Cybersecurity

Subscribe to Cybersecurity

ABA Tax Fraud Panel to Discuss IRS CI and Crypto Criminals

The Internal Revenue Service – Criminal Investigation (IRS CI) has made it clear that it is focusing on the abuse of digital currencies to further tax evasion, money laundering, and other offenses. IRS-CI also has made it clear that this is an international effort, and that it is trying to partner with law enforcement agencies across the globe in order to coordinate and share investigative leads.

This is a hot topic, and we are honored that Ballard Spahr will be moderating a panel on these very same issues, at the ABA’s annual Tax Fraud/Tax Controversy Conference in Las Vegas on December 12, entitled Charging Cryptocurrency Violations—Tax Crimes or Money Laundering.  We are pleased to be joined by our wonderful panelists, Evan J. Davis, Betty J. Williams, and Ian M. Comiskey.  This is a unique conference, and we invite you to attend if you are interested in the fascinating cross-section of tax evasion and money laundering.

This blog will discuss the recent efforts by IRS-CI to “up its game” in investigating cross-border offenses committed through cryptocurrency, such as its participation in the international Joint Chiefs of Global Tax Enforcement task force. We then will discuss a recent high-profile case which exemplifies these two goals of fighting crypto-related crime and collaborating with foreign law enforcement officials to do so: the notorious “Welcome to Video” case, which led to a global takedown of a darkweb child pornography website, its administrator, and its customers. The Welcome to Video investigation, led by IRS-CI, also illustrates a key point we will discuss at the ABA conference: that cryptocurrency is only “pseudo-anonymous,” and that its protections can yield to a determined combination of modern digital forensics and old-fashioned investigative techniques.
Continue Reading

Organization Excels at Niche Branding but Stumbles in Avoiding Enforcement

The first paragraph of the press release sums it up:

Today the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) took action against Evil Corp, the Russia-based cybercriminal organization responsible for the development and distribution of the Dridex malware.  Evil Corp has used the Dridex malware to infect computers and harvest login credentials from hundreds of banks and financial institutions in over 40 countries, causing more than $100 million in theft.  This malicious software has caused millions of dollars of damage to U.S. and international financial institutions and their customers.  Concurrent with OFAC’s action, the Department of Justice charged two of Evil Corp’s members with criminal violations, and the Department of State announced a reward for information up to $5 million leading to the capture or conviction of Evil Corp’s leader.  These U.S. actions were carried out in close coordination with the United Kingdom’s National Crime Agency (NCA).  Additionally, based on information obtained by the Treasury Department’s Financial Crimes Enforcement Network (FinCEN), the Treasury Department’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP) released previously unreported indicators of compromise associated with the Dridex malware and its use against the financial services sector.

The Department of Treasury press release is extremely detailed.  Summarized very broadly, it observes that OFAC’s designation targets 17 individuals and seven entities, including Evil Corp, its “core cyber operators, multiple businesses associated with a group member, and financial facilitators utilized by the group.”  The designation means that all property and interests in property of these persons subject to U.S. jurisdiction are blocked, and U.S. persons are generally prohibited in engaging in transactions with them.

As noted below, the U.S. government is alleging that these cyber criminals are working with the Russian government.  FinCEN and the Cybersecurity and Infrastructure Security Agency (CISA) of the Department of Homeland Security also have issued an Alert to financial institutions regarding how to try to detect, mitigate and report the presence of the pernicious Dridex malware.
Continue Reading

On October 1st, the Office of the Comptroller of the Currency (OCC) published the Fiscal Year 2020 Bank Supervision Operating Plan (“FY 2020 Plan”).

The FY 2020 Plan sets forth the OCC’s supervision priorities and objectives for the fiscal year beginning October 1, 2019 and ending September 30, 2020. The supervision priorities set forth align with the the OCC’s Strategic Plan, Fiscal Years 2019-2023.

The FY 2020 Plan facilitates the development of supervisory strategies for individual national banks, federal savings associations, federal branches, federal agencies, and technology services providers. OCC staff members use the plan to guide their supervisory priorities, planning, and resource allocations.
Continue Reading

Remarks Focus on Account Takeovers, BEC Schemes, Beneficial Ownership, Technological Innovation and SARs

FinCEN Director Kenneth A. Blanco delivered prepared remarks on September 24 at the 2019 Federal Identity (FedID) Forum and Exposition in Tampa, Florida.

