New Treasury guidance on intersection of AML/BSA, SBA and PPP stimulus loans could cause more confusion than clarity

The Skinny:

  • New U.S. Treasury guidance on AML compliance tethers to the coronavirus stimulus package could confuse and add complexity where clarity is needed.
  • The guidance, part of a larger FAQ document and highlighted by FinCEN, details some of the updated expectations for a core component of the CARES Act, the Paycheck Protection Program (PPP).
  • At issue is that while FinCEN is trying to make it easier to offer emergency loans to existing customers, some of the requirements under AML Bank Secrecy Act (BSA) beneficial ownership rules and Small Business Administration (SBA) duties don’t fully align.
  • The result: that leaves banks in a difficult position to make decisions more on the side of supporting desperate businesses in order to prop up a foundering economy, rather than engage in industry AML best practices – leaving the door open to regulatory scrutiny and knuckle wrapping later.

By Brian Monroe
bmonroe@acfcs.org
April 13, 2020

Fresh guidance by the U.S. Treasury on how financial institutions should balance financial crime compliance duties while reviewing and extending hundreds of thousands of loans under the just-released pandemic stimulus package could cause more confusion than clarity.

The tight, two-page guidance highlighted Monday by the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) is part of a broader, 10-page Frequently Asked Questions (FAQs) document, and focuses on the potential anti-money laundering (AML) stumbling blocks related to a core component of the more than $2 trillion CARES Act: The Paycheck Protection Program (PPP).

At its heart, under the new program, a company can take out a loan to keep or rehire workers and – if the operation is able to keep staffers employed – the loan can be turned into a grant and effectively wouldn’t have to be repaid as the bank would be reimbursed by the federal government.

The expansive $2 trillion package has tethers to AML requirements because financial institutions must typically engage in certain identity, beneficial ownership and risk verification requirements, before loaning money.

At issue is that there are some, but not all, overlapping requirements to satisfy Small Business Administration (SBA) lending and AML beneficial ownership requirements.

Moreover, what a bank should do to satisfy both AML, also referred to as the Bank Secrecy Act (BSA) obligations, and SBA requirements get significantly more complicated depending on the risk of current customers and further out, if institutions decide to take on new corporate customers.

The result: that leaves banks in a difficult position to make decisions more on the side of supporting desperate businesses in order to prop up a foundering economy, rather industry AML best practices – leaving the door open to regulatory scrutiny and knuckle wrapping later.  

In the latest piece of guidance, FinCEN is attempting to find a middle ground between getting loans out quickly, but also allowing institutions to devote fewer resources to current corporate customers.

One key concession FinCEN has said: Offering a loan to an existing customer under the PPP does not immediately constitute a new account and trigger requirements to capture, review and verify already-attained beneficial ownership details.

If a bank has already captured beneficial ownership information under AML obligations down to the 20 percent level, the institution doesn’t have to re-verify and re-certify down to the 25 percent level – a similar requirement under SBA rules.

But there are still murky areas that could lead to regulatory second-guessing later.

If an institution, however, has not captured beneficial ownership details for existing customers, the operation also doesn’t have to immediately capture that information before extending the loan, depending on the bank’s original assessment of the corporate customer under the AML risk-based approach, FinCEN stated.

For new customers, the “lender’s collection of the following information from all natural persons with a 20% or greater ownership stake in the applicant business will be deemed to satisfy applicable [AML] requirements.”

Pressure builds for FinCEN to ease BSA, SBA loan logjam

If FinCEN’s latest statement sounds like it won’t make everyone happy, you would likely be right.

This would be the third bite at the apple for FinCEN in trying to quell what has quickly become a flashpoint issue, with vitriol and finger pointing coming from all sides.

With estimates that the country’s jobless rate could hit 20 percent, equating to more than 20 million filing for unemployment, U.S. banks are under intense pressure to process and approve the hundreds of thousands of loans representing hundreds of billions of dollars that could allow companies to keep hired, or rehire, employees and stabilize the economy.

To FinCEN’s credit, even with the supposed AML-related speed bumps, the money is flowing.

As of April 13, the SBA has approved nearly 1.04 million loans totaling $248 billion through the PPP, according to a report released by SBA and reviewed by the American Bankers Association (ABA).

The report notes that a total of more than 4,600 lenders were participating in the program as of Monday.

PPP loans have been approved in all U.S. states and territories, according to the ABA report. Seventy percent of approved loans have been for smaller amounts less than $150,000.

Overall, the average loan size was $239,152. About half of the funds allocated so far have gone to four sectors: construction; professional, scientific and technical services; manufacturing; and health care and social assistance, according to the ABA.

But before approving a loan and doling out funds, that is considered under banking rules as a new account – even if the loan is for a longtime business customer – and typically requires financial institutions to engage in certain AML rules, including updating and verifying beneficial ownership information. 

Bankers must balance speed, risk of stimulus loans

FinCEN has attempted to address this issue with a statement elucidating, in essence, that for eligible federally insured depository institutions and federally insured credit unions, PPP loans for existing customers “will not require re-verification under applicable BSA requirements, unless otherwise indicated by the institution’s risk-based approach to BSA compliance.”

In essence this means that banks won’t have to engage in a broad update of the corporate customer, including updating beneficial ownership information, a newer requirement in recent years banks have had to adopt to make it harder for criminals and corrupt oligarchs to operate behind anonymous, impenetrable ownership structures.

For non-PPP loans, FinCEN stated that certain exceptive relief to beneficial ownership requirements granted in September 2018 is still in effect, such as not having certain annual rollover products forcing a bank to re-verify all corporate customer beneficial ownership information.

So with many of the largest banks across the nation facing criticism for prioritizing existing customers over new ones who are seeking coronavirus rescue loans, these institutions have shifted the target and “put the blame on federal rules meant to catch terrorists and money launderers,” according to media reports. 

Graphic courtesy Jim Richards

In PPP divided by AML, 5+4=6

The lenders, who have been getting hammered by small businesses and lawmakers alike, have pressed FinCEN for guidance – and what was released has some very confusing interpretations, according to longtime compliance thought leader Jim Richards, the former head of AML at Wells Fargo.

“For BSA purposes, you need to collect the [Date of Birth (DOB)] of up to 4 legal owners and 1 control person, but not percentage of ownership or title,” Richards said, referring to beneficial ownership obligations under the 2018 Customer Due Diligence (CDD) rule.

Under the rule, finalized in 2016, but which became effective in mid-2018, financial institutions were required to “identify and verify the identity of any individual who owns 25 percent or more of a legal entity, and an individual who controls the legal entity.”

But when trying to determine how the BSA and SBA overlap, there could be challenges.

“For SBA purposes, you need to collect the percentage of ownership and title of up to 5 legal owners, but not DOB,” Richards said. “But to satisfy BSA requirements for SBA purposes you need to collect 6 pieces of information from up to 4 persons. And you don’t have to collect any information on a control person.”

To read more analysis from Richards on how five plus four can equal six, click here.

What’s more, how banks decide to answer these questions, while enabling businesses to stay open, could, conversely, open the door to fraudsters trying to steal or move money – a dynamic that could later cause regulators to chide an institution for any missed steps of an AML program, particularly missed suspicious activity reports (SARs).

“The likelihood of rampant money laundering through PPP loans is pretty slim,” Richards wrote in a missive on this issue. “The likelihood of fraud, though, is 100%. How much fraud is dependent on a lot of factors, but banks are adept at lending money and keeping fraud rates down. In normal times. These are not normal times.”

But making the lenders “collect six pieces of information on the owners of small businesses when neither of the applicable regulatory regimes require them to collect more than five seems to add a layer of unnecessary complexity and can only slow down the lending process,” he said.

Overall, having to “collect 5 pieces of information (but not DOB) from as many as five legal owners for SBA purposes, and to collect four pieces of information (including DOB) from as many as four legal owners AND one control person for BSA purposes, and now to have to collect SIX pieces of information (including DOB) from five persons for SBA/BSA purposes creates confusion.”

A possible solution: capture information now, lend liberally, verify later

Treasury needs to “take its own risk-based approach: satisfy SBA requirements today, BSA requirements before you forgive the loan,” Richards wrote.

His solution: Allow PPP lenders to rely on the certifications in the Form 2483 PPP Borrower form.

Further, that opens the door to allow those lenders to “satisfy their BSA-related beneficial ownership requirements by the earlier of (i) September 30, 2020, or (ii) before the PPP loan is forgiven.”

In other words, “focus on the PPP borrowers and requirements today, and worry about the BSA requirements later this summer. Full stop,” Richards said. 

