Patricia Sullivan, Managing Director, Global Co-Head, Financial Crime Compliance at Standard Chartered Published in June 2020
Crises are invariably exploited by fraudsters (e.g. Ebola, the 2008 Financial Crisis, MERS), and COVID-19 is no exception. Financial institutions (FIs) are on the front line when it comes to preventing fraudsters from exploiting the pandemic. Collaboration is key to success.
In recent months fraud risk related to COVID-19 has become more common accentuated by the unprecedented changes in work, social and economic conditions for everyone. Law enforcement and regulators across the globe have put out advisories warning of increased fraud threats and red flags. The range of schemes presenting to FIs is diverse but the hook- COVID-19- is the same. In March and April 2020, Standard Chartered Bank experienced several instances of unauthorised payment instructions purportedly from FI clients; clients sending payments for PPE and related materials to fraudulent sellers, and identification of mule accounts used to receive fraudulently obtained funds. In one case Standard Chartered cooperated with Singapore’s police to freeze a suspicious account of a retail individual client usedin a SGD10.2 million (USD7.2 million) attempt to defraud a French pharmaceutical company through a purported sale of surgical masks and hand sanitizers. The close cooperation between public and private sector law enforcement helped to return a substantial percentage of the defrauded assets to the pharmaceutical company. These types of impostor fraud are a feature of the COVID-19 pandemic. Imposters attempt to fraudulently authorise or redirect invoice payments or fraudulently acquire company account details by posing as creditors or suppliers or authorised signatories. During the COVID-19 outbreak, they may pose as a bank’s customer service department and inform victims that their bank details have changed because of the pandemic. Figures from the US FTC indicate that such scams are proving lucrative.1
Meanwhile, other fraudulent schemes proliferate. Fake “charities” are soliciting pandemic-related donations. Fraudulent fundraising drives are being propagated through social media and diverting people to bogus websites.2 By mid-April, the UK authorities had discovered some 70,000 of these, related to fake charities, false information portals and scam product offers.3 We are also seeing a rise in fraudulent acts by corrupt officials with Uganda making an arrest in April of four government officials including two senior technocrats for alleged fraud in the procurement of food aid for vulnerable people during the coronavirus lockdown.4 And while financial crime departments sharpen focus on COVID-19 themed frauds, BAU (business as usual) frauds continue to abound.
While the methods for committing fraud are not new, the pandemic has complicated anti-fraud mechanisms.
The mass movement to remote working for employees has reduced the vigilance around detecting potential fraud, while fraudsters have also become more agile because of pressures on their normal supply chains.
For instance, with everyone striving to stay abreast of pandemic news and developments, there has been an increase in malware incidents. As more and more people move to digital payment platforms, there are also more opportunities for cyberfraudsters to exploit those who are less familiar with technology.
In preparation for the end of lockdowns, there is evidence that fraudsters are on a recruitment drive for “money mules”, targeting the newly unemployed with work-from-home offers.5 Fraudsters move funds through the mules’ bank accounts to launder their illicit profits. Complicating banks’ AML defenses, the typical profile of such mules can be very different from one country to the next. While COVID-19 presents increased fraud threats and challenges, there are also exciting new technologies available to help FIs sharpen fraud detection. At Standard Chartered, with the use of new innovative technologies such as ThreatMetrix we are rolling our new controls to identify suspected mule accounts through the analysis of digital footprints touching accounts. For more information, please see 'Understanding digital identities in the world of cybercrime and compliance.'
Additionally, several vendors now offer real time detection scenarios for use in payment screening to detect potential fraudulent payments. Over time, with testing and continuous tuning the scenarios will demonstrate increasing effectiveness in fraud detection. Some regulators are offering FIs the latitude to experiment with new ways to prevent fraud and know their customers. In the UK, for instance, the Financial Conduct Authority has encouraged banks to ask new customers to send “selfies” via email, so they can confirm their identities by comparing the image with the photos on official documents.6
Innovations like these are valuable tactical tools in the fight against fraud, but a holistic approach is also needed to mitigate the risks of fraud for individuals and communities. Cressey’s Fraud Triangle, below, gives us a framework through which to fully calibrate our Fraud defense frameworks for the COVID-19 era and beyond.
The pandemic has expanded the “Opportunity” segment due to the sudden shift to remote-working, the rapid adoption of new platforms and procedures, increased digital access by criminals and victims, and the availability of government rescue funds. “Pressure” likewise comes from a variety of factors that could be inflamed by the pandemic, including reduced incomes stemming from lockdowns, the inability to meet debt repayments, problem gambling and substance abuse.7 8
‘Rationalisation’ is how a usually honest individual persuades himself that his actions are justified and worthwhile. In this respect, the pandemic may have led to increased numbers of disgruntled or desperate employees, particularly as some employers have cut salaries without going through consultation or contract-revision processes. FIs should consider the risk that hitherto dependable employees might yield to the temptation to divert government bailout funds into their own bank accounts.
There are four key pillars to effective fraud response: Collaboration, Intelligence, Metrics and Awareness. In the COVID era the first of these, Collaboration, has become all-important.
Internally, cross-functional collaboration is essential to understand your institution’s COVID fraud-risks, and then to prioritise them so they can be dealt with in order of potential severity. Metrics are vital to understanding how to prioritise those risks and see how patterns of fraud are changing.
Internal and external collaboration is then crucial to tapping the intelligence you need to react quickly.
Working in a Financial Information Sharing Partnership (FISP) model with regulators and enforcement agencies is valuable in this respect, as well as monitoring open-source intelligence and internal data, and sharing information with peers. Within a financial institution, consider how your AML/ Fraud/ Cyber teams work together to share information as COVID-19 has highlighted the increasing convergence of cyber, fraud and AML risk. Cyber security risks create the window for criminals to perpetrate a fraud such as business email compromise (BEC), which is then cashed out and laundered through accounts (mule or account takeovers) held at the same FI or multiple others.
Finally, collaborate with clients. Tell your clients and front-line personnel what the risks are, but also make sure you listen to them, to establish two-way awareness. In a rapidly evolving situation like the COVID-19 pandemic, institutional awareness can only be ensured by pooling experience, which will in turn reinforce monitoring, intelligence and collaboration against fraud.
This article contains insights from Standard Chartered’s Correspondent Banking Academy’s Fighting Financial Crime webinar series.
