CIOReview
CIOREVIEW >> Cyber Security >>

Fraud in the Time of Covid

Patrick Dutton, Regional Head, Intelligence and Analytics, HSBC
Patrick Dutton, Regional Head, Intelligence and Analytics, HSBC

Patrick Dutton, Regional Head, Intelligence and Analytics, HSBC

The COVID-19 global pandemic is challenging our society, stressing public health systems, and causing immeasurable harm and grief to millions of families. Unscrupulous criminals, however, view COVID-19 as yet another opportunity to profit from fraud and conceal ill-gotten funds for personal gain.

Fraudsters view panic, short-term demand for essential items, and the largesse of government spending as a lucrative means to generate illicit profits, often through tried and true techniques. The U.S. Department of Justice (DOJ) has acted quickly, targeting criminals and sharing valuable information with the private sector. The Federal Bureau of Investigation, Internal Revenue Service, and the Financial Crimes Enforcement Network (to name just a few) have published red flags and shared the learnings from ongoing investigations with financial institutions.

This vital information, combined with existing monitoring systems and proactive analysis, feeds the financial sector’s efforts to identify concerning activity, provide timely information to law enforcement, and protect customers. At HSBC, our customers’ safety and financial security in the more than 60 countries where we operate is paramount. In the United States, we mobilized our anti-financial crime teams in early March to proactively identify concerning activity related to the pandemic and supplement ongoing fraud and AML models. To date, some of our focus areas have been:

• Government Stimulus: Programs such as the Paycheck Protection Program (PPP) and individual stimulus payments are significant research areas for our teams. For PPP loans, we looked for possible misrepresentation by examining applicants with dormant accounts, employee salary discrepancies, loan credits from other financial institutions, or histories of less than six months with the bank. After loans were dispersed, we then flagged recipients who transferred the loan’s entirety to a third party or self-titled account to identify possible misuse of loan funds. Individual stimulus payments, both ACH and check, were reviewed for fraud indicators, including counterfeit checks and individuals that receive multiple, sometimes three or more, stimulus payments.

• Changes in Behavior: In March and April, customer activity changed significantly, as cash transactions declined, and digital payments increased. Accordingly, transaction monitoring scenarios that detect high dollar deviation produced higher-than-average alerts, and card-not-present fraud increased as a percentage of overall card fraud. Our teams viewed the decline in activity as an opportunity to identify businesses with continued or increased cash activity. Outside of industries such as grocers, this would be abnormal given the fall-off in overall economic activity (particularly cash) amidst stay-at-home orders across much of HSBC’s U.S. footprint. We also reviewed retail customer activity related to virtual currency, focusing on first-time virtual currency use between March and June 2020, in order to spot potential money mule or other fraudulent activity.

• COVID-related Transactions: Given HSBC’s global posture, our teams began detecting COVID-related fraud in Asia early in 1Q2020, with a focus on scams related to personal protective equipment (PPE). Several law enforcement agencies warned of PPE “advance fee” schemes in which brokers claimed access to significant inventory but failed to deliver once pre-payment is made. Our teams analyzed billions of dollars’ worth of transactions that contained at least one of over 100 COVID-related search terms, such as PPE and KN95, to identify potential victims of advance-fee schemes, money mules, or actors exploiting the COVID crisis to move money unrelated to the pandemic. For example, charities misused by government officials can use the crisis to receive COVID-marked donations that are actually bribery payments.

As criminals attempt to exploit the pandemic to defraud the elderly, stressed businesses, and government programs, financial institutions have responded in kind by prioritizing COVID-related casework. They are proactively analyzing data in near-real-time and strengthening fraud and AML monitoring models to quickly escalate potential criminality to law enforcement. The volume and speed of DOJ prosecutions of PPP fraudsters— at least 16 since May alone—demonstrate that public-private sector partnership is a vital pillar of the response and that both government and the private sector will need to maintain the pressure against COVID criminals.

Read Also

Simulators Are The New Way To Extend Beyond Virtual Reality

Simulators Are The New Way To Extend Beyond Virtual Reality

Scott McMillan – Manager of Technology and Innovation at Melbourne Water
All Aboard For Utility Digital Transformation

All Aboard For Utility Digital Transformation

Delores Lenzy-Jones, Chief Financial Officer & Treasurer at CPS Energy
Enterprise Public Cloud Adoption

Enterprise Public Cloud Adoption

Gerum Haile, Vice President, Technical Fellow-Chief Cloud and Platform Architect- USAA
Redefining Standards Of The Electricity Paradigm

Redefining Standards Of The Electricity Paradigm

John Stephens, Director-Power System Control, City Utilities of Springfield
Results Driven Continuous Improvementa

Results Driven Continuous Improvementa

Tim Blubaugh, Director, Operational Excellence, USG Corporation
How Jea Uses Iiot To Enable Condition_Based Asset Monitoring At The Grid Edge

How Jea Uses Iiot To Enable Condition_Based Asset Monitoring At The...

Steven Selders, Director, IT Strategy & Solution Development, JEA, Michael Eaton, Manager, Enterprise Information Management