Illicit actors exploiting the vulnerabilities of global economic strains and interrupted supply chains caused by the COVID-19 pandemic have, effectively, created a perfect storm of fraudulent schemes and money laundering.
“The World Bank (WB) and International Monetary Fund (IMF) have estimated the volume of money laundering to be between 3 to 5 percent of global gross domestic product (GDP), equivalent to approximately US$2.2 trillion to US$3.7 trillion annually.”
At present, the entire anti-money laundering (AML) community is adapting to the real-time roll out of “new Federal, State, local, and foreign government initiatives to combat the COVID-19 pandemic and its economic consequences.” With quarantine, social-distancing, travel restrictions, border controls, outbreaks in the manufacturing sector and more, there are emerging concerns of corruption, cybercrime, imposter schemes and wide-scale fraud domestically and internationally.
In fact, from January 1, 2020 to August 13, 2020 alone, the Federal Trade Commission (FTC) reported US$108.43 million in total pandemic related fraud loss. This figure may very well be a severe undercount however, as we are in the midst of an unprecedented scope of scams connected to the pandemic.
According to the Financial Crimes Enforcement Network (FinCEN) in the unharmonious union of crisis and fraud, criminals are using COVID-19 as a lure, adapting to opportunities due to increased remote work — stealing sensitive information and compromising transactions, scamming through virtual currency payments and undermining the due diligence/‘know your customer’ (KYC) process in such “remote environments.”
FinCEN issued an advisory detailing financial red flag indicators of imposter as follows:
- criminals claiming to represent government agencies emphasizing relief funds and or prepaid cards;
- unsolicited communications related to COVID-19 requesting financial information, including bank account credentials;
- email addresses that do not match senders claiming to be government agencies; and,
- charitable organizations with no confirmed existence soliciting donations related to COVID-19.
Illicit actors are using the above mechanisms to defraud the vulnerable through the solicitation of “payments, donations, or personal information via email, robocalls, text messages, or other communications methods.” Further, “multiple examples include phishing schemes, where imposters send communications appearing to come from legitimate sources, to collect victims’ personal and financial data and potentially infect their devices by convincing the target to download a malicious attachment or click malicious links.”
“FinCEN has created a COVID-19-specific online contact mechanism, via a specific drop-down category, for financial institutions” to communicate pandemic concerns while adhering to their Bank Secrecy Act (BSA) obligations, as compliance with the BSA is crucial to national security.
The Coronavirus Aid, Relief, and Economic Security (CARES) Act
In March 2020, federal legislation enacted The CARES Act, US$2.2 trillion in Federal aid, which authorized the Internal Revenue Service (IRS) to send stimulus, or economic impact payments, to approximately 160 million taxpayers. Through the Act, married couples are eligible for up to US$2,400 with an additional US$500 for each eligible dependant and individuals for up to US$1,200. For a summary of the Act, see here.
On July 27th, Senate Majority Leader Mitch McConnell unveiled the Republican HEALS Act to address the pandemic with another round of stimulus checks. HEALS is an acronym for health, economic assistance, liability and schools. Under the Act, adults earning up to US$75,000 annually will receive US$1,200 and adults earning more will receive a smaller amount. Those without income or receiving Social Security benefits are eligible for the full amount. Moreover, the Act also includes a sequel Paycheck Protection Program (PPP), extended federal unemployment for over 31 million Americans collecting benefits (altering it from an additional US$600 per week to US$200), and grants US$100 billion in school funding.
Billions of dollars have been delivered in unemployment payments to date with states feeling an urgency to rapidly disburse aid to the vulnerable. The speediness of the process has become particularly attractive to fraudsters especially with regard to direct deposits and the Employment Department’s Visa prepaid debit cards.
To exploit the unemployment system, attackers are using “detailed information about U.S. citizens, such as social security numbers that may have been obtained from cyber hacks of years past, to file claims on behalf of people who have not been laid off, officials said.”