Moneyval: Fraudsters are impersonating EU AML evaluation group by sending scam emails trying to steal money

The Skinny:

  • In an irony that will no doubt cause many in the fincrime compliance community a momentary chortle and guffaw, fraudsters are trying to impersonate Moneyval.
  • The European group, as is widely known in compliance and law enforcement circles, works to ensure anti-money laundering (AML) compliance at the country level – not foster the movement of illicit finance – as a partner group to FATF.
  • But the brazenness of the criminals, scammers and spammers behind the Moneyval email fusillade, and others, is no laughing matter.
  • These callous groups don’t care about the COVID-19 pandemic, and are in fact counting on fear, uncertainty or desperation to take what little funds many have left – leaving them in a precarious position fiscally and physically as the global economy founders with some reports estimating hundreds of millions may end up jobless.

By Brian Monroe
bmonroe@acfcs.org
April 10, 2020

In an irony that would be a light moment if the world was not besieged by a global pandemic, fraud groups are sending scam emails trying to impersonate a European financial crime compliance watchdog body – stating you have won an inheritance or forfeited funds.

For many in the fincrime compliance communities, that a fraud group would choose to pick on the Committee of Experts on the Evaluation of Anti-Money Laundering Measures and the Financing of Terrorism, or Moneyval, is laughable.

Why? The group, part of the Council of Europe, reviews the anti-money laundering defenses of bloc countries in partnership with the Paris-based Financial Action Task Force (FATF), the world financial crime watchdog and best practices standard-setter.

But while Moneyval is a name synonymous with strong measures to counter criminals through buttressing compliance rules and effectiveness at the country level, that mission is likely not apparent to the masses. To read more, click here.

Moneyval, as the fraudsters are obviously hoping, is simply the name of an authoritative body that could have access to some remaining pot of money – funds that someone may be desperate enough to believe is theirs because they, or their family, has lost jobs as entire sectors crumble under the crushing weight of the COVID-19 pandemic.

The novel coronavirus, first identified in Wuhan China in December, has in recent months leapt across international borders and cemented itself in anchor points in Italy, Spain and now the jurisdiction with the most confirmed cases: The United States.

Global cases are nearing 1.7 million with more than 102,000, according to Worldometers.

The United States currently has the most COVID-19 cases in the world, more than 495,000, which is more than double Italy at more than 157,000 and Spain is currently at third, which has less than 148,000 cases.

Overall, financial crime compliance professionals are dealing with a challenging time, with some teams working from home around the globe – and some operations trimming staff – and dealing with largescale disruptions in anti-money laundering alert patterns, while trying not to fall behind on filings of actual potential suspicious activity.

Those are two dangerous trends that could aid fraudsters and scammers in their surging phishing, ransomware and cyberattack fusillades – AML officers overwhelmed and unable to parse out illicit transactions from the overall rise in transactional activity and individuals out of work and grasping at anything that can keep a roof over their head and food on the table.

That is a real concern, according to the United Nations.

The rapidly intensifying economic effects of COVID-19 on the world of work are “proving to be far worse than the 2008-9 financial crisis, with cutbacks equivalent to nearly 200 million full-time workers expected in the next three months alone,” the UN labor agency said.

In the case of the Moneyval scam emails, these messages inform the individuals concerned that “they have won a lottery or that they are entitled to receive large sums of monies, often as an inheritance,” but also as forfeited assets from illegal activity.

The individual is “systematically instructed to send their personal bank details or to pay advance fees, and sometimes it is indicated that the funds would be blocked or confiscated by Moneyval in cases of failure to carry out such payments.”

Moneyval wants to make it clear that it the group “does not authorize, verify, monitor or assist in contract or inheritance payments between third parties and/or Governments, nor does it endorse the activity of any bank, financial institution or other public or private agency. It never requests fees, produces clearance orders nor has the capacity to block any account or confiscate assets.”

Fincrime compliance professionals highlight longer hours, shifting illicit patterns of finance, training challenges in first ACFCS ‘Virtual Happy Half-Hour’

The Skinny:

  • In a new initiative to connect with members, network and share knowledge to bolster compliance in a time of Coronavirus, ACFCS holds ‘Virtual Happy Half-Hour.’
  • In a lively discussion, more than a dozen anti-money laundering officers, sector stakeholders and top ACFCS executives noted some key trends at play during the COVID-19 pandemic.
  • In short: Many fincrime compliance professionals are working longer – sometimes 12-16 hour days to overcome scattered teams, more alerts and strengthen training for current or incoming staffers.
  • As well, criminal trends are changing. In one example, tied to human trafficking, illicit groups are trying to shift away from cash and hotel rooms to cam shows, prepaid cards and virtual currencies.

By Brian Monroe
bmonroe@acfcs.org
April 9, 2020

More than a dozen financial crime compliance professionals, along with staff and executives from the Association of Certified Financial Crime Specialists, attended the association’s inaugural “Virtual Happy Half-Hour,” a welcome respite for colleagues to commiserate, laugh and share tips on broader illicit finance trends.

The novel coronavirus, first identified in Wuhan China in December, has in recent months leapt across international borders and cemented itself in anchor points in Italy, Spain and now the jurisdiction with the most confirmed cases: The United States.

Global cases are nearing 1.7 million with more than 102,000 deaths, according to Worldometers.

The United States currently has the most COVID-19 cases in the world, more than 495,000, which is more than double Italy at more than 157,000 and Spain is currently at third, which has less than 148,000 cases.

Overall, financial crime compliance professionals are dealing with a challenging time, with some teams working from home around the globe – and some operations trimming staff – and dealing large-scale disruptions in anti-money laundering alert patterns, while trying not to fall behind on filings of actual potential suspicious activity.

In a lively discussion during the ACFCS event, AML officers and other stakeholders in the sector noted some key trends at play during the COVID-19 pandemic, including:

  • AML and fraud fighters at banks are working longer hours, in some cases 12 to 16-hour days because alerts have risen while resources have fallen, scattered or remained the same.
  • Everything is taking longer. With many formerly centrally located teams now quarantined and working from home, compliance duties that might take one hour are now taking two. So effectiveness and productivity are even greater pain points.
  • Training can’t be given short shrift. In some cases, compliance officers are taking several hours each day to update current staff on criminal trends and core AML duties – or must take even longer to bring new AML analysts up to speed.
  • Without access to a hotel room or illicit massage parlor, human trafficking patterns are changing.
  • Some trafficking groups are going online and offering cam shows. As well, there is less exchanging of cash and a movement to credit and prepaid cards and virtual currencies to pay for such shows – which technically may not even be illegal.

ACFCS also detailed some of the current and upcoming initiatives to help support the learning and training needs of the fincrime compliance community, including extending membership and certification deadlines, offering a fully online testing option and virtual events and workshops.

We are keeping these events small on purpose to create a genuine dialogue for professionals to lean on each other, learn from each other and network. 

Interested in being part of the next event? 

Please reach out to Brian Kindle, VP of Product Development, at bkindle@acfcs.org.

There are also other ways to get involved with ACFCS, share your knowledge and help the community.

How?

By answering one question in a new, just-announced “FinCrime Resiliency Tips” initiative.

In this first edition, we’re focusing on how COVID-19 disruption has affected financial criminals, and how that’s changing the red flags and patterns of criminal activity. Our question for the community is:

What are your top red flags of financial crime in the current pandemic moment?

These can be red flags tied to money laundering, fraud, sanctions, cybercrime, corruption, human trafficking or other fincrime activity. 

Anything tied to the pandemic and resulting disruption is fair game – from changing money laundering tactics, to signs of COVID-19 scams, to sanctions evasion flying under the radar.

To learn more and share your thought leadership, along with a chance to win a $50 Amazon gift card, click here

Special Elliptic Contributor Report – Avoiding the Bite: Four Things Banks Must Urgently Do for Crypto Compliance

The Skinny:

  • In this ACFCS special contributor report, longtime financial crime compliance thought leader, Liat Shetret, the Senior Advisor for Crypto Policy and Regulation at Elliptic, tackles the challenge of banks banking cryptoasset customers.
  • She scrutinizes the pitfalls and regulatory expectations of when banks provide services to the crypto sector, through the lens of a recent high-profile federal enforcement action against M.Y. Safra Bank.
  • This and other enforcement actions with ties to the rollicking crypto sector, Shetret says, are required reading for fincrime compliance officers and reveal a path for banks directly servicing virtual asset service providers and provides guidelines, and a defensible posture, if an institution has crypto customers – but doesn’t realize it.
  • The story breaks down what are very complex and nuanced compliance rules into four practical, tactical steps.
  • The piece is also timely, building upon the more formal boundaries for what anti-money laundering best practices look like provided in recent years by groups like the Financial Action Task Force and the U.S. Treasury’s Financial Crimes Enforcement Network. 

By Liat Shetret
Senior Advisor, Policy and Regulation, Elliptic
April 7, 2020

The party is over, regulators are now crypto-educated and actively enforcing regulations. The enforcement era is here. Is your bank prepared?

Earlier this year, the Office of the Comptroller of the Currency (OCC) issued a detailed 30-page cease and desist order against a private New York-based bank, M.Y. Safra, for violating the Bank Secrecy Act/Anti-money laundering (BSA/AML) rules.

