FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes...
Transcript of FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes...
![Page 1: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/1.jpg)
Panelists NACUSAC
Annual Conference June 15, 2016
FinCEN Update
Thomas K. Lawler Senior Liaison Officer
Financial Crimes Enforcement Network
![Page 2: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/2.jpg)
MISSION STATEMENT
Safeguard the financial system from illicit use
and combat money laundering and promote
national security through the collection,
analysis, and dissemination of financial
intelligence and strategic use of financial authorities.
![Page 3: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/3.jpg)
Primary Responsibilities
• Financial Intelligence Unit of the
United States
• Administrator of the Bank Secrecy Act
3
![Page 4: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/4.jpg)
To administer the BSA, FinCEN:
• Issues and interprets regulations implementing the BSA
and supports and enforces compliance with those
regulations ;
• Supports and coordinates compliance examination
functions delegated to other federal regulators;
• Manages the collection, processing, storage, and
dissemination of BSA information;
• Maintains a government-wide access service to the BSA
information, and networks users with overlapping interests;
and
• Conducts analyses to support policy makers, law
enforcement, regulatory, and intelligence agencies, and the
financial industry. 4
![Page 5: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/5.jpg)
Information Sharing MOUs
• Federal Deposit Insurance Corporation
• Federal Reserve Board
• Office of the Comptroller of the Currency
• National Credit Union Administration
• Securities and Exchange Commission
• Commodity Futures Trading Commission
• Internal Revenue Service – SB/SE
• 67 State Regulatory Agencies
![Page 6: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/6.jpg)
Information Sharing MOU
Two-way Information Sharing
• Help FinCEN fulfill role as administrator of the BSA
• Assist Agencies in their role as supervisors
• Improve interagency cooperation in the area of BSA
examination and compliance
Ultimate Goal
Enhance communication and cooperation to help
financial institutions identify, deter, and interdict terrorist
financing and money laundering
![Page 7: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/7.jpg)
314(b) Information Sharing
314(b) Voluntary Information Sharing
• Section 314(b) of the USA PATRIOT Act provides financial
institutions with the ability to share information with one
another, under a safe harbor that offers protections from
liability, in order to better identify and report potential money
laundering or terrorist activities.
• 314(b) information sharing is a voluntary program, and
FinCEN strongly encourages information sharing through
Section 314(b) .
7
![Page 8: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/8.jpg)
314(b) Information Sharing
What Information can be Shared Under 314(b)?
Under 314(b), financial institutions or associations of
financial institutions may share information with each other
regarding individuals, entities, organizations, and countries
for purposes of identifying, and, where appropriate, reporting
activities that may involve possible terrorist activity or
money laundering.
FinCEN has issued guidance clarifying that, if 314(b) sharing
participants suspect that transactions may involve the
proceeds of specified unlawful activities under money
laundering statutes, information related to such transactions
can be shared under protection of the 314(b) safe harbor. 8
![Page 9: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/9.jpg)
314(b) Information Sharing
• Banks and Credit Unions
• Casinos and Card Clubs
• Money Services Businesses
• Brokers or Dealers in
Securities
• Mutual Funds
• Insurance Companies
• Futures Commission
Merchants & Brokers in
Commodities
• Dealers in Precious Metals,
Precious Stones, or Jewels
• Operators of Credit Card
Systems
• Loan or Finance Companies 9
Who is Eligible to Participate in 314(b)? Financial institutions subject to an AML program requirement
under FinCEN regulations, and any association of such
financial institutions, are eligible to share information under
Section 314(b):
![Page 10: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/10.jpg)
Introduction to FinCEN’s Secure Information Sharing System
Secure Information Sharing System (SISS) SISS is the expanded platform being developed for FinCEN to share information securely between law enforcement and financial institutions.
SISS provides financial institutions the capability to: access 314(a) subject lists by law enforcement and to report positive matches on that information; access advisories and reports on the latest trends in money laundering or terrorist financing; and provide special collections information to FinCEN in a secure environment. This August, 314(b) activities will be migrated to SISS.
![Page 11: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/11.jpg)
Enhancements to Information
Sharing using SISS.
