- In this ACFCS Financial Crimecast we preview a special six-week webinar series and course on the transformative power of taking a hybrid threat finance approach to implementing anti-money laundering (AML) programs.
- The argument: by switching the focus from broad actions and pre-determined scenarios to responding to the actual transactional DNA of threat actors, banks have the chance create timely intelligence with a “high degree of usefulness” to law enforcement.
- In this chat, we speak to the intense, informed and ever-focused Joshua Fruth, who for the past decade has devoted himself to learning about how criminal networks of all sizes fund and launder funds to keep their illicit enterprises running – akin to how a legitimate corporation operates.
- Fruth and longtime financial crime compliance thought leader Debra Geister, the head of Section 2 Financial Intelligence Services are also the architects of the Section 2/ACFCS Hybrid Threat Finance Virtual Training Series, a six-week course starting Oct. 14. To learn more about the series and sign up, click here.
- The training webinar series has collected many of the biggest names and respected professionals across the fields of AML, investigations, intelligence, terror finance, organized crime, money laundering and other disciplines to teach how the savviest illicit groups cleanse their ill-gotten gains.
By Brian Monroe
October 2, 2020
In this ACFCS Financial Crimecast we preview a special six-week webinar series and course on the transformative power of taking a hybrid threat finance approach to implementing anti-money laundering (AML) programs.
The argument: by switching the focus from broad actions and transaction monitoring systems alerting on red flags, pre-determined scenarios and monetary thresholds to responding to the actual transactional DNA of threat actors, banks have the chance to bolster efficiency, effectiveness and create timely intelligence with a “high degree of usefulness” to law enforcement.
In this chat, we speak to the intense, informed and ever-focused Joshua Fruth, who for the past decade has devoted himself to learning about how criminal networks of all sizes fund and launder funds to keep their illicit enterprises running – akin to how a legitimate corporation operates.
Fruth and longtime financial crime compliance thought leader Debra Geister, the head of Section 2 Financial Intelligence are also the architects of the Section 2/ACFCS Hybrid Threat Finance Virtual Training Series, a six-week course starting Oct. 14.
To learn more about the series and sign up, click here.
The training webinar series has collected many of the biggest names and respected professionals across the fields of AML, investigations, intelligence, terror finance, organized crime, money laundering and other disciplines to teach how the most savvy illicit groups cleanse their ill-gotten gains.
The series will include case studies and real-life examples with practical takeaway for AML analysts, public and private sector investigators, regulators and auditors.
Here is a snapshot of S2’s Threat Finance Academy (TFA), including speaker lineup and topics for Hybrid Threat Finance Series One:
- 10/14/20: Derek Maltz, Director, DEA Special Operations Division (Ret.), “Intro. to Hybrid Threat Finance”
10/21/20: COL Josh Potter, Director, J36 Transnational Threats Division, USSOCOM (Ret.), “Terrorism Finance 2020”
10/28/20: Stephen Murphy & Javier Peña, DEA (Ret.), Netflix hit series “Narcos,” “Illicit Finance in Drug Trafficking”
11/04/20: David M. Luna (罗文礼), President and CEO 🦏 🐘 🌎, Senior Director for National Security & Diplomacy, US Dept. of State (Ret.), “Counterfeiting & Wildlife Trafficking”
11/11/20: Jimmy Arroyo, Assistant Special Agent in Charge, DEA NY Division, “Trade-based Money Laundering”
11/18/20: Dr. Vanessa Neumann, Venezuelan-American Diplomat, “Corruption & Sanctions Evasion – Venezuela”
Fruth also tackles the issues of the day, including why the recent leak of suspicious activity reports (SARs) from the U.S. Treasury’s Financial Crimes Enforcement Network (FinCEN) by the International Consortium of Independent Journalists (ICIJ), the same group behind the seminal Panama Papers and Paradise Papers leaks, is a national security concern that could even put the lives of compliance professionals at risk.
As well, Fruth gives a glimpse of the future of AML with FinCEN in recent weeks detailing a broad and expansive overhaul to the country’s countercrime compliance regime, retooling the emphasis from auditable inputs for regulators to valuable outputs for law enforcement – the eventual customers of AML intelligence reports.
But what is hybrid threat finance?
Hybrid threat finance (HTF) detection:
- Based on the intelligence community’s “Hybrid Threat” targeting doctrine.
- A strategy that recognizes the interconnected nature of hostile, sanctioned nation-states, organized criminal groups and terror networks.
Actor-centric detection methods versus action-centered, broad red flags, thresholds:
- Increase risk coverage, decrease false positives and lower compliance costs.
