FinCEN: Fraudsters target Covid-relief payments to individuals via various schemes
A FinCEN advisory last week detailed examples of Covid-related Economic Impact Payments (EIP) fraud, associated red flag indicators, and information on reporting suspicious activity. FinCEN has been publishing COVID-19-related advisories periodically as fraud and criminal activity have mushroomed around relief payments to individuals and small businesses and also payments related to the procurement of medical supplies. This advisory featured financial crimes related to payments to individuals.
Common types of financial crime related to Covid payments
According to the Advisory shared below, U.S. authorities have detected a wide range of EIP-related fraud and theft involving a variety of criminal actors. The following examples are a non-exhaustive list of this type of criminal activity.
- Fraudulent checks: Fraudsters send potential victims fraudulent checks, instructing the recipients to call a number or verify information online in order to cash the fraudulent EIP checks. Victims are asked for personal or banking information under the guise that the information is needed to receive or speed up their EIP. Fraudsters then use the information obtained to commit various crimes, such as identity theft and the unauthorized access of bank accounts.
- Altered checks: Fraudsters deposit altered EIP checks, often via automated teller machine (ATM) or mobile device. These altered checks may modify the name of the payee, or leave the name blank, and the amount may be altered prior to deposit. There is reporting of checks being chemically altered so the original payee is removed.
- Counterfeit checks: Fraudsters deposit counterfeit EIP checks, often via ATM or mobile device. Fraudsters have various methods to create a counterfeit check, including checks reproduced from digital images of checks issued by the U.S. Department of the Treasury. However, such counterfeit checks will often have irregularities involving the check number, paper, coloring, and/or font.
- Theft of EIP: Such thefts can include individuals stealing an EIP from the U.S. mail; requesting an EIP disbursal for an ineligible person; seeking another person’s EIP without the payee’s knowledge and/or approval, or through coercive means; or using stolen Personally Identifiable Information (PII), including providing false bank account information to the IRS to claim an EIP.
- Phishing schemes using EIP as a lure: Fraudsters perpetrate phishing schemes using emails, letters, phone calls, and text messages containing keywords such as “Corona Virus,” “COVID-19,” and “Stimulus,” with the purpose of obtaining Personal Identifying Information (PII) and financial account information, such as account numbers and passwords.
- Inappropriate seizure of EIP: A private company that may have control over a person’s finances or serves as his or her representative payee seizes a person’s EIP, for wage garnishments or debt collection, and does not return the inappropriately seized payments.
FinCEN describes examples of red flags common to Covid-payment fraud schemes
The FinCEN Advisory urges financial institutions to use a Risk-based approach in monitoring for suspicious activity related to COVID relief funds and procurement payments. FinCEN provided the following examples of possible red flags related to EIP payments to individuals:
- An account holder attempts to deposit one or more checks that appear to be issued by the U.S. Treasury, but are fraudulent or counterfeit checks. When questioned, the customer may disclose that he or she was sent a partial payment, and needed to verify his or her PII or financial information before receiving the full EIP; or the customer might claim to have received the check purportedly from a current or former employer with instructions that the check was the customer’s “stimulus payment” and that he or she was to buy prepaid cards and send them to another individual.
- An existing account receives, or an account holder makes, multiple EIP-related deposits for individuals other than the account holder(s), and the individuals named on the checks reside outside the geographic region of the account holder, or do not have a history at the account holder’s purported address. This may be indicative of funnel account activities in which multiple EIPs are deposited or transferred throughout the United States into one account, which may be held by a fraudster or a money mule working for the fraudster.
- An existing account receives an excessive number of EIPs via U.S. Treasury check or deposits related to a prepaid debit card linked to the same address (e.g., an account receiving more checks than expected relative to the customer’s profile and financial institution’s customer due diligence).
- A customer opens a new account with an EIP check or debit card, and the name of the potential account holder is different from that of the depositor or the payee of EIP.
- The EIP check is deposited, or the debit card’s funds are transferred, into dormant accounts with little or no prior activity.
To read about more red flags related to EIP payments, check out the Advisory here.
_________________
AML Partners’ RegTechONE platform a powerhouse control center in fighting of financial crimes
AML Partners designs GRC and AML software solutions that transform the work of Governance, Risk, and Compliance. With AML Partners’ platform technology for RegTech, AML and GRC software solutions are easier, faster, and so much more efficient. Contact us today to learn how platform technology and our SURETY-CDD and related AML tools can transform the efficiency and effectiveness of your unique GRC and AML Compliance efforts. Contact us today to learn more or schedule a demo of SURETY-CDD or the RegTech One platform. With extraordinary configurability and built for API extensibility, the RegTech One platform powers a range of AML/KYC tools but also CECL workflows, vendor management, cyber risk workflows, FCPA workflows, and so much more. RegTech One: For your institution’s Network of Applications and Ecosystem of Permissioned Data.