• September 2015: Major enhancement Visual enhancements and streamlined
layout
Security enhancements
Ability to transmit information to FinCEN securely via the Special Collections tab
• May 2016: Capability for law enforcement to receive
responses in real time
Capability for targeted communications to financial institutions
11
Recent Secure Information Sharing System Enhancements
![Page 12: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/12.jpg)
314(b) Information Sharing
Benefits of 314(b) Information Sharing
To sign up:
http://www.fincen.gov/statutes_regs/patriot/section314b.html
(or “Search 314(b)”)
Or Call: 866-326-8314 (314(b) Helpline)
12
![Page 13: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/13.jpg)
How/Why Credit Unions are being targeted for Financial Crimes.
Career Criminal Willie Sutton said it best:
“because that’s where the money is”
![Page 14: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/14.jpg)
Cyber Security Cyber threat activity has continued to multiply
• Home Depot Card Breach
• JPMorgan hack
• Spoofed e-mail address used in phishing
(Fiserv)
• Russian Hackers Steal 1.2B Passwords
• OPM database hacked (22.1M)
![Page 15: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/15.jpg)
Cyber Security Terms:
• Social Engineering
• Malicious Code
• Phishing……Spear Phishing
• Pharming
• Smurf
• Sniffing
• Polymorphism
• Ping of Death
• Stealthing
![Page 16: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/16.jpg)
What is BEC?
• Is BEC new?
• Is BEC a new name for an
old scheme?
• How complex are BEC
schemes?
• Why is BEC such a
concern?
• Let’s find out…
![Page 17: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/17.jpg)
BEC Defined
Business Email Compromise is a
form of fraud that targets businesses,
whereby the perpetrators
compromise the email accounts of
victims and/or use spoofed emails, in
order to send false payment
instructions that direct funds to
accounts under their control.
![Page 18: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/18.jpg)
Key Characteristics of a BEC scheme
• Victim is a business • Acute, targeted attack – not random • Perpetrator tricks victim into
voluntarily initiating a funds transfer • This has significant implications
for liability • Email appears to originate from a
known individual as a part of normal business activity
![Page 19: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/19.jpg)
• Coordinated actions of multiple actors • Funds flow overseas
-Directly -Via U.S. accounts
• Subsequent attempts on same victim • All business types are potential victims • Transfer amounts vary greatly • Larger transfers tend to go directly overseas • Recipients as victims/unwitting accomplices
Common Trends in BEC schemes
![Page 20: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/20.jpg)
• Attacks are tailored to victim • Circumvent normal fraud safeguards • Impersonal business interaction is common • Subordinates hesitate to question superiors • People like being trusted with secrecy • Subsequent requests become easie
Why are BEC schemes successful?
![Page 21: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/21.jpg)
• Transfer requests from a new email address • Transfer requests from web-based domains • Transfer requests to new accounts/ individuals
or companies • Overseas transfers- particularly China, Hong
Kong, Malaysia, and the UK • Subsequent transfer requests from recipient
Possible Red Flags for BEC
![Page 22: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/22.jpg)
• Transfer requests sent when requestor is traveling or otherwise unavailable
• Transfer request sent near COB hours • Urgent/confidential transfer requests • Vague accounting information – “code to
administrative expenses” - “for construction expenses”
• Poor use of English language is not a tip-off
Additional BEC Red Flags
![Page 23: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/23.jpg)
• Dual-band verification of all wires • Carefully verify accuracy of email addresses • Pay careful attention to account information • Question any changes to account information • Scrutinize overseas transfers (especially to high
risk jurisdictions) • Maintain list of authorized wire recipient info • Limit individuals authorized to send wires
Tips for Preventing BEC
![Page 24: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/24.jpg)
• IC3 www.ic3.gov • FBI Cyber Crimes Task Force • FBI Local Field Office • USSS Electronic Crimes Task Force • USSS Local Field Office Quick Action is Critical
LE Contacts for BEC
![Page 25: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/25.jpg)
Email Account Compromise (EAC)
EAC is a sister scam to BEC. EAC differs from BEC in that it targets individuals or individual professionals instead of businesses. EAC is defined as a sophisticated scam that targets the general public and professionals associated with, but not limited to, financial and lending institutions, real estate companies, and law firms.
