Tag Archive for: Financial Crimes

Posts

,

Executive Letter: Check Fraud Resources

By Rose Oswald Poels

Check fraud remains a top issue and expense for WBA members. Often when needing to work through the process of collecting on a fraudulent check, it can be difficult to determine the correct party or department to work with at another financial institution involved in the particular check negotiation chain. I have heard of banks having to wait several weeks, or even months, to get a response from another when trying to resolve a fraudulent check matter. I have also heard from bankers of the frustration of not knowing what the other bank may need for research purposes or if a particular affidavit is required, such as an affidavit of forgery.

To help with this problem, the American Bankers Association (ABA) has created an online directory to assist banks in handling check fraud claims more efficiently. The directory lists contact information for banks that need to file a check warranty breach claim with another financial institution. It is searchable by bank name, city, state, or FDIC number, so banks can find the right contact at the institution to help resolve a warranty breach claim. The directory is available to ABA members and non-members.

To access the directory, banks will need to provide their detailed contact information and any documentation requirements for submitting a claim. As I understand the process, ABA will verify all submissions before uploading information to the directory. The process may take 5–10 business days, after which ABA will email the bank to let the bank know it has been added to the directory. I encourage banks to participate to maximize the utility of the resource.

To further assist banks with other resources, various affidavits have been created and/or shared by the WBA Financial Crimes Committee and may be found in the Security/Financial Crimes folder within the WBA Best Practices Library.

The WBA Best Practices Library is password protected; should you need the password, please contact WBA Legal at wbalegal@wisbank.com.

Information about the ABA Check Fraud Claim Directory may be found at: aba.com/banking-topics/risk-management/fraud/check-fraud.

If you have other suggestions or needs for resources to help your team mitigate check fraud, please let me know.

/by
,

Fraud Report: Felony Lane Gang Activity Continues to Target Wisconsin Banks

By the WBA Financial Crimes Committee

A group of organized criminals, referred to as the Felony Lane Gang, uses the Fort Lauderdale-area as a home base to plan their attacks on unsuspecting banks. The group travels across the U.S., stealing items from unattended vehicles parked in areas such as state or county parks, sporting events, parking structures, and more. The Felony Lane Gang looks to steal checks and identification belonging to victims like driver’s licenses, credit, and debit cards. Once gathered, the group cashes numerous fraudulent transit checks by posing as a valued customer of your bank.

The Felony Lane Gang received their name because they often target the far drive-up lane to make positive identification more difficult.

Felony Lane Gang Tactics

  • Late model vehicles are driven (usually rented) bearing stolen Wisconsin plates.
  • Criminal actors (often female) will dress the part — using wigs and other means to resemble the picture displayed in the stolen identification.
  • The Felony Lane Gang will typically supply two forms of identification to lure front-line staff into a false sense of security.

Once the Felony Lane Gang is successful in cashing the first check, other branches are quickly targeted.

Possible Red Flags

  • The actor presenting the check appears anxious, rushed, overly chatty, or name drops.
  • The branch location appears out of the area in comparison to the customer’s address on file.
  • A second form of identification provided (a debit or credit card issued by your bank) has been previously closed or hot carded.
  • The actor cannot accurately answer additional security verification questions.

Best Practices

Depending on your branch footprint and overall risk tolerance, consider adopting best practices such as:

  • Adding an electronic notation or warning flag to a relationship profile when a customer reports that their identification was stolen. This serves as a fraud warning prior to Felony Lane Gang activity occurring.
  • Compare the likeness of the person conducting the transaction to the identification presented for inconsistencies.
  • Adopt step up identification procedures for transactions that exceed a certain dollar amount.
  • If the customer is not “personally known” to you or other branch staff, use out-of-wallet identification methods — such as employer information, last direct deposit date, etc.

It is important to note that although the Felony Lane Gang typically uses drive up lanes to commit fraud, bolder groups are going inside the branch as well.

When in doubt, follow your bank’s procedures on suspicious transaction activity to minimize losses.

/by
,

Fake Check Scams Posing as IRA Proceeds

By Dave Oldenburg

Financial institutions have reported incidents where a new or seasoned customer is instructed to open an IRA account, with a fake check, disguised as a rollover. Criminals who orchestrate these crimes hope that front lines staff will be fooled into believing that IRA accounts are not typically associated with fraud. Unfortunately, this type of fake check scam has gained traction and has the potential to inflict substantial losses when not detected early. Although some account holders are aware that they are negotiating a fake check, others do not realize that they are being manipulated as part of a relationship or similar fraud scheme.

How Does the Scam Work?

Similar to other fake check schemes, the purpose is to falsely inflate the balance of an account and withdraw funds as quickly as possible. Funds are often transferred internally, followed by outgoing wires, BillPay, or other electronic payment methods, before the check is returned unpaid.

How Do I Spot a Fake IRA Check Scheme?

It is important to note that criminals generally use accurate information from compromised accounts such as a bank’s ABA, account number, and approximate check range to create and distribute the checks. Some may go further and use convincing check stock, bearing a quality signature of an authorized signer to increase the likelihood that the check will be negotiated.