In Safra’s case, a major regulator has signalled for the first time that banks who are not applying compliance programs to mitigate specific crypto-related risks will be censured and likely fined.

The Consent Order highlights major lapses in Safra’s customer due diligence (CDD).

This included not adequately monitoring and investigating suspicious transactions, filing suspicious activity reports (SARs) and complying with a previous December 2013 Operating Agreement that required a tightening of compliance processes for cryptoasset customers.

Safra had opened and maintained high risk accounts for digital currency exchangers, digital currency ATM operators, crypto arbitrage trading accounts, blockchain developers and incubators, as well as fiat currency money service businesses (MSBs), without adjusting the bank’s compliance program.

Even if your bank is not directly banking cryptoassets, your financial institution is likely exposed to indirect risks from cryptoassets.

Here are four things your bank should learn from these cases to avoid it happening to you:

(1.)Lean in to Crypto-Education and Training:

Regulatory actions provide a golden learning opportunity for the financial services industry, as major supervisory bodies have ‘broken their silence’ with regards to how they expect banks to manage cryptoasset customers.

Reviewing the Consent Order and other regulatory press statements and enforcement actions should be compulsory reading for compliance teams in banks.

This is not only true for those that are considering directly banking cryptoassets, but also those who likely have customers engaged in trading cryptoassets and are therefore exposed to secondary indirect cryptoasset risks.

Banks should dedicate resources for updating training programs as well as policies and procedures for managing cryptoassets, and spend time familiarizing themselves with technological developments impacting lines of business.

(2.) Conduct a Crypto Risk Management Health Check: 

The digital asset ecosystem has evolved, matured and developed and there is an increasingly dynamic and sophisticated crypto-banking nexus posing both risks and opportunities for banks.

Regulators have been working hard to identify and close loopholes at this nexus and are expecting banks to follow suit. Regulators are not just watching, they are now enforcing and taking action.

Simply banning or debanking customers that handle cryptoassets will only safeguard a bank to a limited extent.

Clear regulatory guidance is now available for financial institutions, and doing nothing on cryptoasset risk management is no longer an option. Banks are expected to be taking appropriate measures and the knowledge, tools and frameworks are available to enable the application of a refined risk-based approach.

For example, ensuring your institution is revisiting all five pillars of BSA compliance against crypto asset risks is a good place to start. Safra did not engage in this exercise and the OCC took action.

Consider conducting an in-bank exercise to assess how your compliance program stands up against cryptoasset exposure, specifically across all five pillars typical of a fiat compliance program:

  • A system of internal controls to ensure ongoing compliance;
  • Independent testing of BSA/AML compliance;
  • The designation of an individual responsible for day-to-day compliance;
  • Risk-based procedures for conducting ongoing customer due diligence; and
  • Training for appropriate personnel.

Proactively managing and strengthening relationships with auditors and supervisors with the aim of setting expectations and clarifying unknowns may be an additional good practice to streamline.

Remember, the cryptoasset industry is a nascent one and both regulators and banks are hitting a learning curve in applying the risk-based approach when assessing risks for cryptoasset service providers.

(3.) Diligently Treat Cryptoasset Growing Pains: 

Between 2016-2019 Safra significantly increased its volume of transactions and onboarding of crypto business and asset customers.

Its compliance program, however, was not amended to account for the new clients being onboarded. Appropriate risk mitigation measures and controls were not put in place.

Banks should continuously be proactive and refreshing enhanced due diligence (EDD) programs, onboarding procedures and establish vetting points, particularly when engaging with high risk customers or entities based in high risk jurisdictions. Managing high risk customers is possible and the appropriate measures should be adopted and mainstreamed into banks’ compliance programs.

A good place to start is to ensure your bank formulates and sensitizes a risk appetite statement for cryptoassets and adopts commensurate policies and procedures based on the risk based approach.

Defining your risk tolerance is a critical first step for safeguarding the bank against inevitable industry changes.

Adapting the banks compliance program to account for a changing client-base, including for cryptoasset actors was something Safra failed to do.

(4.) Recognize that Cryptoasset Service Providers are not Just Another Money Service Business:

Banks shouldn’t treat cryptoasset service providers exactly as they would other money service businesses (MSBs), such as fiat-only money remittance services, as they pose different risks due to the unique properties of cryptoassets.

Safra bank opened bank accounts for crypto-asset service providers that were managed in the same way they managed accounts for other types of MSBs. This resulted in Safra failing to accurately assess the true level of risk present in its cryptoasset-related relationships.

While familiarizing and identifying key similarities and differences between cryptoasset service providers and MSB’s will help sharpen a bank’s compliance program, additional tweaks are needed to instil specific controls for cryptoassets.

Risk profiles drastically vary and cryptoasset-specific measures should have been integrated.

For example, knowing your client may mean understanding whether a crypto ATM service is offered, and whether the appropriate licensing and registration are in place for crypto-specific activities.

Having the capabilities to identify and understand if illicit sources of funds may be potentially involved is unique to cryptoassets, and derived from blockchain analytics.

Differentiating cryptoasset service providers from other MSBs is important because there have been cryptoasset exchanges which have become havens for money launderers.

Equipping your bank with the tools and know-how to identify and mitigate these specific risks protects your business and assures compliance.

Leaning in to learning about cryptoasset risk mitigation is an important first step for banks not currently banking crypto businesses. Proactively engaging with your financial institution’s supervisors is a great way to build trust, pilot changes and manage growing pains.

Further assessing your institutional BSA/AML compliance program, and assuring all five pillars have been evaluated and assessed against risks posed by cryptoasset exposure will support your efforts to implement the risk based approach effectively.

Cryptoasset service providers are not just another MSB and adjusting your risk profiles and enhancing your analytics capabilities are critical to your compliance success.

Banks continue to be gatekeepers of the global financial system and will need to evolve to successfully navigate the complex financial landscape.

To learn more about cryptoasset risk mitigation and compliance best practices in crypto finance, register for Elliptic’s webinar with the ACFCS at 11 AM ET on May 6th, 2020, What Your Bank Wanted to Know About Crypto Compliance… But Was Afraid to Ask. To learn more and register, click here

About the author

Liat Shetret, Senior Advisor, Crypto Policy and Regulation, at Elliptic.

Liat is a global anti-money laundering and counter-terrorism finance (AML/CFT) expert focusing on crypto policy and regulation at Elliptic.

She has implemented AML/CFT capacity building and financial integrity programs for regulators, financial intelligence units, law enforcement and civil society in emerging markets across Africa and the Middle East.

She holds a Master of International Affairs degree from Columbia University’s School of International and Public Affairs (SIPA) and a BA in political science and psychology from the University of Illinois. She is also a Certified Anti-Money Laundering Specialist (CAMS).

ACFCS COVID-19 Pandemic Coverage: As fraud complaints soar, FTC offers tips, new resource in ‘Scam Bingo’ game

The Skinny:

  • The U.S. Federal Trade Commission (FTC) has seen fraud complaints tied to the coronavirus pandemic soar in recent weeks, bilking victims out of nearly $5 million so far in 2020.
  • States including California, Florida and New York are getting hit particularly hard by scam calls and other phishing, vishing and COVID-19-related frauds, according to FTC complaint data.
  • The frauds have become so prevalent, and unfortunately commonplace, the FTC has created a “Scam Bingo Card,” it is hoping will help arm the country against fraudsters and provide a chance for victims, and potential victims, to share war stories.
  • Going on the offense, in recent months, the FTC has also sent warning letters to dozens of VoIP providers, telling them to stop providing services to scammers – or get blocked from operating.

To counter a surge in spam, scam and fraud calls related to the COVID-19 global pandemic, bilking consumers out of nearly $5 million, the Federal Trade Commission has reacted defensively, by providing tips to counter fraudsters, including a whimsical “Scam Bingo Card” and has gone on the offensive by warning dozens of firms to not be a portal for scam fusillades – or else. 

By Brian Monroe
bmonroe@acfcs.org
April 5, 2020

The challenges for financial crime compliance professionals to protect their institutions, and their customers, are only rising as fraudsters, scammers and hackers try to take advantage of the fear and uncertainty of a still-expanding global pandemic, according to a top government agency.

Since the beginning of the year, the U.S. Federal Trade Commission (FTC) has received nearly 8,000 complaints from consumers about COVID-19 related scams, with consumers stating they have lost almost $5 million – a median loss of just under $600 per person.

The FTC is also cognizant more people could be targets as they are working from home and may be more willing during the Coronavirus outbreak “for the first time in a long time, [to answer] calls from unfamiliar phone numbers.”

The problem is it might be “your colleague’s cell phone…or it might be a robocaller or scammer,” the agency stated in a missive revealing a new, more lighthearted resource highlighting that the frauds related to the coronavirus have gotten so bad and prevalent, officials have created a “Scam Bingo Card.”