Director Blanco summarized the topics of his remarks by stating the following:

  1. First, I would like to tell you

The Federal Reserve and the Financial Crimes Enforcement Network, or FinCEN, both recently issued reports addressing worrisome trends in technology-assisted financial fraud.  The reports seek to engage the financial services industry in partnering more closely to reduce associated losses.

Specifically, the Federal Reserve issued a report entitled Synthetic Identity Fraud in the U.S. Payment System. FinCEN issued a report entitled Manufacturing and Construction Top Targets for Business Email Compromise. Collectively, the reports reflect how techonology-driven fraud and identity theft schemes can target financial institutions, businesses and consumers alike, thereby impacting the Anti-Money Laundering and related anti-fraud programs of the financial institutions implicated by such schemes.
Continue Reading

On June 12, 2019, Kenneth A. Blanco, Director of the Treasury’s Financial Crimes Enforcement Network (“FinCEN”), provided remarks at the NYU Law Program on Corporate Compliance and Enforcement that underscored the agency’s evolving approach to emerging threats in money laundering and terrorist financing.

His remarks specifically focused on:

  • FinCEN’s approach to addressing a number of emerging money-laundering threats, including the crisis in Venezuela and the rise in business email compromise (“BEC”) fraud schemes;
  • The agency’s collaboration with Congress to address the need to collect beneficial ownership information at a company’s formation; and
  • FinCEN’s ongoing efforts to strengthen and modernize the anti-money laundering (“AML”) and counter terrorism financing (“CFT”) system.


Continue Reading

Director Blanco Emphasizes BSA Resource Sharing, Technological Innovation, and Collaboration Between Public and Private Sectors

The Financial Crimes Enforcement Network (FinCEN) released prepared remarks delivered by FinCEN director, Kenneth A. Blanco, at the Securities Industry and Financial Markets Association (SIFMA) Anti-Money Laundering (AML) & Financial Crimes Conference on February 4, 2019. Director Blanco’s speech highlights various regulatory reform efforts, including the approval of collaborative sharing of Bank Secrecy Act (BSA) resources and an interagency initiative to promote innovation in the technologies and methodologies used to combat money laundering and terrorist financing. The Director also emphasized the importance of collaboration among the public and private sectors.  These remarks do not occur in a vacuum; rather, they represent just part of what has been an ongoing conversation in the BSA/AML realm. Potential resource sharingtechnological innovation and information sharing have been repeated topics in this blog.
Continue Reading

OCC Identifies AML/BSA and Cyber Threats as Elevated Risks Facing Banks

Last week, the Office of the Comptroller of the Currency (“OCC”) published the Spring 2018 Semiannual Risk Perspective (the “Report”), which uses up-to-date data to identify risks to U.S. banks and measure their compliance with applicable laws and regulations.  The Report concluded that some of the OCC’s primary concerns are with banks’ abilities to comply with the anti‑money laundering (“AML”) laws and regulations, as well as to manage risks associated with cybersecurity threats.

Many of the OCC’s observations and recommendations remained the same from its Fall 2017 report, about which we previously blogged, begging readers to wonder what will spur less conversation and potentially more action among OCC-supervised banks or concrete guidance by the OCC.  Regardless, a common thread running throughout both reports is the potential risk presented to financial institutions by emerging technologies, which carry the simultaneous blessing and curse of business opportunities and compliance risks.
Continue Reading

Last week, the Office of the Comptroller of the Currency (“OCC”) released its semiannual risk report (“Report”) highlighting credit, operational, and compliance risks to the federal banking system.  The Report focuses on issues that pose threats to those financial institutions regulated by the OCC and is intended to be used as a resource to by those financial institutions to address the key concerns identified by the OCC.  Specifically, the OCC places cybersecurity and Anti-Money Laundering (“AML”) among the top concerns highlighted in the Report.  The Report further observes that the total number of enforcement actions by the OCC against banks — instituted for any kind of alleged violations — have declined steadily after peaking in 2009.
Continue Reading