The FTC issued a warning on phishing scams targeting college students with fraudsters posing as university financial departments. Likewise, culprits in nursing homes and assisted living facilities trying to take stimulus funds intended for seniors on Medicaid prompted another warning from the FTC.
Under the CARES Act, federal law stimulus payments are considered “tax credits” and tax credits do not count as resources for federal programs like Medicaid, in this way the government (and nursing homes), may not seize them.
Victims of IRS related COVID-19 scams are encouraged to report their complaint here.
Global Concerns and Responses to Financial Crimes
In a globalized world, financial crimes know no boundaries. In May 2020, the Financial Action Task Force (FATF), released a comprehensive report identifying risks from COVID-19 on money laundering and terrorist financing. Such risks include:
- criminals bypassing due diligence;
- misusing financial services to conceal illicit funds;
- exploiting stimulus funds and insolvency schemes;
- increased use of the unregulated financial sector;
- misuse and misappropriation of domestic and international financial and emergency funding; and,
- criminals exploiting COVID-19 and the “associated economic downturn to move into new cash-intensive and high-liquidity lines of business in developing countries.”
The pandemic has appeared to have affected AML onsite inspections, which have been substituted with video-conference inspections. There are additional delays in international cooperation due to limitations on operations. What’s more, “The money value transfer service sector faces particular disruption as migrant workers have been affected by confinement measures and company shutdowns, and much of their business is done face-to-face.”
The FATF encourages vigilance in that “criminals and terrorists may seek to exploit gaps and weaknesses in national AML/counter-financing of terrorism (CFT) systems while they assume resources are focused elsewhere, making risk-based supervision and enforcement activity more critical than ever.” Further, “supervisors, financial intelligence units and law enforcement agencies should continue to share information with the private sector to prioritize and address key [money laundering] risks, particularly those related to fraud, and [terrorist financing] risks linked to COVID-19.”
“Amid a sharp rise in global remote working” of significant concern is the exploitation of weakness in businesses’ network security allowing criminals to access sensitive trade secrets on the network and even compromise business emails — exposing customer contact and transaction details.
Financial red flags for this include:
- digital manipulation of identity documentation (such as government issued identity information);
- leveraging compromised credentials across accounts (taking advantage of weak authentication processes;
- photos have low resolution or are blurred in identity documentation;
- spelling of names in account information does not match government identification;
- customers refuse to provide supplemental information; and,
- customer login occurs from a single IP address across multiple unrelated accounts in a short period of time.
According to FinCEN, while “no single financial red flag indicator is necessarily indicative of illicit or suspicious activity, financial institutions should consider additional contextual information and the surrounding facts and circumstances, such as a customer’s historical financial activity, whether the transactions are in line with prevailing business practices, and whether the customer exhibits multiple indicators, before determining if a transaction is suspicious or otherwise indicative of potential fraudulent COVID-19-related activities.”
The Department of Justice (DOJ) has announced several charges in connection with the PPP loan fraud.The PPP offers billions in forgivable loans with a maturity of two years and an interest rate of one percent. “Businesses must use PPP loan proceeds for payroll costs, interest on mortgages, rent and utilities. The PPP allows the interest and principal to be forgiven if businesses spend the proceeds on these expenses within a set time period and use at least a certain percentage of the loan towards payroll expenses.” As shown in instances below, there are examples of people using governmental funds fraudulently for purchase of luxury goods and vehicles.
The DOJ will look at a variety of enforcement theories to hold wrongdoers accountable, especially under the two key statutory provisions governing money laundering — U.S. Code Title 18 Section 1956 and 1957.
Under Section 1956(a), a person can face criminal culpability if they conduct or attempt to conduct a financial transaction while knowing that the property involved in the transaction represents proceeds of an unlawful activity with the intent to promote the carrying on of specified unlawful activity; or:
- intent to engage in tax evasion or fraud;
- knowing the transaction is designed to conceal nature, location, source, ownership, or proceeds of specified unlawful activity; or,
- to avoid federal/state reporting requirements. The property must in fact be derived from an unlawful activity.