To read the full FTC story about the bingo card, click here.

Between January 1 and April 2, the top categories of coronavirus-related fraud complaints include “travel and vacation related reports about cancellations and refunds, reports about problems with online shopping, mobile texting scams, and government and business imposter scams,” according to the FTC.

Where fraudsters are pointing their resources are also vital data points for financial crime professionals as they can weave those details into updated regional risk rankings, better sensitizing transaction monitoring systems to produce alerts on trending scam patterns.

Overall, since January, the FTC has received more than 7,800 coronavirus-related reports from consumers, double what they were just a week prior, the agency stated March 31. To read the full FTC report, click here.

In fraud complaints that mentioned the coronavirus, consumers reported losing a total of $4.77 million, with a reported median loss of $598.

COVID-19 scams ‘are growing’ says FTC

“Scams related to the Coronavirus are growing,” according to the FTC, adding that the scams can come in a variety of forms, noted in the bingo card, including:

  • Refried refi: Some scammers are promising that you can refinance your mortgage.
  • Debt redoubt: Get student loan debt forgiveness – for a fee, of course.
  • Social phishing: You might spot phishing scams, where scammers try to get your Social Security number (SSN) or other financial information.
  • Snake oil cures: Scammers will guarantee you access to a COVID-19 vaccine (remember: there’s still no vaccine, so definitely no access).
  • Medi(don’t)care: They might say they’re from Medicare (they’re not) with a health kit, from the CDC (again, not) with a vaccine kit.
  • Numbers game: They will say they are from the Social Security Administration (nope), telling you there’s a problem with your SSN (there’s not).
  • Lights out: Some scammers might even still be running some of their go-to favorites: tech support, utilities, or lower-your-interest-rate scams.

The FTC is urging potential victims – now COVID-19 fraud bingo players – to print out or save this bingo card and share it on social media (#FTCScamBingo).

The game, while adding a bit of levity, is a way to tackle a very serious subject.

The FTC stated the bingo card is a “way you can spot some of those scam calls you might be getting. And it’s a way to spread the word to help protect others in your community. Check off the scammers you spotted, along with the steps you took to stop them.”

The novel coronavirus, first identified in Wuhan China in December, has in recent months leapt across international borders and cemented itself in anchor points in Italy, Spain and now the jurisdiction with the most confirmed cases: The United States.

Global cases are nearing 1.1 million with more than 59,000 deaths, according to Worldometers.

The United States currently has the most COVID-19 cases in the world, more than 277,000, which is double Italy at just under 120,000 and Spain, which is nearly equal to Italy at a little more than 119,000.

Not surprisingly, as the economy founders and the pandemic takes lives and life savings, regulatory, investigative and watchdog bodies the world over have called on banks – some that have seen anti-money laundering (AML) teams scattered to the wind and laid off – to soldier on by prioritizing certain cases and preparing for a surge in frauds and cyberattacks.

As fraud complaints surge in California, Florida, stimulus scams on the horizon

Fraudsters also now potentially have a new arrow in their quiver: the just-passed economic stimulus initiative.

The expansive $2 trillion package has tethers to AML requirements because financial institutions must typically engage in certain identity, and likely risk, verification requirements before loaning money – but the bureau is allowing banks to rely on customer information previously captured under original fincrime compliance checks.

The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) has touched on the recent upswing in frauds related to the coronavirus and as well has stated it is “committed to promoting the success of the Coronavirus Aid, Relief, and Economic Security Act (CARES Act), including the need to facilitate expeditious disbursal of CARES Act funds,” according to the latest statement. 

But as full sectors of the economy, and regions, are rocked by death, disease and an uncertain economic future, fraudsters are not letting up.

Some states that have already been hit hard by the coronavirus – physically and fiscally – are also ground zeroes for fraudsters, an ignoble irony as those who have suffered so much already have enemies at the virtual gates trying to take what little they have left. 

To read the full FTC COVID-19 complaints report, click here

The top five states for FTC complaints related to COVID-19 related scams:

 

               California      1,227

               Florida           686

               Texas             624

               New York       591

               New Jersey   305

How to keep a scammer at bay? Fight fire with facts, fast fingers, think before you link

While fraudsters may seem like they have an endless array of tools and platforms – email, phone call, text – there are some common tactics individuals can employ to better prevent being scammed, including speedy hang-ups, taking a more skeptical approach to online sellers not clicking on links you were not expecting – even if they look to be from a government agency offering COVID-19 tips, resources or stimulus checks.

Here are some tips to help you keep the scammers at bay:

  • Hang up on robocalls: Don’t press any numbers. Scammers are using illegal robocalls to pitch everything from scam Coronavirus treatments to work-at-home schemes. The recording might say that pressing a number will let you speak to a live operator or remove you from their call list, but it might lead to more robocalls, instead.
  • Ignore online offers for vaccinations, home test kits: Scammers are trying to get you to buy products that aren’t proven to treat or prevent the Coronavirus disease 2019 (COVID-19) — online or in stores. At this time, there also are no FDA-authorized home test kits for the Coronavirus. Visit the FDA to learn more.
  • Fact-check information: Scammers, and sometimes well-meaning people, share information that hasn’t been verified. Before you pass on any messages, contact trusted sources. Visit What the U.S. Government is Doing for links to federal, state and local government agencies.
  • Know who you’re buying from: Online sellers may claim to have in-demand products, like cleaning, household, and health and medical supplies when, in fact, they don’t.
  • Don’t respond to unexpected or unknown texts and emails: Particularly if they are about checks from the government. The details are still being worked out. Anyone who tells you they can get you the money now is a scammer.
  • Think before you link in your email or online: Don’t click on links from sources you don’t know. They could download viruses onto your computer or device.
  • Unofficial official sources: Watch for emails claiming to be from the Centers for Disease Control and Prevention (CDC) or experts saying they have information about the virus. For the most up-to-date information about the Coronavirus, visit the Centers for Disease Control and Prevention (CDC) and the World Health Organization (WHO).
  • Charity chicanery: Do your homework when it comes to donations, whether through charities or crowdfunding sites. Don’t let anyone rush you into making a donation. If someone wants donations in cash, by gift card, or by wiring money, don’t do it.

As robocall empire rises, the FTC strikes back

U.S. government agencies are working to do more than offer targeted consumers more tips to defend themselves.

They are also going on offense against the sources of scam calls and other fraudulent fusillades.

In December 2019, the FTC filed suit against VoIP service provider Globex Telecom for helping scammers run a “reduce your credit card interest rate” con, according to Lois Greisman, Associate Director, Division of Marketing Practices, at the FTC

In January, the FTC sent letters to 19 VoIP providers, “warning them that consumer protection laws apply to them, too, and pointing out what could happen if they kept helping scammy telemarketers break the law.”

Then, just last week, the agency sent nine warning letters to VoIP providers that were “helping Coronavirus scammers blast out robocalls during the current health crisis,” Greisman said. “The VoIP providers that straightened up accounted for billions of calls that we’re all now not getting.”

On Friday, the FTC announced still more warning letters  – this time, bringing partners from the FCC along to double down on enforcement.

Three VoIP providers got the warning letters this time, but there’s a twist, the FTC stated.  

This time, the two agencies also sent a letter to US Telecom — the industry’s trade association — that identifies the entities transmitting the illegal robocalls, a move that comes with serious bite.

Now if the targeted entities haven’t cut it out in 48 hours, the Federal Communications Commission (FCC) “will authorize providers to block traffic from them. So: either way, two days from now, there should be still fewer illegal robocalls trying to rip people off,” Greisman said. 

FinCrime Resiliency Tips – Call for Submissions

Share your expertise, support the community, and win!

In these times of unprecedented change, it helps to have a community at your back.

ACFCS is privileged to have tremendous subject matter expertise in our member network, and that’s why we’re launching a new effort to gather tips, tricks and guidance from members to help others navigate financial crime prevention in a historic pandemic.

In this edition of FinCrime Resiliency Tips, we’re focusing on how COVID-19 disruption has affected – and disrupted – customer due diligence programs. At a time when the pandemic has impacted many of the usual CDD/KYC procedures, our question for the community is:

How has your customer due diligence program adapted to the realities of the pandemic?

This can include suggestions on online research and due diligence, changes in policies and procedures to allow for more flexibility in types of documentation accepted, tips on adapting to work-from-home, and more.

How it works:

  • Submit your tips and guidance using the form below
  • You can choose to submit anonymously, or have your name, title and organization listed publicly
  • The top three submissions will receive a $50 Amazon gift card
  • Selected tips from members will be posted to the ACFCS LinkedIn group
  • ACFCS will collect your tips and expert commentary and publish it in a whitepaper available to all members

The submission period closes at 5 PM ET on May 5th. Winners will be notified on or before May 11th.

