FinCEN recently issued an advisory to alert financial institutions on the types of cybercrimes and cyber-enabled crimes observed during the COVID-19 pandemic. The advisory is intended to aid financial institutions in detecting, preventing, and reporting potential criminal activity such as:
- malicious cyber activity and scams,
- phishing,
- spear fishing,
- malware,
- account hijacking,
- ransomware/extortion,
- business email compromise (BEC) schemes, and
- other red flagged financial activities.
A common BEC scheme noted by FinCEN involves criminals convincing companies to redirect payments to new accounts, while claiming the modification is due to pandemic-related changes in business operations. BEC criminals often use spoofed or compromised email accounts to communicate these urgent, last-minute payment changes. In the COVID-19 environment, criminals insert themselves into communications by impersonating a critical player in a business relationship or transaction, key vendors, transaction enablers typically posing as providers of healthcare supplies, to intercept or fraudulently induce a payment for critically needed supplies.
The message by regulators in recent months has been made clear: even in these trying times, BSA compliance is crucial. Ensuring the effectiveness of risk-based compliance with BSA requirements will minimize the costly outcomes that may occur as a result of cybercrime. Hilltop Advisors’ financial services compliance team and our extensive fraud and financial scheme experience can help your bank meet the BSA compliance requirements and minimize the cost of cybercrime.