With that in mind, it’s important to recognize common red flag indicators associated with this type of fraud:

  • The check is made payable to an individual. As a rule of thumb, legitimate Traditional and Roth IRA rollover checks are generally made payable to the financial institution, for benefit of (FBO) the account holder
  • The check doesn’t appear to be drawn on a qualified retirement plan. Many fake checks are drawn on a law firm, cashier’s check or what appears to be a general business operating account.
  • The check is sent directly to the branch by an unknown third party with instructions to deposit the check into a new or existing IRA
  • A memo line with vague instructions to deposit the check into an IRA account
  • The customer seems concerned when funds will be made available
  • The account holder wants to disburse funds shortly after the account was opened

When in doubt, it’s best not to accept the check and follow your bank’s procedures on suspicious account activity.

Oldenburg is a fraud officer, Bank First, Manitowoc and member of the WBA Financial Crimes Committee.

/by

Legal Q&A: Procedures for Information Sharing

How your bank can prevent financial crimes

By Scott Birrenkott

Q: What Tools are Available to Banks to Help Deter Financial Crimes?

A: Part of Bank Secrecy Act (BSA) regulations establish procedures for information sharing to deter money laundering and terrorist activity.

As financial institutions continue to monitor Office of Foreign Assets Control (OFAC) lists regarding sanctions and other restrictions, don’t forget to monitor for information sharing requests through Section 314 of the USA PATRIOT Act. Pursuant to section 314(a) law enforcement agencies may request that the Financial Crimes Enforcement Network (FinCEN) solicit, on its behalf, certain information from financial institutions.

Upon receiving an information request, a financial institution must conduct a one-time search of its records to identify accounts or transactions of a named suspect. Generally, financial institutions must search records for current accounts, accounts maintained during the preceding 12 months, and transactions conducted outside of an account by or on behalf
of a named suspect during the preceding six months. If a financial institution identifies any account or transaction, it must report to FinCEN that it has a match. No details should be provided to FinCEN other than the fact that the financial institution has a match. A negative response is not required. Unless otherwise provided, the search and response must be conducted within 14 days.

Financial institutions should also consider that FinCEN issued an alert on March 7 to be vigilant against efforts to evade the expansive sanctions and other U.S.-imposed restrictions implemented in connection with the Russian Federation’s further invasion of Ukraine. The advisory warns of evasion attempts and that “sanctioned Russian and Belarusian actors may seek to evade sanctions through various means, including through non-sanctioned Russian and Belarusian financial institutions and financial institutions in third countries.”

FinCEN also provides several red flag indicators to watch for attempted evasions. Select red flag indicators include for transactions initiated from IP addresses located in Russia, Belarus, or other sanctioned jurisdictions, transactions connected to convertible virtual currency (CVC) addresses listed on OFAC lists of specially designated nationals and blocked persons, and customer use of a CVC exchanger or foreign-located money service businesses in a high-risk jurisdiction.

/by
Triangle Background
,

Signs of Business Check Cashing Fraud to Watch Out For

Dave Oldenburg

By Dave Oldenburg, fraud officer, Bank First, Watertown and member of the WBA Financial Crimes Committee

Business check cashing fraud, dubbed “operation homeless” by law enforcement, continues to impact our industry. Furthermore, it can negatively affect customer perception when fraudulent “on-us” checks are cashed at your bank.

Although there are many kinds of check fraud schemes, business check cashing fraud begins when a customer’s legitimate business checks are taken from commercial mailboxes. Often times, the compromise occurs when a customer’s outgoing mail or the recipient’s mailbox is breached. These mailboxes are often unsecured — making them an ideal target to steal checks. Once the checks are stolen, the ringleader produces quality counterfeit checks that closely resemble the features of legitimate checks. In this type of fraud, the intent is to cash as many checks as possible at numerous bank branches — sometimes pocketing tens of thousands in just one day.

The ringleader creates the checks, but recruits individuals (mules) to cash the checks if they have current and valid identification. In turn, the mules receive a small portion each time a check is paid out. In an organized fashion, these criminals travel around the state with counterfeit items, drawn on many accounts from different banks.

Fortunately, there are ways to stop fraud in its tracks. Here are some suggested “best practices” for front-line staff:

  • Compare the check to recently cleared checks as well as the signature card on file.
  • Looks for signs of traced, forged, or scanned signatures that appear irregular.
  • The current check range on recently cleared items may be considered — however a counterfeit check is often in the current range.
  • Look for recently issued identification (sometimes mules will obtain identification for the sole purpose of committing check fraud).
  • Refuse to cash the check when presented with worn or damaged identification that omits information.
  • Refuse identification that doesn’t appear to match the individual presenting the check.

Be aware of some common “red flags” that may be indicators of business check cashing fraud such as:

  • The branch location is “out of the way” from the non-customer’s address listed on the check or listed on the identification presented.
  • The person presenting the check came to the branch on foot or was dropped off.
  • The person presenting the check appears anxious, rushed, or overly chatty or name drops.
  • The person is in contact with someone on their mobile phone while the transaction is being performed.

To help mitigate your institution’s risk of loss, it is recommended that checks presented by non-customers be handled with additional scrutiny. Most importantly, if the maker of the check does not have positive pay services, consider adopting procedures where an authorized signer is contacted to validate checks over a certain dollar amount.

/by
WBA logo

questions@wisbank.com

608-441-1200

4721 S Biltmore Ln.
Madison, WI 53718

Get our Newsletter!
Subscribe