Share Now

In second pandemic statement, FinCEN tackles stimulus AML tangles, creates new COVID-19 compliance conundrum contact mechanism

The Skinny:

  • In a new statement on the compliance pitfalls of the pandemic, FinCEN issues fresh details around the deadline of key fincrime filings, potential tangles tied to a just-released stimulus package and a new COVID-19 direct contact mechanism.
  • The statement is the second by FinCEN in less than a month covering the compliance aftershocks of the still-spreading coronavirus, with the first urging institutions to prepare for a surge in disaster-related frauds, hacks and cyberattacks.  
  • FinCEN’s alert echoes other domestic and foreign regulatory, investigative and watchdog bodies calling on banks – some that have seen AML teams scattered to the wind and laid off – to soldier on by prioritizing certain pandemic-related cases as the unofficial first line of defense against a rising tide of illicit finance.

A new statement by FinCEN related to COVID-19 issues guidelines about key fincrime compliance filing deadlines and adds clarity around potential AML tangles tied to a core piece of the just-released $2 trillion stimulus package: the Paycheck Protection Program.

By Brian Monroe
bmonroe@acfcs.org
April 3, 2020

In its second statement on the compliance pitfalls of the pandemic, a top U.S. Treasury agency has issued fresh details around the deadline of key fincrime filings, potential tangles tied to a just-released stimulus package and a new COVID-19 direct contact mechanism.

The U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), the country’s financial intelligence unit and arbiter of anti-money laundering rules, has provided further information to financial institutions in “response to the Coronavirus Disease 2019 (COVID-19) Pandemic,” according to a new updated notice.

To read the full notice, click here.

The notice from FinCEN, the second in less than a month, is more support and tacit guidance from yet another government agency acknowledging that the coronavirus pandemic is affecting what is in many cases the first line of defense against money laundering and other financial crimes: anti-money laundering (AML), fraud and cybersecurity officers.

The novel coronavirus, first identified in Wuhan China in December, has in recent months leapt across international borders and cemented itself in anchor points in Italy, Spain and now the jurisdiction with the most confirmed cases: The United States.

Global cases are nearing 1.1 million with more than 59,000 deaths, according to Worldometers.

The United States currently has the most COVID-19 cases in the world, more than 277,000, which is double Italy at just under 120,000 and Spain, which is nearly equal to Italy at a little more than 119,000.

Not surprisingly, as the economy founders and the pandemic takes lives and life savings, regulatory, investigative and watchdog bodies the world over have called on banks – some that have seen AML teams scattered to the wind and laid off – to soldier on by prioritizing certain cases and preparing for a surge in frauds and cyberattacks.

FinCEN is aware of this and trying to give what guidance it can.

As well, the latest missive from the bureau is also informed by the just-passed economic stimulus initiative.

The expansive $2 trillion package has tethers to AML requirements because financial institutions must typically engage in certain identity, and likely risk, verification requirements before loaning money – but the bureau is allowing banks to rely on customer information previously captured under original fincrime compliance checks.

FinCEN stated it is “committed to promoting the success of the Coronavirus Aid, Relief, and Economic Security Act (CARES Act), including the need to facilitate expeditious disbursal of CARES Act funds,” according to the latest statement. 

Taking CARE of AML, beneficial ownership requirements

FinCEN stated that it does not want banks to stumble balancing AML duties, also referred to as the Bank Secrecy Act (BSA), beneficial ownership requirements and one of the primary components of the CARES Act: the Paycheck Protection Program (PPP). 

In short, under the new program, a company can take out a loan to keep or rehire workers and – if the operation is able to keep staffers employed – the loan can be turned into a grant and effectively wouldn’t have to be repaid as the bank would reimbursed by the federal government.

In what should be welcome news for banks already struggling under the weight of AML obligations, FinCEN stated that for eligible federally insured depository institutions and federally insured credit unions, PPP loans for existing customers “will not require re-verification under applicable BSA requirements, unless otherwise indicated by the institution’s risk-based approach to BSA compliance.”

In essence this means that banks won’t have to engage in a broad update of the corporate customer, including updating beneficial ownership information, a newer requirement in recent years banks have had to adopt to make it harder for criminals and corrupt oligarchs to operate behind anonymous, impenetrable ownership structures.

For non-PPP loans, FinCEN stated that certain exceptive relief to beneficial ownership requirements granted in September 2018 is still in effect, such as not having certain annual rollover products forcing a bank to re-verify all corporate customer beneficial ownership information.

To read the full 2018 ruling on exceptive relief, click here.   

FinCEN is also taking a less prescriptive, and potentially draconian, view on banks encountering any vagaries or dark corners when attempting to implement the freshly-minted PPP loan program.

To the extent that renewal, modification, restructuring, or extension for existing legal entity customers falls outside of the scope of that ruling, FinCEN recognizes that a “risk-based approach taken by financial institutions may result in reasonable delays in compliance.”

FinCEN touches on fudging AML filing deadlines

Delays could be a theme for many duties under AML rules.

FinCEN “appreciates that financial institutions are taking actions to protect employees, their families, and others in response to the COVID-19 pandemic, which has created challenges in meeting certain BSA obligations, including the timing requirements for certain BSA report filings.” 

To counter this, FinCEN stated it is working more closely with federal regulators and banks to better determine what risks, vulnerabilities and criminal trends are at play to help institutions better marshal their flagging resources.

One area FinCEN is pulling back is in recently updated duties around customer transaction reports (CTRs), the bank report to capture customer details for transactions of more than $10,000.  

In February, FinCEN issued an administrative ruling to clarify obligations around aggregating CTRs involving sole proprietorships and legal entities operating under a “doing business as” (DBA) name. 

The difficulty, however, multiplied when FinCEN also advised that when a CTR is prepared for a legal entity such as a partnership, incorporated business, or limited liability company, the aggregated CTR should contain the various headquarters and even separate locations, according to analysis by law firm Buckley.

In the ruling FinCEN stated the form should “contain, among other things, the entity’s home office or headquarters information,” according to Buckley. According to the ruling, “[w]hen multiple entity locations are involved in an aggregated CTR, a separate Part I section should be prepared for each location involved.”

“FinCEN has heard from certain financial institutions and trade associations for financial institutions about difficulties in meeting certain BSA obligations, including the timing requirements for certain BSA report filings,” the bureau stated.

In response to “concerns regarding certain timing requirements of BSA filings, FinCEN recognizes that certain regulatory timing requirements with regard to BSA filings may be challenging during the COVID-19 pandemic and that there may be some reasonable delays in compliance.” 

As a result, FinCEN stated it would suspend implementation of the February 6, 2020 ruling (FIN-2020-R001) on CTR filing obligations when reporting transactions involving sole proprietorships and entities operating under a “doing business as” (DBA) name (the “2020 Ruling”) until further notice. 

To read the full February administrative ruling, click here

New FinCEN COVID-19 Online Contact Mechanism

Along with pulling back on some of the more complicated and resource-intensive areas of certain filings, FinCEN is also making it easier to contact them directly when financial institutions need more immediate assistance and have a pressing question that could open them up to regulatory scrutiny or, conversely, be of value to law enforcement.

FinCEN has created a COVID-19-specific “online contact mechanism, via a specific drop-down category, for financial institutions to communicate to FinCEN COVID-19-related concerns while adhering to their BSA obligations.” 

Financial institutions that wish to communicate such COVID-19-related concerns to FinCEN must go to www.FinCEN.gov, click on “Need Assistance,” and select “COVID19” in the subject drop-down list. 

Such COVID-19-related communications are “strongly encouraged but not required,” and could also be paired with a query to a bank’s federal functional regulator.

But with FinCEN and regulators also likely overwhelmed, and facing extensive delays in getting back to struggling institutions, the bureau is urging banks to be agile, creative and “innovative,” with a focus on prioritization, effectiveness and results – a callback to the December 2018 interagency joint statement on “Innovative Efforts to Combat Money Laundering and Terrorist Financing.”

ACFCS Coronavirus Covid-19 Compliance Financial Crime

FinCEN warns: Don’t skimp on AML as fraud, cyber risks soar

In its first statement on the convergence of compliance duties and challenges presented by the coronavirus on March 16, FinCEN stated it was cognizant that when global catastrophes strike, criminals, fraudsters and hackers of all stripes will try to take advantage of the turmoil to launder money or enrich their coffers.

The relatively rare communique encouraged financial institutions to “Communicate Concerns Related to the Coronavirus Disease 2019 (COVID-19) and to Remain Alert to Related Illicit Financial Activity.”

To read the first full FinCEN advisory, click here.

FinCEN stated it was advising financial institutions to “remain alert about malicious or fraudulent transactions similar to those that occur in the wake of natural disasters.”  

