CIOReview
CIOREVIEW >> Cyber Security >>

Fraud in the Time of Covid

Patrick Dutton, Regional Head, Intelligence and Analytics, HSBC
Patrick Dutton, Regional Head, Intelligence and Analytics, HSBC

Patrick Dutton, Regional Head, Intelligence and Analytics, HSBC

The COVID-19 global pandemic is challenging our society, stressing public health systems, and causing immeasurable harm and grief to millions of families. Unscrupulous criminals, however, view COVID-19 as yet another opportunity to profit from fraud and conceal ill-gotten funds for personal gain.

Fraudsters view panic, short-term demand for essential items, and the largesse of government spending as a lucrative means to generate illicit profits, often through tried and true techniques. The U.S. Department of Justice (DOJ) has acted quickly, targeting criminals and sharing valuable information with the private sector. The Federal Bureau of Investigation, Internal Revenue Service, and the Financial Crimes Enforcement Network (to name just a few) have published red flags and shared the learnings from ongoing investigations with financial institutions.

This vital information, combined with existing monitoring systems and proactive analysis, feeds the financial sector’s efforts to identify concerning activity, provide timely information to law enforcement, and protect customers. At HSBC, our customers’ safety and financial security in the more than 60 countries where we operate is paramount. In the United States, we mobilized our anti-financial crime teams in early March to proactively identify concerning activity related to the pandemic and supplement ongoing fraud and AML models. To date, some of our focus areas have been:

• Government Stimulus: Programs such as the Paycheck Protection Program (PPP) and individual stimulus payments are significant research areas for our teams. For PPP loans, we looked for possible misrepresentation by examining applicants with dormant accounts, employee salary discrepancies, loan credits from other financial institutions, or histories of less than six months with the bank. After loans were dispersed, we then flagged recipients who transferred the loan’s entirety to a third party or self-titled account to identify possible misuse of loan funds. Individual stimulus payments, both ACH and check, were reviewed for fraud indicators, including counterfeit checks and individuals that receive multiple, sometimes three or more, stimulus payments.

• Changes in Behavior: In March and April, customer activity changed significantly, as cash transactions declined, and digital payments increased. Accordingly, transaction monitoring scenarios that detect high dollar deviation produced higher-than-average alerts, and card-not-present fraud increased as a percentage of overall card fraud. Our teams viewed the decline in activity as an opportunity to identify businesses with continued or increased cash activity. Outside of industries such as grocers, this would be abnormal given the fall-off in overall economic activity (particularly cash) amidst stay-at-home orders across much of HSBC’s U.S. footprint. We also reviewed retail customer activity related to virtual currency, focusing on first-time virtual currency use between March and June 2020, in order to spot potential money mule or other fraudulent activity.

• COVID-related Transactions: Given HSBC’s global posture, our teams began detecting COVID-related fraud in Asia early in 1Q2020, with a focus on scams related to personal protective equipment (PPE). Several law enforcement agencies warned of PPE “advance fee” schemes in which brokers claimed access to significant inventory but failed to deliver once pre-payment is made. Our teams analyzed billions of dollars’ worth of transactions that contained at least one of over 100 COVID-related search terms, such as PPE and KN95, to identify potential victims of advance-fee schemes, money mules, or actors exploiting the COVID crisis to move money unrelated to the pandemic. For example, charities misused by government officials can use the crisis to receive COVID-marked donations that are actually bribery payments.

As criminals attempt to exploit the pandemic to defraud the elderly, stressed businesses, and government programs, financial institutions have responded in kind by prioritizing COVID-related casework. They are proactively analyzing data in near-real-time and strengthening fraud and AML monitoring models to quickly escalate potential criminality to law enforcement. The volume and speed of DOJ prosecutions of PPP fraudsters— at least 16 since May alone—demonstrate that public-private sector partnership is a vital pillar of the response and that both government and the private sector will need to maintain the pressure against COVID criminals.

Read Also

Compliance in the Cloud

Compliance in the Cloud

Vasyl Nair, Chief Risk Officer, Mine Super
“Why Didn’t You Know About This?”

“Why Didn’t You Know About This?”

Aaron Rykowski, SVP – Chief Compliance Officer, WesBanco Bank
The Health and Safety Prong of Risk Management

The Health and Safety Prong of Risk Management

John Dulchinos, VP of Digital Manufacturing and Automation, Jabil
Startups in the Coronavirus Era: The Acceleration of Online Fundraising

Startups in the Coronavirus Era: The Acceleration of Online Fundraising

Tai Nicolopoulos, Head of Marketing, SeedInvest
Don't turn down

Don't turn down "downturn" money

Raj Singh, Managing Director, JetBlue Technology Ventures