We note this week that a hacker group has, once again, reportedly stolen a well-known (and often relied upon) database used by compliance officers to detect unsuitable individuals and companies at account opening, and is demanding a large payment to refrain from releasing it on the Internet. Having spent many years working for two of those companies during much less complicated AML/CFT times, I understand their widespread utility as a major compliance tool. Unfortunately, the advance of technology, and greed and corruption on the part of many amoral government officials in the developing world, have, in my humble opinion, rendered their use ineffective against professional money launderers and terrorist financiers.
Laundrymen, and their terrorist financier cousins, can obtain legitimate official identity documents (passports and ID cards) from corrupt government leaders which, together with supporting official material such as drivers' licenses, real estate deeds and professional certificates, established them as legitimate individuals. These documents survive any attempts to disprove their accuracy, because they are actually genuine. How on earth can a legacy open-source database cope with such documents? The answer simply is, it cannot.
Add to the problem that proliferation of Citizenship by Investment (CBI/CIP) passport sales, conducted by needy or greedy jurisdictions, has resulted in tens of thousands of what are documents, complete with aliases and bogus places and dates of birth, which are used by money launderers and terrorist financiers to open accounts in laces where, with a nod and a wink, placement of money that should have been blocked is admitted into the global financial structure, only to traverse the world with impunity.
We now have a perfect storm for the success of money laundering, thanks to these two tools for laundrymen determined, and able, to defeat traditional compliance tactics. Only through the use of facial recognition software, backed up by an impressive image database, and supported by a vigorous enhanced due diligence investigation each time, can success at customer identification be assured, with any degree of consistency and accuracy, and I do not see that happening at most banks and non-bank financial institutions in 2024.
Therefore, please stop your blind faith that any legacy commercial-of-the-shelf database will protect your bank from professional money launderers, and their terrorist financier brethren, and move forward, using these effective tools, notwithstanding their expense, and the additional time and trouble involved, if you truly want to be an effective compliance officer at CIP, and keep out the financial barbarians at the gates, because right now, your toolbox isn't working.
WASHINGTON—Today, the U.S. Department of the Treasury’s Financial Crimes Enforcement Network (FinCEN), in close coordination with the Department of State’s Diplomatic Security Service (DSS), issued a Notice to financial institutions on fraud schemes related to the use of counterfeit U.S. passport cards. The Notice provides an overview of typologies associated with U.S. passport card fraud, highlights select red flags to assist financial institutions in identifying and reporting suspicious activity, and reminds financial institutions of their reporting requirements under the Bank Secrecy Act (BSA).
“FinCEN appreciates our partnership with DSS to highlight what is a concerning increase in the use of U.S. passport cards by illicit actors to impersonate and defraud individuals at financial institutions across the country,” said FinCEN Director Andrea Gacki. “We are issuing this Notice to help financial institutions and their customers from becoming victims to this crime, and to remind them to remain vigilant in identifying and reporting related suspicious activity.”
“The Diplomatic Security Service remains committed to protecting the American people and financial institutions from those seeking to perpetrate financial crimes by exploiting Department of State-issued identification documents,” said DSS Deputy Assistant Director for the Office of Investigations Greg Batman. “We hope this Notice will help financial institutions recognize fraudulent passport cards and their unlawful use.”
From 2018 to 2023, U.S. passport card fraud has resulted in $10 million in actual losses and $8 million in additional attempted losses with over 4,000 victims in the United States. However, DSS and other law enforcement agencies assess losses associated with U.S. passport card fraud and associated identity theft are likely significantly greater and seek increased reporting by financial institutions to identify additional illicit activity. Fraud, including financial crimes related to the use of counterfeit U.S. passport cards, is the largest source of illicit proceeds in the United States and represents one of the most significant money laundering threats to the United States, as highlighted in the U.S. Department of the Treasury’s National Money Laundering Risk Assessment, the National Strategy for Combatting Terrorist and Other Illicit Financing, and FinCEN’s Anti-Money Laundering and Countering the Financing of Terrorism National Priorities.
The full Notice is available online at FIN-2024-NTC1