As part of our Future of Financial Crime Series we interviewed top industry professionals and thought leaders to learn what trends are shaping the financial crime landscape today and what to expect for the coming years.
Here is a recap of the best answers to our question:
How Has Financial Crime Evolved Over the Past 5 Years?
Mark Ghatan, Esq., Director of Investigations, Polaris Corporate Risk Management LLC
Whether you’re asking about the evolution over the past 5 years or any other period, the answer is distressingly similar: emerging technologies prompt swift, dramatic evolutions in the efficiency, traceability, and scale of financial crimes. Consider, for example, the sea change that cryptocurrency represented in the financial world at large; digital currency meant less regulation, more autonomy and irreversible transactions.
These same benefits help criminals ensure that laundered money, illicit transactions, or stolen assets/accounts are more difficult to recover. What’s worse is that cybercriminals remain at the bleeding edge of new technologies, while the rapidly-aging infrastructures of financial institutions render them prime targets – as evidenced by the recent, unrelenting string ransomware incidents. These attacks reveal the changing face of the financial criminal, as many have been undertaken by staggeringly capable state-sponsored actors, or smaller, flexible groups that can operate from anywhere in the world with an Internet connection.
Robert Katzberg, Consulting Counsel at Holland & Knight
Financial crime today is much more rampant than generally known. The lack of international treaty enforcement, a serious understaffing at the IRS and outdated enforcement laws, rules and regulations have combined to allow financial crimes to flourish.
While there are abundant aspects of the overall problem, the ability of multinational corporations to move income from high tax jurisdictions to low tax nations, by itself, is estimated to cost the U.S. some 50 billion dollars a year. The problem as to undeclared offshore accounts utilised by individual US taxpayers continues despite the UBS scandal and its follow-up via the DOJ Swiss Bank Program. New tax havens in the Far East have drawn undeclared U.S. taxpayer money from Switzerland, and China’s authority over Hong Kong banking will preserve this important safety outlet for financial crime for the foreseeable future.
Ned Kulakowski, Esq., CAMS, Senior Financial Crime Consultant, Fenergo
The rapid advancement of virtual currencies and the continued evolution of banking, such as digitisation and mobile banking, have greatly altered the financial crime landscape and have opened additional opportunities for the exploitation of individuals, companies, and financial institutions.
The recent COVID-19 pandemic certainly shifted the landscape, enabling criminal actors to exploit the system in different ways, but even prior to the pandemic the past five years have seen a significant shift in everyday financial activity occurring online, virtually, and via mobile devices.
The various forms of illicit activity committed via these advancements in technology would have been unthinkable even a few years ago.
Hyunjung So, Senior Financial Crime Compliance Analyst at Goldman Sachs
Financial crime over the past five years has increasingly become of concern to governments and companies throughout the world. The total number of Suspicious Activity Report filings increased to about 2.5 million in 2020, compared to about 1.66 million in 2014.
In the past, the most common financial crimes were money laundering, terrorist financing, tax evasion, embezzlement, corruption, and identity theft.
However, in recent years, especially with COVID-19, the spectrum of the crimes has expanded to cybercrime and various fraud activities such as push payment fraud and unauthorised remote banking fraud. In the information age with cybercrime and fraud on the rise, criminals continue to be innovative and make the global economy more difficult to track it down.
Jason Pierce, CPA, CMA, CFM, CVA, MAFF, Senior Vice President, J.S. Held LLC
The convergence of cyber, fraud, and money laundering on a global scale create opportunities for criminals. Destabilisation in Russia, the rise of China, Brexit, and the US Election have created systemic changes that can be exploited. Also, more people are reliant on their devices and less attentive to cyber security concerns. Public Wi-Fi’s, Bluetooth technology, and payment platforms are all targeted by criminals in order to exploit their users.
The ability to hide money globally has declined through regulation and investigations. Examples include IRS’s Offshore Voluntary Disclosure, Panama Papers, Liberty Reserve, the Anom messaging platform, etc. The FBI participates in several working groups, including the Financial Fraud Enforcement Task Force, which coordinates the efforts of the Department of Justice at all levels of government to disrupt and dismantle significant large-scale criminal enterprises. While the techniques may change over time, the fraud tree and related branches have not. Tips still rank as the top way to identify fraudulent activity.
Moyara Ruehsen, Professor of Financial Crime Intelligence and Director, Financial Crimes Management Program of the Graduate School of Int’l Policy & Management, Middlebury Institute of International Studies
Even before the pandemic we were seeing increased digital transactions, new payment platforms, more remote work, and remote onboarding of customers. The pandemic just accelerated that trend. And regrettably, we still have major deficiencies in beneficial ownership transparency, even in OECD jurisdictions, and the regulators have not been keeping up with new technologies.
