-sourced duties tied to AML and other regulatory requirements, with some financial institutions turning to technology and artificial intelligence firms to bridge the gap in human capital.

With India on a severe lockdown, banks that had outsourced a lot of their compliance work to India “find it can’t be done — the staff can’t go into the office and often the internet is too weak to support work from home.”

The move by Prime Minister Narendra Modi to impose a lockdown March 22 across most of India poses a significant challenge for banks such as JPMorgan Chase & Co., UBS Group, Deutsche Bank and others as well as India’s US$181 billion (S$263 billion) outsourcing industry that “handles everything from trade settlements to airline reservations for British Airways and insurance claims,” according to Bloomberg.

In response to the pandemic, the Reserve Bank of India (RBI), the country’s top financial regulator, took a “number of steps” starting in March, requiring institutions to bolster operational resilience, according to the agency.

“Banks have been required to put in place business continuity plans to operate from their disaster recovery (DR) sites and/or to identify alternate locations for critical operations so that there is no disruption in customer services. Our data show that there was no downtime of internet or mobile banking,” RBI stated April 17th in a governor’s statement.

“As a result, the payment infrastructure is running seamlessly,” RBI said.

Hong Kong: In grip of pandemic, fraudsters, phishermen attempt to impersonate banks in scam, spam blasts

Cognizant of the rise in fraud and cyberattacks, and the general challenges for AML compliance professionals, the Hong Kong Monetary Authority (HKMA) has offered guidance in a bevy of areas, including customer identification and risk ranking at a distance, streamlining due diligence efforts, and more, according to legal analysts.

But that is just the tip of the iceberg for pandemic-related issues for Japan’s financial sector, where criminals are aggressively trying to dupe scared and anxious individuals and corporates.

In recent weeks, Hong Kong has been dealing with an explosion of fraudulent banking websites, in some cases tied to a dedicated phishing attack, attempting to take advantage of consumers desperate to withdraw and move money – for themselves or others, according to the HKMA.

Some of the banks being impersonated by fraudsters include many of the largest in Asia:

  • Bank of China (Hong Kong)
  • Phishing email, CTBC BANK
  • Fraud site, phishing texts, emails related to The Hongkong and Shanghai Banking Corporation Limited
  • Fraud site, Bank of Singapore
  • Phishing email, Bank of Taiwan
  • Fraudulent website related to Hang Seng Bank, Limited
  • Fraud site, China CITIC Bank

As for how banks should respond to these and other COVID-19 related challenges, the regulator in this round focused on laying out guidelines for authorized institutions, such as banks, and prepaid card and related operations, referred to as stored value facility (SVF) licensees.

The HKMA has stated in two circulars it does not expect a “zero failure” outcome from AIs and SVF licensees in AML programs and finding and reporting on every instance of money laundering (ML) or terrorist financing (TF).

The circulars can be accessed here and here

Some key points include:

Remote on-boarding, simplified due diligence

Authorized Institutions:

  • AIs are encouraged to work closely with the HKMA during this period to provide greater convenience (e.g. through use of financial technology) for account opening (e.g. remote account opening) and continued access to essential banking services to the public.
  • To help AIs adapt to COVID-19 containment measures, e.g. social distancing, simplified due diligence measures can be applied to customer on-boarding and account opening for customers that pose lower ML and TF risks. 
  • For customers opening accounts solely for the purpose of the Government’s (recently announced) cash payout scheme, AIs should apply the minimum level of customer due diligence appropriate in the circumstances.

SVF licensees:

  • SVF licensees may conduct customer due diligence measures which are commensurate with the lower risks posed by SVF products based on their stored values, transaction limits and functions.
  • SVF licensees are, similarly, encouraged to work closely with the HKMA to provide greater convenience for account opening and continued payment services to the public.

COVID-19 financial crime risks

  • AIs and SVF licensees should remain vigilant to emerging ML and TF risks (e.g. face mask scams). Such risks should be mitigated through information sharing and by reporting suspicious transactions to the Joint Financial Intelligence Unit (JFIU).  If an AI or SVF licensee encounters issues in reporting to the JFIU, the matter should be discussed with the HKMA (and the JFIU) without delay.

