The Financial Crimes Enforcement Network (“FinCEN”) issued last month an in-depth report on check fraud stemming from mail theft (“Report”). This is a pernicious and expanding problem. The Report follows upon a joint alert issued by FinCEN and the U.S. Postal Service (“USPS”) in February 2023, on which we blogged.
Mail theft-related check fraud
The Financial Crimes Enforcement Network (“FinCEN”) has issued a Notice on the Use of Counterfeit U.S. Passport Cards to Perpetrate Identity Theft and Fraud Schemes at Financial Institutions (“Notice”), asking financial institutions (“FIs”) to be vigilant in identifying suspicious activity relating to the use of counterfeit U.S. passport cards. According to the Notice, the U.S. Department of State’s Diplomatic Security Service (“DSS”) has determined that there is a growing use of such counterfeit cards to gain access to victim accounts at FIs. “This fraud occurs in person at [FIs] and involves an individual impersonating a victim by using a counterfeit U.S. passport card that contains the victim’s actual information.”
As its title plainly states, the Notice pertains to passport cards, rather than passport books. Passport cards have more limited uses and can be used only for land, sea and domestic air travel into the U.S. from Canada, Mexico, the Caribbean and Bermuda. The following graphic from the Department of State illustrates the difference.
The Notice observes that FIs are less likely to detect fraud involving passport cards because they are a less familiar form of U.S. government-issued identification. Victims’ personal identifiable information (“PII”) is typically acquired through the darknet or the U.S. mail (see our blog post on the surge in mail-theft check fraud here). After a fake card is created, the illicit actor or complicit money mule will visit a branch of the victim’s FI – often by trying to avoid any branches that the victim actually may visit, so as to reduce the chances of detection.
Continue Reading FinCEN Issues Notice on Counterfeit Passport Card Fraud
The Financial Crimes Enforcement Network (“FinCEN”) recently released a Financial Trend Analysis (“FTA”) focusing on identity-related suspicious activity. The FTA was issued pursuant to section 6206 of the Anti-Money Laundering Act of 2020, which requires FinCEN to periodically publish threat pattern and trend information derived from BSA filings.
FinCEN examined information from Bank Secrecy Act (“BSA”) filings submitted in the 2021 calendar year. According to FinCEN’s analysis, 1.6 million “BSA filings” – presumably, the vast majority of which constituted Suspicious Activity Reports (“SARs”) – were identity-related, representing a total of $212 billion in suspicious activity. These filings constituted 42% of filings for that year, thereby meaning that approximately 3.8 million SARs were filed in 2021.
The descriptions and the explanations in the FTA necessarily turn on how the SAR filings chose to describe the suspicious activity at issue. This is presumably why most of the activity falls into the vague category of “general fraud” – because, apparently, this is the particular box on the SAR form which most of the SAR filers happened to choose. However, and we will describe, the activity in fact animating the vast majority of these SARs is some form of identity theft.
Continue Reading FinCEN Analysis Reveals $212 Billion in Identity-Related Suspicious Activity
The U.S. Department of Justice (“DOJ”) announced on March 15, 2023 that in a coordinated effort between U.S. Federal Bureau of Investigations, Europol, and German police, the darknet cryptocurrency mixing service ChipMixer has been shut down. The operation involved the U.S. government’s court-authorized seizure of two domains that directed users to the ChipMixer service and one Github account. In addition, German authorities seized $46 million in cryptocurrency, as well as ChipMixer’s back-end servers used to run the site.
Further, the U.S. Attorney’s Office for the Eastern District of Pennsylvania filed a criminal complaint against ChipMixer’s suspected founder, Vietnamese national, Minh Quoc Nguyen (“Nguyen”), alleging that Nguyen openly flouted financial regulations and instructed users how to use ChipMixer to evade reporting requirements while obscuring his true name under a series of stolen and fictitious identities. The complaint also alleges that ChipMixer, described as a popular platform for laundering illicit funds gained from unlawful activities like drug trafficking, ransomware attacks (according to Europol, ransomware actors Zeppelin, SunCrypt, Mamba, Dharma, Lockbit have used ChipMixer), and payment card fraud, was used to launder more than $3 billion in cryptocurrency since 2017. Nguyen has been charged with money laundering, operating an unlicensed money transmitting business, and identity theft in connection with the operation of ChipMixer.
