As we continue to adjust with the evolving pandemic, FinCEN published two documents to keep awareness high. The May 18, 2020 Notice provides a current update to meet the various BSA reporting, recordkeeping and monitoring requirements. Here are a few of the key points:
- BSA Reporting Requirements – As noted in TCA’s earlier article BSA Compliance & COVID-19, FinCEN wants to know if a financial institution has concerns about meeting reporting requirements. Filers are encouraged to notify FinCEN through their website.
- SAR Filing Instructions – FinCEN stressed a SAR narrative should only reference COVID-19 if it is a component of the potentially suspicious activity. If the institution has concerns with meeting the filing timeframes or the quality of the narrative, these should not be a part of the narrative. These concerns should be communicated directly to FinCEN as noted in the bullet above.
- 314(b) Information Sharing – FinCEN stresses the collaboration opportunities for financial institutions that participate in 314(b) information sharing. Potential Fraud is a qualifying reason for a 314(b) request. TCA previously discussed the value of 314(b) Information Sharing in this TCA Article.
- SAR Reporting on COVID-19 Activity – Depending on the nature of the fraud, this section of the Advisory points to the various government agencies that financial institutions or consumers could contact to report or obtain further assistance.
While the Notice above focused on BSA Program operations, the FinCEN Advisory FIN-2020-A002 focuses on medical scams and COVID-19. This Advisory provides 22 red flags for tellers, new account staff and BSA Analysts to aid in the identification of suspicious activity. FinCEN identifies three primary patterns of fraud:
- Medical-Related Frauds, Including Fraudulent Cures, Tests, Vaccines, and Services – As shortages of personal protection equipment (PPE) grow and the media reports progress towards a vaccine, fraudulent medical companies have sprouted purporting to have surplus PPE, tests or treatment supplies. When opening new accounts for medical companies, review corporate documents as recently formed businesses, particularly those selling their products online, could be selling counterfeit merchandise or making unsubstantiated claims about the services they claim to provide. Monitor ACH settlement for credit card transactions as a high chargeback rate is an indicator that the merchant is not providing promised goods or services. Review the merchant’s website for advertisements that include “off-brand” or “near brand” products and required payments of virtual currency or prepaid access cards. For existing account monitoring, consider personal accounts that suddenly have business activity. Negative news searches may identify businesses that have been criticized by federal agencies for selling fraudulent products.
- Non-Delivery Fraud of Medical-Related Goods Scams – The pandemic has disrupted logistics operations and supply chains for many industries. Fraudulent businesses may claim that they can assist in transporting large volumes of medical supplies; however, the promised goods never arrive. Operations staff should especially consider large wire transfers from medical businesses to a new business account, as these may be payments for medical goods that the “distribution” company does not actually have. Consider the risks of business accounts that are opened with residential addresses. Where possible, request the address of a logistic company’s warehouse so internet searches can aid in reviewing pictures of the property.
- Price Gouging and Hoarding of Medical-Related Items – Whenever there is a high demand and a low supply, there tends to be potential hoarding and increased pricing. A March Executive Order prohibits the price gouging of certain items, but it is happening. One way it has been disguised is by individuals processing transactions through personal accounts instead of business accounts. How can you monitor for these potential changes? A lot of transactions occur electronically, so ACH monitoring is a good starting point. As noted above, a change in behavior on a personal account is a potential indicator. ACH settlement may come from credit card settlement or virtual wallets such as PayPal or CashApp. Changes in a business model are also potential risk if a merchant begins selling medical products when they had not previously been in that line of business.
The common thread with all red flags is a strong customer due diligence program to identify nature of business and anticipated activity at account opening, and identify changes in behavior after account opening.
The Advisory includes case studies to allow for further discussion with your staff. It is important to keep potential fraud awareness high to protect the bank and customers. Remember, if you share this advisory, document the recipients to receive credit for internal training as part of your BSA Compliance Program.
One last key takeaway: If you file a SAR relating to COVID-19 fraud, FinCEN instructs filers to reference this advisory “COVID19 FIN-2020-A002” in field 2 (Filing Institution Note to FinCEN) and field 34z (Fraud-Other).
Have you scheduled your 2020 BSA Independent Audit? Contact TCA to learn about our off-site BSA Audit expertise!