Ongoing support from the HKMA

  • Given the current challenges AIs and SVF licensees are facing, maintaining normal operations of AML/CFT systems may not be achievable in all cases. Where the AI or SVF licensee is unable to meet a particular obligation in the short-term, it should maintain a record of the circumstances, the risk assessment performed as well as any mitigation measures being taken.

Japan: Regulators to perform fewer onsite exams, with focus on banks with checkered pasts

Japan’s top banking regulator has taken a unique tack, and rather than just laying out what financial institutions should do to better manage rising AML, operational and cyber risks during the pandemic, it also helped take the pressure off in a very profound and direct way: fewer on-site exams.

The Bank of Japan, the country’s central bank, stated in a message to the financial sector it is prioritizing AML and cyber risks, and is exhorting institutions to be wary of a rising tide of fraud and ill-gotten gains, but will ensure compliance without as many rigorous onsite visits.

“With regard to operational risk, the Bank will examine, for example, the status of frameworks for cybersecurity management and anti-money laundering controls, both of which have gained importance,” according to the regulator.  

As for onsite exams, they will take place in 2020, but with a much narrower scope.

“Taking into account the recent situation regarding the novel coronavirus and with a view to preventing the spread of the infection, [the Bank] will take necessary measures in conducting on-site examinations while giving the utmost consideration to the situation faced by examinee institutions.”

As well, for globally operating major financial institutions, major group companies, including their overseas branches and subsidiaries, they will be subject on-site examinations “as necessary,” the Bank of Japan said.

What’s more, the focus will be on institutions that have had high-profile financial crime compliance failures.

“Taking into account the administrative burden on branches, [the Bank] will not conduct examinations aimed at confirming operational accuracy except in the case of financial institutions that have particular problems, such as incidents of fraud or accidents in business operations.”

Scholarship Spotlight: Countering human trafficking takes combination of learning criminal patterns, sharing knowledge, helping survivors rebuild, says Emily Bejarano

The Skinny:

  • One of the winners of the ACFCS certification scholarship for fincrime professionals fighting human trafficking shares what drives her in this mission to thwart criminal groups through follow-the-money sleuthing and directly helping victims and survivors rebuild one-on-one.
  • For Wells Fargo anti-money laundering consultant Emily Bejarano, the mission to counter trafficking goes beyond the digital battlefields of transaction patterns through correspondent banking portals, with some of the most decisive skirmishes happening in the human heart as victims must pick up the pieces of shattered lives.
  • That’s why she pairs a passion to aggressively gather knowledge on the nuanced financial trails of trafficking – and share that thought leadership with other public and private partners – with compassion by volunteering to sit with survivors and teach them hard and soft skills to help regain their dignity, and humanity.
  • While Bejarano has mentored and counseled countless victims who have endured trials and trauma at the hands of criminal groups, their tenacity has humbled her at the same time. Human trafficking survivors “are the most resilient people I have ever encountered and they never cease to amaze me.”

By Brian Monroe
bmonroe@acfcs.org
April 27, 2020

For Emily Bejarano, countering the financial tendrils to potential human trafficking activities is more than analyzing data points, linked accounts and red flags behind a computer screen as a financial crime compliance professional working for one of the country’s largest banks.

Beyond her work as a Financial Crimes Consultant for Wells Fargo focusing on mitigating the risks and addressing any concerns related to anti-money laundering (AML) compliance tied to Asian correspondent banking relationships, the Chicago resident also volunteers to help victims rebuild their lives through an initiative called “Stop-It.”

Bejarano sees firsthand the human aftershocks of trafficking groups, strengthening her resolve to counter the crime and broadly share knowledge on transaction patterns and red flags.

When she volunteers at Stop-It, part of the Salvation Army, her time is spent trying to support victims by “assisting individuals looking for housing, finding jobs, building resumes, teaching life skills (cooking, crafting, money managing), and my personal favorite, styling hair and makeup.” 