Under Section 1957, a person may face criminal culpability where they engage in monetary transactions of greater than USD$10,000, with proceeds derived from “specified unlawful activity” (outlined in Section 1956 paragraph 7).
Anyone with information on attempted fraud involving COVID-19 may call DOJ’s disaster fraud hotline at: 866–720–5721, or file a complaint here for the following:
INTERPOL reported concerns of a recent sophisticated case of fraud which took advantage of the global shortage of medical supplies at the onset of the lockdown. As there has been a sharp rise in social engineering attacks, here, a corporate buyer purchased EUR$1.5 million worth of protective face masks from a fake website. The “buyers sent the wire transfer and the masks never arrived. It turn[ed] out the Dutch company [that they thought they purchased from] existed, but their website had also been cloned. There was no official record of the order.” The fraudsters adapted their sales pitches to take advantage of the outbreak and generate huge profits.
INTERPOL promptly followed the money trail freezing the funds before it reached the Nigerian account it was destined for.
The United Kingdom’s Financial Conduct Authority (FCA) published a guidance cautioning against altering transaction-monitoring triggers “or sanctions screening systems, for the sole purpose of reducing the number of alerts generated to address operational issues.” The FCA urges reasonable efforts to collect diligence information and where parties have amended their controls, decisions should be “clearly risk assessed, documented and go through appropriate governance.” Parties are to notify the FCA where there are material issues that may affect financial crime controls.
The Middle East
The UAE financial services regulators issued a joint guidance (Dubai and Abu Dhabi authorities) on the treatment of financial crime risks and AML obligations. Where it is difficult for businesses to adhere to existing identification and verification, fintech (financial technology), regtech (regulatory management technology) and suptech (artificial intelligence and machine learning by supervisory agencies) should be used to continue to meet customer due diligence obligations. Likewise, financial behaviors have changed in that many banks have closed physical branches, reduced hours, or restricted services as in-person banking may unnecessarily expose people to the risk of infection. Thus due diligence must be performed by other means (utilizing above mentioned technologies).
Additionally, financial institutions and non-financial businesses should continue to apply risk-sensitive approach and closely monitor business relationships, which could include illicit fundraising for charitable causes without governmental permit and phishing schemes.
According to CNN, “nearly 1,500 federal criminal judicial proceedings have been opened into coronavirus-related cases [in Brazil], including investigations into misuse of federal funds, fraud, overpricing, and money laundering.” Brazilian President Jair Bolsonaro also tested positive for the virus.
Investigations have reached all levels of government from state to federal as various time-sensitive contracts are being reviewed including a USD$100 million contract for ventilators from China. In June the contract was canceled with a suit against the middleman company for unfulfilled orders. “The rush to obtain urgent medical supplies has led to hastily negotiated contracts and sometimes exorbitant prices. Spiking demand for medical equipment has also forced legitimate costs up as suppliers ramp up production and compete for raw materials.”
FATF Responses to Fraud Challenges
Financial institutions face principle concerns with the tidal wave of COVID-19 related fraud. They must maintain strong cyber security protocols and protect from theft/customer fraud. The FATF suggests the following to combat risks stemming from the pandemic:
- coordinate domestically (supervisors are to work together to identify, monitor and communicate the changing risk landscape);
- strengthen communication with the private sector (provide a contact point for regulators and keep relevant records to clear backlog);
- encourage full-use of risk based approaches to Customer Due Diligence (CDD) team;
- encourage use of responsible digital identity and other innovative solutions for identifying customer onboarding and while conducting transactions;
- support electronic and digital payment options (raise maximum limits for e-wallets and reduce charges for domestic money transfers between banks);
- monitor business continuity plans and adjust supervision as relevant (for example: greater focus on casinos and gambling platforms as arcades and casinos have closed; and more focus on dealers of precious metals, stones and gold);
- understand new risks and adapt operational responses;
- clarify AML/CTF requirements in the context of economic relief measures;
- continue cooperation across borders; and,
- monitor COVID-19 impact in the private sector.