In remarks before the Association of Certified Anti-Money Laundering Specialists, FinCEN Director Kenneth Blanco reviewed (i) recent trends in pandemic-related fraudulent activity, (ii) FinCEN's response and (iii) recent rulemakings and alerts aimed at combating cyber threats.
Mr. Blanco highlighted recent COVID-19 related medical fraud, imposter scams and money mules (see previous coverage), and cybercrime and cyber-enabled crime (see previous coverage). He said that FinCEN issued several notices on these threats to facilitate the filing of COVID-19-related suspicious activity reports ("SARs") and to enable financial institution employees to warn customers about potential fraudulent schemes.
Mr. Blanco stated that, over the course of the pandemic, FinCEN observed plans by fraudsters on the dark web to execute coordinated attacks on state unemployment programs, the Paycheck Protection Program, and other state and federal stimulus programs. He stated that such attacks were intended to, among other things, extract personally identifiable information (or "PII") for fraudulent use.
Mr. Blanco called upon financial institutions to provide specific details in the SARs they file, explaining that specificity allows the SARs to reach the proper investigative teams more quickly. Mr. Blanco said that nearly 90 percent of COVID-19-related SARs had been filed by banks or credit unions, and that the securities and futures industry had filed only two percent of such SARs. Mr. Blanco also warned banks that if they are not assessing their exposure to virtual currency, "it will be apparent when examiners visit."
In closing, Mr. Blanco highlighted (i) a recent final rule that made current AML regulations applicable to all types of banks (see previous coverage) and (ii) an advance notice of proposed rulemaking soliciting comments on the proposed elements of an "effective and reasonably designed" AML program (see previous coverage). Mr. Blanco encouraged further discussion with AML specialists regarding FinCEN's regulatory initiatives.
FinCEN solicited comment on potential amendments to the rules under the Bank Secrecy Act that would specify the elements of "an effective and reasonably designed" AML program.
FinCEN adopted a final rule that will make current AML, Customer Identification Program and beneficial ownership rules equally applicable to all types of banks.
FinCEN alerted financial institutions to indicators of COVID-19-related cybercrime. The alert concerns (i) the exploitation of remote platforms, particularly against financial and healthcare systems, (ii) phishing, malware and extortion schemes, and (iii) business email compromise fraud.
FinCEN alerted financial institutions to potential indicators of pandemic-related imposter scams and money mule schemes.
The Treasury Department urged financial institutions to be on alert for malicious or fraudulent transactions, and to notify FinCEN of any potential delays in submitting Suspicious Activity Reports.