The objective of the program is to “provide support services through case management and resources, as well as assisting them with goals to help them in overcoming their trauma and having a safe place for them to come and feel supported.”

Prior to Wells Fargo, Bejarano worked at BMO Harris, where she began her career in financial crime compliance reviewing high-risk clients as an Analyst, Investigator, and then an AML Specialist. 

Investigating financial crime is a longstanding dream and running theme for Bejarano.

She originally planned on becoming a police officer after four years of being a Police Explorer, a program for young adults to learn about law enforcement.

But after entering the banking field in 2006, while going to school for her associates in criminal justice, that changed. Initially, Bejarano worked in the branch directly with customers, handling transactions and performing branch audits.

But eventually, “I became more interested in the operations aspect and discovered AML (group all of 30 people at the time),” she told ACFCS. “Thankfully, I was able to connect with an internal employee who allowed me to shadow them and led to the beginning of my cherished AML career.” 

Overall, Bejarano has been in dedicated AML roles for nearly a decade.

Aside from her work and volunteer efforts with Stop-It, she is also a Corporate Ambassador for Cause Gear, a Chicago company that offers unique design and quality merchandise with the purpose of creating sustainable social reform for people vulnerable to extreme poverty and human trafficking in India.

While talking to victims and hearing their stories of survival can be emotional, Bejarano is also humbled by their strength and ability to rise and overcome adversity.

“The participants (survivors/victims) in the space are the most resilient people I have ever encountered and they never cease to amaze me,” she told ACFCS. “The fact that I was able to enter this space after seeking a way to help within my community and be welcomed with open arms is something I will always be grateful for.” 

It was for those and many other reasons ACFCS chose Bejarano as one of the recipients of the association’s inaugural Human Trafficking Scholarship Program. 

The selection process centered on individuals in roles combating human trafficking, an effort to share broad thought leadership on the issue as part of the association’s “Quarterly Focus” on human trafficking in the second quarter of 2019.

In recent quarters, ACFCS has tackled fincrime focus topics covering human trafficking, cryptocurrency and sanctions. The current Quarterly Focus topic for Q2, informed by the global COVID-19 pandemic, is “Fincrime Resiliency.”

In collaboration with its members, partners and the community as a whole, ACFCS will provide a series of trainings, tools and initiatives to help build resilient programs for compliance, investigations and enforcement.

A few highlights of the Quarterly Focus are:

·       Increased Online Learning with a Focus on COVID-19 – ACFCS will bring you a packed webinar calendar in the coming weeks, with events honing in on the compliance and investigative impacts of the coronavirus. Beyond webinars, we’re expanding our online content to include video chats with experts, virtual networking events, and much more. View the calendar here.

·       Online Exam Access for the CFCS Credential and Changes to Certification Policies – Starting soon, ACFCS will make the CFCS exam available online for candidates. We’re also changing recertification and exam scheduling deadlines to relieve pressure on anyone affected by the coronavirus. Look for more details in the coming days!

·       CFCS Scholarships to Foster Resilient Programs – This quarter, ACFCS is offering 20 CFCS scholarships, its highest number ever, to individuals who are helping their organizations adapt and stay strong in the fight against financial crime. Learn more about the program below and apply today.

·       Community-Curated Tips and Comprehensive News Coverage – We’ve launched a new FinCrime Resiliency Tips series to gather and share guidance with members – learn more and submit your tips today! You’ll also see intensive coverage and guidance on coronavirus-related issues on our news page.  

To read more about the resiliency quarterly focus, click here.

The scholarship offers complimentary registration for the Certified Financial Crime Specialist (CFCS) certification, the full suite of prep materials, and a year of membership in ACFCS.

In the case of the Quarterly Focus on human trafficking, those chosen for the scholarships submitted applications with compelling professional and often personal experience related to human trafficking – from running investigations and creating transaction monitoring rules, to advocating for legislation and working directly with survivors.

