The Treasury Department’s Financial Crimes Enforcement Network (FinCEN) has announced new efforts to crack down on Business Email Compromise (BEC) schemes and those who profit from such scams. BEC fraud schemes generally involve attempts to compromise the email accounts of victims to send fraudulent payment instructions to financial institutions or business associates in order to misappropriate funds or to assist in financial fraud. Often, the unsuspecting victim is conned into thinking a legitimate email from a trusted person or entity is directing them to make a payment for a normal business activity. Based upon Suspicious Activity Report (SAR) data, BEC scams generated more than $300 million in fraud proceeds each month during 2018, with a cumulative total exceeding billions of dollars stolen from businesses and individuals.
As part of its FinCEN Exchange forum, FinCEN convened a meeting this week in New York City to focus was on identifying and combatting BEC schemes. Representatives from depository institutions, federal and state government agencies, a federal task force, money transmitters, third-party service providers, and technology companies attended the session. The FinCEN Exchange is a voluntary program established in 2017 to convene law enforcement and financial institutions from across the country to share information.
FinCEN also issued an update to its “Advisory to Financial Institutions on E-mail Compromise Fraud Schemes,” first published in 2016. The updated advisory offers updated operational definitions, provides information on the targeting of non-business entities and data by email compromise schemes, highlights general trends in BEC schemes targeting sectors and jurisdictions, and alerts financial institutions to risks associated with the targeting of vulnerable business processes. The advisory also highlights the potential for financial institutions to share information about subjects and accounts affiliated with email compromise schemes in the interest of identifying risks of fraudulent transactions and money laundering.
FinCEN also released a Financial Trend Analysis of Bank Secrecy Act data that explores industries targeted and methodologies used by BEC scammers. It notes that the number of SARs describing BEC incidents reported monthly has more than doubled, from averaging nearly 500 per month in 2016, to above 1,100 per month in 2018. The total value of attempted BEC thefts reported in SARs has almost tripled, to an average of $301 million per month in 2018 from $110 million per month in 2016. The use of fraudulent vendor or client invoices grew as a BEC methodology, from 30 percent of sampled 2017 incidents, to 39 percent in 2018, becoming the most common BEC method. Impersonating a CEO or other high-ranking business officer as a methodology declined, accounting for 12 percent in 2018 from 33 percent of sampled incidents in 2017. Impersonation of an outside entity was described in 20 percent of 2018 reports. Manufacturing and construction businesses were the top targets for BEC fraud in 2017 and 2018.
In another ongoing effort, FinCEN’s Rapid Response Program, in collaboration with law enforcement, recently surpassed $500 million in recovered funds. Under the program, when U.S. law enforcement receives a BEC complaint from a victim or a financial institution, the relevant information is forwarded to FinCEN, which moves quickly to track and recover the funds. The program utilizes FinCEN’s ability to rapidly share information with counterpart Financial Intelligence Units (FIU) in more than 164 jurisdictions, and uses these relationships to encourage foreign authorities to intercede and hold funds or reverse wire transfers.
Finally, the Egmont Group of FIUs has issued a public bulletin to alert competent authorities and reporting entities of key typologies and money laundering risks associated with BEC fraud schemes. This bulletin was the result of an initiative by FinCEN and the FIU of Luxembourg, in collaboration with nine other FIUs. The Egmont Group is a united body of 164 FIUs that provides a platform for the secure exchange of expertise and financial intelligence to combat money laundering and terrorist financing.
[View source.]