The cleverest criminals are evolving new techniques to exploit these regulatory deficiencies. And they are getting better at disguising themselves and crafting more effective social engineering techniques to harvest data and/or login credentials.
The other trend I’ve noticed in recent years is the increase in transnational crime. If we look at some of the financial crimes committed by Nigerian and Russian criminal enterprises or North Korean state-sponsored groups, their victims are from all over the world, and the stolen funds are typically laundered through multiple jurisdictions. That complicates matters for law enforcement.
Matt McGuire, Co-founder and Practice Leader, The AML Shop
Covid has accelerated the trend of financial crime players exploiting the absence of digital identity adoption in non-face-to-face transactions and relationships. Consumers now have raised expectations with instant access to information and services online and the ability to share their records with other trusted services. That evolution has been fueled by the advances in payment speed and reach, the disaggregation of financial services, the intermediation of payments by less regulated fintech players, and the mainstreaming of digital assets.
The response of larger financial institutions has been the adoption of more robust cybersecurity data collection and identification methods for individuals and corporations; combined with the exploration of artificial intelligence and machine learning systems to manage this increased information intake. These tools are being leveraged in parallel with traditional rules-based detection engines, and the creation of fraud and cybercrime fusion centres to reconcile the detection of risks from the influx of data.
Jannies Burlingame, CPA, CRMA, Chief Financial Officer at Aptera Motors
Technology is changing the way criminals perpetrate. An increase in online transactions has helped with the facilitation of digital fraud. New account fraud has spiked for credit cards, and social engineering has allowed perpetrators to exploit human weakness and vulnerabilities. Synthetic identity fraud (fabricated identity based on a hybrid of real and concocted information) is progressively popular and utilised to create avenues to manipulate the system.
Cited as one of the top 3 Business Risks after surveying nearly 3000 experts (Allianz Risk Barometer), global cybercrime has caused a $1 trillion drag on the economy, up 50% from just two years ago. Cyber risks will likely become the “black swan,” rare, unpredictable, and with potentially deadly impact. Technology advancements and the dark web have obliterated the traditional proximity requirements for hurting the victim. The pandemic has offered up more vulnerabilities being exploited by cybercriminals due to the limited protection reach with people working from home.
Doug McCalmont, CAMS, CGSS, Founder of BlocAlt Consulting LLC
Since the advent of bitcoin in 2008, financial criminals have exploited a technology that has the potential to dramatically improve the lives of those living in substandard economic regions. Historically, criminals have always been first to adopt technological advances (organised crime’s use of the automobile throughout the 1920’s, child pornographers utilising the internet in the 1990’s, and recently purveyors of ransomware-as-a-service schemes leveraging bitcoin throughout the 2000’s). Borderless, decentralised, inconsistently regulated currencies with global recognition provide bad actors with a very powerful tool to commit cross-border “virtual” heists. Moore’s law postulates that computing power doubles every two years, and regulatory bodies should keep this in mind as they budget for their examination activities in the upcoming years. This law will see to it that criminal elements use that increase in computing power to keep ahead of financial monitoring entities that have historically struggled for funding. As technology continues to develop at a rapid rate, new and innovative ways for criminals to practice their “art” will continue to surface, forcing financial institutions to stay several steps ahead of those technological developments.
Digital, digital, digital. Back in 2016, we were seeing that about 20% of new account openings in banking were digital (the other 80% of account openings happening in the branch). Flash forward to 2021 and we crossed the chasm and are now seeing more than 50% of account openings happening online. Think of that for a moment – the first digital account openings happened right around 1999. For the next 17 years, they increased from 0% to 20%, and then in the last five years digital openings have gone from 20% to over 50% – and it’s not slowing down. Fraud attempts in the digital new account channel are happening 11 times more than in the branch.
Also – financial crime and fraud is much more organised. As organisations’ defenses tighten up, the fraudsters adapt to new tactics. We see this every day as the fraud rings get larger and larger. For example, we will see a list of many separate identities applying for a new account across multiple financial institutions all at the same address. We recently saw 17 different identities show up across 25 banks and credit unions all at an address in the middle of Wisconsin that was a simple residential townhome.
They are also now quickly evolving their tactics. The fraudsters used to make up an email address as part of their scheme. They now realise that they have to ‘farm’ the email for a few months to avoid detection. Similarly, the fraudsters would use whatever Internet Protocol (IP) address that was available. Now they realise that they need an IP address close to the victim to avoid detection.