After receiving more than 130 applications from professionals across 20 countries, ACFCS selected 15 recipients of its scholarship program. 

To view an ACFCS human trafficking resource page, click here

Bejarano stated that information sharing on investigative resources and analyzing trafficking and other financial crime trends across institutions is one of the favorite things about her job.

 “I love the benefit of speaking directly with other financial institutions and making that connection to better understand the measures they are taking to adhere to regulatory requirements, mitigate risks within emerging industries, and listening to success stories.”

The ACFCS certification can only further those efforts, acting as a bridge to collaboration for banks and other public and private sector entities, many that typically are not subject to formal AML rules and requirements to look for the telltale signs of human trafficking, she said.

Fighting human trafficking and helping victims and survivors is “my passion,” Bejarano said, adding that she is working diligently to raise awareness around the topic and join the fight in putting it to an end. Specifically, I look forward to bridging gaps and assisting with collaboration between various sectors.”

Collectively, there is “so much information that can be utilized to identify HT and staying abreast of emerging trends involves all of us, most importantly, FI’s, LE, Nonprofits, Medical Field, Hospitality, and Transportation sectors.”    

Bejarano was kind enough to share some of her knowledge in our latest ACFCS Scholarship Spotlight:

1. How do you work to detect, prevent and/or raise awareness of human trafficking, in your job role or outside of it?

In my current role, I review correspondent banks and ensure they have strong compliance and AML programs in place so we can allow them to use our products and services while also identifying and mitigating the risks associated through their customer base.

Outside of work, I volunteer with a program here in Chicago, called “Stop-it.” In this space, I am a mentor who attends 1-2 times per month working directly with survivors/victims.

The objective of the program is to provide support services through case management and resources, as well as assisting them with goals to help them in overcoming their trauma and having a safe place for them to come and feel supported.

My time here is spent assisting individuals look for housing, finding jobs, building resumes, teaching life skills (cooking, crafting, money managing), and my personal favorite, styling hair and makeup. 

2. What do you see as key challenges related to human trafficking detection/prevention in your role or in the sector overall?

For FI’s, while it is more likely to detect something unusual, it is difficult to tie [that aberrant activity] back to human trafficking specifically, which makes it very important in all cases to follow the money.

While there are measures in place to assist in collaboration across various sectors like law enforcement (LE), FI’s and nonprofits, there are still gaps when crossing conversations.

This could be due to many reasons, including work language, LE’s limitations on sharing information from their [active, ongoing investigations and cases], as well as confidentiality when discussing with nonprofits. (FI’s having little to no connection to them at all). 

For the nonprofit organization, it’s most difficult to detect because many survivors do not identify as victims. This is based on lack of information, or out of fear instilled from their trafficker, and sometimes immigration status. 

3. What is the most rewarding part of your job?

I love the benefit of speaking directly with other financial institutions and making that connection to better understand the measures they are taking to adhere to regulatory requirements, mitigate risks within emerging industries, and listening to success stories.

There are so many different factors such as, customer base, geography, size of the financial institution (FI), products, etc. So, it makes everyone unique and all around makes my job really interesting and exciting. 

 As part of my involvement with Stop-it over the last four years, I have an immense amount of respect for the people that work within the program, they are extremely passionate about what they do and constantly put their heart into all they do.

The participants (survivors/victims) in the space are the most resilient people I have ever encountered, and they never cease to amaze me. The fact that I was able to enter this space after seeking a way to help within my community and be welcomed with open arms is something that I will always be grateful for. 

4. When it comes to human trafficking detection/prevention, what do you think is going well, and where could we get better?

Artificial Intelligence is an area that Human Trafficking is being detected more efficiently and many industries are considering to help prevent/ detect/report transactions. 

Organizations such as Polaris and initiatives such as STATs, a technology-armed platform (formed through Enigma) are aimed to highlight trends of HT, where information is captured, and shared for the purpose of dismantling systems connected to trafficking. 

It’s important for all financial institutions to stay abreast of new trends, ensure KYC is informative and comprehensive and that conversations among law enforcement is communicative and thorough. 

