How your bank can prevent financial crimes

By Scott Birrenkott

Q: What Tools are Available to Banks to Help Deter Financial Crimes?

A: Part of Bank Secrecy Act (BSA) regulations establish procedures for information sharing to deter money laundering and terrorist activity.

As financial institutions continue to monitor Office of Foreign Assets Control (OFAC) lists regarding sanctions and other restrictions, don’t forget to monitor for information sharing requests through Section 314 of the USA PATRIOT Act. Pursuant to section 314(a) law enforcement agencies may request that the Financial Crimes Enforcement Network (FinCEN) solicit, on its behalf, certain information from financial institutions.

Upon receiving an information request, a financial institution must conduct a one-time search of its records to identify accounts or transactions of a named suspect. Generally, financial institutions must search records for current accounts, accounts maintained during the preceding 12 months, and transactions conducted outside of an account by or on behalf
of a named suspect during the preceding six months. If a financial institution identifies any account or transaction, it must report to FinCEN that it has a match. No details should be provided to FinCEN other than the fact that the financial institution has a match. A negative response is not required. Unless otherwise provided, the search and response must be conducted within 14 days.

Financial institutions should also consider that FinCEN issued an alert on March 7 to be vigilant against efforts to evade the expansive sanctions and other U.S.-imposed restrictions implemented in connection with the Russian Federation’s further invasion of Ukraine. The advisory warns of evasion attempts and that “sanctioned Russian and Belarusian actors may seek to evade sanctions through various means, including through non-sanctioned Russian and Belarusian financial institutions and financial institutions in third countries.”

FinCEN also provides several red flag indicators to watch for attempted evasions. Select red flag indicators include for transactions initiated from IP addresses located in Russia, Belarus, or other sanctioned jurisdictions, transactions connected to convertible virtual currency (CVC) addresses listed on OFAC lists of specially designated nationals and blocked persons, and customer use of a CVC exchanger or foreign-located money service businesses in a high-risk jurisdiction.

Triangle Background

Dave Oldenburg

By Dave Oldenburg, fraud officer, Bank First, Watertown and member of the WBA Financial Crimes Committee

Business check cashing fraud, dubbed “operation homeless” by law enforcement, continues to impact our industry. Furthermore, it can negatively affect customer perception when fraudulent “on-us” checks are cashed at your bank.

Although there are many kinds of check fraud schemes, business check cashing fraud begins when a customer’s legitimate business checks are taken from commercial mailboxes. Often times, the compromise occurs when a customer’s outgoing mail or the recipient’s mailbox is breached. These mailboxes are often unsecured — making them an ideal target to steal checks. Once the checks are stolen, the ringleader produces quality counterfeit checks that closely resemble the features of legitimate checks. In this type of fraud, the intent is to cash as many checks as possible at numerous bank branches — sometimes pocketing tens of thousands in just one day.

The ringleader creates the checks, but recruits individuals (mules) to cash the checks if they have current and valid identification. In turn, the mules receive a small portion each time a check is paid out. In an organized fashion, these criminals travel around the state with counterfeit items, drawn on many accounts from different banks.

Fortunately, there are ways to stop fraud in its tracks. Here are some suggested “best practices” for front-line staff:

  • Compare the check to recently cleared checks as well as the signature card on file.
  • Looks for signs of traced, forged, or scanned signatures that appear irregular.
  • The current check range on recently cleared items may be considered — however a counterfeit check is often in the current range.
  • Look for recently issued identification (sometimes mules will obtain identification for the sole purpose of committing check fraud).
  • Refuse to cash the check when presented with worn or damaged identification that omits information.
  • Refuse identification that doesn’t appear to match the individual presenting the check.

Be aware of some common “red flags” that may be indicators of business check cashing fraud such as:

  • The branch location is “out of the way” from the non-customer’s address listed on the check or listed on the identification presented.
  • The person presenting the check came to the branch on foot or was dropped off.
  • The person presenting the check appears anxious, rushed, or overly chatty or name drops.
  • The person is in contact with someone on their mobile phone while the transaction is being performed.

To help mitigate your institution’s risk of loss, it is recommended that checks presented by non-customers be handled with additional scrutiny. Most importantly, if the maker of the check does not have positive pay services, consider adopting procedures where an authorized signer is contacted to validate checks over a certain dollar amount.