Through an analysis of public reports and proprietary data in its AML database, FinCEN highlighted several emerging trends:

  • Imposter Scams – Bad actors attempt to solicit donations, steal personal information, or distribute malware by impersonating government agencies (e.g., Centers for Disease Control and Prevention), international organizations (e.g., World Health Organization (WHO)), or healthcare organizations.
  • Investment Scams – The U.S. Securities and Exchange Commission (SEC) urged investors to be wary of COVID-19-related investment scams, such as promotions that falsely claim that the products or services of publicly traded companies can prevent, detect, or cure coronavirus.
  • Product Scams – The U.S. Federal Trade Commission (FTC) and U.S. Food and Drug Administration (FDA) have issued public statements and warning letters to companies selling unapproved or misbranded products that make false health claims pertaining to COVID-19. Additionally, FinCEN has received reports regarding fraudulent marketing of COVID-19-related supplies, such as certain facemasks.
  • Insider Trading – FinCEN has received reports regarding suspected COVID-19-related insider trading. 

This isn’t the first time FinCEN has warned the financial sector about the fraud and disaster connection.

The bureau tackled the issue originally in a 2017 “Advisory to Financial Institutions Regarding Disaster-Related Fraud,” which detailed other relevant typologies, such as benefits fraud, charities fraud, and cyber-related fraud.

For suspected suspicious transactions linked to COVID-19, along with checking the appropriate suspicious activity report-template (SAR-template) box(es) for certain typologies, FinCEN is also encouraging financial institutions to enter “COVID19” in Field 2 of the SAR-template to make it easier for law enforcement to find during dives into the AML database.

In public statements and releases from other regulators, they have taken a different tack than FinCEN, stating that banks will get support from examiners in some form of “regulatory relief,” including a longer buffer between exams and be more forgiving for late or missed regulatory filings. 

Crypto and the Legacy Financial Sector – One World or Worlds Apart?

Presented by BAE Systems Applied Intelligence

By now, most in the financial crime compliance space (though certainly not all) have accepted that cryptocurrencies are not a passing fad or a scam but are here for the long haul.

That doesn’t mean they know exactly
what to make of this brave new world of digital assets, however. Questions
abound – What’s the current regulatory framework for crypto, and what is it
likely to be in the next year? Is there such a thing as “good crypto” and “bad
crypto?” What is a bank’s risk exposure to crypto, especially for the vast
majority that don’t provide any direct services to crypto firms?

In this edition of the CrimeCast,
two crypto experts and enthusiasts delve into these questions and much more. Join
Doug McCalmont, Senior Solutions Consultant with BAE Systems Applied
Intelligence, in conversation with Steve Ryan, Chief Operating Officer with blockchain
forensics firm CipherTrace, as they examine:

  • How banks are
    likely exposed to cryptocurrencies and their accompanying risks – Whether they know
    it or not
  • Risk-rating
    considerations for crypto firms – Or “red,” “yellow” and “green crypto
  • The
    regulatory outlook and likelihood of new regulations coming from US Treasury
  • How more
    regulation is likely to drive greater acceptance of cryptocurrencies

Listen Here:

New Resource to Counter Surge in Pandemic Hack Attacks: U.K. cyber defense center offers tips for smaller firms, banks to strengthen virtual vaults

The Skinny:

  • The coronavirus pandemic has complicated financial crime compliance in a bevy of areas, including countering cyber-fraud and a related surge in hack attacks.
  • A recent infographic released by the United Kingdom’s chief cyber defense agency could help. 
  • It was designed specifically for small companies, including banks, to strengthen virtual vaults quickly and cost-effectively. 
  • Interestingly, there are also some parallels between preparing, responding and recovering from a cyber attack in the digital world to the efforts authorities are using now to overcome the COVID-19 pandemic. 
  • These would include preparing for specific worst case scenarios, ensuring adequate recovery and backups are available and restricting access for users that could be infected or hackers trying to deliver their viral payload.

As countries engage an array of tactics to counter the COVID-19 global pandemic, including restricting the movement of those infected, and those who are still healthy, through lockdowns, and engaging in key preparation, resilience and recovery efforts, there are also parallels with bolstering security in the cyber world, according to a U.K. government agency. 

 

By Brian Monroe
bmonroe@acfcs.org
March 31, 2020

The coronavirus pandemic has complicated financial crime compliance in a bevy of areas, from sapping and scattering resources to a surge in cyber-fraud and hack attacks as criminals and dark net denizens attempt to take advantage of weakened counter-crime defenses.

While some large corporations and financial institutions may have the funds and resources to weather the storm – and have prepared advanced cyber resilience, response and recovery efforts – smaller operations may be crushed. 

They face a double-bladed attack, both from the economic downturn and the potential of a worker accidentally mistaking an email about the pandemic or incoming stimulus checks and clicking on a diseased link that spreads a virtual virus or locks a system with a ransomware strain — a ransom that likely can’t even be paid.

A recent infographic released by the United Kingdom’s chief cyber defense agency could help.

The U.K. National Cyber Security Centre (NCSC) has released a guide designed specifically for small companies, including banks, to strengthen digital entry points quickly and cost-effectively. 

To view the full “Response & Recovery” Small Business Guide, and other resources to gird systems and hardware, click here

Interestingly, there are also some parallels between preparing, responding and recovering from a cyberattack in the digital world to the efforts authorities are using now to overcome the COVID-19 pandemic. 

These would include preparing for specific worst-case scenarios, ensuring adequate recovery and backups are available and restricting access for users that could be infected or hackers trying to deliver their viral payload.

Here are some tips to consider going on in the real world to better secure the digital realm:

  • Lockdowns: Just as individuals, healthy and not, are restricted from moving certain places and gathering in groups to prevent the spread of the coronavirus, companies should consider similar tactics to prevent online infections. 

Institutions should consider restricting access, such as certain administrator rights and privileges, to only a select few in the company. That way, if someone accidentally clicks on a virus that gives hackers access, they can only steal some data and not crash a firm’s entire front and back end systems. 

  • Social distancing: In the real world, social distancing, in essence, staying six feet away from others at all times, is recommended to prevent droplets from an infected individual from getting from one person to another. 

In the digital world, corporates and financial institutions must realize that spammers and scammers have created numerous fake sites tied to the pandemic seemingly offering information, resources and even the ability to order in-demand personal protective equipment (PPE). 

As a result, banks should warn their teams, and customers, not to visit or click on sites that are not well known or reputable and ask for personal information or, rather than listing the information in an easy to read format, constantly requests visitors to “click on this link to learn more!”

  • Staying home: Back in the tangible world, with so much misery, sickness and death caused by the coronavirus, you likely feel a deep desire to help. 

You want to leave your home and do something: give blood, help an old lady, go on a reconnaissance mission for toilet paper and other scarce paper products and, once acquired, hand them out to neighborhood families, feted like a conquering champion. Regale in your conquest, Conan the Plumberian.  

But don’t. Just, don’t. All the experts agree, the more that you can “shelter in place,” and stay home, trying not to go out at all, the less the virus has a chance to create a new anchor point and hot zone. 

Related to cybersecurity, that’s not a bad strategy as well — particularly now because so many people are working from home. Right now, you might be on your company laptop, but you are most likely on your own personal wi-fi. 

You are not protected behind the layers of corporate digital defenses and plugged in to a hardline. In tandem, have you ever even changed your wi-fi password since you got it? Is it still set to username: admin and password: admin?

Being that right now you are your own physical and digital shelter, you should review your own cyber vulnerabilities and change and update passwords to make them as strong as possible. 

Don’t stray far from the sites you are used to visiting and don’t click on any links in emails you are not expecting related to funds coming to you due to the virus or tied to the incoming stimulus checks. Because those are likely scam and spam emails trying to get into your wallet. 

For the ultimate home virtual vault: Try backing up your computer on an external hard drive that is not connected to the Internet, and in fact doesn’t even have wi-fi capabilities, and physically separate the unit into an air-gapped separate space. Shelter in place, indeed. 

 

ACFCS Coronavirus Coverage: Fighting invisible enemies – viruses, front companies and charity charlatans

The Skinny:

  • The coronavirus pandemic has complicated financial crime compliance investigations, but the changing transactions, or lack of change, could hold the key to uncovering the signs of nearly invisible front companies.
  • But to find those murky miscreants, financial institutions must pivot quickly. Some risks have flip-flopped as people panic-buy, pull cash out in bunches and wire wildly – all now the normal, transactionally speaking.
  • Charities, for example, also must be viewed with a more jaundiced eye as criminals exploit fear on one end of the spectrum and a desire to help on the other.

As doctors, nurses and first responders work together to fight a surging, invisible enemy, detailed in the video above, financial crime compliance officers must also work even harder during the coronavirus pandemic to counter a host of illusory threats, like front companies, which could rise to the fore as overall transactional throughput falls. 

By Brian Monroe
bmonroe@acfcs.org
March 27, 2020

The virus is real, while the front companies your institution may be banking, are not.  

The COVID-19 pandemic continues to wreak havoc and sow destruction, misery and death on a global scale.

