July 16, 2019: FinCEN Exchange Forum focuses on Business Email Compromise

FinCEN Exchange Forum Counters Business Email Compromise Scams

Contact
Steve Hudak, 703-905-3770
Immediate Release
Suspicious Activity Reports indicate more than $300 million a month in theft

WASHINGTON—The Financial Crimes Enforcement Network (FinCEN) today announced new efforts to curtail and impede Business Email Compromise (BEC) scammers and other criminals who profit from their schemes.  Email compromise fraud schemes generally entail criminal attempts to compromise the email accounts of victims to send fraudulent payment instructions to financial institutions or business associates in order to misappropriate funds or to assist in financial fraud.  Based on data from FinCEN’s Suspicious Activity Reports (SARs), hackers and other illicit actors’ BEC scams generated more than $300 million a month in 2018, with a cumulative total exceeding billions of dollars stolen from businesses and individuals.

“FinCEN has been a global leader and innovator in countering BEC breaches and their devastating effects on businesses, individuals, and national security,” said FinCEN Director Kenneth A. Blanco.  “The Bank Secrecy Act data is a critical resource in combatting all types of financial crime.  We hold, safeguard, and analyze that data and we share our expertise with law enforcement and our industry partners to help make America safer.”

 

 

FinCEN Exchange Forum Focuses on BEC Scams

In New York City today, FinCEN convened another in a series of meetings under its ongoing FinCEN Exchange forum.  Today’s focus was on identifying and combatting potential BEC and resultant money laundering and terrorist financing activities.  Representatives from depository institutions, Federal and State government agencies, a Federal task force, money transmitters, third-party service providers, and technology companies attended the session.  The FinCEN Exchange is a voluntary program established in 2017 to convene law enforcement and financial institutions from across the country to share information.

 

Advisory to Financial Institutions on E-mail Compromise Fraud Schemes

FinCEN also issued today an update to its “Advisory to Financial Institutions on E-mail Compromise Fraud Schemes,” first published in 2016.  Today’s advisory offers updated operational definitions, provides information on the targeting of non-business entities and data by email compromise schemes, highlights general trends in BEC schemes targeting sectors and jurisdictions, and alerts financial institutions to risks associated with the targeting of vulnerable business processes.  The advisory also highlights the potential for financial institutions to share information about subjects and accounts affiliated with email compromise schemes in the interest of identifying risks of fraudulent transactions and money laundering.

 

Financial Trend Analysis of Bank Secrecy Act (BSA) Data

In addition, FinCEN issued an in-depth Financial Trend Analysis of BSA data that explores industries targeted and methodologies used by BEC scammers.  It notes that the number of SARs describing BEC incidents reported monthly has more than doubled, from averaging nearly 500 per month in 2016, to above 1,100 per month in 2018.  The total value of attempted BEC thefts reported in SARs has almost tripled, to an average of $301 million per month in 2018 from $110 million per month in 2016.  The use of fraudulent vendor or client invoices grew as a methodology, from 30 percent of sampled 2017 incidents, to 39 percent in 2018, becoming the most common BEC method.  Impersonating a CEO or other high-ranking business officer as a methodology declined, accounting for 12 percent in 2018 from 33 percent of sampled incidents in 2017.  Impersonation of an outside entity was described in 20 percent of 2018 reports.  Manufacturing and construction businesses were the top targets for BEC fraud in 2017 and 2018, and those sectors may have particular interest in this report.

 

FinCEN’s Rapid Response Program Surpasses $500 Million in Recovered Funds

In another ongoing effort, FinCEN’s Rapid Response Program, in collaboration with law enforcement, recently surpassed $500 million in recovered funds.  Under the program, when U.S. law enforcement receives a BEC complaint from a victim or a financial institution, the relevant information is forwarded to FinCEN, which moves quickly to track and recover the funds.  The program utilizes FinCEN’s ability to rapidly share information with counterpart Financial Intelligence Units (FIU) in more than 164 jurisdictions, and leverages these relationships to encourage foreign authorities to intercede and hold funds or reverse wire transfers.

 

Egmont Group Public Bulletin Outlines Typologies of BEC Fraud Schemes

In addition, yesterday, the Egmont Group of FIUs issued a public bulletin to alert competent authorities and reporting entities of key typologies and money laundering risks associated with BEC fraud schemes.  This bulletin was the result of an initiative by FinCEN and the FIU of Luxembourg in collaboration with nine other FIUs.

Sharing information through reports and public-private partnerships supports more, and higher-quality, reports to FinCEN and assists law enforcement in detecting, preventing, and prosecuting terrorism, organized crime, money laundering, and other financial crimes.  Sharing information also assists the financial institutions in prioritizing their efforts.  One of FinCEN’s top priorities is strengthening public-private partnerships to reveal and mitigate threats and vulnerabilities in the U.S. financial system.

Links:

FinCEN Press Release

FinCEN Advisory

Financial Trend Analysis

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s