One area that I strongly believe requires careful consideration and improvement is the language in which we address HT.

Each industry has a different vocabulary, some considered derogatory in nature (e.g., HT should not be referenced as prostitution, being it is against ones will/ by use of force, etc.). 

It’s time for society as a whole (especially those with direct exposure) to take responsibility for updating outdated/biased language, by considering HT from a place of empathy.

There is much to learn from the approach taken by those that are providing resources and dedicated support to the front lines (i.e.,nonprofits). In turn, I believe this perspective will improve our communication and effectiveness.  

5. Why did you apply for the CFCS certification scholarship?

 I applied for this scholarship after discovering it through a colleague. I am committed to doing everything I can to help in this area specifically, because it is my passion to raise awareness around the topic and join the fight in putting it to an end.

I believe my experience with FI’s around AML and at the forefront with individuals who have had to endure this terrible epidemic offers an alternative to putting less victims on the stand and holding perpetrators accountable through financial statements.

Through this, victims will not have to relive their trauma and the statements serve as stronger evidence. 

6. How do you think the CFCS credential will impact your career, especially your work to combat human trafficking?

I am looking forward to this credential because it will provide me with a deeper level of certainty and knowledge to work on this topic in a specialized area within the financial institution.

Specifically, I look forward to bridging gaps and assisting with collaboration between various sectors.

Collectively, there is so much information that can be utilized to identify HT and staying abreast of emerging trends involves all of us, most importantly, FI’s, LE, Nonprofits, Medical Field, Hospitality, and Transportation sectors.    

Inside the Lazarus Group – North Korea’s Crypto Crime and Risks to the Financial Sector

In conversation with Jonathan Levin, co-founder and Chief Strategy Officer, Chainalysis

Pressured
by sanctions, the government of North Korea has turned to an unexpected outlet to
generate funds and move money – Cryptocurrency crime. Cyber threat groups tied to
North Korea, have targeted cryptocurrency exchanges in recent years, with considerable
success. Last August, a UN panel estimated the country was responsible for over
$500 million in funds stolen from exchanges.

Those looted funds are typically moved through exchanges and into the traditional financial sector, creating risks for both crypto firms and banks. Earlier this month, the U.S. government took action against two Chinese nationals for their role in helping the North Korea-aligned Lazarus Group launder funds stolen in cryptocurrency exchange hacks. The DOJ listed 145 virtual currency accounts and addresses that were used to launder the funds, 20 of which were included in a sanction designation, and any dealings with them carry civil and criminal penalties.

In this edition of the CrimeCast, we’re joined by Jonathan Levin, the co-founder and Chief Strategy Officer of Chainalysis, a leading blockchain intelligence and investigations firm. We’re taking an in-depth look at how Lazarus launders stolen money, and how investigators, exchanges, and financial institutions can leverage blockchain forensic tools like those provided by Chainalysis to fight back.

Economic Aid, Fincrime Risk? – Exploring the Paycheck Protection Program and Pandemic Relief

The COVID-19 pandemic has governments around the world scrambling for ways to support the private sector, through low or no interest loans, payroll guarantees and more. In the US, initiatives like the Paycheck Protection Program or PPP have seen hundreds of billions of dollars loaned out through banks in a matter of weeks, and more on the way.

That’s been a lifeline for many businesses, but the staggering speed and volume of funds create opportunities for fraud, and headaches for financial institutions – From fincrime risks to concerns around customer experience and reputation.

In this CrimeCast, our guide to the tumultuous world of US pandemic emergency aid programs is Amanda DuPont, Public Records Product Expert with Thomson Reuters. Her role gives her an insider’s view into how financial institutions are managing programs like the PPP, Economic Injury Disaster Loans, Main Street Lending and more.

You’ll hear Amanda’s insights on:

  • How institutions are balancing customer experience with fincrime compliance related to these programs
  • How automation can help with customer due diligence in a pandemic
  • How this crisis may actually present an opportunity for both fintechs and traditional banks
  • And more