It has also complicated financial crime compliance investigations. Some risks have flip-flopped as people panic-buy, pull cash out in bunches and wire wildly – making it more difficult to separate the criminal wheat from the swirling transactional chaff.

Charities in what has now become an international disaster also must be viewed with a more jaundiced eye as criminals exploit fear on one end of the spectrum and a desire to help on the other.

There is more pressure on bank investigators and analysts to ensure the companies accepting these donated funds – maybe it’s a charity supposedly supporting the acquisition of in-demand personal protective equipment (PPE) or worse, a freshly-minted firm touting phony kits and snake oil cures – are not out to profit in a pandemic with quick purchases of expensive personal luxuries.

No doubt, even if you are safe and healthy, the novel coronavirus has forced you to change your daily routines drastically – as you are reading this, you are probably on your couch working from home – as you act locally to stop an insidious international enemy invisible to the naked eye.

But as an anti-money laundering (AML) professional, even if you have traded a suit and tie for a t-shirt and jeans, the criminals attempting to move illicit assets haven’t stopped – so neither can you.

Case in point: With bars and restaurants shut down, criminals will change their avenues to launder money, so your AML team should be prepared to adapt as classic red flags and typologies are upended and reversed.

For example: The front companies organized criminal groups use to cleanse sullied funds could now be rising to the surface.

The aberration: In a foundering economy, a company doing normal business or sending the same wires as normal is suspicious – particularly if you are not a grocery store or other “essential” business still allowed to operate. 

Want more information on how the pandemic is affecting the fincrime compliance field? Check out these ACFCS stories illuminating the many shifting dimensions of risks, resources and regulatory responses

Coronavirus Fincrime Compliance News Update: Coalition calls for safeguards to prevent looting of relief funds, more AML aftershocks, exploitation fears, and more

In this expansive piece, ACFCS offers a roundup and analysis of statements by regulatory bodies in the United States, Europe, Canada and Australia broadly exhorting institutions to prioritize finding and reporting on the highest level of suspicious activities, along with key updates from law enforcement on fraud trends and more.

To read the full story, click here.

Coronavirus Fincrime Infection Inflection Points: Compliance teams must counter surge in alerts, attacks, with fewer resources, even layoffs

In this enterprise piece, many of the top minds in the financial crime compliance field offer insight on how to handle several challenging issues affecting investigations and reporting.

At the top of the list: Financial institutions are seeing profits fall and risks soar and could decide to trim or reorganize now-scattered fincrime compliance teams – just as AML alerts begin to avalanche.

To read the full story, click here

Here are some other red flags that may need to be adjusted or updated for the new reality of financial crime during a pandemic:

Flipping out

For many banks, risks have flip-flopped. Historically, money moving quickly out of personal accounts and engaging in wires to foreign countries would trigger an AML alert that needed immediate review.

But currently, investigative resources at institutions – for potential cases of fraud of AML cases – are in very short supply.

As a result, some banks have stated anecdotally they are adjusting their transaction monitoring systems to not as broadly alert when personal accounts exhibit large withdrawals of cash, engage in wires to countries hit hard by the virus and even transactions involving virtual currency exchanges.

The reason: With fewer and likely more scattered fincrime analyst resources, regulators are exhorting institutions to focus on the highest level of potential criminal activity – such as a fraud involving a pandemic scammer.

As well, these types of transactions from personal accounts have an explanation: people panic-buying at grocery stores and convenience stores, and pulling out money out of fear.

As for that uptick in wires to cross-border locales: Those are the result of fretting families wiring funds to support foreign friends and relatives in struggling regions.

And some customers more aggressively moving funds into virtual coin? That also has an explanation: customers are going to virtual value as both as a refuge from the stock market and out of concern physical fiat currency could be contaminated. 

Reevaluating regional risk

The new nuances of risk for some financial institutions have also gotten more complex because some states have issued edicts to “shelter in place.”

What does that mean? Well it depends on where you look.

Right now, overall, that term means halting or limiting non-essential travel, while some areas have splintered even further – with some counties and cities requiring people to stay home and ordering certain businesses, like restaurants, clubs and event venues to close.

As well, as some businesses are clearly “essential” – think hospitals, shipping companies and grocery stores – while other cities and counties are setting their own “essential” businesses that may not be as apparent to banks operating in that region, for instance, such as some areas dubbing laundromats as essential.

The current challenge for banks: getting to know your level of lockdown.

Is it a full or partial lockdown? Where are consumers, your customers, likely going to shop in a certain area? What places are consumers not going to go given certain lockdown levels?

For instance, if you see a nail salon still doing brisk business, particularly if the funds are flowing between 11 p.m. and 2 a.m., that is indicative of human trafficking. 

Charlatan charities

While there are well-known charities doing absolutely vital work in times like this – propping up doctors, nurses, hospitals, first-responders and other workers fighting a life and death battle – there are just as many or more of fraudsters looking to divert those desperately needed funds for their own illicit gains.

For AML professionals, that means better parsing out when a charity has gone rogue.

Normal: A known charity accepts funds and issues a check, a wire, or series of checks and wires, to a well-known hospital or medical group working on the front lines. Same goes for deposits to lesser known, but still legitimate, donations to charitable crowdfunding sites like GoFundMe.

For instance, banks should try to risk assess this nascent but burgeoning sector. GoFundMe has already captured more than $5 billion in donations.

One key delineator: Is the supposed crowdfunding operation working with the largest and well-known sites, including GoFundMe, Mightycause, FundRazr, CrowdRise or FirstGiving? If not, as a compliance professional, you better start asking them more questions and look for aberrant activity.  

Not normal: Large wires coming from a charity crowdfunding site that do not touch companies that could need this money and, instead, go to other newly-formed operations, or personal accounts, particularly in regions known for such scams, like India, Nigeria and the Philippines – some of the call center fraud capitals of the world.

A simple rule of thumb during these trying times: First responders don’t need fancy clothes, jewelry or a fast car. 

Financial CrimeCast – FinCrime Focus on Asia-Pacific, Part Two

Hear guidance on data management in sanctions risk, cryptocurrencies in the APAC region, AI and machine learning adoption, and changing regulatory expectations. Listen to Part One here.

In the second half of this special two-part podcast series, Steven Scheurmann takes you across the Asia-Pacific (APAC) region to provide insights and highlights on key considerations in financial crime compliance. With growing populations and innovative economies, APAC countries represent huge opportunities for the financial sector – But financial crime risk inevitably follows.

A sage of regtech, fintech, data and AI for IBM, Steven hails from Singapore, and brings with him 25+ years of experience in Asian-Pacific with numerous tech firms, multinational corporations, and the public sector.

In part two, Steven explores key considerations for effective sanctions compliance related to North Korea, the growing crypto sector and what it demands from financial institutions, how artificial intelligence will impact compliance programs in the region and beyond, and much more.

Listen to Part Two below:

Coronavirus Fincrime Compliance News Update: Coalition calls for safeguards to prevent looting of relief funds, more AML aftershocks, exploitation fears, and more

The Skinny:

  • Watchdog groups say to watch for corruption to tinge global pandemic relief efforts.
  • Financial crime compliance teams will face new challenges as alerts and threats rise and resources and support retreat – including layoffs.
  • Investigators urge financial institutions and individuals to be wary of scams coming through your phone, your email and even knocking at your door.
  • Many regulatory bodies in the United States, Europe, Canada and Australia have weighed in, calling on institutions to broadly prioritize finding, reporting on suspicious activities.
  • In the virtual world, the COVID-19 pandemic also poses the risk of increased cyberattacks.
  • Strategies to maintain cybersecurity are now of paramount importance, including maintaining good cyber hygiene, not clicking on strange links in your email or texted to your phone, verifying sources and staying up-to-date on software and official updates.

 

 

By Brian Monroe
bmonroe@acfcs.org
March 25, 2020

ACFCS is committed to supporting professionals across the spectrum of financial crime with news, views and discussions about the coronavirus pandemic and how it is, and could be, affecting your compliance departments. 

We know that COVID-19 is doing more than taking lives and shrinking life savings as the disease expands from its origins in Wuhan China to the rest of Asia, the Middle East, Europe and has anchored itself firmly in the United States, in particular the current viral epicenter of New York – the country’s financial heart.

In short, for professionals in our space, you must hope for the best and plan for the worst by expecting to have your team’s abilities or resources cut by as much as half for the next several months.

Yes, Easter is a time for reflection, rebirth and renewal. But let that time also reflect a redoubling of your efforts to be creative, efficient and effective. Alerts and risk are rising while resources are retreating.

But as an association, we truly believe by coming together as a community, sharing knowledge and being a light against the encroaching darkness, we can overcome.

We salute current and former compliance professionals, regulators, investigators and auditors banding together to do more, be more and shoulder more than maybe they ever have before.

Thank you.

To read the association’s first story on the pandemic and tendrils to fincrime compliance departments, covering the surge in disaster-related frauds and cyberattacks and tips for scattered and depleted counter-crime teams, please click here.