![Page 26: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/26.jpg)
Ransomware
Ransomware is a form of malware that targets both human and technical weaknesses in organizations and individual networks in an effort to deny the availability of critical data and/or systems. Ransomware is frequently delivered through spear phishing emails to end users, resulting in the rapid encryption of sensitive files on a corporate network. When the victim organization determines they are no longer able to access their data, the cyber actor demands the payment of a ransom, typically in virtual currency such as BitCoin, at which time the actor will purportedly provide an avenue to the victim to regain access to their data. Recent iterations target enterprise end users, making awareness and training a critical preventative measure. In 2015, the IC3 received 2,453 complaints identified as Ransomware with losses of over $1.6 million.
![Page 27: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/27.jpg)
2015 Complaint Demographics
Victims Age Range Male Count Male Loss Female Count Female Loss Total Count Total Loss
Under 20 6,086 $5,535,268 4,349 $2,543,810 10,435 3.62% $8,079,077
20 - 29 26,539 $45,744,076 24,763 $25,222,975 51,302 17.81% $70,967,050
30 - 39 30,153 $102,334,135 26,866 $54,706,343 57,019 19.80% $157,040,478
40 - 49 28,694 $158,386,367 29,559 $105,668,109 58,253 20.23% $264,054,476
50 - 59 31,473 $171,954,578 27,655 $115,646,653 59,128 20.53% $287,601,231
Over 60 29,453 $153,157,867 22,422 $129,811,342 51,875 18.01% $282,969,208
Totals 52.91% $637,112,290 47.09% $433,599,232 288,012 $1,070,711,522
152,398 135,614
![Page 28: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/28.jpg)
2015 Top 10 States by Victim Location
1. California 14.53%
2. Florida 8.47%
3. Texas 7.67%
4. New York 6.30%
5. Illinois 3.51%
6. Pennsylvania 3.31%
7. Virginia 3.14%
8. New Jersey 3.01%
9. Washington 2.72%
10. Ohio 2.69%
Note: Percent of complaints reported to the IC3 when the location was provided.
![Page 29: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/29.jpg)
2015 Crime TypesBy Victim Count Non-Payment/Non-Delivery 67,375 Lottery/Sweepstakes 5,324 419/Overpayment 30,855 Malware/Scareware 3,294 Identity Theft 21,949 Corporate Data Breach 2,499 Auction 21,510 Ransomware 2,453 Other 19,963 IPR/Copyright and Counterfeit 1,931 Personal Data Breach 19,632 Investment 1,806 Employment 18,758 Crimes Against Children 1,348 Extortion 17,804 Civil Matter 1,148 Credit Card Fraud 17,172 Re-shipping 1,073 Phishing/Vishing/Smishing/Pharming 16,594 Denial of Service 1,020 Advanced Fee 16,445 Virus 971 Harassment/Threats of Violence 14,812 Health Care Related 465 Confidence Fraud/Romance 12,509 Charity 411 No Lead Value 12,187 Terrorism 361 Government Impersonation 11,832 Hacktivist 211 Real Estate/Rental 11,562 Gambling 131 Business Email Compromise 7,837 Criminal Forums 62 Misrepresentation 5,458
![Page 30: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/30.jpg)
• Partnership of FinCEN and FBI (October 2014) • USSS joined the partnership (March 2015) • FinCENs counterpart FIUs in 152 jurisdictions • Used to freeze assets in foreign jurisdictions • 245 requests to 28 foreign FIUs* • USD $171.3 million recovered*
*As of 2/29/2026
Global Rapid Response Program
![Page 31: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/31.jpg)
How to Contact FinCEN • FinCEN Resource Center
1-800-767-2825 or [email protected]
• FinCEN website: www.fincen.gov (Subscribe!)
• 314(b) Helpline: 1-866-326-8314 (Not on website)
• FINANCIAL INSTITUTIONS HOTLINE: 1-866-556-3974.
7 days a week, 24 hours a day to report suspicious
transactions that may relate to terrorist activity
• Thomas K. Lawler, Senior Liaison Officer
(202) 354-6396 or [email protected]
![Page 32: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/32.jpg)
![Page 33: FinCEN Update - NACUSAC · FinCEN Update Thomas K. Lawler Senior Liaison Officer Financial Crimes Enforcement Network . MISSION STATEMENT Safeguard the financial system from illicit](https://reader030.fdocuments.net/reader030/viewer/2022040715/5e1dd504da053b335f2631b1/html5/thumbnails/33.jpg)
QUESTIONS?