WASHINGTON–The Financial Crimes Enforcement Network (FinCEN) has announced new efforts to curtail and impede Business Email Compromise (BEC) scammers and other criminals who profit from their schemes.
Email compromise fraud schemes generally entail criminal attempts to compromise the email accounts of victims to send fraudulent payment instructions to financial institutions or business associates in order to misappropriate funds or to assist in financial fraud.
FinCEN’s said data drawn from its Suspicious Activity Reports (SARs show hackers and other illicit actors’ BEC scams generated more than $300 million a month in 2018, with a cumulative total exceeding billions of dollars stolen from businesses and individuals.
“FinCEN has been a global leader and innovator in countering BEC breaches and their devastating effects on businesses, individuals, and national security,” said FinCEN Director Kenneth A. Blanco. “The Bank Secrecy Act data is a critical resource in combatting all types of financial crime. We hold, safeguard, and analyze that data and we share our expertise with law enforcement and our industry partners to help make America safer.”
As part of its efforts to combat BEC scammers:
- In New York City, FinCEN convened another in a series of meetings under its ongoing FinCEN Exchange forum. The “focus was on identifying and combatting potential BEC and resultant money laundering and terrorist financing activities.” Representatives from depository institutions, Federal and State government agencies, a Federal task force, money transmitters, third-party service providers, and technology companies attended the session. The FinCEN Exchange is a voluntary program established in 2017 to convene law enforcement and financial institutions from across the country to share information.
- FinCEN has issued an update to its “Advisory to Financial Institutions on E-mail Compromise Fraud Schemes,” first published in 2016. The new advisory offers updated operational definitions, provides information on the targeting of non-business entities and data by email compromise schemes, highlights general trends in BEC schemes targeting sectors and jurisdictions, and alerts financial institutions to risks associated with the targeting of vulnerable business processes. The advisory also highlights the potential for financial institutions to share information about subjects and accounts affiliated with email compromise schemes in the interest of identifying risks of fraudulent transactions and money laundering.
- FinCEN has issued an in-depth Financial Trend Analysis of BSA data that explores industries targeted and methodologies used by BEC scammers. It notes that the number of SARs describing BEC incidents reported monthly has more than doubled, from averaging nearly 500 per month in 2016, to above 1,100 per month in 2018. The total value of attempted BEC thefts reported in SARs has almost tripled, to an average of $301 million per month in 2018 from $110 million per month in 2016. The use of fraudulent vendor or client invoices grew as a methodology, from 30% of sampled 2017 incidents, to 39% in 2018, becoming the most common BEC method. Impersonating a CEO or other high-ranking business officer as a methodology declined, accounting for 12% in 2018 from 33% of sampled incidents in 2017, FinCEN said. Impersonation of an outside entity was described in 20% of 2018 reports. Manufacturing and construction businesses were the top targets for BEC fraud in 2017 and 2018, and those sectors may have particular interest in this report.
- FinCEN’s said its Rapid Response Program, in collaboration with law enforcement, recently surpassed $500 million in recovered funds. Under the program, when U.S. law enforcement receives a BEC complaint from a victim or a financial institution, the relevant information is forwarded to FinCEN, which moves quickly to track and recover the funds. The program utilizes FinCEN’s ability to rapidly share information with counterpart Financial Intelligence Units (FIU) in more than 164 jurisdictions, and leverages these relationships to encourage foreign authorities to intercede and hold funds or reverse wire transfers.