Here is a selection of pandemic resources, investigative and regulatory statements, thought leadership pieces and news stories: 

CORONAVIRUS RESOURCES:

COVID-19 World Heat Map

For a map of the world and country and state breakdowns of coronavirus cases, click here.

Centers for Disease Control

To review the information from the Centers for Disease Control (CDC), including tips to for health care professionals, families and professionals to help keep their work and home spaces disease free, click here. 

For cases in the United States, click here.

World Health Organization

To review a wealth of resources on COVID-19 all in one place, the World Health Organization has compiled critical information to help anyone affected by the pandemic, including country and technical guidance, travel advice, media resources, and a list of the most commonly asked questions, click here.

FINCRIME COMPLIANCE GOVERNMENT AND REGULATORY STATEMENTS ON PANDEMIC

U.S. Department of Justice

The U.S. Department of Justice (DOJ), the country’s over-arching federal law enforcement agency, brings together in one page a plethora of information related to its efforts to support law enforcement and counter criminals attempting to profit from the pandemic.

DOJ states that criminals are attempting to exploit COVID-19 worldwide through a variety of scams. There have been reports of:

  • Individuals and businesses selling fake cures for COVID-19 online and engaging in other forms of fraud.
  • Phishing emails from entities posing as the World Health Organization or the Centers for Disease Control and Prevention.
  • Malicious websites and apps that appear to share virus-related information to gain and lock access to your devices until payment is received.
  • Seeking donations fraudulently for illegitimate or non-existent charitable organizations.

DOJ on Sunday also took its first action in federal court to combat fraud related to the coronavirus (COVID-19) pandemic. 

The enforcement action in Austin took place against operators of a fraudulent website follows the department stating publicly federal investigators will be prioritizing the detection, investigation, and prosecution of illegal conduct related to the pandemic.

The operators of the website “coronavirusmedicalkit.com” allegedly engaged in a wire fraud scheme seeking to profit from the confusion and widespread fear surrounding COVID-19 by selling counter-virus kits approved by the “World Health Organization” that also included a vaccine. 

To read the full action, click here.

To view the full scope of DOJ, including the rise of certain frauds and update of the latest enforcement actions against scammers, click here.

Financial Crimes Enforcement Network

To view an alert by the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN), the country’s financial intelligence unit, about the risk of a scams and frauds rising – including investment and imposter scams attempting to capitalize on the fear and chaos of the moment – and not shirking your AML duties, click here.

Office of the Comptroller of the Currency

To view an interagency statement by federal regulatory agencies, including the U.S. Treasury’s Office of the Comptroller of the Currency (OCC), the regulator of the country’s largest and most complex banks, which touches on regulatory relief and operational resilience issues pertinent to AML programs, click here.

Canada

Financial Transactions Reports and Analysis Centre

To read a comment by Canada’s financial intelligence unit, the Financial Transactions Reports and Analysis Centre, including that entities must prioritize monitoring for and reporting on suspicious activities, click here.

Australia

Australian Transaction Reports and Analysis Centre

To read a notice to reporting entities by Australia’s financial intelligence unit, the Australian Transaction Reports and Analysis Centre, highlighting that the country’s top AML regulator will take a measured, conciliatory approach to AML compliance during the pandemic, click here.

Europe

European Banking Authority

To read a statement by the European Banking Authority about bank challenges during the pandemic, including a focus on bank core operations and employing a more flexible, supportive approach for banks struggling to continue weather the storm, click here.

European Commission

To view a statement by EU Commission Executive Vice President Valdis Dombrovskis, who also spearheads many of the bloc’s AML initiatives, detailing some of the financial responses across the bloc, including in coordination with the European Central Bank, click here.  

At the heart of the initiatives is a nearly $1 trillion Pandemic Emergency Purchase Programme, which is slated to provide funding to banks and help stabilize markets.

To view current and upcoming events, action plans and videos from top European Commission officials, and analyze related documents, click here.

United Kingdom

Financial Conduct Authority

The U.K. Financial Conduct Authority (FCA), has pages of resources detailing how the pandemic could be affecting financial institutions, consumers and lays out steps the regulator is taking to ease the pressure on banks.

To view the various resources, including the scams and frauds to look out for, click here

Coronavirus Compliance
NEWS STORIES COVERING CONVERGENCE OF COMPLIANCE AND CORONAVIRUS

Europe

Advice for European compliance officers dealing with coronavirus

Although the situation is constantly changing, lawyers say there are several areas of corporate life that are going to test compliance officers and which management will need greater assurance on. These include data privacy and GDPR compliance; EU competition law; and potentially Brexit.

To read the full story, click here.

United States

Lawmakers, Administration Reach Deal On COVID-19 Relief

Negotiations between congressional leaders and Treasury Secretary Steven Mnuchin yielded a deal early Wednesday, clearing the way for lawmakers to a vote on a $2 trillion stimulus package designed to halt economic damage from the coronavirus outbreak.

To read the full story, click here.

Corruption

Global Coalition Calls For Safeguards To Prevent Looting Of Coronavirus Relief Funds

A leading anti-corruption group is urging U.S. lawmakers to include tough safeguards that will protect against “self-interested parties” in a proposed coronavirus relief bill.

To read the full story, click here

Cybersecurity

Why cybersecurity matters more than ever during the coronavirus pandemic

As the coronavirus pandemic continues to disrupt global health, economic, political and social systems, there’s another unseen threat rising in the digital space: the risk of cyberattacks that prey on our increased reliance on digital tools and the uncertainty of the crisis.

To read the full story, click here.

Fraud

Coronavirus-related crimes capitalize on global fear, panic

Thieves steal surgical masks. A clinic sells fake COVID-19 tests. Hate groups encourage sick members to infect law enforcement officers. Imposters pose as public health officials. Con artists peddle fake cures and financial scams.

As the coronavirus pandemic spreads, so too do the crimes related to it — transgressions that capitalize on fear, panic and the urge to lay blame, and add to the burden on law enforcement agencies trying to protect vulnerable citizens.

To read the full story, click here.

Corporate transparency

U.S. Congress must proactively prevent corruption from derailing coronavirus response

Transparency International U.S. recommends 25 anti-corruption measures to congressional leadership, including ensuring ensuring that government contracts go toward fighting the virus, and are not stolen or misappropriated by corrupt actors.

To read the full story click here

WANT TO START A DIALOGUE? BLOG POSTS FROM FINCRIME THOUGHT LEADERS ON COMPLIANCE IN A TIME OF CORONAVIRUS

Covid-19 & Consequences for Anti-Money Laundering, by Anita Clifford

Practitioners and regulated professionals should also be aware that the unprecedented situation has generated new criminal and, consequently, further money laundering opportunities.

On 22 March 2020 the NCA warned of criminals exploiting the Covid-19 pandemic in the form of malicious apps, fake medical apparatus and email phishing directed at the theft of personal data.2 In the United States, FinCEN has urged vigilance in relation to investment schemes falsely touting medical services or cures and Covid-19 insider trading.

To read the full story, click here.

The Perfect Storm: More Alerts, Fewer Investigators & More False Positives, by Jim Richards.  

On March 16, 2020, three days after the President declared a National Emergency in response to COVID-19, FinCEN issued a press release (not an Advisory) encouraging financial institutions to (1) communicate concerns related to the “coronavirus disease 2019 (COVID-19)”, and (2) to remain alert to related illicit financial activity.

To read the full story, click here.

Another Kind of Outbreak: COVID-19 as Financial Crime Threat, by Dev Odedra

When the World Health Organization (WHO) designated COVID-19 a ‘pandemic’ earlier this month, it understandably left out another concern linked to the outbreak: how financial crooks might exploit it. Whether it is this virus or another in the future, the significant attention and panic that comes with such outbreaks can provide unscrupulous individuals with a new means to exploit others.

To read the full story, click here.

The Overlap of the Coronavirus Pandemic and Financial Crime, by Becki LaPorte

Scammers are opportunistic. They feed on panic and fear.  I have been in this discipline for greater than 20 years. I have watched scams flourish right after natural disasters (e.g. hurricanes, earthquakes) where scammers will pull on your heart strings to encourage you to donate to the cause. 

In reality, none of your money goes to support victims but instead supports the scammers and their network.  I have watched scammers use a sense of urgency and panic to extort money from countless individuals. 

To read the full story, click here.

AML Impact & COVID-19, by Sarah Beth Felix

If your team has been affected by the virus and you are dealing with less resources, it is time to take a step back and re-evaluate what you are currently doing and how best to use your time.

The AML world uses ‘risk-based’ as the foundational approach to monitoring for suspicious activity.

With that in mind, find those least productive alerts (efficiency ratios are less than 1%) and consider filing a risk acceptance form (RAF) with your boss or board explaining how some of the least productive alerts will be sidelined temporarily and new risk-based typology monitoring will occur. 

To read the full story, click here