Law Enforcement to Financial Institutions: SARs Are Being Used to Put Away the Bad Guys; MLA Update
Last week, several of my NAFCU colleagues and I attended the 11th Mid-Atlantic Anti-Money Laundering Conference, a multi-day symposium held here in Washington, DC, and presented by the FBI, ICE, U.S. Secret Service, IRS and DEA. This conference is a useful one in that it gives financial institution attendees the opportunity to hear law enforcement cases that illustrate how the "bad guys" are using the U.S. financial system to launder their ill-gotten proceeds. It's also helpful to hear that the information you all submit doesn't just disappear into a black hole.
The information provided in Suspicious Activity Reports (SARs) is useful and appreciated. During the conference, multiple law enforcement investigators noted how important SARs are to their investigations and in one illustrated case, a SAR was the actual trigger for the investigation. Whether a SAR starts an investigation or enhances an ongoing one, law enforcement stresses that such information sharing is vital.
Some additional takeaways from the conference:
Trends in Red Flag Activity
- Third party service providers and facilitators are moving monies for everyone – the provider simply wants the commission.
- In some cases a third party may have been with an institution for years – look for a sudden spike in activity as it may now be being used as a shell company for money laundering.
- Newly created companies with a great deal of account activity could be a possible indicator of fraudulent activity.
- Sudden usage of dormant accounts – law enforcement sees dormant accounts as vulnerable for fraudulent activity.
- Trade based money laundering, such as textiles, phones, vehicles and electronics, is growing.
- Think about when your institution's systems are sleeping – this vulnerability was handily used in the Bangladesh Bank heist, i.e., weekends, holidays and time zone differences.
- Employee benefit plan and trust fraud – fraud is ripe in instances where there is a single plan administrator. Look out for transactions making no business sense or sudden stoppage of deposits as funds could be improperly rerouted. There is no reason for funds to be transferred out of a pension plan.
- While it is not illegal for a doctor's office to accept cash payments, it is a little strange especially if the amounts are quite high.
- Commodity purchases are being financed through financial institutions with the repayments being made with drug proceeds. How often do you review your repayments as opposed to deposits?
Maintaining a Strong BSA/AML Program
- Be proactive, not reactive!
- Understand the nature and purpose of your member's business.
- What triggers the re-categorization of your member from low risk to high risk?
- Make sure your BSA staff has the proper stature and influence within your institution. They should be involved with product and member/customer development.
- Your internal controls must not remain static in conjunction with your institution's risk profile.
- Update and evaluate your systems continuously – the robustness and effectiveness must be ongoing along with ongoing validation of rules.
- There should be clear elevation protocols and procedures for reporting of issues.
- Geographic risk must also be taken into consideration even by smaller financial institutions.
***
MLA Update. The Department of Defense informed NAFCU in a letter that, at this time, it would not delay its October 3 implementation date for credit card compliance under the Military Lending Act rule. More details can be found in this NAFCU Today story, here.