Federal law enforcement and regulators continue to focus on technology-driven financial crime — specifically, cyber-enabled fraud and the laundering of illicit funds through cryptocurrency. Last week, the Department of Justice (“DOJ”) announced that Eun Young Choi will serve as the first Director of the National Cryptocurrency Enforcement Team (“NCET”). As we have blogged, the DOJ created in 2021 the NCET in order to address issues on which we repeatedly have blogged: crypto exchangers and their AML obligations; the process of tracing digital asset transactions; ransomware; so-called “professional” money launderers; and the use of crypto to launder serious crimes such as drug trafficking and human trafficking. This attempt at a coordinated government approach to crypto enforcement followed the announcement earlier in 2021 by the Financial Crimes Enforcement Network (“FinCEN”) of appointing its first-ever Chief Digital Currency Advisor.
Meanwhile, FinCEN has stressed the need for, and utility of, specific information to be submitted by the victims of cyber-enabled financial crime schemes, or the financial institutions of those victims, to FinCEN’s Rapid Response Program, or RRP. The RRP seeks to share financial intelligence and recover the proceeds of crime.
Continue Reading DOJ, FBI and FinCEN Continue to Focus on Crypto and Cyber Financial Crime
On February 17, the Department of Justice unsealed a sprawling indictment against three members of North Korea’s military intelligence agency – known as the Reconnaissance General Bureau –
The Financial Crimes Enforcement Network (“FinCEN”) just issued another Advisory pertaining to two consumer fraud schemes exacerbated by the COVID-19 pandemic. This Advisory focuses on “imposter schemes” and “money mule schemes, ”which we discuss below.
This most recent Advisory is the latest in a string of pronouncements relating to the pandemic by FinCEN, which has stated that it regularly will issue such documents. As we have blogged, FinCEN issued an Advisory on May 18 regarding medical scams related to the pandemic, and issued a companion Notice that “provides detailed filing instructions for financial institutions, which will serve as a reference for future COVID-19 advisories.” On April 3, 2020, FinCEN also updated its March 16, 2020 COVID-19 Notice in order to assist “financial institutions in complying with their Bank Secrecy Act (“BSA”) obligations during the COVID-19 pandemic, and announc[ing] a direct contact mechanism for urgent COVID-19-related issues.”
The most recent Advisory again provides a list of potential red flags that FinCEN believes that financial institutions should be monitoring for, in order to detect, prevent, and report such suspicious activity. As we previously have commented: although such lists can be helpful to financial institutions, they ultimately may impose de facto heightened due diligence requirements. The risk is that, further in time, after memories of the stressors currently imposed by COVID-19 have faded, some regulators may focus only on perceived historical BSA/AML compliance failures and will invoke these lists not merely as efforts by FinCEN to assist financial institutions in deterring crime, but as instances in which FinCEN was putting financial institutions on notice.
Further, the most recent Advisory suffers from the fact that its list of red flags for imposter schemes is best directed at consumers themselves, rather than at financial institutions offering services to consumers: many of the red flags pertain to anomalies in the communications sent directly by fraudsters to targeted consumer victims – information that financial institutions rarely possess.
Continue Reading FinCEN Issues Advisory on COVID-19 and Imposter and Money Mule Schemes
Remarks Focus on Account Takeovers, BEC Schemes, Beneficial Ownership, Technological Innovation and SARsFinCEN Director Kenneth A. Blanco delivered prepared remarks on September 24 at the 2019 Federal Identity (FedID) Forum and Exposition in Tampa, Florida.
Director Blanco summarized the topics of his remarks by stating the following:
The Federal Reserve and the Financial Crimes Enforcement Network, or FinCEN, both recently issued reports addressing worrisome trends in technology-assisted financial fraud. The reports seek to engage the financial services industry in partnering more closely to reduce associated losses.
Specifically, the Federal Reserve issued a report entitled Synthetic Identity Fraud in the U.S. Payment System. FinCEN issued a report entitled Manufacturing and Construction Top Targets for Business Email Compromise. Collectively, the reports reflect how techonology-driven fraud and identity theft schemes can target financial institutions, businesses and consumers alike, thereby impacting the Anti-Money Laundering and related anti-fraud programs of the financial institutions implicated by such schemes.
Continue Reading Federal Reserve and FinCEN Raise Alarms Regarding Technology-Assisted Financial Fraud