Roy Zur, CEO of ThriveDX SaaS
Even with advancements in technology, the cost of financial crime attacks is growing. With the unforeseen pandemic in 2020, it has been extremely difficult for law enforcement and financial institutions to defend against financial crime. Seemingly accelerated by COVID-19, the proliferation of digital payments, cryptocurrency, and paranoia about the economy has skyrocketed online fraud. With the startling trends in this area of crime, it’s not surprising that rules and regulations are becoming more constrictive and cautious.
Earlier this year the Anti-Money Laundering Act became a law while more recently, the US National AML/CFT Priorities required financial institutions to prioritise and minimise government identified risks. These institutions are investing in compliance more than ever before, including employee training and upskilling around data privacy and security.
Ethan Taub, CEO and founder of Goalry
With technology evolving, risks are higher. People are becoming more likely to use online services for banking, shopping and such because of convenience but also because of increased confidence in this technological evolution. However, the evolution of technology comes with more advanced ways for malicious users to extract information. As well as this, dating sites have become much more common. While they can be good for meeting new people, a lot of the users on there are acting as someone else in order to get money from lonely, vulnerable people.
The ways in which money can be extorted from people has become much more sophisticated and common over the past 5 years. While I think technology is the main player for how this has happened, I also think a major issue is that it doesn’t get spoken about enough. When this technology was new, many were skeptical and were much more cautious, even when what they were cautious of was completely safe. Now that we are showing everything off as a huge convenience to their life, people are taking that convenience over safety.
In the last 5 years, we have witnessed a total paradigm shift in the way financial crime is carried out. Today most of the financial crime is directly related to the criminal or state actor’s ability to utilise technology to take advantage of weak security controls and scam unsuspecting individuals and institutions. The new generation of financial crime actors have not known a world without computers and therefore have garnered skills that are valuable in the criminal milieu.
The world of money laundering has also capitalised on the use of new technologies, especially the crypto-coin industry. Countries have been playing catch-up to close many loopholes that are attractive to the financial crime element and unfortunately, these actors are remaining one step ahead of legislation and enforcement.
State actors have found a whole new world in which to attack a country’s sovereignty. Using techniques such as proclaiming “national daughter’s day and/or national son’s day” which is not an official day enables state actors to collect information on citizens and families which help build profiles for potential scams later.
Nathan Grant, Senior Credit Industry Analyst, Credit Card Insider
There were 516,967 cases of identity theft in total in Q1 2021, compared to 221,537 cases in Q1 2020. While credit card fraud is still a major factor in these numbers, the most common cases were government and benefits fraud, due to the rise in crime surrounding other financial avenues such as stimulus relief checks.
Scammers are using new and old ways to acquire people’s financial information. Posing as a legitimate agency over the phone looking to verify personal details in order to get people money they are owed, is one of the biggest contributors to the growth in government and benefits fraud.
Customers should never provide anyone with information over the phone unless they initiated contact with an organisation itself. If a phone call seems suspicious and one wants to determine legitimacy, contact the organisation directly that the caller claims to be from to verify before giving any further information.
Christopher Liew, CFA, Founder of Wealth Awesome
Financial crimes have always been rampant, even during the first few years of America achieving independence. Crimes and scams such as money laundering, embezzlement, investment fraud, insurance fraud, extortion, identity theft, illicit gambling, organised crime activities, terrorism financing, bribery, corruption, insider trading, and the like.
Certain AML policies and procedures were already in place back then with FinCEN regularly updating and requiring financial institutions to be in strict compliance. Unfortunately, because of the pandemic, FinCEN who used to delegate its authority to perform in-person examinations of such cases is now working virtually. This transition may pose certain risks for financial institutions as it was more feasible to maintain and monitor compliance programs when examinations, exchange of documents, and communication were done personally.
The year 2020 saw the emergence of COVID-19 related frauds involving medical supplies, testing and vaccines. Predators understand weaknesses in medical supply chains and took advantage of organisations that lowered their due diligence procedures as they raced to obtain much needed supplies. There is also a continued evolution of the digital platform by fraudsters to commit crimes and then launder their ill-gotten gains.
Ransomware attacks and business email compromise (BEC) are now mainstay financial crimes. The dark web provides all the tools and training for criminal enterprises that want to exploit these frauds. Despite the widespread knowledge of both ransomware and the BEC, the criminals behind these schemes are able to advance their tradecraft by staying one step ahead of their victims. These attackers are also being enabled by cryptocurrencies and the anonymity they provide.