- Tactics, techniques and procedures (TTPs) change based on the predicate source of revenue, the threat group and the geographic nexus.
Some examples: An operation having and moving too much cash could be tied to a terror group, preparing to dole out funds in preparation for an attack.
Similarly, a burst in funds transfers, particularly with a propinquity to the Americas or Middle East, could be tied to drug trafficking for a narco cartel.
A high velocity and flow of funds, layering, could be tied to a human trafficking group, with a corresponding move to one account in Mexico, the Philippines, Thailand or China.
These are the nuanced transactional tells that Fruth has pushed himself to better uncover at both the public and private sector levels.
Fruth’s work as a US Army Intelligence Officer, Law Enforcement Officer, Federal Task Force Embed, Federal Contractor, & Anti-Money Laundering (AML) Compliance Director has afforded him the unique opportunity of having participated in a wide range of public & private sector investigations, intelligence, and special operations.
He is a Counter Threat Finance (CTF), Counterterrorism, and Counternarcotics targeting practitioner who has deployed globally with a functional expertise in disrupting the illicit revenue generation, money laundering, and funds access mechanisms and typologies used by bad actors, malign organizations, transregional, and transnational hybrid threat networks.
He’s traversed the intelligence, law enforcement, and regulatory communities and worked with some of the world’s largest banks and tech companies. Fruth has a unique perspective regarding financial crime, having personally physically interdicted many of the illicit activities that precede the need to launder funds in the first place.
His career caseload has included violent crime, terrorism, sex crimes, organized trafficking of persons/weapons/narcotics/counterfeit goods/minerals; white-collar crime, sanctions evasion, counterintelligence & corruption in both operational and analytic roles.
Tips, tricks and timestamps
Link analysis: Actions vs. actors
5:00: The link between clean data and detecting threat actors and interlinked groups
7:00: AI can’t save you…from yourself.
Tell me something I don’t already know
10:00: Threat classifications, sub classifications and what can I do about human trafficking
12:00: Different mechanisms of control, different transactional DNA.
13:00: Example of hybrid threat actors in action: Hezbollah.
Institutionalized, corporate laundering
14:00: Organized criminals act just like corporations. They need money to pay the bills.
16:00: Is money laundering the world’s biggest human rights violation?
20:00: The corruption and money laundering connection.
22:00: Yes, criminal groups have a “human resources” department.
How to standardize the most subjective part of AML: investigative decision-making
25:00: How to standardize what makes a good financial crimes investigator.
26:00: A preview of the event to teach on hybrid threat finance.
FinCEN files: The leak that rocked a country, a sector and some context
27:00: Reactions and risks tied to the “FinCEN files” leak.
29:00: Um, Josh, can you just solve AML for me. Great, thanks.
35:00: For banks named in leaks, some context. The formerly fined have gone from compliance pariahs to law enforcement allies. In short: investigators told banks not to close the account, so stop trying to beat them up.
37:00: Gaps, integrity and doing the right thing: The spine of the compliance professional.
The good, the bad and ugly: After a look inside the AML playbook, criminal groups will adapt laundering tactics
40:00: An equal and opposite reaction: If bad guys see how we SARed them, they will adapt, adjust and evade anew.
42:00: Will banks be gunshy in filing strong SARs? Can the leak hurt active law enforcement investigations? Will the leak be a field day for defense attorneys, civil lawsuits?
44:00: The detection programs the models, the rules, the algorithms and how they have been tuned should be held as closely as national security, because bad guys will use those to evade detection. Another aftermath of the FinCEN files leak.
A new AML regime, a new day, and a new way to SAR in proposed FinCEN rules
49:00: A look at the new AML regime to come: The FinCEN proposed update for banks to focus on effectiveness and creating SARs with a “high degree of usefulness” law enforcement.
50:00: A question: how can a regulator judge a bank SAR, or AML program, without first talking to law enforcement? The answer: the can’t. They have to liaise.
55:00: How do you profile a threat? Divine how the threat actors acted.
Behavioral analytics and pattern of life analysis: Actor-centric targeting logic
56:00: The importance of context when juggling risks and resources. Looking through the many lenses of layers of hybrid threat finance.
1:00: Profiling and how to articulate the behavioral attributes of a narco cartel or money laundering network. Pulling apart the global threat landscape into actionable steps.
1:05: A look at Hezbollah through the microscope of hybrid threat finance.
1:10: Revenue generating events and explaining away illicit finance using shell companies, front companies and trade-based money laundering. From Lebanon to South America and a padded pass through to China.
1:13: The global threat landscape is complicated, but relatively static. Data and better pulling in the technology component to create better AI-driven scenarios.